Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/T5P1uF0UtYOhlxgIVxyPu_E24ZA.roa
File: T5P1uF0UtYOhlxgIVxyPu_E24ZA.roa (raw, json)
Hash identifier: D5TZHibqLUW4oTHKSJ4ExAAZayO10mFfTENppWTtXa0=
Subject key identifier: 4F:93:F5:B8:5D:14:B5:83:A1:97:18:08:57:1C:8F:BB:F1:36:E1:90
Certificate issuer: /CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Certificate serial: 01942826898946BCBE7DA8D97AAD15469D53
Authority key identifier: FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/T5P1uF0UtYOhlxgIVxyPu_E24ZA.roa
Signing time: Thu 02 Jan 2025 17:53:21 +0000
ROA not before: Thu 02 Jan 2025 17:53:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 213.109.176.0/24 maxlen: 24
213.109.177.0/24 maxlen: 24
213.109.178.0/24 maxlen: 24
213.109.179.0/24 maxlen: 24
2a00:de61::/40 maxlen: 48
2a00:de61:100::/40 maxlen: 48
2a00:de61:200::/40 maxlen: 48
2a00:de61:300::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:89:89:46:bc:be:7d:a8:d9:7a:ad:15:46:9d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Validity
Not Before: Jan 2 17:53:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f93f5b85d14b583a1971808571c8fbbf136e190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bb:07:03:3b:79:82:8f:3d:e0:c4:9b:e5:53:
03:43:d2:ef:2c:a7:4a:df:aa:20:01:00:e0:b7:6d:
9a:cb:61:94:15:d7:59:b1:8f:76:32:9e:b3:14:c1:
89:dd:2b:bb:87:af:06:74:2f:46:b8:65:76:6e:a6:
70:cc:c9:99:34:bc:ef:30:97:d9:47:7e:15:aa:21:
74:cf:0e:53:67:e4:b7:6b:ec:31:12:41:48:05:e8:
fd:fe:37:42:56:d9:02:b4:c3:7e:c9:69:4b:2b:74:
ec:2e:0a:0d:6a:2b:37:f1:78:ee:b7:48:ec:84:d3:
41:85:23:f7:ce:89:4e:b9:8a:e2:96:ed:7a:da:d6:
7b:74:36:41:82:74:40:b0:0e:0a:f3:03:c5:2d:7f:
77:17:19:02:46:b3:4b:2c:a8:b0:24:58:7a:44:16:
e1:2f:02:50:af:df:8d:94:08:03:fb:f1:5d:7f:33:
86:2c:25:3c:fd:26:be:90:e9:2f:ec:0c:c4:93:75:
e7:70:b1:4b:a8:14:af:55:cc:a9:66:9d:46:cc:f7:
97:c2:0f:91:9e:ef:df:ff:7b:58:bd:5f:e3:84:67:
c6:6c:8a:74:5e:d4:81:25:2d:55:a9:02:ad:0c:b0:
be:79:46:dc:3d:13:54:b8:4c:1d:27:c7:26:de:70:
d6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:93:F5:B8:5D:14:B5:83:A1:97:18:08:57:1C:8F:BB:F1:36:E1:90
X509v3 Authority Key Identifier:
keyid:FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/T5P1uF0UtYOhlxgIVxyPu_E24ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.176.0/22
IPv6:
2a00:de61::/38
Signature Algorithm: sha256WithRSAEncryption
57:77:96:39:1a:c3:73:f3:7b:47:5a:ad:5c:22:ba:3e:f2:31:
9e:6e:b6:b4:65:6d:0a:fb:69:8d:29:be:8b:a1:e1:bf:74:0a:
f4:c3:52:62:43:5c:2f:d9:76:4e:81:5a:c5:88:cd:f9:da:15:
c7:a6:c0:a5:46:8f:aa:b3:99:e3:f6:53:80:7c:fe:c0:d7:47:
b3:c3:bd:5b:db:eb:96:c4:e6:68:cf:19:22:14:bc:be:46:d6:
02:00:4e:a1:05:14:c2:88:c6:74:59:02:25:4f:e5:3b:e4:a0:
84:3e:0b:92:d2:c8:6c:ae:40:5c:bb:4f:0e:ee:35:98:29:0d:
0d:fa:ed:f0:a2:cc:58:1f:a2:94:71:3e:94:18:d0:ab:9a:79:
c6:02:11:8e:15:f6:e2:e3:78:42:19:b5:e7:9c:32:c3:42:e4:
ef:cc:95:3a:24:b8:22:ee:af:16:a6:68:63:e8:6d:8b:98:39:
76:55:fc:8b:47:33:76:c4:32:65:f4:a2:21:b6:aa:8f:5f:3d:
ac:06:13:39:0c:20:7a:32:cd:cf:60:fe:34:9d:20:e3:00:ea:
b2:18:60:96:b5:ec:4b:19:d5:b9:32:c4:48:53:0c:a6:34:2c:
45:08:7f:0e:d5:76:eb:4d:54:d0:49:9d:4a:c0:c4:66:97:c9:
eb:fe:10:12
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJomJRry+fajZeq0VRp1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjRhMWY3Y2E0MGI1ODExNmU2YmM4MzhlMDYyZjljNzEy
MjI4YTQwHhcNMjUwMTAyMTc1MzIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjkzZjViODVkMTRiNTgzYTE5NzE4MDg1NzFjOGZiYmYxMzZlMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrsHAzt5go894MSb5VMDQ9LvLKdK
36ogAQDgt22ay2GUFddZsY92Mp6zFMGJ3Su7h68GdC9GuGV2bqZwzMmZNLzvMJfZ
R34VqiF0zw5TZ+S3a+wxEkFIBej9/jdCVtkCtMN+yWlLK3TsLgoNais38Xjut0js
hNNBhSP3zolOuYrilu162tZ7dDZBgnRAsA4K8wPFLX93FxkCRrNLLKiwJFh6RBbh
LwJQr9+NlAgD+/FdfzOGLCU8/Sa+kOkv7AzEk3XncLFLqBSvVcypZp1GzPeXwg+R
nu/f/3tYvV/jhGfGbIp0XtSBJS1VqQKtDLC+eUbcPRNUuEwdJ8cm3nDWtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE+T9bhdFLWDoZcYCFccj7vxNuGQMB8GA1UdIwQY
MBaAFPpkoffKQLWBFua8g44GL5xxIiikMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tU2g5OHBBdFlFVzVyeURqZ1l2bkhFaUtLUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVm
LTViODNkMGU5NjAxMi8xL1Q1UDF1RjBVdFlPaGx4Z0lWeHlQdV9FMjRaQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVmLTViODNkMGU5NjAx
Mi8xLzEtbVNoOThwQXRZRVc1cnlEamdZdm5IRWlLS1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBALVbbAw
DgQCAAIwCAMGAioA3mEAMA0GCSqGSIb3DQEBCwUAA4IBAQBXd5Y5GsNz83tHWq1c
Iro+8jGebra0ZW0K+2mNKb6LoeG/dAr0w1JiQ1wv2XZOgVrFiM352hXHpsClRo+q
s5nj9lOAfP7A10ezw71b2+uWxOZozxkiFLy+RtYCAE6hBRTCiMZ0WQIlT+U75KCE
PguS0shsrkBcu08O7jWYKQ0N+u3wosxYH6KUcT6UGNCrmnnGAhGOFfbi43hCGbXn
nDLDQuTvzJU6JLgi7q8Wpmhj6G2LmDl2VfyLRzN2xDJl9KIhtqqPXz2sBhM5DCB6
Ms3PYP40nSDjAOqyGGCWtexLGdW5MsRIUwymNCxFCH8O1XbrTVTQSZ1KwMRml8nr
/hAS
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:14:01 2025 by rpki-client