Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/FSzJ-ov1NREmAiXBVniPI4LxPws.roa
File: FSzJ-ov1NREmAiXBVniPI4LxPws.roa (raw, json)
Hash identifier: 8aEMFFxCeS5AocFihL9Y2WM5ovnAclSEgZxshEIQfUU=
Subject key identifier: 15:2C:C9:FA:8B:F5:35:11:26:02:25:C1:56:78:8F:23:82:F1:3F:0B
Certificate issuer: /CN=1d53c2c8bb7364a553242f3f1773362227b30e94
Certificate serial: 0198550EDC984BAFEB8FCA988CDD440301CE
Authority key identifier: 1D:53:C2:C8:BB:73:64:A5:53:24:2F:3F:17:73:36:22:27:B3:0E:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HVPCyLtzZKVTJC8_F3M2IiezDpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/FSzJ-ov1NREmAiXBVniPI4LxPws.roa
Signing time: Tue 29 Jul 2025 07:21:34 +0000
ROA not before: Tue 29 Jul 2025 07:21:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59545
IP address blocks: 109.205.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:0e:dc:98:4b:af:eb:8f:ca:98:8c:dd:44:03:01:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d53c2c8bb7364a553242f3f1773362227b30e94
Validity
Not Before: Jul 29 07:21:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=152cc9fa8bf53511260225c156788f2382f13f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5e:0c:97:01:53:20:15:ab:cb:df:c9:0a:fc:
ab:d5:2d:f3:30:95:a1:31:13:cc:7c:bb:90:83:ce:
e7:b6:29:4d:a8:25:bc:9f:aa:2e:1f:bb:ff:9d:f9:
d8:43:da:8a:9f:7d:cd:b3:e4:b1:d8:7b:c8:df:c2:
97:b2:53:64:c6:ac:19:d6:b5:d2:f4:f2:33:99:c0:
6c:5b:eb:78:85:f6:ea:e3:06:94:c4:b4:21:95:7f:
0d:ea:27:db:f5:1e:7a:28:59:ae:82:c8:51:4d:86:
f8:b4:11:2d:45:28:01:db:82:aa:dd:87:b3:5a:6a:
f8:a3:50:2e:b6:85:7e:c3:1c:9b:84:d1:a1:6f:2d:
08:78:54:f5:a5:ce:46:ea:1e:44:77:28:04:6b:7e:
da:7a:a4:8a:a0:5d:11:ec:02:5a:b7:f0:ed:b7:16:
41:39:96:44:eb:32:5b:6f:39:92:7a:75:15:03:73:
0c:dc:31:64:87:d7:66:4f:11:90:ff:99:92:bc:b5:
06:e6:d7:80:61:3b:87:e8:b6:63:81:15:07:7e:2b:
61:29:99:36:ff:5b:83:d2:08:c2:4f:ea:5a:c8:5a:
7c:07:d6:0c:59:58:0d:54:a1:52:05:e3:b8:26:46:
62:59:b1:10:bb:bd:41:56:81:8d:60:c9:03:24:dd:
fc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2C:C9:FA:8B:F5:35:11:26:02:25:C1:56:78:8F:23:82:F1:3F:0B
X509v3 Authority Key Identifier:
keyid:1D:53:C2:C8:BB:73:64:A5:53:24:2F:3F:17:73:36:22:27:B3:0E:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVPCyLtzZKVTJC8_F3M2IiezDpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/FSzJ-ov1NREmAiXBVniPI4LxPws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/147fe0-fb50-4e84-bca4-135f497c3264/1/HVPCyLtzZKVTJC8_F3M2IiezDpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.192.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ad:d8:e2:c4:a7:51:25:86:b2:02:c2:d5:d3:1a:eb:43:71:
