Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/fmsKsNJsScyYZyH8RUfSLeG-UJA.roa
File: fmsKsNJsScyYZyH8RUfSLeG-UJA.roa (raw, json)
Hash identifier: XWgPxzT1eqv4he1A7biAZG6QqWis59ng7mldQueWS0g=
Subject key identifier: 7E:6B:0A:B0:D2:6C:49:CC:98:67:21:FC:45:47:D2:2D:E1:BE:50:90
Certificate issuer: /CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
Certificate serial: 019421B16CFCB799631A381C3FEAEBB52941
Authority key identifier: 3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/fmsKsNJsScyYZyH8RUfSLeG-UJA.roa
Signing time: Wed 01 Jan 2025 11:47:43 +0000
ROA not before: Wed 01 Jan 2025 11:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211657
IP address blocks: 185.116.220.0/22 maxlen: 23
2a0d:fe80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:6c:fc:b7:99:63:1a:38:1c:3f:ea:eb:b5:29:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351
Validity
Not Before: Jan 1 11:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e6b0ab0d26c49cc986721fc4547d22de1be5090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:ae:9c:fc:bd:3a:92:86:2c:0e:c8:56:c5:
1d:3e:60:80:b6:2a:b3:24:68:a1:32:3c:a7:6e:7c:
9b:6d:93:e1:2a:56:61:d3:97:44:04:db:50:aa:5c:
d3:06:f3:fe:5d:32:38:ad:e3:df:f4:aa:80:22:1c:
c3:90:3b:ab:2b:35:1a:ef:cb:16:1b:97:ad:24:2c:
4d:49:e1:72:60:85:bb:2a:c0:25:b8:46:61:4e:b5:
3c:39:ee:ad:15:a5:0f:c1:86:bc:c6:57:e1:f7:6f:
76:59:58:15:11:80:b5:7c:70:30:49:1e:9a:fc:0e:
54:98:0a:a0:a0:1b:ac:50:4d:66:b6:55:ba:20:31:
bc:af:42:eb:f9:25:e2:7b:2f:16:ff:de:59:34:cd:
f6:57:bd:78:e6:5c:75:2b:bf:09:9f:35:9b:03:9e:
55:93:31:98:21:2c:8d:3c:ca:8b:35:eb:4b:80:a1:
fd:e9:e6:25:14:fa:0d:24:b3:3b:7b:ee:c4:ad:cc:
1c:97:01:b5:13:04:27:a1:80:6b:b3:bd:3b:f3:81:
9a:20:4e:5c:5b:07:2c:1a:79:33:10:f9:30:7e:1e:
86:67:8e:f1:a6:49:66:16:4c:fe:40:c0:7c:d1:97:
20:5e:0d:99:c3:fc:59:06:33:ef:ad:3f:a1:51:30:
66:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:6B:0A:B0:D2:6C:49:CC:98:67:21:FC:45:47:D2:2D:E1:BE:50:90
X509v3 Authority Key Identifier:
keyid:3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/fmsKsNJsScyYZyH8RUfSLeG-UJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.220.0/22
IPv6:
2a0d:fe80::/32
Signature Algorithm: sha256WithRSAEncryption
13:e6:13:3e:5e:71:53:13:39:ce:74:f8:dd:11:93:e3:da:c4:
93:11:08:f9:70:76:79:11:aa:ec:dc:40:78:c9:bd:27:7c:1c:
1b:29:16:d9:d5:31:af:22:89:18:7f:88:c1:81:2b:70:28:8d:
1d:6c:46:30:44:e9:d0:5a:96:a6:27:b7:76:86:89:5c:1a:6b:
87:30:66:4b:12:da:0a:6a:1e:9e:9c:cb:9a:2a:ef:a6:68:05:
49:2d:b5:a5:39:d2:f0:9f:05:bd:3f:3d:62:a6:f6:cc:22:8f:
a6:c3:ca:72:ac:93:cc:53:2b:eb:c2:d3:d1:07:a2:19:fc:1b:
4a:6c:cf:ea:ba:cb:92:27:eb:19:a3:08:3c:3e:2d:7e:54:de:
d4:21:36:35:6c:8f:d2:64:c2:2a:e5:2b:67:f1:f0:55:d3:57:
a2:76:27:30:10:4d:82:c8:21:ad:67:10:4d:11:ac:ed:4c:bd:
b8:b5:1f:c6:5d:63:21:0c:de:c4:fe:9d:86:c9:88:15:2d:4c:
6e:3a:d1:c1:52:21:d5:c2:a3:7f:83:b8:5e:56:40:d2:96:10:
c2:26:5b:f6:c8:d6:8b:82:1f:d8:fd:b8:28:88:5a:d9:5f:da:
3b:fc:56:b5:74:cb:0f:b9:ef:53:ce:a8:da:f2:3d:67:6d:10:
60:76:b8:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsWz8t5ljGjgcP+rrtSlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODRkZmVmM2Q1MTA3Yjg0ZmM3N2M1NmRjZjc5ZTA1ZmU5
YzczNTEwHhcNMjUwMTAxMTE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTZiMGFiMGQyNmM0OWNjOTg2NzIxZmM0NTQ3ZDIyZGUxYmU1MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu52unPy9OpKGLA7IVsUdPmCAtiqz
JGihMjynbnybbZPhKlZh05dEBNtQqlzTBvP+XTI4rePf9KqAIhzDkDurKzUa78sW
G5etJCxNSeFyYIW7KsAluEZhTrU8Oe6tFaUPwYa8xlfh9292WVgVEYC1fHAwSR6a
/A5UmAqgoBusUE1mtlW6IDG8r0Lr+SXiey8W/95ZNM32V7145lx1K78JnzWbA55V
kzGYISyNPMqLNetLgKH96eYlFPoNJLM7e+7ErcwclwG1EwQnoYBrs70784GaIE5c
WwcsGnkzEPkwfh6GZ47xpklmFkz+QMB80ZcgXg2Zw/xZBjPvrT+hUTBmPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH5rCrDSbEnMmGch/EVH0i3hvlCQMB8GA1UdIwQY
MBaAFDqE3+89UQe4T8d8Vtz3ngX+nHNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2It
NWU4ZGVkYWM5Y2I3LzEvZm1zS3NOSnNTY3lZWnlIOFJVZlNMZUctVUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2ItNWU4ZGVkYWM5Y2I3
LzEvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXTcMA0E
AgACMAcDBQAqDf6AMA0GCSqGSIb3DQEBCwUAA4IBAQAT5hM+XnFTEznOdPjdEZPj
2sSTEQj5cHZ5Ears3EB4yb0nfBwbKRbZ1TGvIokYf4jBgStwKI0dbEYwROnQWpam
J7d2holcGmuHMGZLEtoKah6enMuaKu+maAVJLbWlOdLwnwW9Pz1ipvbMIo+mw8py
rJPMUyvrwtPRB6IZ/BtKbM/qusuSJ+sZowg8Pi1+VN7UITY1bI/SZMIq5Stn8fBV
01eidicwEE2CyCGtZxBNEaztTL24tR/GXWMhDN7E/p2GyYgVLUxuOtHBUiHVwqN/
g7heVkDSlhDCJlv2yNaLgh/Y/bgoiFrZX9o7/Fa1dMsPue9Tzqja8j1nbRBgdrhP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net