Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/ifcwYHfmty9P7YlJSIwto5Z8mhc.roa
File: ifcwYHfmty9P7YlJSIwto5Z8mhc.roa (raw, json)
Hash identifier: j3Q6hvt9y1dRnxH4mfVL1HI6Z3oaft4npRVPXBxnB5Y=
Subject key identifier: 89:F7:30:60:77:E6:B7:2F:4F:ED:89:49:48:8C:2D:A3:96:7C:9A:17
Certificate issuer: /CN=ccd35790830ce7469a94c59b2e2ccbbf5e36d13f
Certificate serial: 01942067E8AE95B9D57D8383317F8A37894A
Authority key identifier: CC:D3:57:90:83:0C:E7:46:9A:94:C5:9B:2E:2C:CB:BF:5E:36:D1:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNNXkIMM50aalMWbLizLv1420T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/ifcwYHfmty9P7YlJSIwto5Z8mhc.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 193.47.187.0/24 maxlen: 24
193.200.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e8:ae:95:b9:d5:7d:83:83:31:7f:8a:37:89:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd35790830ce7469a94c59b2e2ccbbf5e36d13f
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89f7306077e6b72f4fed8949488c2da3967c9a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ac:2e:6f:54:d8:bc:0c:d1:f3:da:4b:ca:80:
b5:cb:5a:52:27:cd:93:41:ef:4d:77:b2:9e:57:77:
f5:b6:da:53:9a:4e:4d:29:73:87:3c:06:02:18:bd:
13:e2:1a:9d:e4:2f:7f:e1:cd:01:34:fd:05:de:53:
8b:98:7d:b7:10:53:50:c5:89:16:26:9b:3d:11:2c:
09:6b:00:e6:e5:2e:33:6a:5e:f8:f7:5a:98:64:da:
b7:29:de:8a:d2:13:ac:73:a9:84:82:0d:73:c6:c0:
df:74:d7:a8:07:8f:e5:06:ad:0d:40:12:d4:e6:d9:
3a:9f:97:10:d3:0b:33:43:36:0d:99:74:46:49:2e:
68:4f:5a:75:7c:05:e3:c0:4a:62:63:df:86:e4:2b:
b4:0c:3a:17:42:be:94:2b:10:9b:cf:db:30:78:ba:
c1:b0:4b:f2:dd:8c:1a:80:75:ae:81:61:0f:61:38:
33:34:68:22:35:6d:74:52:05:fb:f9:f1:34:5f:24:
75:1c:b9:a5:7e:2e:75:f7:4e:67:3d:f8:5d:03:a9:
21:b8:7e:8b:31:bd:42:3e:34:eb:1e:53:15:a5:14:
52:0d:c6:13:f5:66:73:c5:aa:92:23:d4:c0:01:37:
e6:a0:75:46:21:7f:92:07:b8:13:1d:dd:61:cc:f9:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F7:30:60:77:E6:B7:2F:4F:ED:89:49:48:8C:2D:A3:96:7C:9A:17
X509v3 Authority Key Identifier:
keyid:CC:D3:57:90:83:0C:E7:46:9A:94:C5:9B:2E:2C:CB:BF:5E:36:D1:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNNXkIMM50aalMWbLizLv1420T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/ifcwYHfmty9P7YlJSIwto5Z8mhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/1fcb59-405e-40c3-a630-c5d13e88e4de/1/zNNXkIMM50aalMWbLizLv1420T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.187.0/24
193.200.156.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:c3:d6:1d:7a:7c:09:d0:2c:f0:76:ef:97:16:df:c7:24:71:
