Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/968e74-8315-4056-a81d-04fd81c1080a/1/fsuXXTt4D-BAUIBB3Z8WvkXU_yE.roa
File: fsuXXTt4D-BAUIBB3Z8WvkXU_yE.roa (raw, json)
Hash identifier: sJWJEOj4XroW9yxMcHeV3mQzQVXjiEYz8LHpC+H6XEc=
Subject key identifier: 7E:CB:97:5D:3B:78:0F:E0:40:50:80:41:DD:9F:16:BE:45:D4:FF:21
Certificate issuer: /CN=4b5d88e548ceeaa627c00d718da04fd667d2c5d1
Certificate serial: 018332388EE4BE8D980117D1E07180D218D2
Authority key identifier: 4B:5D:88:E5:48:CE:EA:A6:27:C0:0D:71:8D:A0:4F:D6:67:D2:C5:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S12I5UjO6qYnwA1xjaBP1mfSxdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/968e74-8315-4056-a81d-04fd81c1080a/1/fsuXXTt4D-BAUIBB3Z8WvkXU_yE.roa
Signing time: Mon 12 Sep 2022 15:01:50 +0000
ROA not before: Mon 12 Sep 2022 15:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211064
IP address blocks: 185.236.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:38:8e:e4:be:8d:98:01:17:d1:e0:71:80:d2:18:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b5d88e548ceeaa627c00d718da04fd667d2c5d1
Validity
Not Before: Sep 12 15:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ecb975d3b780fe040508041dd9f16be45d4ff21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c4:86:4d:49:d3:c2:ba:b9:e2:2e:05:06:f4:
5c:dd:13:d3:15:1a:75:11:ce:82:32:e0:74:b2:23:
3d:66:62:d2:88:d5:33:b7:e1:c2:5a:c1:e9:53:dc:
1d:02:f2:a6:23:f3:86:8b:86:9d:43:2d:99:6d:68:
dc:b4:ae:d4:33:80:db:d9:70:dd:23:01:ee:f7:04:
96:b5:a3:08:15:5f:1f:a5:74:2c:b5:78:73:23:1b:
7a:38:2a:6e:4f:0f:79:dd:62:8a:38:22:23:ae:71:
01:90:a9:77:6a:b7:9e:d9:48:2d:ca:f8:3a:a3:eb:
75:b0:06:b7:7e:4e:5a:3b:1e:c9:78:33:7b:ca:67:
eb:c3:cc:7b:7d:e1:17:b0:32:51:a8:29:8a:d9:6a:
d5:79:89:07:5b:eb:92:c7:09:ab:82:aa:c5:24:d8:
2a:69:fd:b3:6f:1b:a5:bb:34:6b:03:d0:f1:d3:27:
2f:fa:66:af:bf:4d:34:a6:ab:54:a5:dc:07:63:c2:
0d:29:04:e9:bb:8d:80:58:f4:c3:be:c6:89:37:41:
d1:72:5e:de:25:f4:67:4a:87:17:26:4d:60:6e:f6:
75:c1:1f:d3:7a:e0:69:52:88:db:79:06:16:da:56:
7d:d7:61:eb:46:a5:39:4e:77:cc:8a:77:d1:f4:2c:
3f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CB:97:5D:3B:78:0F:E0:40:50:80:41:DD:9F:16:BE:45:D4:FF:21
X509v3 Authority Key Identifier:
keyid:4B:5D:88:E5:48:CE:EA:A6:27:C0:0D:71:8D:A0:4F:D6:67:D2:C5:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S12I5UjO6qYnwA1xjaBP1mfSxdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/968e74-8315-4056-a81d-04fd81c1080a/1/fsuXXTt4D-BAUIBB3Z8WvkXU_yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/968e74-8315-4056-a81d-04fd81c1080a/1/S12I5UjO6qYnwA1xjaBP1mfSxdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.140.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:56:7f:28:ae:63:9c:3b:6a:d9:4f:ff:88:e5:2d:39:5d:cf:
1e:e4:85:ca:e4:3f:c8:b8:fe:74:0f:31:dc:ff:09:38:e7:08:
fa:69:28:e7:20:fb:0e:e0:83:63:81:60:49:48:b0:4a:ac:1b:
25:f5:24:ab:ed:55:a6:19:39:6c:f1:1e:59:fc:64:2c:18:53:
6f:19:da:b9:ee:a7:f1:81:9d:95:ff:e6:99:4a:46:94:25:28:
1f:d9:1b:a7:65:e9:51:d1:a6:81:90:a6:6a:ea:72:79:f1:c4:
96:90:b7:12:06:e5:2c:5c:10:8b:9f:7e:f4:49:dc:4e:ae:5f:
b0:d2:64:2e:1f:64:71:5e:b8:b6:2d:49:bf:d5:27:b3:f8:e2:
01:90:85:00:c6:ff:ad:0f:37:86:9c:b0:76:95:fc:13:e8:e3:
1c:a6:4b:b3:db:fd:c5:71:6c:7c:7f:25:f5:5a:7e:75:d1:af:
f0:2d:a5:0d:87:7b:29:7f:c6:ec:85:8f:7d:ad:ab:47:8e:68:
55:8d:4c:9a:da:6e:ac:2e:8b:73:31:a8:3f:a2:2c:7e:16:dd:
9a:68:9d:45:04:de:f2:4f:a8:01:70:25:f2:9c:cf:30:c3:fd:
93:71:cd:4b:d4:99:b4:7a:9c:e3:7a:11:10:20:b1:ad:a1:7b:
76:6c:0d:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMyOI7kvo2YARfR4HGA0hjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNWQ4OGU1NDhjZWVhYTYyN2MwMGQ3MThkYTA0ZmQ2Njdk
MmM1ZDEwHhcNMjIwOTEyMTUwMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNiOTc1ZDNiNzgwZmUwNDA1MDgwNDFkZDlmMTZiZTQ1ZDRmZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8SGTUnTwrq54i4FBvRc3RPTFRp1
Ec6CMuB0siM9ZmLSiNUzt+HCWsHpU9wdAvKmI/OGi4adQy2ZbWjctK7UM4Db2XDd
IwHu9wSWtaMIFV8fpXQstXhzIxt6OCpuTw953WKKOCIjrnEBkKl3aree2Ugtyvg6
o+t1sAa3fk5aOx7JeDN7ymfrw8x7feEXsDJRqCmK2WrVeYkHW+uSxwmrgqrFJNgq
af2zbxuluzRrA9Dx0ycv+mavv000pqtUpdwHY8INKQTpu42AWPTDvsaJN0HRcl7e
JfRnSocXJk1gbvZ1wR/TeuBpUojbeQYW2lZ912HrRqU5TnfMinfR9Cw/iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH7Ll107eA/gQFCAQd2fFr5F1P8hMB8GA1UdIwQY
MBaAFEtdiOVIzuqmJ8ANcY2gT9Zn0sXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzEySTVVak82cVlud0ExeGphQlAxbWZTeGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC85NjhlNzQtODMxNS00MDU2LWE4MWQt
MDRmZDgxYzEwODBhLzEvZnN1WFhUdDRELUJBVUlCQjNaOFd2a1hVX3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC85NjhlNzQtODMxNS00MDU2LWE4MWQtMDRmZDgxYzEwODBh
LzEvUzEySTVVak82cVlud0ExeGphQlAxbWZTeGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueyMMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Vn8ormOcO2rZT/+I5S05Xc8e5IXK5D/IuP50DzHc
/wk45wj6aSjnIPsO4INjgWBJSLBKrBsl9SSr7VWmGTls8R5Z/GQsGFNvGdq57qfx
gZ2V/+aZSkaUJSgf2RunZelR0aaBkKZq6nJ58cSWkLcSBuUsXBCLn370SdxOrl+w
0mQuH2RxXri2LUm/1Sez+OIBkIUAxv+tDzeGnLB2lfwT6OMcpkuz2/3FcWx8fyX1
Wn510a/wLaUNh3spf8bshY99ratHjmhVjUya2m6sLotzMag/oix+Ft2aaJ1FBN7y
T6gBcCXynM8ww/2Tcc1L1Jm0epzjehEQILGtoXt2bA3w
-----END CERTIFICATE-----
Generated at Wed May 14 12:58:07 2025 by rpki-client