Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/fa7NROYx8iSrXkapsnKC5maWgAE.roa
File: fa7NROYx8iSrXkapsnKC5maWgAE.roa (raw, json)
Hash identifier: uTBWDWi+lUO6SXQc1mkpkLFQ4pPjE/7aqsWLMLokR9M=
Subject key identifier: 7D:AE:CD:44:E6:31:F2:24:AB:5E:46:A9:B2:72:82:E6:66:96:80:01
Certificate issuer: /CN=ebdb225471f2d6e41060b34185725485481014b8
Certificate serial: 019423D6BFF53D886A55574AE2428BA7E36A
Authority key identifier: EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/fa7NROYx8iSrXkapsnKC5maWgAE.roa
Signing time: Wed 01 Jan 2025 21:47:43 +0000
ROA not before: Wed 01 Jan 2025 21:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12996
IP address blocks: 151.249.120.0/21 maxlen: 24
151.249.120.0/24 maxlen: 24
151.249.121.0/24 maxlen: 24
151.249.122.0/24 maxlen: 24
151.249.123.0/24 maxlen: 24
151.249.124.0/24 maxlen: 24
151.249.125.0/24 maxlen: 24
151.249.127.0/24 maxlen: 24
185.134.244.0/22 maxlen: 22
185.201.124.0/22 maxlen: 24
185.201.124.0/24 maxlen: 24
185.201.125.0/24 maxlen: 24
185.201.126.0/24 maxlen: 24
185.201.127.0/24 maxlen: 24
193.57.14.0/23 maxlen: 23
193.57.22.0/23 maxlen: 23
194.63.248.0/21 maxlen: 24
194.63.248.0/23 maxlen: 24
194.63.248.0/24 maxlen: 24
194.63.249.0/24 maxlen: 24
194.63.250.0/24 maxlen: 24
194.63.251.0/24 maxlen: 24
194.63.252.0/24 maxlen: 24
194.63.253.0/24 maxlen: 24
194.63.254.0/24 maxlen: 24
194.63.255.0/24 maxlen: 24
2a01:5b40::/32 maxlen: 48
2a01:5b40::/48 maxlen: 48
2a01:5b40:5::/48 maxlen: 48
2a01:5b40:c::/48 maxlen: 48
2a01:5b40:ac1::/48 maxlen: 48
2a01:5b40:ac2::/48 maxlen: 48
2a0a:c340::/32 maxlen: 32
2a0f:c180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bf:f5:3d:88:6a:55:57:4a:e2:42:8b:a7:e3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebdb225471f2d6e41060b34185725485481014b8
Validity
Not Before: Jan 1 21:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7daecd44e631f224ab5e46a9b27282e666968001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:79:4e:ca:e2:a9:70:00:da:20:a3:00:89:71:
5f:6d:66:a2:64:69:02:3f:a0:73:7b:2f:6b:ef:84:
89:f9:d4:87:7d:01:a4:c3:a3:5c:6a:ac:93:22:a9:
49:46:f0:0b:dd:48:e5:18:aa:46:12:23:ac:3a:65:
e3:19:64:16:88:38:e2:84:fc:a7:1b:77:84:86:88:
9d:9f:17:41:aa:9b:cd:19:29:62:7d:42:24:0e:48:
17:46:d4:fe:0a:9d:c7:b3:0b:a1:6c:97:10:56:0b:
3b:8d:7a:4e:00:63:1a:a7:05:06:2a:ff:0a:de:d4:
07:a2:11:91:71:ec:68:60:e7:73:ea:d2:30:3a:66:
fd:d6:25:70:42:76:e3:42:10:89:8c:c0:0e:da:d9:
2e:a3:05:5c:ff:6c:9e:50:a9:76:5e:68:51:3c:2a:
40:b2:93:27:35:fa:9b:ca:a2:60:bb:e6:c4:3e:0d:
1f:85:6b:8e:06:e1:13:a5:16:c9:e9:64:eb:ee:df:
50:7d:5f:f6:3f:87:d6:f2:af:9b:36:f7:be:74:68:
bb:03:f9:e3:dc:84:dd:1d:64:b2:16:36:d8:c5:a5:
af:6e:d4:37:5d:02:70:e0:c2:1a:42:03:f8:9b:99:
40:da:03:67:31:a0:88:0a:ef:3e:e7:29:03:ac:43:
15:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AE:CD:44:E6:31:F2:24:AB:5E:46:A9:B2:72:82:E6:66:96:80:01
X509v3 Authority Key Identifier:
keyid:EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/fa7NROYx8iSrXkapsnKC5maWgAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/69siVHHy1uQQYLNBhXJUhUgQFLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.120.0/21
185.134.244.0/22
185.201.124.0/22
193.57.14.0/23
193.57.22.0/23
194.63.248.0/21
IPv6:
2a01:5b40::/32
2a0a:c340::/32
2a0f:c180::/29
Signature Algorithm: sha256WithRSAEncryption
0b:a3:1b:8c:3c:66:29:8c:ee:48:32:6f:91:66:54:5e:56:04:
cb:cc:91:d9:25:e3:51:c1:92:34:d6:8b:ed:82:4a:12:44:74:
a1:52:6e:86:63:3f:0b:19:f2:f8:15:39:b8:b5:5e:f6:f5:33:
28:6e:98:8f:36:ed:66:14:db:be:81:cb:63:e0:d0:6a:74:27:
27:6b:b4:da:20:d8:27:4d:a8:fa:f6:b1:9c:c1:c4:a6:20:e6:
52:a8:41:66:0f:2e:c9:07:e0:51:fa:8d:24:4d:67:3b:62:05:
88:d5:20:e5:5d:8d:f2:6e:23:e4:43:e4:1b:ae:23:e4:65:cc:
c7:2f:63:b4:79:0d:8b:f9:d0:c4:2d:5a:5a:12:e9:75:a0:44:
12:aa:aa:14:29:74:68:fe:75:99:55:73:2e:0a:dc:89:09:d8:
6a:75:cb:50:93:42:3e:cb:7c:66:7c:5f:aa:03:d8:3b:f1:a5:
83:b9:11:f4:a0:07:32:db:e2:70:f9:2f:d7:da:c4:3b:65:57:
42:f6:f3:04:37:ab:e1:ab:7c:97:6f:f0:f1:35:6f:4f:bc:f5:
bc:1b:a3:c0:48:f8:c3:0e:cb:38:bd:7a:48:ab:0e:13:f9:12:
be:f7:2e:59:dc:e4:48:01:1f:99:d5:88:f3:8d:39:85:2c:64:
60:e4:38:dc
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQj1r/1PYhqVVdK4kKLp+NqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZGIyMjU0NzFmMmQ2ZTQxMDYwYjM0MTg1NzI1NDg1NDgx
MDE0YjgwHhcNMjUwMTAxMjE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGFlY2Q0NGU2MzFmMjI0YWI1ZTQ2YTliMjcyODJlNjY2OTY4MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13lOyuKpcADaIKMAiXFfbWaiZGkC
P6Bzey9r74SJ+dSHfQGkw6NcaqyTIqlJRvAL3UjlGKpGEiOsOmXjGWQWiDjihPyn
G3eEhoidnxdBqpvNGSlifUIkDkgXRtT+Cp3HswuhbJcQVgs7jXpOAGMapwUGKv8K
3tQHohGRcexoYOdz6tIwOmb91iVwQnbjQhCJjMAO2tkuowVc/2yeUKl2XmhRPCpA
spMnNfqbyqJgu+bEPg0fhWuOBuETpRbJ6WTr7t9QfV/2P4fW8q+bNve+dGi7A/nj
3ITdHWSyFjbYxaWvbtQ3XQJw4MIaQgP4m5lA2gNnMaCICu8+5ykDrEMVDQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFH2uzUTmMfIkq15GqbJyguZmloABMB8GA1UdIwQY
MBaAFOvbIlRx8tbkEGCzQYVyVIVIEBS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjlzaVZISHkxdVFRWUxOQmhYSlVoVWdRRkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zNzY4NTMtMmFiZi00MjMyLTkxZmYt
MDlhNWU4ZDk2MGRkLzEvZmE3TlJPWXg4aVNyWGthcHNuS0M1bWFXZ0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8zNzY4NTMtMmFiZi00MjMyLTkxZmYtMDlhNWU4ZDk2MGRk
LzEvNjlzaVZISHkxdVFRWUxOQmhYSlVoVWdRRkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDl/l4AwQC
uYb0AwQCucl8AwQBwTkOAwQBwTkWAwQDwj/4MBsEAgACMBUDBQAqAVtAAwUAKgrD
QAMFAyoPwYAwDQYJKoZIhvcNAQELBQADggEBAAujG4w8ZimM7kgyb5FmVF5WBMvM
kdkl41HBkjTWi+2CShJEdKFSboZjPwsZ8vgVObi1Xvb1MyhumI827WYU276By2Pg
0Gp0JydrtNog2CdNqPr2sZzBxKYg5lKoQWYPLskH4FH6jSRNZztiBYjVIOVdjfJu
I+RD5BuuI+RlzMcvY7R5DYv50MQtWloS6XWgRBKqqhQpdGj+dZlVcy4K3IkJ2Gp1
y1CTQj7LfGZ8X6oD2DvxpYO5EfSgBzLb4nD5L9faxDtlV0L28wQ3q+GrfJdv8PE1
b0+89bwbo8BI+MMOyzi9ekirDhP5Er73Llnc5EgBH5nViPONOYUsZGDkONw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:56 2025 by rpki-client on console.sobornost.net