Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/FhFUjekMVWfVPctfHBmU9kdduwM.roa
File: FhFUjekMVWfVPctfHBmU9kdduwM.roa (raw, json)
Hash identifier: s0ZtrXHoDYQCJuRB3A3OULhctvS9KTrLARbUgNO49OE=
Subject key identifier: 16:11:54:8D:E9:0C:55:67:D5:3D:CB:5F:1C:19:94:F6:47:5D:BB:03
Certificate issuer: /CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf
Certificate serial: 019421B20BFEECC3DB56377A296E2B4FF861
Authority key identifier: FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/FhFUjekMVWfVPctfHBmU9kdduwM.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210811
IP address blocks: 217.28.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0b:fe:ec:c3:db:56:37:7a:29:6e:2b:4f:f8:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1611548de90c5567d53dcb5f1c1994f6475dbb03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:72:71:4b:86:98:5b:84:f0:8c:b3:60:b0:f3:
e1:79:1f:34:6a:59:db:f4:e1:c7:e5:bb:dc:3d:2e:
30:c7:bb:55:a7:c7:b6:e6:6f:a4:57:00:cb:00:05:
6a:fb:6d:17:72:30:cf:28:10:91:31:0b:82:1b:f0:
84:aa:fc:5d:5c:5e:20:ae:02:92:bf:74:14:36:bc:
6d:d7:69:fb:91:f9:fd:e3:60:ff:80:5d:7b:6b:17:
c9:a2:fb:c2:6e:e5:c1:0b:c9:15:01:6e:44:52:f0:
7d:2a:47:81:88:d2:7d:5c:ed:35:00:65:26:25:0f:
81:35:57:61:68:11:aa:87:52:fc:1e:12:03:8e:f7:
60:60:aa:ee:13:54:01:a7:1e:b0:35:d5:90:5b:fd:
f8:69:03:45:f3:85:7e:b7:1b:a3:85:d0:54:13:7b:
59:5e:02:8b:d7:67:9f:ae:6f:3f:10:93:3e:0e:b5:
b5:7b:04:32:2a:73:44:13:dd:92:84:f2:91:13:c4:
8d:c1:ea:a4:01:f5:d9:b1:d3:d1:a8:2b:b6:29:e5:
1e:01:6a:f8:42:3e:9a:38:26:01:94:cc:85:1d:ed:
ca:5c:42:a0:ab:ca:14:63:1b:be:56:81:d2:a0:e0:
9f:7b:65:34:69:f5:65:91:89:31:ed:d9:bb:f3:05:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:11:54:8D:E9:0C:55:67:D5:3D:CB:5F:1C:19:94:F6:47:5D:BB:03
X509v3 Authority Key Identifier:
keyid:FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/FhFUjekMVWfVPctfHBmU9kdduwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.93.0/24
Signature Algorithm: sha256WithRSAEncryption
83:f5:27:d7:9f:03:25:8e:af:7b:ff:4f:e8:81:9b:06:e0:ac:
df:fc:81:8b:d5:a7:a4:44:65:ad:e0:ae:1c:72:47:3c:55:36:
24:5c:7d:18:2d:ee:6b:68:ae:76:9c:47:f5:a1:70:30:5e:42:
a1:d5:94:1d:e7:03:d2:f5:d4:72:2e:a4:25:19:e0:82:5b:11:
38:b4:6d:20:a6:bb:3c:e7:8a:eb:f1:06:54:2f:f6:7e:9a:8a:
b7:b7:61:19:8f:84:a4:0b:28:2f:c6:ba:d5:60:bc:02:57:d0:
f5:2a:9d:a6:d9:2f:54:d3:37:e1:78:a0:ce:97:ff:31:5e:d6:
da:27:42:5d:be:e6:41:b2:a4:96:cb:29:e4:ce:0c:45:1d:6e:
aa:0b:90:6a:0a:45:0a:2a:11:1c:86:a5:e9:2d:59:7a:3a:05:
b0:c7:c4:c9:43:02:c7:93:af:8e:e1:4f:6c:dd:4c:06:e6:46:
2c:97:0c:0c:9b:7b:70:0a:1f:d3:8a:76:d7:1b:dd:08:0c:4a:
63:ee:c5:73:cc:2a:e9:9c:7d:e3:03:2b:a9:4a:31:3a:e0:fa:
4a:8c:39:53:bf:9f:ef:7b:43:fa:e5:c9:c5:db:26:c0:b7:f6:
fd:7c:97:6b:b8:90:e9:95:77:69:51:d9:c8:b8:bf:f0:08:71:
dd:5c:4e:70
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhsgv+7MPbVjd6KW4rT/hhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYmY0ZDU5Y2JkOTc4YWUxMTI3YzY3ZmQyMmYwNGM2MmZm
ODM3Y2YwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjExNTQ4ZGU5MGM1NTY3ZDUzZGNiNWYxYzE5OTRmNjQ3NWRiYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93JxS4aYW4TwjLNgsPPheR80alnb
9OHH5bvcPS4wx7tVp8e25m+kVwDLAAVq+20XcjDPKBCRMQuCG/CEqvxdXF4grgKS
v3QUNrxt12n7kfn942D/gF17axfJovvCbuXBC8kVAW5EUvB9KkeBiNJ9XO01AGUm
JQ+BNVdhaBGqh1L8HhIDjvdgYKruE1QBpx6wNdWQW/34aQNF84V+txujhdBUE3tZ
XgKL12efrm8/EJM+DrW1ewQyKnNEE92ShPKRE8SNweqkAfXZsdPRqCu2KeUeAWr4
Qj6aOCYBlMyFHe3KXEKgq8oUYxu+VoHSoOCfe2U0afVlkYkx7dm78wWXtQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBYRVI3pDFVn1T3LXxwZlPZHXbsDMB8GA1UdIwQY
MBaAFPu/TVnL2XiuESfGf9IvBMYv+DfPMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS03OU5XY3ZaZUs0Uko4Wl8waThFeGlfNE44OC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvODhjOTk1LWVkZTAtNGNjNC1hNjZk
LTI1YmFhODIzMGZjYi8xL0ZoRlVqZWtNVldmVlBjdGZIQm1VOWtkZHV3TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvODhjOTk1LWVkZTAtNGNjNC1hNjZkLTI1YmFhODIzMGZj
Yi8xLzEtNzlOV2N2WmVLNFJKOFpfMGk4RXhpXzROODguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADZHF0w
DQYJKoZIhvcNAQELBQADggEBAIP1J9efAyWOr3v/T+iBmwbgrN/8gYvVp6REZa3g
rhxyRzxVNiRcfRgt7mtornacR/WhcDBeQqHVlB3nA9L11HIupCUZ4IJbETi0bSCm
uzzniuvxBlQv9n6aire3YRmPhKQLKC/GutVgvAJX0PUqnabZL1TTN+F4oM6X/zFe
1tonQl2+5kGypJbLKeTODEUdbqoLkGoKRQoqERyGpektWXo6BbDHxMlDAseTr47h
T2zdTAbmRiyXDAybe3AKH9OKdtcb3QgMSmPuxXPMKumcfeMDK6lKMTrg+kqMOVO/
n+97Q/rlycXbJsC39v18l2u4kOmVd2lR2ci4v/AIcd1cTnA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:27:41 2025 by rpki-client