9c:11:98:ec:da:e9:6f:be:8c:55:a2:aa:03:0d:5c:8c:66:b1:
b0:60:88:d3:6f:c4:5f:d5:8c:23:6b:09:6b:c9:ef:68:2b:f1:
4d:e2:68:bf:34:5c:12:12:09:3f:47:06:8c:22:42:2e:44:a0:
4a:b5:3a:69:a1:13:8b:1f:d7:cf:88:c6:49:90:9b:27:8f:f0:
99:f5:96:92:16:4f:0b:16:f3:95:7a:b7:46:b1:f4:3a:45:5f:
52:a0:5d:cd:a6:cf:90:40:79:2f:c7:87:9a:40:51:ce:fb:5f:
6f:12:fc:4e:20:65:7f:a8:84:e1:ec:06:f6:9e:ea:22:db:a9:
93:b5:43:44:23:32:37:04:ba:50:4a:89:86:c8:f2:c4:95:5a:
5a:b3:55:6a:bb:b7:7d:7f:00:ae:ef:f8:4a:87:e2:8d:a0:75:
46:13:65:b9:15:19:bf:e5:b1:17:06:48:94:43:93:ce:68:41:
df:75:91:72:c2:42:2c:25:5b:ee:07:4e:fa:64:7e:4c:75:9d:
c8:12:97:08:49:09:52:43:ef:d0:18:75:5c:41:43:7a:3a:53:
37:d7:09:7f:8e:89:5f:f1:77:d4:b7:31:51:e7:a4:7c:83:bc:
e9:02:5d:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ+iulbnVfYODMX+KN4lKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDM1NzkwODMwY2U3NDY5YTk0YzU5YjJlMmNjYmJmNWUz
NmQxM2YwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY3MzA2MDc3ZTZiNzJmNGZlZDg5NDk0ODhjMmRhMzk2N2M5YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqwub1TYvAzR89pLyoC1y1pSJ82T
Qe9Nd7KeV3f1ttpTmk5NKXOHPAYCGL0T4hqd5C9/4c0BNP0F3lOLmH23EFNQxYkW
Jps9ESwJawDm5S4zal7491qYZNq3Kd6K0hOsc6mEgg1zxsDfdNeoB4/lBq0NQBLU
5tk6n5cQ0wszQzYNmXRGSS5oT1p1fAXjwEpiY9+G5Cu0DDoXQr6UKxCbz9sweLrB
sEvy3YwagHWugWEPYTgzNGgiNW10UgX7+fE0XyR1HLmlfi51905nPfhdA6khuH6L
Mb1CPjTrHlMVpRRSDcYT9WZzxaqSI9TAATfmoHVGIX+SB7gTHd1hzPlZbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIn3MGB35rcvT+2JSUiMLaOWfJoXMB8GA1UdIwQY
MBaAFMzTV5CDDOdGmpTFmy4sy79eNtE/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5OWGtJTU01MGFhbE1XYkxpekx2MTQyMFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8xZmNiNTktNDA1ZS00MGMzLWE2MzAt
YzVkMTNlODhlNGRlLzEvaWZjd1lIZm10eTlQN1lsSlNJd3RvNVo4bWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8xZmNiNTktNDA1ZS00MGMzLWE2MzAtYzVkMTNlODhlNGRl
LzEvek5OWGtJTU01MGFhbE1XYkxpekx2MTQyMFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwS+7AwQA
wcicMA0GCSqGSIb3DQEBCwUAA4IBAQDLw9YdenwJ0Czwdu+XFt/HJHGcEZjs2ulv
voxVoqoDDVyMZrGwYIjTb8Rf1Ywjawlrye9oK/FN4mi/NFwSEgk/RwaMIkIuRKBK
tTppoROLH9fPiMZJkJsnj/CZ9ZaSFk8LFvOVerdGsfQ6RV9SoF3Nps+QQHkvx4ea
QFHO+19vEvxOIGV/qITh7Ab2nuoi26mTtUNEIzI3BLpQSomGyPLElVpas1Vqu7d9
fwCu7/hKh+KNoHVGE2W5FRm/5bEXBkiUQ5POaEHfdZFywkIsJVvuB076ZH5MdZ3I
EpcISQlSQ+/QGHVcQUN6OlM31wl/jolf8XfUtzFR56R8g7zpAl31
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:09:38 2025 by rpki-client