Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/FNPjMOoGw_qr5syHiMbZO5lzjMQ.roa
File: FNPjMOoGw_qr5syHiMbZO5lzjMQ.roa (raw, json)
Hash identifier: 5qw3tWosyd4KlYSn8mbGOq7ldklrf0oZDzLLsc6wFlk=
Subject key identifier: 14:D3:E3:30:EA:06:C3:FA:AB:E6:CC:87:88:C6:D9:3B:99:73:8C:C4
Certificate issuer: /CN=05df1ca3b665f24cbe101cfc2f38344da8b1768d
Certificate serial: 0194266B9E702D184CCC26293E09FA3AC5E7
Authority key identifier: 05:DF:1C:A3:B6:65:F2:4C:BE:10:1C:FC:2F:38:34:4D:A8:B1:76:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bd8co7Zl8ky-EBz8Lzg0Taixdo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/FNPjMOoGw_qr5syHiMbZO5lzjMQ.roa
Signing time: Thu 02 Jan 2025 09:49:34 +0000
ROA not before: Thu 02 Jan 2025 09:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197190
IP address blocks: 185.209.216.0/24 maxlen: 24
185.209.217.0/24 maxlen: 24
185.209.218.0/24 maxlen: 24
185.209.219.0/24 maxlen: 24
2a0b:5240::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9e:70:2d:18:4c:cc:26:29:3e:09:fa:3a:c5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05df1ca3b665f24cbe101cfc2f38344da8b1768d
Validity
Not Before: Jan 2 09:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14d3e330ea06c3faabe6cc8788c6d93b99738cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:34:8d:7a:17:82:56:86:bd:e2:ad:2c:91:
06:2b:1f:cc:f0:85:08:cd:04:77:64:1f:f9:93:98:
68:2e:d0:b4:26:d7:52:17:8d:2e:4b:ff:d2:9f:9d:
25:02:87:42:fb:a2:55:bc:8c:f3:04:f8:3a:6a:ce:
25:cd:6a:ca:b1:64:c2:d1:1e:72:0f:15:34:cc:ab:
63:cf:f0:9d:51:16:a7:78:61:e9:f2:e8:a5:09:9f:
18:46:99:7b:cc:c0:98:26:01:35:2e:17:3b:88:77:
33:f4:11:e5:2e:4e:2f:35:82:51:6d:31:97:6d:21:
56:df:cb:c1:ec:02:d3:43:ae:f6:07:5a:65:de:c5:
e3:62:6b:8a:c5:ef:2b:f8:f3:0e:23:39:e1:a6:b5:
d3:ee:0c:1f:bd:2a:8f:b8:90:fe:91:03:af:8d:3a:
be:4f:d2:8e:22:15:12:84:f7:11:dc:9e:61:23:f5:
2d:49:c3:1f:45:ff:12:e9:da:c4:a8:c3:84:50:48:
ea:15:b4:1e:17:d6:61:b7:e2:65:2f:c1:98:c4:d0:
ed:6a:64:4c:83:80:59:fc:62:fc:87:28:b5:0a:d0:
f3:6f:6d:c3:ad:01:a0:0f:01:a4:b3:d0:84:13:e1:
06:50:45:37:ba:dc:12:5f:90:89:09:3e:6d:cc:f0:
01:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D3:E3:30:EA:06:C3:FA:AB:E6:CC:87:88:C6:D9:3B:99:73:8C:C4
X509v3 Authority Key Identifier:
keyid:05:DF:1C:A3:B6:65:F2:4C:BE:10:1C:FC:2F:38:34:4D:A8:B1:76:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bd8co7Zl8ky-EBz8Lzg0Taixdo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/FNPjMOoGw_qr5syHiMbZO5lzjMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/Bd8co7Zl8ky-EBz8Lzg0Taixdo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.216.0/22
