Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/FSPf9GPeE9OlDZ4wjRNl7LN012Y.roa
File: FSPf9GPeE9OlDZ4wjRNl7LN012Y.roa (raw, json)
Hash identifier: qnw8o1IATV+jUOf4O3NJflnEbA239Ao6/8MIoEaYYAw=
Subject key identifier: 15:23:DF:F4:63:DE:13:D3:A5:0D:9E:30:8D:13:65:EC:B3:74:D7:66
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 01942067DB0BA4F5DC57EB06965A57F54270
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/FSPf9GPeE9OlDZ4wjRNl7LN012Y.roa
Signing time: Wed 01 Jan 2025 05:47:44 +0000
ROA not before: Wed 01 Jan 2025 05:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210776
IP address blocks: 85.222.238.0/24 maxlen: 24
85.222.239.0/24 maxlen: 24
89.255.205.0/24 maxlen: 24
185.242.220.0/24 maxlen: 24
185.242.221.0/24 maxlen: 24
185.242.222.0/24 maxlen: 24
185.242.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:db:0b:a4:f5:dc:57:eb:06:96:5a:57:f5:42:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 1 05:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1523dff463de13d3a50d9e308d1365ecb374d766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4b:a6:c8:22:c5:e5:91:c1:ae:34:a7:8f:7f:
0d:3f:9e:c8:12:92:66:cc:b6:7c:c4:0b:7c:51:8b:
7b:71:b3:5b:ca:be:84:0f:52:9a:d0:8a:09:fe:e1:
f7:88:1f:1b:d1:73:36:1d:66:84:db:db:f4:bd:d0:
17:c1:ad:c7:82:4f:fd:88:f9:b1:7b:bc:9c:98:db:
54:6a:45:59:4c:2a:97:a2:de:f1:2a:6a:34:25:e0:
c3:e3:49:8c:3a:82:60:45:87:78:0f:a1:42:27:36:
0a:7a:dd:16:b9:b8:92:cf:49:45:72:7d:78:d5:80:
ca:b5:c7:f5:64:0b:5f:70:e7:1b:c1:67:a9:3d:b6:
df:41:39:e6:bf:d8:bf:48:9e:d7:c8:28:e0:a5:36:
e6:07:1d:f7:47:6e:bf:44:3a:a8:4d:2b:5d:32:74:
b2:61:e2:da:cc:b2:4f:df:8a:2c:71:15:4d:0e:62:
2c:b1:3c:c2:a7:8c:cb:69:8c:71:1d:6f:09:31:8b:
c1:6b:09:63:e6:35:30:dc:a6:2d:5d:ae:0d:40:a3:
1b:5c:bf:88:67:3c:d5:22:00:07:df:1f:0a:e1:21:
62:ad:0e:7f:a4:68:3d:85:4a:f4:e9:fa:14:93:36:
38:bd:4e:31:a2:af:24:a2:b6:08:d0:c4:0c:d2:b1:
27:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:23:DF:F4:63:DE:13:D3:A5:0D:9E:30:8D:13:65:EC:B3:74:D7:66
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/FSPf9GPeE9OlDZ4wjRNl7LN012Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.238.0/23
89.255.205.0/24
185.242.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:ce:f9:28:c2:7f:c1:28:8b:a6:38:ca:58:31:21:f4:a3:e6:
43:1a:3f:7b:f9:9b:5c:9f:c6:7d:90:88:18:70:24:69:f3:30:
2f:e8:b9:52:70:f6:e7:51:b4:04:aa:29:88:ce:25:4d:f8:92:
b2:48:6c:29:af:b9:09:bd:b0:68:32:61:6a:a4:bb:7b:7d:2f:
6a:3c:93:22:49:9a:7b:b3:1a:2e:09:88:77:fc:52:e4:4a:12:
7b:a6:c4:f1:ae:2d:66:29:30:d3:41:27:d6:b5:33:20:33:fe:
4b:89:47:85:c7:0b:46:de:a2:f1:0f:76:c4:3e:24:42:79:e9:
ca:d5:cd:c2:6e:5b:bc:92:62:8b:bb:35:e5:8d:f4:44:c3:3c:
d8:28:e3:fa:83:a0:51:d9:bc:4e:5c:d2:0c:25:36:68:7a:9a:
86:03:e6:e0:3b:f1:d7:48:ea:a2:84:70:a5:78:4b:1e:38:4c:
38:1a:bd:78:81:cd:ce:c9:0d:9d:a7:7c:26:2c:06:e6:ea:cc:
30:8f:69:ad:80:54:04:10:60:b0:70:db:66:c1:f6:d5:96:9e:
f3:aa:6d:c3:fe:f1:85:dc:7c:88:ce:85:fe:71:7a:04:4f:7c:
99:66:c0:ee:21:89:df:cc:b2:e7:85:2b:a6:b0:88:22:15:c0:
4a:64:ff:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgZ9sLpPXcV+sGllpX9UJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjUwMTAxMDU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTIzZGZmNDYzZGUxM2QzYTUwZDllMzA4ZDEzNjVlY2IzNzRkNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEumyCLF5ZHBrjSnj38NP57IEpJm
zLZ8xAt8UYt7cbNbyr6ED1Ka0IoJ/uH3iB8b0XM2HWaE29v0vdAXwa3Hgk/9iPmx
e7ycmNtUakVZTCqXot7xKmo0JeDD40mMOoJgRYd4D6FCJzYKet0WubiSz0lFcn14
1YDKtcf1ZAtfcOcbwWepPbbfQTnmv9i/SJ7XyCjgpTbmBx33R26/RDqoTStdMnSy
YeLazLJP34oscRVNDmIssTzCp4zLaYxxHW8JMYvBawlj5jUw3KYtXa4NQKMbXL+I
ZzzVIgAH3x8K4SFirQ5/pGg9hUr06foUkzY4vU4xoq8korYI0MQM0rEntwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBUj3/Rj3hPTpQ2eMI0TZeyzdNdmMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvRlNQZjlHUGVFOU9sRFo0d2pSTmw3TE4wMTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVd7uAwQA
Wf/NAwQCufLcMA0GCSqGSIb3DQEBCwUAA4IBAQChzvkown/BKIumOMpYMSH0o+ZD
Gj97+Ztcn8Z9kIgYcCRp8zAv6LlScPbnUbQEqimIziVN+JKySGwpr7kJvbBoMmFq
pLt7fS9qPJMiSZp7sxouCYh3/FLkShJ7psTxri1mKTDTQSfWtTMgM/5LiUeFxwtG
3qLxD3bEPiRCeenK1c3Cblu8kmKLuzXljfREwzzYKOP6g6BR2bxOXNIMJTZoepqG
A+bgO/HXSOqihHCleEseOEw4Gr14gc3OyQ2dp3wmLAbm6swwj2mtgFQEEGCwcNtm
wfbVlp7zqm3D/vGF3HyIzoX+cXoET3yZZsDuIYnfzLLnhSumsIgiFcBKZP9I
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net