Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/FFaDrp2TE8Iso6bJlqnb0FqxMJo.roa
File: FFaDrp2TE8Iso6bJlqnb0FqxMJo.roa (raw, json)
Hash identifier: Jw9G+J8hnCo8w1musIzxpySO6bTcvYrzNLckyhAd2sE=
Subject key identifier: 14:56:83:AE:9D:93:13:C2:2C:A3:A6:C9:96:A9:DB:D0:5A:B1:30:9A
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 0194206858B1F45DEEA42C6CB2F9B2C0F867
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/FFaDrp2TE8Iso6bJlqnb0FqxMJo.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205467
IP address blocks: 81.171.60.0/24 maxlen: 24
81.171.62.0/24 maxlen: 24
81.171.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:58:b1:f4:5d:ee:a4:2c:6c:b2:f9:b2:c0:f8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=145683ae9d9313c22ca3a6c996a9dbd05ab1309a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:98:5e:58:f9:e3:3c:a0:b1:41:75:b2:01:6a:
73:d0:d3:7a:e5:da:5a:e3:49:b6:35:76:7b:5d:23:
3d:98:15:aa:39:b4:ea:11:2d:c8:8f:b6:34:fa:bc:
7f:df:39:bf:c3:87:2a:97:71:6b:58:a3:41:b2:83:
92:12:c0:06:59:d1:ab:81:11:d9:ba:32:f1:1a:be:
d2:92:c3:ca:c3:90:8b:c6:8a:07:9e:94:82:da:f0:
a0:44:9c:40:8a:73:49:4a:b6:4b:29:5d:99:4d:cf:
57:42:30:a9:70:ca:ab:e8:b0:b3:ec:a7:4a:2d:b2:
3b:3b:5a:5b:95:63:e4:78:38:0b:78:b8:63:2b:33:
c7:43:90:b0:86:cf:65:cf:ec:e3:04:b6:f4:58:5b:
0e:95:58:f1:6d:43:8c:41:86:ef:d0:4c:05:70:9d:
45:1c:a3:d1:bd:f3:05:7a:2b:8b:e0:d1:26:1f:64:
66:92:85:1e:fe:bf:ee:90:2e:5b:a9:31:58:08:79:
dd:af:f0:2f:c1:81:3b:15:53:e5:50:e7:65:1d:68:
ef:70:b2:5c:4b:9a:98:85:f4:1c:3e:e9:f2:2d:c8:
89:4c:1f:83:60:58:2f:ed:8a:d2:94:b9:94:c8:fb:
5a:d5:36:c1:84:3a:74:22:ce:74:f4:bc:8c:74:52:
5c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:56:83:AE:9D:93:13:C2:2C:A3:A6:C9:96:A9:DB:D0:5A:B1:30:9A
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/FFaDrp2TE8Iso6bJlqnb0FqxMJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.171.60.0/24
81.171.62.0/23
Signature Algorithm: sha256WithRSAEncryption
e2:4a:4d:2d:9a:3a:a1:50:3c:9f:38:d2:ff:1f:37:14:01:69:
6e:a7:f4:cb:d1:58:a7:3d:53:6c:d9:1f:e9:d2:4b:bb:3b:ba:
52:93:9e:5a:e0:b9:05:bc:cc:7b:d1:0d:9e:89:24:22:6c:19:
1d:33:29:68:bc:c9:e8:5e:3a:ec:7d:de:1d:b6:79:c6:e3:dd:
46:5d:24:bb:d4:af:bc:7d:a0:34:83:5b:79:cf:78:a2:05:ba:
77:54:9b:ae:06:60:bc:37:cc:f8:7d:28:9b:11:20:55:3f:e4:
d7:8a:fc:fc:b0:4c:d0:9c:b2:87:7b:de:59:54:92:8d:67:01:
bb:ae:fb:2a:8e:06:57:07:0f:4e:07:b5:a3:f7:fe:91:f7:78:
9b:5c:53:fd:3a:d9:e7:74:bc:bf:ad:a5:14:65:bc:2a:56:ed:
87:58:ea:b9:57:48:8f:e7:b5:08:64:1a:9a:cc:f6:b9:ce:83:
e9:0a:eb:fd:7f:6e:2a:c7:0b:a8:03:23:82:1a:4a:81:f0:11:
4e:06:89:2a:10:f3:60:51:ca:d7:16:9d:8c:82:c6:20:17:30:
b4:e0:3f:89:98:9d:98:0b:aa:67:e6:2b:71:0a:8b:6b:e7:c1:
13:7e:18:ee:f2:9f:42:d6:e5:86:f8:98:61:a8:17:24:96:bf:
24:a8:ce:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgaFix9F3upCxssvmywPhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU2ODNhZTlkOTMxM2MyMmNhM2E2Yzk5NmE5ZGJkMDVhYjEzMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pheWPnjPKCxQXWyAWpz0NN65dpa
40m2NXZ7XSM9mBWqObTqES3Ij7Y0+rx/3zm/w4cql3FrWKNBsoOSEsAGWdGrgRHZ
ujLxGr7SksPKw5CLxooHnpSC2vCgRJxAinNJSrZLKV2ZTc9XQjCpcMqr6LCz7KdK
LbI7O1pblWPkeDgLeLhjKzPHQ5Cwhs9lz+zjBLb0WFsOlVjxbUOMQYbv0EwFcJ1F
HKPRvfMFeiuL4NEmH2RmkoUe/r/ukC5bqTFYCHndr/AvwYE7FVPlUOdlHWjvcLJc
S5qYhfQcPunyLciJTB+DYFgv7YrSlLmUyPta1TbBhDp0Is509LyMdFJcIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBRWg66dkxPCLKOmyZap29BasTCaMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvRkZhRHJwMlRFOElzbzZiSmxxbmIwRnF4TUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUas8AwQB
Uas+MA0GCSqGSIb3DQEBCwUAA4IBAQDiSk0tmjqhUDyfONL/HzcUAWlup/TL0Vin
PVNs2R/p0ku7O7pSk55a4LkFvMx70Q2eiSQibBkdMylovMnoXjrsfd4dtnnG491G
XSS71K+8faA0g1t5z3iiBbp3VJuuBmC8N8z4fSibESBVP+TXivz8sEzQnLKHe95Z
VJKNZwG7rvsqjgZXBw9OB7Wj9/6R93ibXFP9OtnndLy/raUUZbwqVu2HWOq5V0iP
57UIZBqazPa5zoPpCuv9f24qxwuoAyOCGkqB8BFOBokqEPNgUcrXFp2MgsYgFzC0
4D+JmJ2YC6pn5itxCotr58ETfhju8p9C1uWG+JhhqBcklr8kqM4x
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:50 2025 by rpki-client