Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/032eab-c4c7-4b6d-9d6d-71a7542a6066/1/HY2qqakYUKmGxzXSwPgmmaqbnWQ.roa
File: HY2qqakYUKmGxzXSwPgmmaqbnWQ.roa (raw, json)
Hash identifier: ijxTXIq4WZ5WszUemCRN8Fg/4BF4CCUnIK9TDQDj4gU=
Subject key identifier: 1D:8D:AA:A9:A9:18:50:A9:86:C7:35:D2:C0:F8:26:99:AA:9B:9D:64
Certificate issuer: /CN=fcbc1b623e980559e32a5a1db580f8a734417705
Certificate serial: 0194221FE3388F2AE66B6D8469725E6B051A
Authority key identifier: FC:BC:1B:62:3E:98:05:59:E3:2A:5A:1D:B5:80:F8:A7:34:41:77:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_LwbYj6YBVnjKlodtYD4pzRBdwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/032eab-c4c7-4b6d-9d6d-71a7542a6066/1/HY2qqakYUKmGxzXSwPgmmaqbnWQ.roa
Signing time: Wed 01 Jan 2025 13:48:22 +0000
ROA not before: Wed 01 Jan 2025 13:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6687
IP address blocks: 194.76.64.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e3:38:8f:2a:e6:6b:6d:84:69:72:5e:6b:05:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbc1b623e980559e32a5a1db580f8a734417705
Validity
Not Before: Jan 1 13:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d8daaa9a91850a986c735d2c0f82699aa9b9d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:0a:9c:eb:70:b3:bc:8d:13:fb:df:aa:98:
66:e2:64:07:a3:4d:e2:ab:e1:55:8c:dc:7f:71:4e:
f6:1d:b5:9b:b2:43:ba:07:90:54:df:9c:e0:d4:68:
1e:69:a8:18:0f:2c:ad:0d:b0:de:a3:70:8b:d1:15:
c6:92:ec:ed:1c:2b:c6:1f:34:94:53:f6:c6:c3:69:
b2:fc:a3:f8:e5:56:b9:33:29:13:3e:7f:66:b0:0a:
82:77:93:43:b8:9b:7c:b9:e5:3b:d0:15:c9:cd:45:
0a:bd:4f:d0:7e:28:bb:7a:16:22:82:cc:37:0a:5a:
62:6c:d1:ec:30:19:88:b9:b7:f1:bd:f6:66:47:b0:
32:e0:22:cc:cf:2e:50:d9:6a:b6:7c:61:bc:85:8d:
a3:b9:8d:5f:30:1e:df:39:5d:56:b0:2b:0d:d9:1c:
ce:77:e6:f0:13:0c:d2:3e:1b:90:1f:0f:c0:0d:d6:
76:e8:b5:e4:6f:3d:43:c2:ce:32:bd:2e:53:49:6a:
eb:f9:45:9d:8a:95:aa:c4:55:c5:da:ab:1a:f0:28:
b4:c4:06:af:b6:20:b2:e8:3a:b6:4a:0d:c5:9d:fa:
bb:a5:4d:79:10:49:21:ff:22:c6:c8:82:a8:39:38:
82:11:8c:b3:a4:0f:ad:df:f5:24:7f:a4:66:2c:21:
5d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8D:AA:A9:A9:18:50:A9:86:C7:35:D2:C0:F8:26:99:AA:9B:9D:64
X509v3 Authority Key Identifier:
keyid:FC:BC:1B:62:3E:98:05:59:E3:2A:5A:1D:B5:80:F8:A7:34:41:77:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_LwbYj6YBVnjKlodtYD4pzRBdwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/032eab-c4c7-4b6d-9d6d-71a7542a6066/1/HY2qqakYUKmGxzXSwPgmmaqbnWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/032eab-c4c7-4b6d-9d6d-71a7542a6066/1/_LwbYj6YBVnjKlodtYD4pzRBdwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.64.0/19
