Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/fNW98zG8YgdTIxQopzVptDv3vEA.roa
File: fNW98zG8YgdTIxQopzVptDv3vEA.roa (raw, json)
Hash identifier: oH5A9HkaHxcIBBsSALBiEtsRJXsDnYZkpZH6oV0XeF4=
Subject key identifier: 7C:D5:BD:F3:31:BC:62:07:53:23:14:28:A7:35:69:B4:3B:F7:BC:40
Certificate issuer: /CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Certificate serial: 0194221FEC34BCDCA8BEB965B42148002577
Authority key identifier: 71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/fNW98zG8YgdTIxQopzVptDv3vEA.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49540
IP address blocks: 37.114.64.0/21 maxlen: 21
78.152.128.0/19 maxlen: 19
185.147.228.0/22 maxlen: 22
2a00:b180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ec:34:bc:dc:a8:be:b9:65:b4:21:48:00:25:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cd5bdf331bc620753231428a73569b43bf7bc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:f7:5c:f9:5c:3f:26:51:59:ee:ce:09:9f:
30:3c:e2:a6:69:02:44:d3:68:33:ce:00:a3:dd:38:
09:df:ef:44:03:17:62:67:21:12:91:ef:57:73:bf:
24:ef:10:48:05:53:99:ce:b4:10:34:01:41:b5:4a:
36:29:8f:46:8e:c4:dd:fa:47:e1:b7:73:ba:57:8b:
80:fd:2b:4c:a2:ac:b2:bb:f7:fa:db:24:28:90:00:
fd:58:ea:b1:f0:aa:31:b2:19:56:75:53:65:b4:48:
e4:1a:85:0a:f4:bf:f2:1d:25:83:ab:5d:67:e3:c1:
70:53:41:fc:90:eb:c1:8a:52:b5:a6:ff:5d:16:5e:
15:85:3b:30:d1:06:11:2e:2e:4b:8f:b7:4b:97:ce:
f1:69:34:b5:cd:75:91:93:2e:63:2e:7f:65:12:84:
cd:f9:59:05:79:07:4f:01:6e:4c:9a:e8:5d:a0:e2:
71:26:97:02:b3:2c:26:a1:d7:f3:e0:0b:91:ba:37:
71:0b:ff:f2:1a:47:a6:4e:bc:c4:c3:f2:fc:5f:98:
7d:89:73:28:d0:66:85:c0:c1:b6:b0:5a:93:fc:58:
25:e0:e7:4c:68:02:69:e1:38:63:d6:43:f7:f9:dd:
80:58:f4:7c:30:3a:57:79:80:e9:58:48:a3:f1:5b:
b2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D5:BD:F3:31:BC:62:07:53:23:14:28:A7:35:69:B4:3B:F7:BC:40
X509v3 Authority Key Identifier:
keyid:71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/fNW98zG8YgdTIxQopzVptDv3vEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.64.0/21
78.152.128.0/19
185.147.228.0/22
IPv6:
2a00:b180::/32
Signature Algorithm: sha256WithRSAEncryption
66:81:25:ea:f9:51:0c:75:9e:83:59:09:f5:66:43:ae:ef:ee:
1e:33:60:43:e5:76:7d:d0:37:53:10:ab:50:a8:5d:24:b6:d5:
93:52:1b:8f:45:74:52:f8:95:5c:46:bf:35:2a:9e:85:8b:06:
8d:6e:8d:76:61:fa:07:27:66:f1:ff:57:6b:ad:6c:d4:23:43:
89:f8:ea:ee:3c:da:27:91:01:33:14:b1:77:fd:b9:1a:bb:b2:
67:7a:11:52:aa:d4:fe:f2:10:54:e8:07:3c:db:73:09:e4:66:
98:32:d7:92:f2:da:1e:7b:cc:15:89:91:0b:73:04:50:4a:cb:
70:e8:0c:dd:b5:2f:3a:02:a3:27:72:db:75:ba:eb:1c:f3:be:
5f:3f:0f:4c:ea:5b:06:43:af:4c:96:4e:09:d2:1f:ea:2c:f7:
8b:46:14:8a:5c:aa:85:f4:48:91:ef:cd:4b:ae:d0:c0:05:aa:
37:b6:f3:2c:fe:71:1a:93:f4:23:10:00:4a:87:c4:54:06:82:
56:ce:ca:d5:81:f4:2b:ed:79:b4:86:dc:4f:a4:d5:a5:21:02:
3a:6b:32:01:b2:22:13:a7:21:7d:fd:eb:15:b1:bf:58:ba:c1:
23:f8:b7:ec:95:58:a2:a4:7e:ba:19:e6:70:50:6c:af:8c:f5:
06:50:4e:6f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQiH+w0vNyovrlltCFIACV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNjAxYzBiOGIxM2NjMTIxMDE3ZjZkMjUxMTdhYzFmZDA2
NjQzNDQwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q1YmRmMzMxYmM2MjA3NTMyMzE0MjhhNzM1NjliNDNiZjdiYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4D3XPlcPyZRWe7OCZ8wPOKmaQJE
02gzzgCj3TgJ3+9EAxdiZyESke9Xc78k7xBIBVOZzrQQNAFBtUo2KY9GjsTd+kfh
t3O6V4uA/StMoqyyu/f62yQokAD9WOqx8KoxshlWdVNltEjkGoUK9L/yHSWDq11n
48FwU0H8kOvBilK1pv9dFl4VhTsw0QYRLi5Lj7dLl87xaTS1zXWRky5jLn9lEoTN
+VkFeQdPAW5MmuhdoOJxJpcCsywmodfz4AuRujdxC//yGkemTrzEw/L8X5h9iXMo
0GaFwMG2sFqT/Fgl4OdMaAJp4Thj1kP3+d2AWPR8MDpXeYDpWEij8Vuy6QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHzVvfMxvGIHUyMUKKc1abQ797xAMB8GA1UdIwQY
MBaAFHFgHAuLE8wSEBf20lEXrB/QZkNEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYt
NzZiMDMyNWMzYjA3LzEvZk5XOTh6RzhZZ2RUSXhRb3B6VnB0RHYzdkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYtNzZiMDMyNWMzYjA3
LzEvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXJAAwQF
TpiAAwQCuZPkMA0EAgACMAcDBQAqALGAMA0GCSqGSIb3DQEBCwUAA4IBAQBmgSXq
+VEMdZ6DWQn1ZkOu7+4eM2BD5XZ90DdTEKtQqF0kttWTUhuPRXRS+JVcRr81Kp6F
iwaNbo12YfoHJ2bx/1drrWzUI0OJ+OruPNonkQEzFLF3/bkau7JnehFSqtT+8hBU
6Ac823MJ5GaYMteS8toee8wViZELcwRQSstw6AzdtS86AqMnctt1uusc875fPw9M
6lsGQ69Mlk4J0h/qLPeLRhSKXKqF9EiR781LrtDABao3tvMs/nEak/QjEABKh8RU
BoJWzsrVgfQr7Xm0htxPpNWlIQI6azIBsiITpyF9/esVsb9YusEj+LfslViipH66
GeZwUGyvjPUGUE5v
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:43:18 2025 by rpki-client