Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/FFjeL0IuCbzbDGWfr7U5gi5W5Os.roa
File: FFjeL0IuCbzbDGWfr7U5gi5W5Os.roa (raw, json)
Hash identifier: 3sG/fd8pRrUXnkWnOf6agMt6Javmg7cQv1NVJ7eO+0w=
Subject key identifier: 14:58:DE:2F:42:2E:09:BC:DB:0C:65:9F:AF:B5:39:82:2E:56:E4:EB
Certificate issuer: /CN=3a66869dd1a997164ba4fa23e0fd41fb3acb10be
Certificate serial: 0194206841E9E6D3032322622886987478F0
Authority key identifier: 3A:66:86:9D:D1:A9:97:16:4B:A4:FA:23:E0:FD:41:FB:3A:CB:10:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OmaGndGplxZLpPoj4P1B-zrLEL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/FFjeL0IuCbzbDGWfr7U5gi5W5Os.roa
Signing time: Wed 01 Jan 2025 05:48:11 +0000
ROA not before: Wed 01 Jan 2025 05:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202956
IP address blocks: 185.149.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:41:e9:e6:d3:03:23:22:62:28:86:98:74:78:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a66869dd1a997164ba4fa23e0fd41fb3acb10be
Validity
Not Before: Jan 1 05:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1458de2f422e09bcdb0c659fafb539822e56e4eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:6c:37:ce:40:b2:47:ea:49:da:c0:10:b8:
c8:a3:39:21:b4:d0:c2:47:49:62:bb:c4:d7:65:12:
d1:28:8c:ce:68:7a:6d:0f:7e:4a:42:d6:21:43:76:
5f:1e:7f:01:76:93:b4:10:b1:1f:ca:0b:63:74:40:
a7:3e:71:61:56:79:b4:f4:ef:db:2d:27:c9:07:21:
57:d4:7a:8c:ba:95:eb:d4:31:6a:fa:20:5f:ea:9c:
59:78:0b:0b:3b:86:cb:34:e0:b0:63:fa:ca:d0:74:
bd:3a:60:4d:1b:0b:91:cd:36:3d:34:b9:e3:6d:66:
b2:e5:4e:36:8f:f2:b5:00:57:3c:e3:a6:11:68:66:
91:e2:62:f6:36:72:0a:2c:6d:32:85:e2:a1:0b:4c:
62:42:e4:bd:a5:f9:bf:45:d0:fb:37:6f:88:5f:a7:
61:4e:50:d5:0a:0e:8e:14:5b:a6:fb:0a:92:ad:8c:
a8:b4:fb:d2:a8:72:9f:0a:ba:fd:7c:48:7f:5e:92:
f2:ba:e9:52:49:e1:88:36:04:8a:a2:18:78:74:b2:
13:d4:52:25:e3:8d:dd:69:63:23:18:67:03:bf:7b:
5f:ea:0a:fc:4d:9e:7b:75:05:f0:6c:ea:00:b6:df:
c6:2c:88:62:95:8a:b0:a8:6a:49:2c:96:16:54:9d:
65:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:58:DE:2F:42:2E:09:BC:DB:0C:65:9F:AF:B5:39:82:2E:56:E4:EB
X509v3 Authority Key Identifier:
keyid:3A:66:86:9D:D1:A9:97:16:4B:A4:FA:23:E0:FD:41:FB:3A:CB:10:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmaGndGplxZLpPoj4P1B-zrLEL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/FFjeL0IuCbzbDGWfr7U5gi5W5Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9118e3-13da-4d48-9c38-711fc1a2d0a0/1/OmaGndGplxZLpPoj4P1B-zrLEL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.76.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:f1:86:5b:7b:7d:7e:30:bf:61:51:4b:a2:80:25:6d:91:7b:
