Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/rFLbnP63niNMPmNTHqvODCWAmf4.roa
File: rFLbnP63niNMPmNTHqvODCWAmf4.roa (raw, json)
Hash identifier: QWuHWUDfpexkyRSRrY8RzHPTAmEW2/XktJBH/kF+mCg=
Subject key identifier: AC:52:DB:9C:FE:B7:9E:23:4C:3E:63:53:1E:AB:CE:0C:25:80:99:FE
Certificate issuer: /CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Certificate serial: 019423D6CA55090CCBA03914A06B16EAEFC5
Authority key identifier: CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/rFLbnP63niNMPmNTHqvODCWAmf4.roa
Signing time: Wed 01 Jan 2025 21:47:46 +0000
ROA not before: Wed 01 Jan 2025 21:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59773
IP address blocks: 185.71.204.0/24 maxlen: 24
185.71.206.0/24 maxlen: 24
185.71.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ca:55:09:0c:cb:a0:39:14:a0:6b:16:ea:ef:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Validity
Not Before: Jan 1 21:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac52db9cfeb79e234c3e63531eabce0c258099fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:58:09:42:e8:28:a1:af:c6:6d:d4:f6:6d:1f:
d9:a5:f2:d6:d4:0f:1c:d2:63:dd:b1:ee:cd:b7:67:
b5:9d:68:d9:14:8f:e3:b2:7c:f4:6e:8e:2d:65:d8:
69:f6:6b:ff:71:7f:25:55:16:a1:eb:3e:01:8a:be:
84:59:70:cd:cb:39:4e:ec:f2:4a:a8:10:99:04:7c:
3f:11:81:ea:3d:05:de:1b:6b:88:fc:d8:57:b9:1c:
6d:34:87:3b:cd:e1:5c:ea:f4:96:35:26:8d:d2:d3:
14:29:3e:3a:22:cc:8a:c4:f9:13:2c:01:ee:54:b7:
3f:80:66:85:b9:b8:18:fa:b7:e7:7a:51:be:1e:15:
ec:b5:cc:88:1b:12:d8:67:56:e1:cd:0b:dc:8a:e9:
fe:ea:9f:ca:41:89:74:b8:8f:e9:00:89:b5:ed:c7:
59:46:8e:b3:7a:2f:7d:d8:d9:5c:c1:0c:62:59:c8:
81:73:3e:92:1e:2b:a1:27:9a:f4:0c:4d:ed:4e:b2:
82:4a:de:b7:be:53:87:f4:5d:65:3a:81:42:1a:1b:
65:1a:09:fa:a3:f4:ac:d9:f3:ed:4b:b4:9d:c1:0e:
e4:a5:12:e0:5a:c2:28:9e:11:f2:70:26:74:e3:06:
1d:1f:a2:17:97:73:1a:34:3a:b6:c5:31:e7:cd:43:
64:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:52:DB:9C:FE:B7:9E:23:4C:3E:63:53:1E:AB:CE:0C:25:80:99:FE
X509v3 Authority Key Identifier:
keyid:CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/rFLbnP63niNMPmNTHqvODCWAmf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/zHLmM99WNan5jS9optKty0QVXNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.204.0/24
185.71.206.0/23
Signature Algorithm: sha256WithRSAEncryption
46:6f:37:e8:64:58:85:8d:9c:04:84:2b:be:c3:62:68:5d:83:
b6:9a:d7:fd:d8:cc:d4:29:98:dc:77:99:f7:e4:0d:0b:14:87:
30:eb:12:c2:08:ac:ac:53:6d:27:7a:ad:5e:1d:3c:0d:32:c7:
98:e9:b8:5a:ee:f0:fa:5e:63:11:b5:b5:cd:89:d1:c6:bf:7d:
08:79:45:e2:d0:47:b1:90:05:7c:bb:28:aa:c0:78:e7:96:64:
c2:0d:6a:e3:48:52:5c:1b:b6:37:00:92:4d:2b:4c:7d:85:4b:
a4:64:7e:ba:74:67:75:05:c1:ed:0f:58:a0:eb:df:9c:66:90:
18:1c:d5:5c:ec:04:6a:cb:27:00:a9:b0:e7:72:ce:74:93:ac:
7f:6b:cf:ea:40:56:4d:b0:34:8e:36:1c:0d:42:5b:18:21:9c:
39:80:fe:c1:78:74:de:5a:4c:14:14:04:9c:7c:c9:b4:41:53:
7c:17:db:af:24:ea:61:a0:2d:11:ba:9a:93:27:30:65:c3:1d:
73:4b:b5:5b:a7:23:d1:20:c8:63:c3:c9:81:51:df:57:a6:53:
fb:f7:06:1f:1d:21:91:f2:30:c4:a7:6b:b1:26:3f:db:ba:46:
d0:1f:2e:c1:d3:17:0d:0c:af:17:44:50:f2:a1:75:1c:63:c9:
bf:fd:e9:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1spVCQzLoDkUoGsW6u/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzJlNjMzZGY1NjM1YTlmOThkMmY2OGE2ZDJhZGNiNDQx
NTVjZGMwHhcNMjUwMTAxMjE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUyZGI5Y2ZlYjc5ZTIzNGMzZTYzNTMxZWFiY2UwYzI1ODA5OWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVgJQugooa/GbdT2bR/ZpfLW1A8c
0mPdse7Nt2e1nWjZFI/jsnz0bo4tZdhp9mv/cX8lVRah6z4Bir6EWXDNyzlO7PJK
qBCZBHw/EYHqPQXeG2uI/NhXuRxtNIc7zeFc6vSWNSaN0tMUKT46IsyKxPkTLAHu
VLc/gGaFubgY+rfnelG+HhXstcyIGxLYZ1bhzQvciun+6p/KQYl0uI/pAIm17cdZ
Ro6zei992NlcwQxiWciBcz6SHiuhJ5r0DE3tTrKCSt63vlOH9F1lOoFCGhtlGgn6
o/Ss2fPtS7SdwQ7kpRLgWsIonhHycCZ04wYdH6IXl3MaNDq2xTHnzUNkyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKxS25z+t54jTD5jUx6rzgwlgJn+MB8GA1UdIwQY
MBaAFMxy5jPfVjWp+Y0vaKbSrctEFVzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQt
ZDAxMmNhOWVjMTk3LzEvckZMYm5QNjNuaU5NUG1OVEhxdk9EQ1dBbWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQtZDAxMmNhOWVjMTk3
LzEvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUfMAwQB
uUfOMA0GCSqGSIb3DQEBCwUAA4IBAQBGbzfoZFiFjZwEhCu+w2JoXYO2mtf92MzU
KZjcd5n35A0LFIcw6xLCCKysU20neq1eHTwNMseY6bha7vD6XmMRtbXNidHGv30I
eUXi0EexkAV8uyiqwHjnlmTCDWrjSFJcG7Y3AJJNK0x9hUukZH66dGd1BcHtD1ig
69+cZpAYHNVc7ARqyycAqbDncs50k6x/a8/qQFZNsDSONhwNQlsYIZw5gP7BeHTe
WkwUFAScfMm0QVN8F9uvJOphoC0RupqTJzBlwx1zS7VbpyPRIMhjw8mBUd9XplP7
9wYfHSGR8jDEp2uxJj/bukbQHy7B0xcNDK8XRFDyoXUcY8m//emr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:39 2025 by rpki-client