Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/fc72NGwJpxBIXN8-dGqwq1WYnKE.roa
File: fc72NGwJpxBIXN8-dGqwq1WYnKE.roa (raw, json)
Hash identifier: uiYjC+uAp7c2SwayHIXRGZsuq0DaT6GDP/wSbluuAaI=
Subject key identifier: 7D:CE:F6:34:6C:09:A7:10:48:5C:DF:3E:74:6A:B0:AB:55:98:9C:A1
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067D6A83E0D3939DCDC0DA823F389CC
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/fc72NGwJpxBIXN8-dGqwq1WYnKE.roa
Signing time: Wed 01 Jan 2025 05:47:43 +0000
ROA not before: Wed 01 Jan 2025 05:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204970
IP address blocks: 194.209.54.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d6:a8:3e:0d:39:39:dc:dc:0d:a8:23:f3:89:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dcef6346c09a710485cdf3e746ab0ab55989ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:fc:6c:d0:62:39:3a:4c:8a:68:91:68:93:
7a:f0:06:12:72:2e:a9:f3:c6:1c:61:0a:dc:40:c6:
40:36:fd:28:42:51:b0:3d:08:49:41:f4:ba:31:b5:
66:89:8d:4b:de:d3:b9:72:db:e1:f9:e5:68:1b:b4:
d8:c0:8c:48:5e:7f:9d:44:07:e8:2a:7d:86:47:95:
2f:bc:2c:40:cc:2a:8c:44:dc:db:40:d5:a3:6f:58:
d6:f2:38:a5:5e:34:53:11:84:b1:7b:5d:32:e8:cc:
f4:40:42:c1:89:b2:27:54:3e:d8:52:56:77:56:e3:
e6:78:63:65:97:56:d7:60:38:67:75:14:52:29:ac:
d6:32:0e:f8:b4:b7:fb:9b:88:64:7b:9e:8d:4f:8f:
a8:03:58:84:14:cf:ec:9a:99:1c:9c:96:6d:b7:04:
94:d5:70:49:53:e3:3d:24:66:fd:47:d1:c1:59:97:
c5:40:e6:34:b3:33:37:98:27:0d:4e:35:2e:e7:2f:
98:2d:2f:bb:d5:06:0f:3d:f4:1f:9f:d7:d2:59:c1:
80:cc:91:0d:13:e5:a5:dc:bc:b4:53:7d:74:74:c1:
33:0c:c1:80:7a:5a:af:53:1c:da:b8:b8:01:df:f2:
c9:23:4e:c3:2e:34:34:fa:6c:79:ce:b2:d7:ba:94:
b4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CE:F6:34:6C:09:A7:10:48:5C:DF:3E:74:6A:B0:AB:55:98:9C:A1
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/fc72NGwJpxBIXN8-dGqwq1WYnKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.54.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:46:4f:03:17:01:0b:ed:c1:dd:03:8d:f6:fe:c1:b2:d2:da:
c5:a0:6c:5f:c1:46:31:dc:91:4c:00:d6:33:7d:fd:16:65:d1:
5d:1e:8f:17:76:5e:d3:2f:47:5e:bd:02:34:c4:df:ce:0b:3f:
55:f7:7c:c5:53:12:81:66:90:48:e4:81:23:28:91:6d:16:4d:
01:c4:dd:0b:de:de:b7:24:66:59:af:70:60:55:94:72:51:a3:
b2:ae:d6:60:68:dd:a5:53:7c:a0:13:46:97:12:3f:f2:37:5d:
42:4d:9f:7c:6b:b4:7b:22:f3:ea:84:3d:06:db:ae:cd:fc:da:
00:95:07:3d:19:f8:47:79:be:9f:5f:1d:db:22:52:b1:43:a0:
75:cc:19:85:3f:a9:d4:a5:47:33:bf:61:fc:91:16:2f:67:b0:
2a:40:67:8a:61:ec:7e:98:9f:e0:d6:e6:4a:13:75:97:3e:5b:
0a:97:3c:a5:c2:5b:56:53:c5:d0:81:16:75:05:bb:21:7c:2b:
8a:3d:50:f0:ee:5c:78:7f:43:87:a4:80:b1:ee:79:8d:03:b5:
db:97:0e:f1:ce:1e:f9:29:b6:96:6e:11:c4:f3:3e:e7:a1:b5:
45:1f:77:42:3c:4a:47:52:27:35:0c:4c:27:b3:49:cf:84:e1:
c4:09:d5:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9aoPg05OdzcDagj84nMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGNlZjYzNDZjMDlhNzEwNDg1Y2RmM2U3NDZhYjBhYjU1OTg5Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKD8bNBiOTpMimiRaJN68AYSci6p
88YcYQrcQMZANv0oQlGwPQhJQfS6MbVmiY1L3tO5ctvh+eVoG7TYwIxIXn+dRAfo
Kn2GR5UvvCxAzCqMRNzbQNWjb1jW8jilXjRTEYSxe10y6Mz0QELBibInVD7YUlZ3
VuPmeGNll1bXYDhndRRSKazWMg74tLf7m4hke56NT4+oA1iEFM/smpkcnJZttwSU
1XBJU+M9JGb9R9HBWZfFQOY0szM3mCcNTjUu5y+YLS+71QYPPfQfn9fSWcGAzJEN
E+Wl3Ly0U310dMEzDMGAelqvUxzauLgB3/LJI07DLjQ0+mx5zrLXupS0+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3O9jRsCacQSFzfPnRqsKtVmJyhMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvZmM3Mk5Hd0pweEJJWE44LWRHcXdxMVdZbktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtE2MA0G
CSqGSIb3DQEBCwUAA4IBAQCKRk8DFwEL7cHdA432/sGy0trFoGxfwUYx3JFMANYz
ff0WZdFdHo8Xdl7TL0devQI0xN/OCz9V93zFUxKBZpBI5IEjKJFtFk0BxN0L3t63
JGZZr3BgVZRyUaOyrtZgaN2lU3ygE0aXEj/yN11CTZ98a7R7IvPqhD0G267N/NoA
lQc9GfhHeb6fXx3bIlKxQ6B1zBmFP6nUpUczv2H8kRYvZ7AqQGeKYex+mJ/g1uZK
E3WXPlsKlzylwltWU8XQgRZ1BbshfCuKPVDw7lx4f0OHpICx7nmNA7Xblw7xzh75
KbaWbhHE8z7nobVFH3dCPEpHUic1DEwns0nPhOHECdUX
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:29:50 2025 by rpki-client