Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/5FKgboa-jVuSGiVGPFr01etCXj4.roa
File: 5FKgboa-jVuSGiVGPFr01etCXj4.roa (raw, json)
Hash identifier: dzDU7TqrJaisytQvX6tLA3RUIS+a2Ff3OaHBS+AZWlk=
Subject key identifier: E4:52:A0:6E:86:BE:8D:5B:92:1A:25:46:3C:5A:F4:D5:EB:42:5E:3E
Certificate issuer: /CN=252c4e2bf5f2138462ef4a5d9e0f6e7a763530fe
Certificate serial: 019427483E01A0666FF04D272D6D79641663
Authority key identifier: 25:2C:4E:2B:F5:F2:13:84:62:EF:4A:5D:9E:0F:6E:7A:76:35:30:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSxOK_XyE4Ri70pdng9uenY1MP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/5FKgboa-jVuSGiVGPFr01etCXj4.roa
Signing time: Thu 02 Jan 2025 13:50:33 +0000
ROA not before: Thu 02 Jan 2025 13:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211987
IP address blocks: 185.234.102.0/24 maxlen: 24
2a10:da80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3e:01:a0:66:6f:f0:4d:27:2d:6d:79:64:16:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=252c4e2bf5f2138462ef4a5d9e0f6e7a763530fe
Validity
Not Before: Jan 2 13:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e452a06e86be8d5b921a25463c5af4d5eb425e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:07:3e:8b:41:fa:48:2b:4a:f9:53:84:a5:8e:
3d:cc:b0:7e:f7:1c:96:9c:ee:c6:33:82:b9:dd:f5:
23:d6:87:fb:15:a3:2d:01:e1:86:25:d0:3b:d2:6a:
3c:ca:63:a5:f6:f5:c5:79:9e:c9:97:22:b4:20:c6:
d1:34:74:63:e5:f7:e5:b6:d7:5e:23:33:6f:a3:12:
66:64:33:39:20:c7:a2:93:c4:ba:ef:6b:ca:ec:f4:
77:3a:1e:0d:4a:00:cf:0d:a4:64:04:86:08:1c:ac:
7a:99:dc:80:13:4f:6a:c8:4e:47:08:bd:1d:b8:81:
dc:7c:fb:85:55:d0:31:7b:3e:cd:04:e5:bd:9c:43:
cc:56:75:47:20:71:8d:f2:78:bb:07:fa:82:ec:3c:
56:90:60:45:9f:1f:67:52:5a:47:3f:40:4a:0b:99:
e9:da:6b:ed:86:55:95:bd:dd:a6:83:cb:f3:fd:81:
6f:28:44:c3:fd:ba:fd:05:6d:2e:69:b4:8e:5c:1a:
ed:6f:be:a9:96:ed:f2:75:62:58:5f:33:31:6a:ae:
bd:66:32:fb:91:e4:e0:d8:60:1d:d4:8b:00:9e:14:
74:25:51:b0:77:f1:ff:97:c1:52:43:3e:de:ae:74:
80:a7:53:1a:8a:b5:61:88:72:1c:e0:3b:ca:0d:58:
f4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:52:A0:6E:86:BE:8D:5B:92:1A:25:46:3C:5A:F4:D5:EB:42:5E:3E
X509v3 Authority Key Identifier:
keyid:25:2C:4E:2B:F5:F2:13:84:62:EF:4A:5D:9E:0F:6E:7A:76:35:30:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSxOK_XyE4Ri70pdng9uenY1MP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/5FKgboa-jVuSGiVGPFr01etCXj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/bbba88-1344-4d89-8f52-6df7bf59e326/1/JSxOK_XyE4Ri70pdng9uenY1MP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.102.0/24
IPv6:
