Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/0fxrFgaOEJg9dbqq-7NyccGKfo8.roa
File: 0fxrFgaOEJg9dbqq-7NyccGKfo8.roa (raw, json)
Hash identifier: PianfnGVaMrVPowuDRPfsiFVI9vqBZ2hff1ALtVypRc=
Subject key identifier: D1:FC:6B:16:06:8E:10:98:3D:75:BA:AA:FB:B3:72:71:C1:8A:7E:8F
Certificate issuer: /CN=ef477ca3b449bbc41247e8c921e4c8dabfc1afae
Certificate serial: 0194221FE34E638B240CAB87C2C129DE83C1
Authority key identifier: EF:47:7C:A3:B4:49:BB:C4:12:47:E8:C9:21:E4:C8:DA:BF:C1:AF:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70d8o7RJu8QSR-jJIeTI2r_Br64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/0fxrFgaOEJg9dbqq-7NyccGKfo8.roa
Signing time: Wed 01 Jan 2025 13:48:22 +0000
ROA not before: Wed 01 Jan 2025 13:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 193.17.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e3:4e:63:8b:24:0c:ab:87:c2:c1:29:de:83:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef477ca3b449bbc41247e8c921e4c8dabfc1afae
Validity
Not Before: Jan 1 13:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1fc6b16068e10983d75baaafbb37271c18a7e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:89:b3:70:6c:ce:51:0d:56:6e:1c:2c:71:00:
24:c3:c2:eb:61:98:4f:f1:89:fb:4c:dd:85:02:78:
60:f0:95:b0:0c:3e:61:50:e0:f6:43:ec:2c:cc:5d:
e6:d0:c8:ba:a6:96:af:b8:9e:8b:d2:b9:cc:07:2e:
08:9b:83:d6:20:a4:47:82:7b:65:93:d7:3c:b6:35:
c3:c1:99:e4:27:b8:68:c8:d4:a8:05:cf:90:7f:92:
09:f6:3f:5c:f5:b1:15:f6:9a:b5:a4:d2:9f:4b:9b:
d9:a6:7f:28:8c:5c:b7:87:9e:b1:0e:4f:2c:b6:e2:
f3:c4:4d:4d:08:d4:74:a1:39:f5:5e:0c:b2:24:98:
31:26:5b:7d:0f:a8:db:23:4e:65:65:90:79:32:a1:
14:32:bd:28:9b:06:71:26:02:c3:2a:9e:08:8f:e1:
0e:23:0b:8a:72:88:19:9d:36:83:f7:fb:64:f3:db:
48:7a:b8:63:c4:1d:ff:a6:31:f8:ce:5f:34:56:0a:
1b:ea:6e:4c:65:5b:0d:3c:23:a2:bc:15:4e:dd:81:
cd:cc:8b:78:18:2d:12:fd:dd:fb:d9:3d:cd:df:75:
f6:b1:19:7d:e6:2f:4a:13:c5:1e:90:32:29:ea:6a:
14:19:44:34:81:9b:00:22:6b:93:0f:2e:76:e7:37:
cc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:FC:6B:16:06:8E:10:98:3D:75:BA:AA:FB:B3:72:71:C1:8A:7E:8F
X509v3 Authority Key Identifier:
keyid:EF:47:7C:A3:B4:49:BB:C4:12:47:E8:C9:21:E4:C8:DA:BF:C1:AF:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70d8o7RJu8QSR-jJIeTI2r_Br64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/0fxrFgaOEJg9dbqq-7NyccGKfo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/70d8o7RJu8QSR-jJIeTI2r_Br64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.206.0/24
Signature Algorithm: sha256WithRSAEncryption