IPv6:
2a0b:5240::/29
Signature Algorithm: sha256WithRSAEncryption
30:ba:b1:cc:b5:9a:d6:6c:e4:82:52:b0:4b:e7:d1:a3:58:32:
75:6c:6a:f3:d3:42:9c:34:e0:1c:bf:4b:31:72:75:2f:62:c3:
da:9c:e8:f1:42:a3:f9:e4:9f:b9:9e:5a:87:70:34:e0:a1:5b:
52:b9:12:91:11:45:03:67:41:8b:13:1f:17:be:0b:8a:85:d4:
5c:21:7e:7c:37:00:4d:38:e8:30:b6:9c:4e:94:fb:dc:e5:e2:
a7:04:70:ce:63:d6:10:30:da:05:d3:e5:26:dc:96:1a:28:36:
5c:6e:e1:32:ff:15:f4:5d:ed:34:e2:08:1c:9f:05:fb:0c:a4:
2d:94:ba:27:cc:12:5c:29:eb:d1:b8:ae:0f:ee:4f:d0:99:77:
37:c0:42:8f:92:bf:00:b0:f5:96:33:da:64:36:36:c7:09:3a:
4f:5a:3d:7f:8f:15:de:15:97:a4:4d:7a:c5:26:95:ca:b8:0a:
5b:44:4b:ae:b3:b5:1e:0c:49:d7:0a:e7:58:48:b8:a6:16:a9:
c2:dd:bd:6f:55:d7:1b:5a:d9:23:e1:cb:ba:d7:53:26:13:2a:
b2:58:3b:7c:c0:35:ad:9c:1d:ed:14:b3:e7:d4:de:a1:bb:a4:
15:dd:3f:11:17:2d:5c:74:c9:7f:78:83:fd:2c:dd:8b:1d:6b:
6f:9d:27:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma55wLRhMzCYpPgn6OsXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZGYxY2EzYjY2NWYyNGNiZTEwMWNmYzJmMzgzNDRkYThi
MTc2OGQwHhcNMjUwMTAyMDk0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQzZTMzMGVhMDZjM2ZhYWJlNmNjODc4OGM2ZDkzYjk5NzM4Y2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHY0jXoXglaGveKtLJEGKx/M8IUI
zQR3ZB/5k5hoLtC0JtdSF40uS//Sn50lAodC+6JVvIzzBPg6as4lzWrKsWTC0R5y
DxU0zKtjz/CdURaneGHp8uilCZ8YRpl7zMCYJgE1Lhc7iHcz9BHlLk4vNYJRbTGX
bSFW38vB7ALTQ672B1pl3sXjYmuKxe8r+PMOIznhprXT7gwfvSqPuJD+kQOvjTq+
T9KOIhUShPcR3J5hI/UtScMfRf8S6drEqMOEUEjqFbQeF9Zht+JlL8GYxNDtamRM
g4BZ/GL8hyi1CtDzb23DrQGgDwGks9CEE+EGUEU3utwSX5CJCT5tzPAB8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBTT4zDqBsP6q+bMh4jG2TuZc4zEMB8GA1UdIwQY
MBaAFAXfHKO2ZfJMvhAc/C84NE2osXaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmQ4Y283Wmw4a3ktRUJ6OEx6ZzBUYWl4ZG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84OGQzYjMtODI1Ny00N2FhLWEyMjct
ZDAyYWFmYjgzMmM0LzEvRk5Qak1Pb0d3X3FyNXN5SGlNYlpPNWx6ak1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84OGQzYjMtODI1Ny00N2FhLWEyMjctZDAyYWFmYjgzMmM0
LzEvQmQ4Y283Wmw4a3ktRUJ6OEx6ZzBUYWl4ZG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudHYMA0E
AgACMAcDBQMqC1JAMA0GCSqGSIb3DQEBCwUAA4IBAQAwurHMtZrWbOSCUrBL59Gj
WDJ1bGrz00KcNOAcv0sxcnUvYsPanOjxQqP55J+5nlqHcDTgoVtSuRKREUUDZ0GL
Ex8XvguKhdRcIX58NwBNOOgwtpxOlPvc5eKnBHDOY9YQMNoF0+Um3JYaKDZcbuEy
/xX0Xe004ggcnwX7DKQtlLonzBJcKevRuK4P7k/QmXc3wEKPkr8AsPWWM9pkNjbH
CTpPWj1/jxXeFZekTXrFJpXKuApbREuus7UeDEnXCudYSLimFqnC3b1vVdcbWtkj
4cu611MmEyqyWDt8wDWtnB3tFLPn1N6hu6QV3T8RFy1cdMl/eIP9LN2LHWtvnSfX
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:12:05 2025 by rpki-client