Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b5b45d-7780-434b-a912-efb9a04d3caa/1/FZObVFLx6TsV6Sc08hIIXstxqXU.roa
File: FZObVFLx6TsV6Sc08hIIXstxqXU.roa (raw, json)
Hash identifier: DqqypzN2jJ/7dCXRc89vUZUZkKoWY2dcfopR4LBT0EM=
Subject key identifier: 15:93:9B:54:52:F1:E9:3B:15:E9:27:34:F2:12:08:5E:CB:71:A9:75
Certificate issuer: /CN=8d29a41e6f507a37458a49643a7be5790758f726
Certificate serial: 0185708CE22EDA1E41C391A6E3B1A28C51FC
Authority key identifier: 8D:29:A4:1E:6F:50:7A:37:45:8A:49:64:3A:7B:E5:79:07:58:F7:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jSmkHm9QejdFiklkOnvleQdY9yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b5b45d-7780-434b-a912-efb9a04d3caa/1/FZObVFLx6TsV6Sc08hIIXstxqXU.roa
Signing time: Mon 02 Jan 2023 03:35:59 +0000
ROA not before: Mon 02 Jan 2023 03:35:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57536
IP address blocks: 212.7.212.0/24 maxlen: 24
185.107.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e2:2e:da:1e:41:c3:91:a6:e3:b1:a2:8c:51:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d29a41e6f507a37458a49643a7be5790758f726
Validity
Not Before: Jan 2 03:35:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15939b5452f1e93b15e92734f212085ecb71a975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a4:d1:e8:4b:f8:55:4e:f3:87:2d:84:37:a0:
4f:25:e0:e1:79:b9:ca:8c:ef:b5:b0:a7:02:bf:41:
72:29:34:b4:18:f9:59:df:af:8d:37:4b:cb:26:7d:
d1:a0:0a:b2:e5:9a:7d:46:16:ee:5c:12:3f:bd:8c:
75:8c:0b:72:3b:27:79:e4:c7:6c:87:be:cf:80:b7:
5d:07:e5:90:44:4a:9a:43:c0:1c:b1:5a:18:5f:32:
ca:a0:d2:52:fe:dc:35:74:4b:1f:0c:3f:3b:48:00:
b7:c0:2b:0c:53:e5:52:1f:6e:f8:e2:1e:ef:af:d8:
16:38:d6:f3:94:2a:ba:bf:e4:f6:b3:df:2f:d0:0e:
56:f3:26:42:31:6f:35:92:7e:92:4d:82:6e:e8:0a:
d2:e5:03:51:4e:9a:43:f4:05:ac:86:fe:b7:40:e3:
c1:38:7e:e1:db:be:07:8d:8e:59:64:7e:82:f9:86:
23:4f:d2:48:d5:6c:c1:7a:c5:24:e1:98:55:d8:c9:
1f:95:3d:d6:84:8b:7c:86:cd:13:18:bc:b9:09:7d:
e8:2a:70:5b:3c:cf:0e:16:bd:1e:f9:3c:ef:14:f7:
f6:85:fd:bf:f4:3e:e6:1e:fa:1a:bc:e3:33:2d:ca:
7e:e3:f5:c4:6f:99:1a:54:b7:42:bf:e3:9d:78:08:
3a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:93:9B:54:52:F1:E9:3B:15:E9:27:34:F2:12:08:5E:CB:71:A9:75
X509v3 Authority Key Identifier:
keyid:8D:29:A4:1E:6F:50:7A:37:45:8A:49:64:3A:7B:E5:79:07:58:F7:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jSmkHm9QejdFiklkOnvleQdY9yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b5b45d-7780-434b-a912-efb9a04d3caa/1/FZObVFLx6TsV6Sc08hIIXstxqXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b5b45d-7780-434b-a912-efb9a04d3caa/1/jSmkHm9QejdFiklkOnvleQdY9yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.65.0/24
