Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/FkwWWQIMWtA4iybPzQx4iJn4LA4.roa
File: FkwWWQIMWtA4iybPzQx4iJn4LA4.roa (raw, json)
Hash identifier: dygheTAaWRRRFFcR/Y94QKMdhM+IdtEOUxFApI6osJI=
Subject key identifier: 16:4C:16:59:02:0C:5A:D0:38:8B:26:CF:CD:0C:78:88:99:F8:2C:0E
Certificate issuer: /CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
Certificate serial: 0194266B3FB620AD33662B03503757474CBB
Authority key identifier: E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/FkwWWQIMWtA4iybPzQx4iJn4LA4.roa
Signing time: Thu 02 Jan 2025 09:49:10 +0000
ROA not before: Thu 02 Jan 2025 09:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197099
IP address blocks: 91.216.149.0/24 maxlen: 24
178.217.136.0/21 maxlen: 21
185.81.106.0/24 maxlen: 24
185.81.107.0/24 maxlen: 24
195.43.84.0/23 maxlen: 23
195.95.185.0/24 maxlen: 24
217.30.4.0/22 maxlen: 22
2a03:63e0::/29 maxlen: 29
2a03:63e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:3f:b6:20:ad:33:66:2b:03:50:37:57:47:4c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
Validity
Not Before: Jan 2 09:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=164c1659020c5ad0388b26cfcd0c788899f82c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bd:08:df:fa:5e:c5:eb:45:f1:06:ba:da:e5:
4b:9c:e4:d9:99:df:f1:41:8e:02:25:cd:4f:bc:0b:
d1:33:2d:f5:98:ed:8d:59:5f:1b:34:3b:11:69:55:
48:7a:d8:59:39:b6:13:b3:f3:1e:de:46:b4:b2:03:
94:5f:06:fe:96:25:d9:bd:f0:72:2b:b7:69:e8:09:
af:f9:d8:48:f2:32:e1:0c:90:ce:7c:f0:72:1c:c0:
7f:6a:a2:0d:fe:c8:b4:7e:2d:a8:f1:3e:1d:a6:f3:
c0:b4:42:db:b8:f5:9a:1d:06:7b:33:b4:b9:06:01:
56:3c:68:d9:80:a6:42:66:e1:de:6a:84:11:9a:e7:
c7:82:9c:03:ff:a4:72:55:b2:6c:bf:3f:e9:f4:b3:
82:0d:d3:6e:c0:af:f0:b8:f8:c5:76:88:01:d0:10:
ef:47:6f:9b:79:63:b2:a9:0a:02:13:3d:dd:37:31:
de:40:a8:e4:d5:c8:d6:c4:13:f6:2e:7b:ec:5a:4b:
83:11:88:f1:8b:b1:4d:59:cc:91:39:87:9e:7c:71:
3f:32:c4:a1:8a:d0:3a:92:82:ec:c7:81:5c:be:91:
51:7e:04:04:f4:9f:c4:c0:75:12:b8:fc:93:4e:66:
1d:e5:dc:00:bc:a7:75:e0:9d:7e:a6:ba:3c:27:35:
0e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4C:16:59:02:0C:5A:D0:38:8B:26:CF:CD:0C:78:88:99:F8:2C:0E
X509v3 Authority Key Identifier:
keyid:E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/FkwWWQIMWtA4iybPzQx4iJn4LA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/5DusShu7pWzENIYaTHaf-c4tFew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.149.0/24
178.217.136.0/21
185.81.106.0/23
195.43.84.0/23
195.95.185.0/24
217.30.4.0/22
IPv6:
2a03:63e0::/29
Signature Algorithm: sha256WithRSAEncryption
