Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/Le3v2H0wAOnsDtbYpl9GWGKprW8.roa
File: Le3v2H0wAOnsDtbYpl9GWGKprW8.roa (raw, json)
Hash identifier: 3pH+MsH30Kao3JM7UhwFK9NiYfes8F3zq57Gt61L8AQ=
Subject key identifier: 2D:ED:EF:D8:7D:30:00:E9:EC:0E:D6:D8:A6:5F:46:58:62:A9:AD:6F
Certificate issuer: /CN=fcf9ada9b28b6997fda1c468a8d869638407a0bb
Certificate serial: 0194252224A2635E2B67B52B1B20D5444014
Authority key identifier: FC:F9:AD:A9:B2:8B:69:97:FD:A1:C4:68:A8:D8:69:63:84:07:A0:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_PmtqbKLaZf9ocRoqNhpY4QHoLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/Le3v2H0wAOnsDtbYpl9GWGKprW8.roa
Signing time: Thu 02 Jan 2025 03:49:42 +0000
ROA not before: Thu 02 Jan 2025 03:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202814
IP address blocks: 171.22.140.0/22 maxlen: 24
185.139.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:24:a2:63:5e:2b:67:b5:2b:1b:20:d5:44:40:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcf9ada9b28b6997fda1c468a8d869638407a0bb
Validity
Not Before: Jan 2 03:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dedefd87d3000e9ec0ed6d8a65f465862a9ad6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:77:12:50:47:5a:0d:8c:4c:a0:6f:11:36:7e:
8f:6f:f0:7c:aa:a9:26:45:dd:3c:02:d5:96:18:11:
0d:bf:e2:f6:4f:1d:56:0d:0f:7e:8b:d0:b4:36:3e:
f1:e1:08:a1:b8:55:33:90:d6:fc:16:25:61:06:01:
cd:67:47:ea:aa:3a:c7:5e:9d:1f:89:17:a3:12:fd:
3f:8c:2a:b0:25:76:95:eb:56:c2:38:07:e8:17:a3:
fb:bf:70:3f:40:e3:25:65:7c:f1:99:45:d2:d3:0b:
65:bb:e5:50:5f:0e:a5:66:a2:dc:75:04:bb:57:2c:
7d:9c:ba:f4:1e:e7:a6:4e:6e:ec:9c:a4:4d:0e:8f:
96:c7:6c:96:9c:04:48:30:04:84:83:4f:4f:59:17:
91:d3:96:ec:72:74:3e:c0:27:62:fa:fc:87:d5:37:
b5:dd:0d:f2:d5:b6:77:2b:fb:2b:46:47:5b:d0:91:
98:6b:62:33:73:19:60:26:af:a3:4d:92:26:9c:45:
b3:d2:f9:34:80:40:1c:56:ee:59:52:0b:24:9c:0c:
b7:ea:06:e5:05:59:65:4f:b0:d7:59:26:dc:fd:20:
9f:9d:16:5b:9a:f7:33:17:22:6d:8c:76:54:33:96:
18:97:ed:e5:5f:5e:db:85:d4:c4:6f:1d:db:99:71:
19:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:ED:EF:D8:7D:30:00:E9:EC:0E:D6:D8:A6:5F:46:58:62:A9:AD:6F
X509v3 Authority Key Identifier:
keyid:FC:F9:AD:A9:B2:8B:69:97:FD:A1:C4:68:A8:D8:69:63:84:07:A0:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_PmtqbKLaZf9ocRoqNhpY4QHoLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/Le3v2H0wAOnsDtbYpl9GWGKprW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7a96d1-cf1b-4f47-93ee-259fe1750eeb/1/_PmtqbKLaZf9ocRoqNhpY4QHoLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.140.0/22
185.139.192.0/22