Signature Algorithm: sha256WithRSAEncryption
60:0a:8a:f4:d5:33:6e:d9:41:db:60:87:a7:94:bc:1e:0f:2f:
33:46:cf:3a:41:38:df:c8:19:e5:59:6e:63:e9:95:a8:38:d9:
ae:c9:5c:e7:03:cd:bf:e0:28:1f:97:50:e2:94:c9:5f:0b:2c:
20:05:ab:44:72:85:af:4b:1a:ae:50:3c:b4:e9:83:36:87:c3:
77:fe:b8:ca:14:b8:e6:e1:79:4b:ed:46:07:da:1b:20:3b:8d:
a9:f9:ae:61:7f:1b:45:a6:01:56:b7:5a:21:2c:fa:5a:c4:52:
31:c6:51:4b:0a:ee:a7:08:0e:a5:86:55:d4:84:f9:7a:db:e2:
5f:40:24:f4:cf:f5:bc:56:7b:ad:c0:5a:a0:72:a2:f2:6b:b4:
2d:6b:8b:b8:9f:89:c4:8d:1a:8f:bb:95:84:43:cb:67:34:eb:
06:49:26:be:f4:76:a8:01:33:1d:14:c0:60:d6:78:92:21:5b:
02:4d:90:35:32:07:90:9a:15:7a:07:5c:38:67:26:47:57:d0:
84:44:0a:26:0d:66:af:ad:8c:55:0a:60:bf:cd:c5:ea:60:ad:
6a:e7:54:d2:f5:2b:2e:f3:a5:fa:df:48:24:46:da:a0:7f:c2:
0c:5a:f5:91:ca:f2:cf:dd:0d:5a:d9:be:db:07:22:ed:c7:03:
4a:05:65:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+M4jyrma22EaXJeawUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmMxYjYyM2U5ODA1NTllMzJhNWExZGI1ODBmOGE3MzQ0
MTc3MDUwHhcNMjUwMTAxMTM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhkYWFhOWE5MTg1MGE5ODZjNzM1ZDJjMGY4MjY5OWFhOWI5ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpcKnOtws7yNE/vfqphm4mQHo03i
q+FVjNx/cU72HbWbskO6B5BU35zg1GgeaagYDyytDbDeo3CL0RXGkuztHCvGHzSU
U/bGw2my/KP45Va5MykTPn9msAqCd5NDuJt8ueU70BXJzUUKvU/Qfii7ehYigsw3
ClpibNHsMBmIubfxvfZmR7Ay4CLMzy5Q2Wq2fGG8hY2juY1fMB7fOV1WsCsN2RzO
d+bwEwzSPhuQHw/ADdZ26LXkbz1Dws4yvS5TSWrr+UWdipWqxFXF2qsa8Ci0xAav
tiCy6Dq2Sg3Fnfq7pU15EEkh/yLGyIKoOTiCEYyzpA+t3/Ukf6RmLCFdhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2NqqmpGFCphsc10sD4Jpmqm51kMB8GA1UdIwQY
MBaAFPy8G2I+mAVZ4ypaHbWA+Kc0QXcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0x3YllqNllCVm5qS2xvZHRZRDRwelJCZHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wMzJlYWItYzRjNy00YjZkLTlkNmQt
NzFhNzU0MmE2MDY2LzEvSFkycXFha1lVS21HeHpYU3dQZ21tYXFibldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wMzJlYWItYzRjNy00YjZkLTlkNmQtNzFhNzU0MmE2MDY2
LzEvX0x3YllqNllCVm5qS2xvZHRZRDRwelJCZHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwkxAMA0G
CSqGSIb3DQEBCwUAA4IBAQBgCor01TNu2UHbYIenlLweDy8zRs86QTjfyBnlWW5j
6ZWoONmuyVznA82/4Cgfl1DilMlfCywgBatEcoWvSxquUDy06YM2h8N3/rjKFLjm
4XlL7UYH2hsgO42p+a5hfxtFpgFWt1ohLPpaxFIxxlFLCu6nCA6lhlXUhPl62+Jf
QCT0z/W8VnutwFqgcqLya7Qta4u4n4nEjRqPu5WEQ8tnNOsGSSa+9HaoATMdFMBg
1niSIVsCTZA1MgeQmhV6B1w4ZyZHV9CERAomDWavrYxVCmC/zcXqYK1q51TS9Ssu
86X630gkRtqgf8IMWvWRyvLP3Q1a2b7bByLtxwNKBWX3
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:23:01 2025 by rpki-client