2a10:da80::/29
Signature Algorithm: sha256WithRSAEncryption
0e:9c:eb:54:11:c8:84:06:50:3d:8e:cc:07:2e:bb:b9:5c:a3:
8a:bf:3c:2a:54:39:22:63:6a:92:4b:5d:43:67:32:d6:17:6c:
c4:7d:a9:b3:5c:ed:ba:bd:0a:d4:7b:6e:d0:12:92:62:d2:f1:
a0:7d:a8:c1:1f:a4:64:9f:a7:d1:6a:0b:1d:48:e7:8b:bf:9b:
25:b6:d6:05:64:c5:80:6d:8c:ee:a2:c4:b6:d6:9a:da:19:c7:
d8:bb:66:0b:57:f9:a8:12:d6:6c:61:9f:0a:46:f8:ef:20:19:
46:5a:c8:e5:8b:17:21:0c:1a:97:55:b9:06:24:0b:30:b3:a7:
dd:2b:72:21:5d:6e:0e:e8:5c:60:9b:7c:d1:14:2a:68:36:f6:
41:d7:be:04:0e:f4:55:0c:00:fc:d6:b3:dd:cc:e9:9f:28:79:
2e:77:b9:74:4c:00:d9:8d:7d:66:73:39:79:17:e2:46:2b:56:
d0:59:46:e7:f2:b3:de:f2:95:f5:c2:fe:54:c0:03:60:b8:96:
f4:82:3c:d4:c3:15:64:41:bd:0c:fe:74:fd:c2:b4:89:44:0f:
30:b1:a2:09:3e:13:9e:2b:76:e1:4e:bd:5e:65:0c:35:c3:3c:
00:c0:07:7b:c8:76:49:33:b6:37:c4:72:c0:d8:07:37:62:18:
f8:71:7d:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSD4BoGZv8E0nLW15ZBZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MmM0ZTJiZjVmMjEzODQ2MmVmNGE1ZDllMGY2ZTdhNzYz
NTMwZmUwHhcNMjUwMTAyMTM1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDUyYTA2ZTg2YmU4ZDViOTIxYTI1NDYzYzVhZjRkNWViNDI1ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gc+i0H6SCtK+VOEpY49zLB+9xyW
nO7GM4K53fUj1of7FaMtAeGGJdA70mo8ymOl9vXFeZ7JlyK0IMbRNHRj5fflttde
IzNvoxJmZDM5IMeik8S672vK7PR3Oh4NSgDPDaRkBIYIHKx6mdyAE09qyE5HCL0d
uIHcfPuFVdAxez7NBOW9nEPMVnVHIHGN8ni7B/qC7DxWkGBFnx9nUlpHP0BKC5np
2mvthlWVvd2mg8vz/YFvKETD/br9BW0uabSOXBrtb76plu3ydWJYXzMxaq69ZjL7
keTg2GAd1IsAnhR0JVGwd/H/l8FSQz7ernSAp1MairVhiHIc4DvKDVj0BwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFORSoG6Gvo1bkholRjxa9NXrQl4+MB8GA1UdIwQY
MBaAFCUsTiv18hOEYu9KXZ4Pbnp2NTD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlN4T0tfWHlFNFJpNzBwZG5nOXVlblkxTVA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9iYmJhODgtMTM0NC00ZDg5LThmNTIt
NmRmN2JmNTllMzI2LzEvNUZLZ2JvYS1qVnVTR2lWR1BGcjAxZXRDWGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9iYmJhODgtMTM0NC00ZDg5LThmNTItNmRmN2JmNTllMzI2
LzEvSlN4T0tfWHlFNFJpNzBwZG5nOXVlblkxTVA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuepmMA0E
AgACMAcDBQMqENqAMA0GCSqGSIb3DQEBCwUAA4IBAQAOnOtUEciEBlA9jswHLru5
XKOKvzwqVDkiY2qSS11DZzLWF2zEfamzXO26vQrUe27QEpJi0vGgfajBH6Rkn6fR
agsdSOeLv5slttYFZMWAbYzuosS21praGcfYu2YLV/moEtZsYZ8KRvjvIBlGWsjl
ixchDBqXVbkGJAsws6fdK3IhXW4O6Fxgm3zRFCpoNvZB174EDvRVDAD81rPdzOmf
KHkud7l0TADZjX1mczl5F+JGK1bQWUbn8rPe8pX1wv5UwANguJb0gjzUwxVkQb0M
/nT9wrSJRA8wsaIJPhOeK3bhTr1eZQw1wzwAwAd7yHZJM7Y3xHLA2Ac3Yhj4cX3y
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:01:25 2025 by rpki-client