Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/K-sDSYwSfmtvdGGKmz0K_s1-fbk.roa
File: K-sDSYwSfmtvdGGKmz0K_s1-fbk.roa (raw, json)
Hash identifier: nTXDVmXDwxaVenEMyiJUZtNKTRSoq/vUuS1ln5SDlUo=
Subject key identifier: 2B:EB:03:49:8C:12:7E:6B:6F:74:61:8A:9B:3D:0A:FE:CD:7E:7D:B9
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 019423D6F0CB9D8A6D11AFF8D8C379E865BE
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/K-sDSYwSfmtvdGGKmz0K_s1-fbk.roa
Signing time: Wed 01 Jan 2025 21:47:56 +0000
ROA not before: Wed 01 Jan 2025 21:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202755
IP address blocks: 185.155.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f0:cb:9d:8a:6d:11:af:f8:d8:c3:79:e8:65:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jan 1 21:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2beb03498c127e6b6f74618a9b3d0afecd7e7db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5d:a8:db:83:16:70:53:d2:e6:7b:fc:f5:4d:
f6:a3:1a:8e:a1:68:00:64:b9:c0:ff:53:0a:f7:f8:
1f:6b:64:e5:ed:aa:d3:28:c3:a3:62:a3:83:92:d3:
1f:16:96:4c:b7:2b:82:14:6e:32:14:24:36:25:1f:
b7:c2:33:3a:2e:8a:96:33:e7:60:cd:b6:e4:0f:ef:
84:cc:36:7a:da:86:9a:71:88:db:cb:8a:37:24:2f:
ac:2d:af:e2:5f:95:ae:18:7c:4f:66:38:82:4c:ee:
81:24:49:1e:67:43:c1:46:71:44:55:fa:fb:5a:4f:
fb:ae:3e:31:ef:cf:a8:12:cd:d5:ca:cf:0b:be:b1:
a0:96:ea:1a:b9:65:45:36:27:47:72:c6:5d:83:47:
9d:6b:d5:a6:39:0f:b3:44:0c:a7:62:2e:8a:4d:b1:
77:2d:34:9a:ad:a3:d9:e0:f2:78:bd:ad:f6:07:9f:
5f:d6:3a:4e:1c:de:58:b8:e6:5a:f3:9c:93:d1:3f:
f2:da:78:49:a4:8a:32:f5:32:97:78:c2:03:fe:4b:
e5:a4:26:ec:1c:11:d0:56:49:fc:96:63:a6:7a:a9:
db:77:33:e6:a1:11:7b:4d:8b:e3:30:64:68:23:af:
94:6d:e5:ea:1e:87:52:08:45:7d:d0:d9:4e:2e:4e:
d9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:EB:03:49:8C:12:7E:6B:6F:74:61:8A:9B:3D:0A:FE:CD:7E:7D:B9
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/K-sDSYwSfmtvdGGKmz0K_s1-fbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.172.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:97:42:08:d7:11:85:fe:8f:0b:77:b3:1f:ff:8d:e8:d2:1f:
be:28:d2:8a:14:4c:6f:35:e3:65:f0:cf:ba:60:71:23:38:b2:
45:7c:5c:ff:f8:c3:1c:92:f9:67:7b:d4:96:03:41:aa:71:db:
63:56:85:62:e7:d8:56:04:0b:50:2d:75:fc:80:11:b1:1e:17:
97:d7:93:a2:85:1b:32:26:5d:c4:b2:f8:73:12:00:47:08:26:
4b:90:1d:1f:e2:34:7f:76:d2:12:1c:63:3d:16:97:2a:b4:4d:
02:61:a8:86:e0:7d:df:9b:99:82:72:f9:bc:58:02:66:fb:2f:
36:e8:65:bb:28:85:9f:c8:e0:08:ca:d8:d8:3b:b0:14:1c:b2:
d3:58:68:a7:bc:40:0c:fa:06:be:5b:ac:28:02:e3:39:ce:20:
5f:78:24:31:53:19:47:0e:59:22:a1:b2:ed:46:5d:17:22:35:
66:fd:cf:16:11:96:3b:f6:b6:17:30:29:77:ca:ca:83:e8:cf:
8d:2d:af:d8:ac:b9:50:ae:e9:d7:8a:7f:f7:53:68:ba:a0:66:
28:d0:2f:ee:9c:71:d9:bd:af:7d:83:dc:aa:16:b0:21:40:89:
6e:84:21:9c:7b:f9:2b:64:68:03:ae:64:ee:d2:bb:0a:8e:a3:
0d:c9:5b:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1vDLnYptEa/42MN56GW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjUwMTAxMjE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmViMDM0OThjMTI3ZTZiNmY3NDYxOGE5YjNkMGFmZWNkN2U3ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy12o24MWcFPS5nv89U32oxqOoWgA
ZLnA/1MK9/gfa2Tl7arTKMOjYqODktMfFpZMtyuCFG4yFCQ2JR+3wjM6LoqWM+dg
zbbkD++EzDZ62oaacYjby4o3JC+sLa/iX5WuGHxPZjiCTO6BJEkeZ0PBRnFEVfr7
Wk/7rj4x78+oEs3Vys8LvrGgluoauWVFNidHcsZdg0eda9WmOQ+zRAynYi6KTbF3
LTSaraPZ4PJ4va32B59f1jpOHN5YuOZa85yT0T/y2nhJpIoy9TKXeMID/kvlpCbs
HBHQVkn8lmOmeqnbdzPmoRF7TYvjMGRoI6+UbeXqHodSCEV90NlOLk7ZjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvrA0mMEn5rb3Rhips9Cv7Nfn25MB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEvSy1zRFNZd1NmbXR2ZEdHS216MEtfczEtZmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZusMA0G
CSqGSIb3DQEBCwUAA4IBAQBbl0II1xGF/o8Ld7Mf/43o0h++KNKKFExvNeNl8M+6
YHEjOLJFfFz/+MMckvlne9SWA0GqcdtjVoVi59hWBAtQLXX8gBGxHheX15OihRsy
Jl3EsvhzEgBHCCZLkB0f4jR/dtISHGM9FpcqtE0CYaiG4H3fm5mCcvm8WAJm+y82
6GW7KIWfyOAIytjYO7AUHLLTWGinvEAM+ga+W6woAuM5ziBfeCQxUxlHDlkiobLt
Rl0XIjVm/c8WEZY79rYXMCl3ysqD6M+NLa/YrLlQrunXin/3U2i6oGYo0C/unHHZ
va99g9yqFrAhQIluhCGce/krZGgDrmTu0rsKjqMNyVso
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:27 2025 by rpki-client on console.sobornost.net