Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/4FPxHmFFi8FhwJTxhTVfGxLgeb0.roa
File: 4FPxHmFFi8FhwJTxhTVfGxLgeb0.roa (raw, json)
Hash identifier: DAkyKbIc/vzHYQCVTOxWR8OPdTTpNjZGMzs7QrhE8O8=
Subject key identifier: E0:53:F1:1E:61:45:8B:C1:61:C0:94:F1:85:35:5F:1B:12:E0:79:BD
Certificate issuer: /CN=af6eaeff123ca67446d0e49401e495057078e174
Certificate serial: 01942522043C5F85C91F344488C2FE2299D2
Authority key identifier: AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/4FPxHmFFi8FhwJTxhTVfGxLgeb0.roa
Signing time: Thu 02 Jan 2025 03:49:33 +0000
ROA not before: Thu 02 Jan 2025 03:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12676
IP address blocks: 185.172.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:04:3c:5f:85:c9:1f:34:44:88:c2:fe:22:99:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af6eaeff123ca67446d0e49401e495057078e174
Validity
Not Before: Jan 2 03:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e053f11e61458bc161c094f185355f1b12e079bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0c:ac:30:b7:ba:c7:9c:00:ea:78:ea:b8:0d:
11:f3:bc:2c:82:8c:90:0e:e1:9a:29:03:85:7e:f7:
1d:e5:32:96:c2:46:3b:86:f7:7c:93:f4:be:3b:1d:
d2:99:8b:2b:e4:e1:09:8d:fd:d0:8c:eb:b8:29:88:
a5:9b:76:23:6e:66:94:f2:95:7c:c2:c3:af:bc:0e:
d1:61:3d:1a:e6:16:4d:d4:40:a2:48:6a:ab:22:5e:
5e:82:cb:11:d1:07:b5:6d:dc:a3:2f:50:b8:af:dd:
6d:b4:cf:59:48:d5:65:4a:5c:9d:6c:e7:a8:8d:e2:
2c:0e:c4:49:f9:4a:7a:92:ab:0e:dd:ba:9e:6e:ed:
75:d9:f5:e4:d4:a8:55:e1:7d:bc:b2:8d:35:84:91:
f5:b4:c1:1e:9d:37:09:10:da:90:9c:1a:4c:3e:30:
39:94:31:c3:e0:42:e8:37:66:86:d6:4e:44:41:6f:
04:a3:77:c3:e2:a7:cf:16:9b:be:18:ad:94:bd:15:
48:77:74:67:a8:67:5e:ff:76:fb:b8:b9:cc:94:c0:
29:04:c5:48:bc:a9:b0:e8:0c:4e:ab:ff:85:15:1f:
0c:87:b1:52:ea:98:70:33:61:96:bc:6d:17:79:11:
2a:de:3a:90:65:7e:b7:e8:3a:1d:04:9c:c6:97:8f:
a6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:53:F1:1E:61:45:8B:C1:61:C0:94:F1:85:35:5F:1B:12:E0:79:BD
X509v3 Authority Key Identifier:
keyid:AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/4FPxHmFFi8FhwJTxhTVfGxLgeb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:f3:5f:57:8b:1b:e6:34:7a:67:a5:3e:00:79:14:72:6b:32:
a6:c5:45:fb:32:4f:cd:5e:5a:44:38:57:69:45:19:dc:cf:1e:
0e:c3:88:8b:e5:77:ed:05:38:15:f9:0b:08:79:a3:72:15:d0:
03:ed:34:f6:38:91:76:46:b1:d5:71:7a:3f:7b:02:22:56:25:
17:ba:08:ea:87:8e:f7:56:2e:9d:b3:d3:80:64:bc:2a:21:bf:
c6:68:30:cf:d5:60:d1:bc:1b:23:0f:b7:e9:a8:e8:de:70:6f:
e7:0b:24:25:2a:3a:3c:a1:79:77:b8:90:23:fb:51:1c:e9:84:
09:67:f1:a1:48:2e:4c:8c:51:93:5e:65:6c:05:48:d2:ed:51:
0a:35:f3:5e:5f:5a:0e:af:c9:e9:50:2e:98:b2:90:95:7b:f0:
74:16:70:39:83:22:b0:24:f3:5a:d4:0f:4b:f2:97:8b:0d:3b:
17:dd:ba:58:1b:aa:a4:ba:ec:59:dc:f4:44:b1:51:51:98:bc:
4f:57:f5:9c:85:ac:ef:7a:26:ed:54:1a:9b:0d:60:be:c2:b3:
00:9b:33:01:97:bb:1e:b1:4a:4e:db:fb:24:3e:13:08:55:07:
ca:62:b0:a3:ad:99:ff:23:8e:2b:29:32:b0:0f:99:05:30:0b:
9f:68:b0:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIgQ8X4XJHzREiML+IpnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmVhZWZmMTIzY2E2NzQ0NmQwZTQ5NDAxZTQ5NTA1NzA3
OGUxNzQwHhcNMjUwMTAyMDM0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDUzZjExZTYxNDU4YmMxNjFjMDk0ZjE4NTM1NWYxYjEyZTA3OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgysMLe6x5wA6njquA0R87wsgoyQ
DuGaKQOFfvcd5TKWwkY7hvd8k/S+Ox3SmYsr5OEJjf3QjOu4KYilm3YjbmaU8pV8
wsOvvA7RYT0a5hZN1ECiSGqrIl5egssR0Qe1bdyjL1C4r91ttM9ZSNVlSlydbOeo
jeIsDsRJ+Up6kqsO3bqebu112fXk1KhV4X28so01hJH1tMEenTcJENqQnBpMPjA5
lDHD4ELoN2aG1k5EQW8Eo3fD4qfPFpu+GK2UvRVId3RnqGde/3b7uLnMlMApBMVI
vKmw6AxOq/+FFR8Mh7FS6phwM2GWvG0XeREq3jqQZX636DodBJzGl4+m5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBT8R5hRYvBYcCU8YU1XxsS4Hm9MB8GA1UdIwQY
MBaAFK9urv8SPKZ0RtDklAHklQVweOF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUt
NGVmNDdmYzRiZDdmLzEvNEZQeEhtRkZpOEZod0pUeGhUVmZHeExnZWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUtNGVmNDdmYzRiZDdm
LzEvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuax8MA0G
CSqGSIb3DQEBCwUAA4IBAQBv819XixvmNHpnpT4AeRRyazKmxUX7Mk/NXlpEOFdp
RRnczx4Ow4iL5XftBTgV+QsIeaNyFdAD7TT2OJF2RrHVcXo/ewIiViUXugjqh473
Vi6ds9OAZLwqIb/GaDDP1WDRvBsjD7fpqOjecG/nCyQlKjo8oXl3uJAj+1Ec6YQJ
Z/GhSC5MjFGTXmVsBUjS7VEKNfNeX1oOr8npUC6YspCVe/B0FnA5gyKwJPNa1A9L
8peLDTsX3bpYG6qkuuxZ3PREsVFRmLxPV/WchazveibtVBqbDWC+wrMAmzMBl7se
sUpO2/skPhMIVQfKYrCjrZn/I44rKTKwD5kFMAufaLAd
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:34:09 2025 by rpki-client