Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/fcd14E2UvKzJ6kaKcrYKQVlljT8.roa
File: fcd14E2UvKzJ6kaKcrYKQVlljT8.roa (raw, json)
Hash identifier: KoJteDfILqkEJ6UJs3cPi3xqWQVLa33IGp0XJE/3JLc=
Subject key identifier: 7D:C7:75:E0:4D:94:BC:AC:C9:EA:46:8A:72:B6:0A:41:59:65:8D:3F
Certificate issuer: /CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Certificate serial: 01954255EF7BCA2B6BC991A411C82A9B1ABD
Authority key identifier: DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/fcd14E2UvKzJ6kaKcrYKQVlljT8.roa
Signing time: Wed 26 Feb 2025 12:58:02 +0000
ROA not before: Wed 26 Feb 2025 12:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.73.224.0/24 maxlen: 24
2a10:f80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:55:ef:7b:ca:2b:6b:c9:91:a4:11:c8:2a:9b:1a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Validity
Not Before: Feb 26 12:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dc775e04d94bcacc9ea468a72b60a4159658d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:91:ca:8c:b9:cd:15:8b:6e:86:4d:b9:18:0d:
8a:0b:73:ac:e6:ed:ba:aa:04:0a:52:b4:6e:aa:f6:
cb:89:cb:43:e2:e8:9d:1e:4b:05:49:fe:9d:fc:64:
33:9d:eb:2e:9d:ed:2b:5c:87:66:0d:15:3b:1c:60:
d1:93:26:63:fa:44:28:ba:0d:dc:6d:c5:c0:57:7a:
45:3c:6b:a0:1a:97:3b:e7:96:9c:5a:58:31:81:ff:
b9:57:49:10:3f:2a:2b:c7:52:f8:34:02:2a:81:b2:
3d:ad:e4:b7:ee:1e:2d:ab:44:fd:6d:fa:4f:35:a8:
3d:1a:8c:43:20:e0:e3:57:9b:19:4a:33:91:72:93:
8d:4f:67:77:bb:39:43:33:76:3c:e2:37:36:d4:40:
86:12:fb:12:3d:95:54:e7:f8:f0:47:37:b0:a9:94:
e5:03:1a:b4:7b:d2:48:73:20:ad:84:86:eb:13:b0:
cd:ea:27:46:7a:fd:e4:0f:30:b0:c7:fd:83:21:61:
c8:d3:6a:5f:cd:d5:dc:c8:37:e4:95:2b:6b:1b:dd:
18:6d:da:96:ba:90:ab:bb:23:8d:44:f4:47:5a:82:
47:c9:9c:34:50:26:af:f9:95:c3:c6:c6:36:c1:68:
50:51:4a:ab:d8:57:cd:2b:6f:97:9a:c9:24:30:52:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C7:75:E0:4D:94:BC:AC:C9:EA:46:8A:72:B6:0A:41:59:65:8D:3F
X509v3 Authority Key Identifier:
keyid:DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/fcd14E2UvKzJ6kaKcrYKQVlljT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.224.0/24
IPv6:
2a10:f80::/32
Signature Algorithm: sha256WithRSAEncryption
39:cb:9f:7c:ea:c1:39:ac:f9:48:1d:c8:4d:ec:81:75:cb:d2:
6f:69:c5:b4:36:0d:f4:91:fa:3e:a8:1c:75:71:ec:c8:f8:b4:
b6:ca:fa:0e:1b:4e:45:a1:27:b5:e7:4b:55:ad:8a:dd:06:c9:
40:44:b7:c3:08:86:cd:fd:b2:f2:ec:fb:8f:90:0a:12:b0:91:
b8:da:11:7d:a6:65:05:94:c4:f6:d6:9a:2e:e4:5a:2d:c9:94:
10:16:88:1b:13:e1:0e:cc:a8:e0:3c:ff:49:b4:3a:bf:b6:7f:
e2:21:ca:05:a8:4e:60:87:54:8c:cc:e3:ba:1d:c7:0a:dc:79:
e4:58:c4:80:0f:5f:88:5e:9b:71:64:f9:e4:3e:c0:13:7a:93:
65:37:b9:d8:be:43:0e:57:db:cf:a2:c3:17:74:d5:9a:5e:0a:
a3:5c:bc:2b:4a:03:4e:b2:75:59:63:b0:e2:6e:69:00:6f:6e:
38:4b:e7:a5:cc:b8:90:f9:37:50:50:cd:41:11:ff:01:17:c6:
66:61:7a:24:e8:9e:14:22:f7:8a:cb:83:5e:2c:78:89:e7:f8:
cc:db:57:1f:8d:65:47:48:ff:15:6a:5c:a2:cf:d6:e8:e2:9c:
19:23:71:a6:77:73:3d:fe:33:f6:27:24:d8:67:9c:ae:f4:51:
a0:14:2f:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVCVe97yitryZGkEcgqmxq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdmYzUwNTQ4Mjg3ZGVhZWE3Y2U5MjA5OWU0N2EwNGE3
MGQ0NTEwHhcNMjUwMjI2MTI1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM3NzVlMDRkOTRiY2FjYzllYTQ2OGE3MmI2MGE0MTU5NjU4ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJHKjLnNFYtuhk25GA2KC3Os5u26
qgQKUrRuqvbLictD4uidHksFSf6d/GQznesune0rXIdmDRU7HGDRkyZj+kQoug3c
bcXAV3pFPGugGpc755acWlgxgf+5V0kQPyorx1L4NAIqgbI9reS37h4tq0T9bfpP
Nag9GoxDIODjV5sZSjORcpONT2d3uzlDM3Y84jc21ECGEvsSPZVU5/jwRzewqZTl
Axq0e9JIcyCthIbrE7DN6idGev3kDzCwx/2DIWHI02pfzdXcyDfklStrG90YbdqW
upCruyONRPRHWoJHyZw0UCav+ZXDxsY2wWhQUUqr2FfNK2+XmskkMFI3MQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH3HdeBNlLysyepGinK2CkFZZY0/MB8GA1UdIwQY
MBaAFNvX/FBUgoferqfOkgmeR6BKcNRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmOFVGU0NoOTZ1cDg2U0NaNUhvRXB3MUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS82MDZlYTktNDgzNC00YjYzLTllMGEt
ZjI1NjA0YzRiZTgyLzEvZmNkMTRFMlV2S3pKNmthS2NyWUtRVmxsalQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS82MDZlYTktNDgzNC00YjYzLTllMGEtZjI1NjA0YzRiZTgy
LzEvMjlmOFVGU0NoOTZ1cDg2U0NaNUhvRXB3MUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUngMA0E
AgACMAcDBQAqEA+AMA0GCSqGSIb3DQEBCwUAA4IBAQA5y5986sE5rPlIHchN7IF1
y9JvacW0Ng30kfo+qBx1cezI+LS2yvoOG05FoSe150tVrYrdBslARLfDCIbN/bLy
7PuPkAoSsJG42hF9pmUFlMT21pou5FotyZQQFogbE+EOzKjgPP9JtDq/tn/iIcoF
qE5gh1SMzOO6HccK3HnkWMSAD1+IXptxZPnkPsATepNlN7nYvkMOV9vPosMXdNWa
XgqjXLwrSgNOsnVZY7DibmkAb244S+elzLiQ+TdQUM1BEf8BF8ZmYXok6J4UIveK
y4NeLHiJ5/jM21cfjWVHSP8Valyiz9bo4pwZI3Gmd3M9/jP2JyTYZ5yu9FGgFC/B
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:42 2025 by rpki-client