212.7.212.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b7:f7:cb:b5:75:14:11:81:62:40:d0:7b:03:53:73:6e:47:
27:d1:20:80:67:49:8a:17:39:7b:66:b1:95:60:0d:9c:0e:92:
90:bb:55:b9:88:77:70:3f:10:69:fd:f3:6c:85:e2:a4:88:c7:
66:ed:50:93:2c:ea:54:3e:5b:4e:ca:91:b2:b0:f1:52:be:40:
06:ca:80:53:3f:2f:f2:70:1d:4d:67:ac:e2:e1:da:4e:3b:15:
6b:b8:b5:0a:57:89:d3:75:00:a3:ff:07:88:ee:78:eb:29:cd:
7c:6a:b3:3c:d0:21:5f:41:da:a7:16:f6:1a:fd:8f:d4:6c:3c:
dc:1d:5f:ac:da:fd:ff:45:36:b2:cc:24:04:37:b3:7b:1e:ae:
40:50:4f:0b:d4:2b:04:2c:3a:55:d5:1c:17:f4:42:d6:39:93:
86:fe:37:8c:c7:c5:91:7d:62:c9:8a:0e:08:af:40:2e:ae:1d:
4d:4d:70:2b:f1:3c:9c:59:c3:cb:de:56:bd:6e:e4:11:6a:32:
27:df:0c:57:b2:a8:b9:a0:87:5b:0b:30:5a:1e:42:0d:db:8d:
30:97:76:ec:cb:c8:e4:d1:94:8f:9d:b3:a5:b9:c2:f7:d6:dd:
4b:61:d0:a5:56:84:03:a8:52:38:e2:98:f5:a2:17:7c:1f:f4:
6d:41:3c:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjOIu2h5Bw5Gm47GijFH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMjlhNDFlNmY1MDdhMzc0NThhNDk2NDNhN2JlNTc5MDc1
OGY3MjYwHhcNMjMwMTAyMDMzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTkzOWI1NDUyZjFlOTNiMTVlOTI3MzRmMjEyMDg1ZWNiNzFhOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqTR6Ev4VU7zhy2EN6BPJeDhebnK
jO+1sKcCv0FyKTS0GPlZ36+NN0vLJn3RoAqy5Zp9RhbuXBI/vYx1jAtyOyd55Mds
h77PgLddB+WQREqaQ8AcsVoYXzLKoNJS/tw1dEsfDD87SAC3wCsMU+VSH2744h7v
r9gWONbzlCq6v+T2s98v0A5W8yZCMW81kn6STYJu6ArS5QNRTppD9AWshv63QOPB
OH7h274HjY5ZZH6C+YYjT9JI1WzBesUk4ZhV2MkflT3WhIt8hs0TGLy5CX3oKnBb
PM8OFr0e+TzvFPf2hf2/9D7mHvoavOMzLcp+4/XEb5kaVLdCv+OdeAg69QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBWTm1RS8ek7FeknNPISCF7Lcal1MB8GA1UdIwQY
MBaAFI0ppB5vUHo3RYpJZDp75XkHWPcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalNta0htOVFlamRGaWtsa09udmxlUWRZOXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iNWI0NWQtNzc4MC00MzRiLWE5MTIt
ZWZiOWEwNGQzY2FhLzEvRlpPYlZGTHg2VHNWNlNjMDhoSUlYc3R4cVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iNWI0NWQtNzc4MC00MzRiLWE5MTItZWZiOWEwNGQzY2Fh
LzEvalNta0htOVFlamRGaWtsa09udmxlUWRZOXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWtBAwQA
1AfUMA0GCSqGSIb3DQEBCwUAA4IBAQBTt/fLtXUUEYFiQNB7A1Nzbkcn0SCAZ0mK
Fzl7ZrGVYA2cDpKQu1W5iHdwPxBp/fNsheKkiMdm7VCTLOpUPltOypGysPFSvkAG
yoBTPy/ycB1NZ6zi4dpOOxVruLUKV4nTdQCj/weI7njrKc18arM80CFfQdqnFvYa
/Y/UbDzcHV+s2v3/RTayzCQEN7N7Hq5AUE8L1CsELDpV1RwX9ELWOZOG/jeMx8WR
fWLJig4Ir0Aurh1NTXAr8TycWcPL3la9buQRajIn3wxXsqi5oIdbCzBaHkIN240w
l3bsy8jk0ZSPnbOlucL31t1LYdClVoQDqFI44pj1ohd8H/RtQTy7
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:35 2025 by rpki-client