Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/FSyBGbOLmpZqxuyTafNUDJD8eqE.roa
File: FSyBGbOLmpZqxuyTafNUDJD8eqE.roa (raw, json)
Hash identifier: +TU4FTsts6cuMzRC70dGOv+t0xMRTZJVhLzrw9wnLM8=
Subject key identifier: 15:2C:81:19:B3:8B:9A:96:6A:C6:EC:93:69:F3:54:0C:90:FC:7A:A1
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 0194258F565BAE565890EC506E3D5CD8B632
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/FSyBGbOLmpZqxuyTafNUDJD8eqE.roa
Signing time: Thu 02 Jan 2025 05:48:58 +0000
ROA not before: Thu 02 Jan 2025 05:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 24
128.0.144.0/24 maxlen: 24
128.0.145.0/24 maxlen: 24
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 24
185.5.8.0/24 maxlen: 24
185.5.9.0/24 maxlen: 24
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 24
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0::/48 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
2a02:45c0:20::/48 maxlen: 48
2a02:45c0:fffe::/48 maxlen: 48
2a02:45c0:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:56:5b:ae:56:58:90:ec:50:6e:3d:5c:d8:b6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Jan 2 05:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=152c8119b38b9a966ac6ec9369f3540c90fc7aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:bc:b6:38:3c:20:a5:c3:3f:f2:ed:2c:ee:
8c:1f:6d:4c:35:31:ff:d1:2b:2a:d2:22:f5:7b:a6:
a5:6d:ad:0d:39:ed:06:20:86:40:fe:ae:8a:0e:b8:
5c:fc:d1:48:7a:b9:6e:b3:88:d5:3b:88:99:48:8a:
3c:08:43:5d:19:9d:ad:62:89:5f:f4:81:9f:35:5e:
9a:7e:2e:f0:76:15:8a:93:63:c2:82:9f:c0:2d:55:
7f:6f:6b:25:fc:cd:9c:25:1a:95:92:11:96:35:7a:
c9:c2:f1:ea:04:a2:4e:c6:06:08:3e:a7:6e:ad:9d:
af:f1:fc:36:e4:7a:02:7c:b4:57:73:80:62:18:02:
40:91:1c:2c:e3:96:8a:20:df:b2:a3:0e:95:62:40:
0c:03:7b:60:e3:f0:7a:25:3e:53:71:ef:50:49:a9:
fb:a6:c8:82:c6:75:81:fa:b3:20:f3:65:47:81:f9:
6b:7e:b2:b0:d8:75:8a:f9:67:2d:84:d9:a3:90:9c:
af:f5:d4:7a:fd:b9:f7:bb:06:92:0c:9e:1f:30:d1:
c8:18:a9:8e:a6:3f:23:9b:43:06:37:e8:78:c6:a0:
72:15:8e:8e:f0:38:55:24:a3:7e:50:4d:ea:d2:49:
83:7c:b6:ef:62:b8:51:9a:68:50:b4:47:0b:17:fd:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2C:81:19:B3:8B:9A:96:6A:C6:EC:93:69:F3:54:0C:90:FC:7A:A1
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/FSyBGbOLmpZqxuyTafNUDJD8eqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:bf:c5:42:37:b2:c9:0a:c5:59:79:83:0e:7e:3a:4f:e2:6f:
63:fb:ed:ff:ec:0e:c5:e3:72:b9:ac:85:75:51:87:f2:03:a1:
5e:54:ca:97:d3:19:a2:12:52:e0:f6:40:3d:20:f6:b7:28:e8:
6f:cf:25:a3:55:7a:5f:67:ad:c2:e4:0b:0e:97:9d:f9:4f:cc:
2f:27:08:a6:23:57:cc:e4:df:eb:98:45:73:a5:ef:bd:a4:59:
5d:54:f6:3a:bf:2f:02:44:5f:61:ca:ce:c3:80:fc:37:d0:d0:
43:04:40:58:50:3d:79:e0:83:da:e5:25:d6:5f:f0:b8:c4:3b:
3e:52:90:1d:f4:fe:31:c5:89:0f:24:83:f7:1a:63:8c:93:00:
1b:b9:18:53:f4:6d:f3:d5:77:60:c8:6b:eb:16:95:fc:c8:2b:
4d:04:17:b5:e4:4a:a0:bc:93:7b:3f:b9:a1:a6:a0:9d:21:3e:
f7:b0:3e:94:53:ed:c4:5c:8a:31:61:ec:22:d1:03:80:01:f7:
58:af:d5:54:c8:0e:14:58:f0:8a:26:6f:75:27:10:f4:d1:88:
1c:ae:73:39:b7:ff:d7:c9:29:fc:f9:24:59:86:8a:8f:52:41:
43:ac:44:fc:1c:6d:26:ad:d4:54:40:4b:af:35:c6:7f:6c:98:
08:51:88:7a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZQlj1ZbrlZYkOxQbj1c2LYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjUwMTAyMDU0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTJjODExOWIzOGI5YTk2NmFjNmVjOTM2OWYzNTQwYzkwZmM3YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzS8tjg8IKXDP/LtLO6MH21MNTH/
0Ssq0iL1e6alba0NOe0GIIZA/q6KDrhc/NFIerlus4jVO4iZSIo8CENdGZ2tYolf
9IGfNV6afi7wdhWKk2PCgp/ALVV/b2sl/M2cJRqVkhGWNXrJwvHqBKJOxgYIPqdu
rZ2v8fw25HoCfLRXc4BiGAJAkRws45aKIN+yow6VYkAMA3tg4/B6JT5Tce9QSan7
psiCxnWB+rMg82VHgflrfrKw2HWK+WcthNmjkJyv9dR6/bn3uwaSDJ4fMNHIGKmO
pj8jm0MGN+h4xqByFY6O8DhVJKN+UE3q0kmDfLbvYrhRmmhQtEcLF/3K9QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFBUsgRmzi5qWasbsk2nzVAyQ/HqhMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvRlN5QkdiT0xtcFpxeHV5VGFmTlVESkQ4ZXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAA7/FQjeyyQrFWXmDDn46T+JvY/vt/+wOxeNyuayF
dVGH8gOhXlTKl9MZohJS4PZAPSD2tyjob88lo1V6X2etwuQLDped+U/MLycIpiNX
zOTf65hFc6XvvaRZXVT2Or8vAkRfYcrOw4D8N9DQQwRAWFA9eeCD2uUl1l/wuMQ7
PlKQHfT+McWJDySD9xpjjJMAG7kYU/Rt89V3YMhr6xaV/MgrTQQXteRKoLyTez+5
oaagnSE+97A+lFPtxFyKMWHsItEDgAH3WK/VVMgOFFjwiiZvdScQ9NGIHK5zObf/
18kp/PkkWYaKj1JBQ6xE/BxtJq3UVEBLrzXGf2yYCFGIeg==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:55 2025 by rpki-client on console.sobornost.net