32:94:a0:2d:91:62:7e:8c:45:02:6d:32:a3:69:a8:3e:f6:fa:
27:5a:6c:ee:53:4f:d5:29:04:b7:4e:f9:ff:10:77:5f:30:13:
fe:1d:e3:cf:c4:f5:5f:8e:a3:40:f7:81:d1:ee:79:bb:c0:58:
16:da:3e:1a:7e:46:0b:e4:b1:e7:e1:1f:15:59:bd:ae:70:04:
33:e3:0e:c8:27:89:ce:23:f9:6c:da:57:0e:17:47:aa:42:3c:
12:a5:62:78:49:de:d3:af:5e:0b:ec:a5:4b:95:f2:86:fb:42:
6f:5e:6f:02:a5:c4:ba:c5:bf:66:aa:b2:02:a8:24:32:2c:51:
3a:e5:ea:f7:d2:a4:33:6c:0d:67:b4:63:f3:b8:3b:1e:22:39:
ba:c1:1d:52:f8:8c:da:d9:3d:93:a8:58:80:d8:c8:88:f2:30:
7e:3d:33:1a:bd:b8:7b:ac:c1:9f:58:4a:f5:35:d0:d9:b4:ba:
4d:68:82:1a:f3:f7:20:05:12:54:0f:ac:01:26:8d:02:97:be:
40:39:00:0d:5b:ca:10:36:40:0f:10:1e:cd:8d:69:cd:07:68:
a1:bf:de:fb:5d:bd:e0:45:bc:54:5f:8f:c1:da:47:53:ee:b4:
e6:12:77:39:46:be:66:a2:67:03:db:76:b8:1f:d0:b0:78:68:
d5:a8:fd:7a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQmaz+2IK0zZisDUDdXR0y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYzRhMWJiYmE1NmNjNDM0ODYxYTRjNzY5ZmY5Y2Uy
ZDE1ZWMwHhcNMjUwMTAyMDk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjRjMTY1OTAyMGM1YWQwMzg4YjI2Y2ZjZDBjNzg4ODk5ZjgyYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt70I3/pexetF8Qa62uVLnOTZmd/x
QY4CJc1PvAvRMy31mO2NWV8bNDsRaVVIethZObYTs/Me3ka0sgOUXwb+liXZvfBy
K7dp6Amv+dhI8jLhDJDOfPByHMB/aqIN/si0fi2o8T4dpvPAtELbuPWaHQZ7M7S5
BgFWPGjZgKZCZuHeaoQRmufHgpwD/6RyVbJsvz/p9LOCDdNuwK/wuPjFdogB0BDv
R2+beWOyqQoCEz3dNzHeQKjk1cjWxBP2LnvsWkuDEYjxi7FNWcyROYeefHE/MsSh
itA6koLsx4FcvpFRfgQE9J/EwHUSuPyTTmYd5dwAvKd14J1+pro8JzUO2QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBZMFlkCDFrQOIsmz80MeIiZ+CwOMB8GA1UdIwQY
MBaAFOQ7rEobu6VsxDSGGkx2n/nOLRXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1c1NodTdwV3pFTklZYVRIYWYtYzR0RmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmFiMGYtYmU0My00NjY1LWJiYWEt
MWNkM2NiMDdlZjVkLzEvRmt3V1dRSU1XdEE0aXliUHpReDRpSm40TEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmFiMGYtYmU0My00NjY1LWJiYWEtMWNkM2NiMDdlZjVk
LzEvNUR1c1NodTdwV3pFTklZYVRIYWYtYzR0RmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9iVAwQD
stmIAwQBuVFqAwQBwytUAwQAw1+5AwQC2R4EMA0EAgACMAcDBQMqA2PgMA0GCSqG
SIb3DQEBCwUAA4IBAQAylKAtkWJ+jEUCbTKjaag+9vonWmzuU0/VKQS3Tvn/EHdf
MBP+HePPxPVfjqNA94HR7nm7wFgW2j4afkYL5LHn4R8VWb2ucAQz4w7IJ4nOI/ls
2lcOF0eqQjwSpWJ4Sd7Tr14L7KVLlfKG+0JvXm8CpcS6xb9mqrICqCQyLFE65er3
0qQzbA1ntGPzuDseIjm6wR1S+Iza2T2TqFiA2MiI8jB+PTMavbh7rMGfWEr1NdDZ
tLpNaIIa8/cgBRJUD6wBJo0Cl75AOQANW8oQNkAPEB7NjWnNB2ihv977Xb3gRbxU
X4/B2kdT7rTmEnc5Rr5momcD23a4H9CweGjVqP16
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:51:32 2025 by rpki-client