Signature Algorithm: sha256WithRSAEncryption
44:1d:0a:55:ab:81:31:8c:32:0d:51:b9:16:62:9d:36:da:49:
ff:1f:18:c8:24:9b:ba:13:9e:cd:1e:8e:1d:81:6e:75:d5:3f:
b9:85:10:39:c8:c2:7f:66:d5:eb:ec:ba:0d:c4:ad:14:ae:d9:
4c:af:6a:1d:d8:36:cf:1b:34:d2:57:ea:f3:e5:d1:3c:14:12:
5a:8b:b2:d8:b0:1f:21:ba:6d:60:ca:99:88:f1:f4:40:dc:d2:
03:d1:64:97:c5:fd:39:6c:b8:53:37:50:93:0a:ea:c2:5c:ad:
8a:75:6b:39:06:9d:4c:de:eb:8a:f9:4f:f8:e5:3d:f5:4b:4f:
20:42:02:2c:fc:77:e7:18:5d:8a:22:f2:11:14:96:04:2a:39:
49:7c:77:f4:19:65:13:c6:a2:67:28:2c:6a:92:e8:65:eb:d9:
12:ed:3b:4d:bb:eb:ed:2b:db:dc:4d:d7:cf:b1:f8:b7:3f:7c:
53:22:d5:1b:e0:96:26:26:49:2f:c5:a0:ec:39:42:88:9d:f6:
37:87:cf:f1:e3:55:ee:38:8d:72:62:8d:f4:59:3f:2d:db:d0:
d3:24:be:e6:57:79:b7:d3:bd:78:c1:1f:33:b8:97:68:ed:b3:
ad:19:d2:72:c2:4c:56:b6:58:4d:aa:b6:52:a9:1e:1f:ac:e2:
69:a5:b4:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIiSiY14rZ7UrGyDVREAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZjlhZGE5YjI4YjY5OTdmZGExYzQ2OGE4ZDg2OTYzODQw
N2EwYmIwHhcNMjUwMTAyMDM0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGVkZWZkODdkMzAwMGU5ZWMwZWQ2ZDhhNjVmNDY1ODYyYTlhZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ncSUEdaDYxMoG8RNn6Pb/B8qqkm
Rd08AtWWGBENv+L2Tx1WDQ9+i9C0Nj7x4QihuFUzkNb8FiVhBgHNZ0fqqjrHXp0f
iRejEv0/jCqwJXaV61bCOAfoF6P7v3A/QOMlZXzxmUXS0wtlu+VQXw6lZqLcdQS7
Vyx9nLr0HuemTm7snKRNDo+Wx2yWnARIMASEg09PWReR05bscnQ+wCdi+vyH1Te1
3Q3y1bZ3K/srRkdb0JGYa2IzcxlgJq+jTZImnEWz0vk0gEAcVu5ZUgsknAy36gbl
BVllT7DXWSbc/SCfnRZbmvczFyJtjHZUM5YYl+3lX17bhdTEbx3bmXEZTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3t79h9MADp7A7W2KZfRlhiqa1vMB8GA1UdIwQY
MBaAFPz5ramyi2mX/aHEaKjYaWOEB6C7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1BtdHFiS0xhWmY5b2NSb3FOaHBZNFFIb0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YTk2ZDEtY2YxYi00ZjQ3LTkzZWUt
MjU5ZmUxNzUwZWViLzEvTGUzdjJIMHdBT25zRHRiWXBsOUdXR0twclc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YTk2ZDEtY2YxYi00ZjQ3LTkzZWUtMjU5ZmUxNzUwZWVi
LzEvX1BtdHFiS0xhWmY5b2NSb3FOaHBZNFFIb0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCqxaMAwQC
uYvAMA0GCSqGSIb3DQEBCwUAA4IBAQBEHQpVq4ExjDINUbkWYp022kn/HxjIJJu6
E57NHo4dgW511T+5hRA5yMJ/ZtXr7LoNxK0UrtlMr2od2DbPGzTSV+rz5dE8FBJa
i7LYsB8hum1gypmI8fRA3NID0WSXxf05bLhTN1CTCurCXK2KdWs5Bp1M3uuK+U/4
5T31S08gQgIs/HfnGF2KIvIRFJYEKjlJfHf0GWUTxqJnKCxqkuhl69kS7TtNu+vt
K9vcTdfPsfi3P3xTItUb4JYmJkkvxaDsOUKInfY3h8/x41XuOI1yYo30WT8t29DT
JL7mV3m30714wR8zuJdo7bOtGdJywkxWtlhNqrZSqR4frOJppbRA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:10 2025 by rpki-client on console.sobornost.net