Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/AfCHtr4Fmn6C6K-xDZnJGPxVWbY.roa
File: AfCHtr4Fmn6C6K-xDZnJGPxVWbY.roa (raw, json)
Hash identifier: cWC+zuyAXxZC7IptFtTdds4QT4Tg0RxQSuYTFEhWDp4=
Subject key identifier: 01:F0:87:B6:BE:05:9A:7E:82:E8:AF:B1:0D:99:C9:18:FC:55:59:B6
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01942747F15BFF8E5446247DD1A5E099AC54
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/AfCHtr4Fmn6C6K-xDZnJGPxVWbY.roa
Signing time: Thu 02 Jan 2025 13:50:13 +0000
ROA not before: Thu 02 Jan 2025 13:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 86.110.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f1:5b:ff:8e:54:46:24:7d:d1:a5:e0:99:ac:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Jan 2 13:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01f087b6be059a7e82e8afb10d99c918fc5559b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bc:c9:36:65:95:80:e7:67:f2:3a:00:8c:6d:
af:ff:8d:61:6e:1b:15:d1:d8:ca:72:8b:32:d5:ed:
74:42:24:58:b3:0e:61:dc:c0:97:18:7a:b6:7c:6a:
33:d8:8f:97:9e:72:d1:15:6e:5c:5f:5f:48:47:9b:
eb:a2:c4:d1:74:68:d3:3a:1e:71:00:f3:58:b0:86:
c8:05:25:c4:38:f0:9c:01:53:94:45:cd:7b:32:0d:
82:8e:94:c7:e3:e9:91:df:53:55:30:f6:6c:42:c2:
02:4a:e0:63:ea:fc:df:12:58:12:36:79:5a:4a:b4:
49:20:b6:1e:dd:d6:fe:0b:4b:d6:77:82:d4:cc:0c:
ea:a8:bb:79:2c:6a:d5:b6:c0:6f:08:33:2c:24:d4:
1f:b6:80:17:07:95:bd:9d:06:8a:be:f8:9b:8f:79:
84:48:e1:02:1e:f2:0f:6b:b5:7c:a4:77:86:b5:a6:
a2:ea:37:32:90:01:62:8a:c4:ba:2a:c4:10:62:82:
86:43:b4:50:30:e9:b8:32:39:d7:6c:0c:89:ad:23:
c2:37:a5:2f:86:69:a0:93:a3:a2:a1:d1:c9:fa:49:
ba:06:f5:5b:10:aa:f7:09:74:1b:e8:66:2d:84:63:
7a:21:02:a0:34:d2:0f:94:74:6c:35:24:65:4b:64:
4e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F0:87:B6:BE:05:9A:7E:82:E8:AF:B1:0D:99:C9:18:FC:55:59:B6
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/AfCHtr4Fmn6C6K-xDZnJGPxVWbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.57.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:5d:e8:ac:a4:96:e3:fe:d2:70:b7:0d:f5:18:1e:77:f9:30:
59:e5:53:9b:6b:27:4c:30:23:ab:51:d4:04:d0:7c:cd:96:53:
f9:bf:a7:3d:15:16:f2:da:a7:e6:46:62:50:60:1c:58:59:af:
52:c4:03:a5:fb:a4:77:f1:75:ef:f3:05:1c:41:2b:99:b9:f8:
d0:a1:40:27:3d:2a:3c:f2:29:cf:1f:c4:46:b6:d6:6c:f4:79:
4d:2c:39:95:1f:0a:94:11:17:ec:5b:8f:5c:a4:2f:b6:68:2b:
fd:f4:95:e5:55:17:1a:ff:2b:8b:c3:ea:a2:25:be:09:4e:82:
85:26:e8:af:4d:fa:67:20:f7:54:80:f2:48:00:57:14:7c:b0:
81:76:8b:eb:13:a5:51:14:0c:f0:b5:fa:56:1a:51:b7:b4:1c:
ae:4c:33:3c:05:7d:18:6a:e2:59:01:fa:a9:65:20:3b:e0:2e:
0a:3e:d0:f7:23:bf:76:c7:e9:a4:b0:7f:86:a9:27:38:fc:2d:
22:85:aa:75:6a:81:24:dc:f6:4b:9a:29:90:8c:02:20:b0:ec:
c3:eb:fc:36:df:20:d4:09:98:94:e7:8d:21:f1:07:41:9d:23:
e1:a9:8a:b0:eb:49:89:97:92:20:77:31:1b:a4:c2:ea:d7:11:
db:4b:a7:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/Fb/45URiR90aXgmaxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwMTAyMTM1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWYwODdiNmJlMDU5YTdlODJlOGFmYjEwZDk5YzkxOGZjNTU1OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrzJNmWVgOdn8joAjG2v/41hbhsV
0djKcosy1e10QiRYsw5h3MCXGHq2fGoz2I+XnnLRFW5cX19IR5vrosTRdGjTOh5x
APNYsIbIBSXEOPCcAVOURc17Mg2CjpTH4+mR31NVMPZsQsICSuBj6vzfElgSNnla
SrRJILYe3db+C0vWd4LUzAzqqLt5LGrVtsBvCDMsJNQftoAXB5W9nQaKvvibj3mE
SOECHvIPa7V8pHeGtaai6jcykAFiisS6KsQQYoKGQ7RQMOm4MjnXbAyJrSPCN6Uv
hmmgk6OiodHJ+km6BvVbEKr3CXQb6GYthGN6IQKgNNIPlHRsNSRlS2RO9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHwh7a+BZp+guivsQ2ZyRj8VVm2MB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvQWZDSHRyNEZtbjZDNksteERabkpHUHhWV2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm45MA0G
CSqGSIb3DQEBCwUAA4IBAQALXeispJbj/tJwtw31GB53+TBZ5VObaydMMCOrUdQE
0HzNllP5v6c9FRby2qfmRmJQYBxYWa9SxAOl+6R38XXv8wUcQSuZufjQoUAnPSo8
8inPH8RGttZs9HlNLDmVHwqUERfsW49cpC+2aCv99JXlVRca/yuLw+qiJb4JToKF
JuivTfpnIPdUgPJIAFcUfLCBdovrE6VRFAzwtfpWGlG3tByuTDM8BX0YauJZAfqp
ZSA74C4KPtD3I792x+mksH+GqSc4/C0ihap1aoEk3PZLmimQjAIgsOzD6/w23yDU
CZiU540h8QdBnSPhqYqw60mJl5IgdzEbpMLq1xHbS6f/
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:57 2025 by rpki-client