Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/FCFfx3p7hHCFHlKPZobVJyLJ5MI.roa
File: FCFfx3p7hHCFHlKPZobVJyLJ5MI.roa (raw, json)
Hash identifier: 6JV0xEEqdwivRbZdMI4zo4Wpa9PWQK4gKoasAD6odWU=
Subject key identifier: 14:21:5F:C7:7A:7B:84:70:85:1E:52:8F:66:86:D5:27:22:C9:E4:C2
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 01954CCEDBD0806D9ACF07586340ABF72060
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/FCFfx3p7hHCFHlKPZobVJyLJ5MI.roa
Signing time: Fri 28 Feb 2025 13:46:19 +0000
ROA not before: Fri 28 Feb 2025 13:46:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212128
IP address blocks: 81.19.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:ce:db:d0:80:6d:9a:cf:07:58:63:40:ab:f7:20:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Feb 28 13:46:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14215fc77a7b8470851e528f6686d52722c9e4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:fe:43:5d:14:a5:f1:89:c0:f5:1d:3f:5f:be:
45:d5:7f:77:d3:14:70:d5:04:e6:fe:dd:4f:96:e2:
d9:a3:a6:b1:17:58:2a:6b:71:00:2b:81:9a:71:d6:
50:67:1d:2d:78:01:bb:b4:d8:84:d6:0b:56:1c:53:
3b:2a:e9:56:31:a9:c0:98:08:ac:82:78:97:e8:04:
62:ce:ee:d1:24:4a:49:56:45:90:65:ea:c4:26:61:
3c:d0:83:d2:ef:8e:6c:18:82:2a:22:15:30:c2:fe:
a7:e7:20:72:ab:5e:df:7f:26:7e:26:eb:e2:a7:7d:
23:1e:b3:5d:d2:c7:f1:56:ac:11:42:a0:73:8f:d0:
a8:f9:a7:ec:10:61:7c:ab:8b:3a:9b:49:ec:d5:41:
d4:0f:25:05:d2:c7:ad:02:3a:6a:7e:e5:ac:14:73:
a3:ac:f0:c5:d5:b8:7a:6c:b2:4c:3d:3a:0a:f7:a1:
45:e4:40:e9:78:36:7d:d5:09:05:22:be:d7:41:66:
9e:13:f1:2f:9d:c4:4a:94:6c:ff:e0:cc:99:90:3c:
15:3f:9c:bb:54:52:1b:00:cd:08:4d:fa:93:ed:57:
f8:33:9a:a4:6c:12:fc:99:5f:c1:6d:c0:c1:6b:1b:
03:98:8e:71:ce:e2:ad:f8:15:f2:99:4e:07:79:5f:
6a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:21:5F:C7:7A:7B:84:70:85:1E:52:8F:66:86:D5:27:22:C9:E4:C2
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/FCFfx3p7hHCFHlKPZobVJyLJ5MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.138.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:d1:ef:4c:5d:b4:ea:30:11:81:bb:6f:bd:22:5e:f1:f2:70:
65:7b:40:30:4f:b8:9e:f9:57:d5:46:14:74:2e:09:94:7e:23:
63:f5:7c:59:70:d3:20:1c:09:54:5d:20:7a:bc:91:50:1a:36:
b4:d8:84:24:50:20:5a:81:1f:79:5e:3f:56:d9:25:c7:e3:a5:
fd:4d:03:1d:04:f6:4a:f2:28:cc:75:13:21:97:de:0a:73:c3:
bd:0f:bc:0c:e8:a5:9b:ec:98:f6:22:25:2f:9f:c6:f3:f2:a4:
94:e6:7f:69:4b:e7:85:65:5f:d6:76:ee:d2:db:50:22:c2:c2:
66:c0:ad:0d:a8:b9:5d:48:1a:aa:5b:94:c5:73:83:14:d3:23:
93:7e:67:b9:79:44:1a:c9:26:22:5c:05:4b:85:c3:24:76:d5:
d0:28:30:71:06:af:65:c0:01:6b:33:9c:54:e5:1f:c5:e9:6d:
45:0a:d8:34:e9:02:76:94:12:85:e1:7d:66:7f:52:6d:97:4b:
71:2b:04:0f:3e:f2:ad:31:d5:db:83:d6:75:82:15:d6:4a:a7:
cf:a8:05:d2:da:3f:99:98:9d:38:89:cf:01:03:4c:3a:f9:a5:
02:0d:bf:02:8f:09:66:d9:a7:95:f1:20:f0:5c:9c:07:52:80:
b0:41:ff:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVMztvQgG2azwdYY0Cr9yBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjUwMjI4MTM0NjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDIxNWZjNzdhN2I4NDcwODUxZTUyOGY2Njg2ZDUyNzIyYzllNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6f5DXRSl8YnA9R0/X75F1X930xRw
1QTm/t1PluLZo6axF1gqa3EAK4GacdZQZx0teAG7tNiE1gtWHFM7KulWManAmAis
gniX6ARizu7RJEpJVkWQZerEJmE80IPS745sGIIqIhUwwv6n5yByq17ffyZ+Juvi
p30jHrNd0sfxVqwRQqBzj9Co+afsEGF8q4s6m0ns1UHUDyUF0setAjpqfuWsFHOj
rPDF1bh6bLJMPToK96FF5EDpeDZ91QkFIr7XQWaeE/EvncRKlGz/4MyZkDwVP5y7
VFIbAM0ITfqT7Vf4M5qkbBL8mV/BbcDBaxsDmI5xzuKt+BXymU4HeV9qzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQhX8d6e4RwhR5Sj2aG1SciyeTCMB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvRkNGZngzcDdoSENGSGxLUFpvYlZKeUxKNU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUROKMA0G
CSqGSIb3DQEBCwUAA4IBAQBM0e9MXbTqMBGBu2+9Il7x8nBle0AwT7ie+VfVRhR0
LgmUfiNj9XxZcNMgHAlUXSB6vJFQGja02IQkUCBagR95Xj9W2SXH46X9TQMdBPZK
8ijMdRMhl94Kc8O9D7wM6KWb7Jj2IiUvn8bz8qSU5n9pS+eFZV/Wdu7S21AiwsJm
wK0NqLldSBqqW5TFc4MU0yOTfme5eUQaySYiXAVLhcMkdtXQKDBxBq9lwAFrM5xU
5R/F6W1FCtg06QJ2lBKF4X1mf1Jtl0txKwQPPvKtMdXbg9Z1ghXWSqfPqAXS2j+Z
mJ04ic8BA0w6+aUCDb8Cjwlm2aeV8SDwXJwHUoCwQf/O
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:24:54 2025 by rpki-client