58:3c:81:fa:63:73:5a:e2:fd:3d:2d:6b:ce:72:d1:79:c7:90:
3b:7a:ef:0f:61:5d:e9:0a:2a:2f:ba:8e:6a:c2:75:f5:94:23:
ce:86:0c:4a:4d:e6:09:5c:52:1e:94:ae:f9:53:34:04:d8:41:
ab:a1:2f:e6:c7:14:fb:72:82:74:89:13:23:3e:a7:e6:8b:79:
9f:bb:9c:9b:3d:a5:ad:4e:59:1d:43:c0:21:c4:90:43:d4:7b:
2f:ab:a5:3a:ed:d7:72:fa:4d:bf:e6:2d:bc:64:6c:85:22:56:
6f:bb:53:a2:43:44:00:f2:c9:84:c0:90:0d:fe:a6:e3:cc:3b:
12:79:ec:cd:59:58:07:5b:7b:03:41:54:94:ba:95:53:e0:d1:
2d:e9:05:a9:d7:da:f0:99:57:3b:af:30:10:5c:9f:a5:d4:b3:
9f:62:7f:a2:27:1b:37:cc:22:58:7f:f2:3b:e2:0b:20:de:87:
c5:be:fc:cc:04:23:be:4d:f5:02:85:78:2e:9f:9f:07:2a:62:
d4:95:5a:10:29:bf:02:45:e8:a4:6d:97:71:04:72:1d:45:a5:
4f:a1:a9:4e:50:04:d3:72:67:60:9c:fc:a7:90:88:09:17:8a:
25:2a:28:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhVDtyYS6/rj8qYjN1EAwHOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTNjMmM4YmI3MzY0YTU1MzI0MmYzZjE3NzMzNjIyMjdi
MzBlOTQwHhcNMjUwNzI5MDcyMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTJjYzlmYThiZjUzNTExMjYwMjI1YzE1Njc4OGYyMzgyZjEzZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr14MlwFTIBWry9/JCvyr1S3zMJWh
MRPMfLuQg87ntilNqCW8n6ouH7v/nfnYQ9qKn33Ns+Sx2HvI38KXslNkxqwZ1rXS
9PIzmcBsW+t4hfbq4waUxLQhlX8N6ifb9R56KFmugshRTYb4tBEtRSgB24Kq3Yez
Wmr4o1AutoV+wxybhNGhby0IeFT1pc5G6h5EdygEa37aeqSKoF0R7AJat/DttxZB
OZZE6zJbbzmSenUVA3MM3DFkh9dmTxGQ/5mSvLUG5teAYTuH6LZjgRUHfithKZk2
/1uD0gjCT+payFp8B9YMWVgNVKFSBeO4JkZiWbEQu71BVoGNYMkDJN38KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUsyfqL9TURJgIlwVZ4jyOC8T8LMB8GA1UdIwQY
MBaAFB1Twsi7c2SlUyQvPxdzNiInsw6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZQQ3lMdHpaS1ZUSkM4X0YzTTJJaWV6RHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNDdmZTAtZmI1MC00ZTg0LWJjYTQt
MTM1ZjQ5N2MzMjY0LzEvRlN6Si1vdjFOUkVtQWlYQlZuaVBJNEx4UHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xNDdmZTAtZmI1MC00ZTg0LWJjYTQtMTM1ZjQ5N2MzMjY0
LzEvSFZQQ3lMdHpaS1ZUSkM4X0YzTTJJaWV6RHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc3AMA0G
CSqGSIb3DQEBCwUAA4IBAQBerdjixKdRJYayAsLV0xrrQ3FYPIH6Y3Na4v09LWvO
ctF5x5A7eu8PYV3pCiovuo5qwnX1lCPOhgxKTeYJXFIelK75UzQE2EGroS/mxxT7
coJ0iRMjPqfmi3mfu5ybPaWtTlkdQ8AhxJBD1Hsvq6U67ddy+k2/5i28ZGyFIlZv
u1OiQ0QA8smEwJAN/qbjzDsSeezNWVgHW3sDQVSUupVT4NEt6QWp19rwmVc7rzAQ
XJ+l1LOfYn+iJxs3zCJYf/I74gsg3ofFvvzMBCO+TfUChXgun58HKmLUlVoQKb8C
ReikbZdxBHIdRaVPoalOUATTcmdgnPynkIgJF4olKijH
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:47:37 2025 by rpki-client