98:53:0a:42:28:c6:fe:9f:48:72:34:41:05:4e:07:33:83:39:
7f:61:f5:f4:c6:f5:56:8c:61:b3:35:dc:49:e8:f9:cd:6f:a3:
a8:03:0e:f5:0d:bd:30:95:e4:97:96:33:0d:8d:f4:41:7d:6b:
1c:7b:71:63:e6:4c:3e:36:39:6d:95:bc:9a:fd:6d:4e:bd:e2:
13:a5:57:8f:6c:0a:bc:bb:17:1d:c9:c8:28:83:86:04:aa:3f:
8b:4b:6f:0c:f1:90:6b:bb:ca:03:52:f5:69:d2:6b:99:75:38:
d5:74:24:6c:3d:a2:f2:19:55:50:28:a6:10:a1:2e:88:a1:0b:
3d:f7:78:93:8b:cf:d3:39:46:d3:a0:fb:e6:2c:69:6c:b1:8f:
31:84:a6:af:6c:e2:33:0c:e4:f4:70:55:93:e2:30:c2:70:49:
df:36:99:42:bd:40:aa:19:69:cf:76:62:fc:fb:af:77:63:1b:
86:40:31:30:27:1c:71:46:bc:72:cb:2b:11:97:cd:ab:6f:01:
9c:ae:2d:12:b0:a6:1e:22:90:85:9f:93:c6:6b:6b:c4:ab:79:
15:13:8d:c9:e0:b8:31:f6:df:b2:7e:1a:df:b2:42:07:cf:2d:
74:a5:88:f4:3b:6b:0a:83:15:40:34:d7:21:e6:ec:d6:1a:b5:
d3:fa:1f:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+NOY4skDKuHwsEp3oPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDc3Y2EzYjQ0OWJiYzQxMjQ3ZThjOTIxZTRjOGRhYmZj
MWFmYWUwHhcNMjUwMTAxMTM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWZjNmIxNjA2OGUxMDk4M2Q3NWJhYWFmYmIzNzI3MWMxOGE3ZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYmzcGzOUQ1WbhwscQAkw8LrYZhP
8Yn7TN2FAnhg8JWwDD5hUOD2Q+wszF3m0Mi6ppavuJ6L0rnMBy4Im4PWIKRHgntl
k9c8tjXDwZnkJ7hoyNSoBc+Qf5IJ9j9c9bEV9pq1pNKfS5vZpn8ojFy3h56xDk8s
tuLzxE1NCNR0oTn1XgyyJJgxJlt9D6jbI05lZZB5MqEUMr0omwZxJgLDKp4Ij+EO
IwuKcogZnTaD9/tk89tIerhjxB3/pjH4zl80Vgob6m5MZVsNPCOivBVO3YHNzIt4
GC0S/d372T3N33X2sRl95i9KE8UekDIp6moUGUQ0gZsAImuTDy525zfMLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNH8axYGjhCYPXW6qvuzcnHBin6PMB8GA1UdIwQY
MBaAFO9HfKO0SbvEEkfoySHkyNq/wa+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBkOG83Ukp1OFFTUi1qSkllVEkycl9CcjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVlYTItOTU4Mi00YTY1LWI1YmUt
NjAzYWExZjIwOWQ4LzEvMGZ4ckZnYU9FSmc5ZGJxcS03TnljY0dLZm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVlYTItOTU4Mi00YTY1LWI1YmUtNjAzYWExZjIwOWQ4
LzEvNzBkOG83Ukp1OFFTUi1qSkllVEkycl9CcjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRHOMA0G
CSqGSIb3DQEBCwUAA4IBAQCYUwpCKMb+n0hyNEEFTgczgzl/YfX0xvVWjGGzNdxJ
6PnNb6OoAw71Db0wleSXljMNjfRBfWsce3Fj5kw+Njltlbya/W1OveITpVePbAq8
uxcdycgog4YEqj+LS28M8ZBru8oDUvVp0muZdTjVdCRsPaLyGVVQKKYQoS6IoQs9
93iTi8/TOUbToPvmLGlssY8xhKavbOIzDOT0cFWT4jDCcEnfNplCvUCqGWnPdmL8
+693YxuGQDEwJxxxRrxyyysRl82rbwGcri0SsKYeIpCFn5PGa2vEq3kVE43J4Lgx
9t+yfhrfskIHzy10pYj0O2sKgxVANNch5uzWGrXT+h8i
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:30:45 2025 by rpki-client