a7:d2:88:bc:52:c2:7a:73:be:0b:b2:7a:e1:48:8d:c1:c3:6e:
6e:a1:f7:0c:d9:47:b2:97:d7:26:90:b9:7d:c7:59:ef:e3:d9:
cd:de:66:a5:c9:16:c0:59:34:78:de:33:6e:22:84:58:6f:b3:
e3:dd:f5:10:1c:c4:cc:0c:ed:80:46:63:27:3a:0a:82:0e:2e:
ae:94:9b:d9:c4:94:8f:c4:5d:a9:5c:cc:35:03:6a:2b:9b:aa:
2a:10:7f:70:3e:29:0b:65:c0:c7:89:61:58:32:2b:11:93:9c:
cf:5b:9b:f3:a5:7d:7d:72:f0:0d:46:b1:fc:6b:7e:d8:4b:22:
eb:6a:40:0d:e8:8f:f0:b2:2c:fd:84:9b:ba:19:4f:af:bc:cd:
95:51:1c:fa:0a:fd:3e:25:70:21:13:14:a5:b7:a2:1f:1c:15:
99:43:a6:7d:8c:8a:55:17:b4:c6:d2:43:b0:af:90:f4:da:3f:
4c:9d:ac:5d:29:46:da:8b:7b:fa:fd:f9:8f:20:c9:d1:ad:c3:
fb:c4:f9:fd:9b:12:59:55:49:5d:c2:34:9b:92:a7:73:60:67:
c1:a6:1a:1a:2b:bf:cd:83:a9:1d:8c:26:16:b1:10:51:17:d3:
c3:69:7d:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEHp5tMDIyJiKIaYdHjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNjY4NjlkZDFhOTk3MTY0YmE0ZmEyM2UwZmQ0MWZiM2Fj
YjEwYmUwHhcNMjUwMTAxMDU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU4ZGUyZjQyMmUwOWJjZGIwYzY1OWZhZmI1Mzk4MjJlNTZlNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquZsN85AskfqSdrAELjIozkhtNDC
R0liu8TXZRLRKIzOaHptD35KQtYhQ3ZfHn8BdpO0ELEfygtjdECnPnFhVnm09O/b
LSfJByFX1HqMupXr1DFq+iBf6pxZeAsLO4bLNOCwY/rK0HS9OmBNGwuRzTY9NLnj
bWay5U42j/K1AFc846YRaGaR4mL2NnIKLG0yheKhC0xiQuS9pfm/RdD7N2+IX6dh
TlDVCg6OFFum+wqSrYyotPvSqHKfCrr9fEh/XpLyuulSSeGINgSKohh4dLIT1FIl
443daWMjGGcDv3tf6gr8TZ57dQXwbOoAtt/GLIhilYqwqGpJLJYWVJ1lqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRY3i9CLgm82wxln6+1OYIuVuTrMB8GA1UdIwQY
MBaAFDpmhp3RqZcWS6T6I+D9Qfs6yxC+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21hR25kR3BseFpMcFBvajRQMUItenJMRUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85MTE4ZTMtMTNkYS00ZDQ4LTljMzgt
NzExZmMxYTJkMGEwLzEvRkZqZUwwSXVDYnpiREdXZnI3VTVnaTVXNU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85MTE4ZTMtMTNkYS00ZDQ4LTljMzgtNzExZmMxYTJkMGEw
LzEvT21hR25kR3BseFpMcFBvajRQMUItenJMRUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZVMMA0G
CSqGSIb3DQEBCwUAA4IBAQC98YZbe31+ML9hUUuigCVtkXun0oi8UsJ6c74Lsnrh
SI3Bw25uofcM2Ueyl9cmkLl9x1nv49nN3malyRbAWTR43jNuIoRYb7Pj3fUQHMTM
DO2ARmMnOgqCDi6ulJvZxJSPxF2pXMw1A2orm6oqEH9wPikLZcDHiWFYMisRk5zP
W5vzpX19cvANRrH8a37YSyLrakAN6I/wsiz9hJu6GU+vvM2VURz6Cv0+JXAhExSl
t6IfHBWZQ6Z9jIpVF7TG0kOwr5D02j9MnaxdKUbai3v6/fmPIMnRrcP7xPn9mxJZ
VUldwjSbkqdzYGfBphoaK7/Ng6kdjCYWsRBRF9PDaX1D
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:57:40 2025 by rpki-client