Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/fNC7ZXZ-1ULFrWkO8J5UybYfGTI.roa
File: fNC7ZXZ-1ULFrWkO8J5UybYfGTI.roa (raw, json)
Hash identifier: JakG1+wEwBj7MRAmGKQKU//mA0wgIrSo6KrQr/NJN9Q=
Subject key identifier: 7C:D0:BB:65:76:7E:D5:42:C5:AD:69:0E:F0:9E:54:C9:B6:1F:19:32
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 019424452B96D98619DD2468BFD8E2318DD2
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/fNC7ZXZ-1ULFrWkO8J5UybYfGTI.roa
Signing time: Wed 01 Jan 2025 23:48:20 +0000
ROA not before: Wed 01 Jan 2025 23:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215881
IP address blocks: 87.251.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:2b:96:d9:86:19:dd:24:68:bf:d8:e2:31:8d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 23:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cd0bb65767ed542c5ad690ef09e54c9b61f1932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0e:95:4c:ad:e5:db:b3:34:f3:e4:3a:0a:e3:
95:92:68:b3:56:18:e6:43:7f:ed:79:11:00:e2:27:
72:87:70:95:2e:0d:b6:8c:f9:54:02:ae:0c:7d:f0:
55:2f:9f:84:e7:44:84:4b:17:01:1e:03:3d:d1:b6:
00:e1:8c:21:5b:44:d4:e0:92:b6:b9:4c:3a:44:3a:
4e:1a:a7:4a:22:ec:4e:40:c6:36:21:a2:b7:b8:bc:
44:f5:2a:db:95:16:1b:ef:1a:4e:65:2b:b5:35:49:
85:0c:a4:60:1b:b0:f4:2b:86:d1:ef:90:fb:05:f5:
bc:eb:5a:72:d8:58:4f:0c:50:f0:b1:5d:65:ca:49:
6e:a4:92:41:09:7c:5b:3b:af:b1:f1:be:d8:77:e7:
61:fd:89:97:20:86:4e:97:94:ae:91:c1:ea:3d:dc:
3c:be:c2:cc:d5:0c:a2:25:3c:5c:9b:12:3e:7a:2c:
03:6f:db:6f:35:a0:ee:e9:5d:be:b3:23:95:d6:a8:
6c:3c:2a:7b:32:10:ad:bc:e2:21:6a:16:b1:fd:d6:
a3:9f:c6:ba:d1:24:41:aa:1a:07:f1:91:dd:6d:98:
11:57:1b:a3:a5:97:58:5b:61:8a:76:bf:dc:97:77:
7f:d9:3a:36:65:08:35:e0:36:9e:e8:b0:31:35:8c:
c5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D0:BB:65:76:7E:D5:42:C5:AD:69:0E:F0:9E:54:C9:B6:1F:19:32
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/fNC7ZXZ-1ULFrWkO8J5UybYfGTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.74.0/24
Signature Algorithm: sha256WithRSAEncryption
76:65:32:26:ca:6e:74:6f:d1:12:19:c7:e0:3c:6f:ad:c6:7c:
29:16:2f:3b:48:4e:8a:ab:fd:a4:df:63:da:08:4a:03:78:35:
79:80:8c:6e:06:95:9c:e5:b3:6d:db:4e:d5:e8:7e:77:bf:6e:
8b:e5:34:0b:c5:e7:05:d5:ff:63:39:cf:9b:10:f6:f9:80:2e:
bd:71:6c:e4:95:51:12:79:41:6b:1b:be:f1:4c:e1:06:d4:37:
5d:25:b9:53:4b:45:04:dd:f2:0f:a6:b8:5b:41:89:e0:86:36:
b6:33:2e:67:0f:38:c1:26:c6:b5:0d:85:6f:37:5e:45:88:a1:
77:53:ef:e0:d2:fe:20:5d:b8:c6:99:1d:23:06:e8:9d:af:43:
cd:ec:92:71:9f:a1:aa:8b:df:b1:5d:80:fa:9b:af:39:6b:e7:
90:a5:25:4d:e7:7c:4c:0e:fe:c9:9a:90:2e:6a:d9:e6:8b:8f:
39:14:6d:f4:ec:3a:64:1f:32:8c:0e:6b:bc:ce:93:f2:f0:f8:
56:2e:7b:55:83:3d:c5:01:45:94:c7:9b:a9:97:ec:a3:64:9f:
b9:4a:b0:9e:db:13:d3:c5:a1:d8:ac:91:41:e2:d7:32:f9:62:
cd:a6:90:b8:dd:cf:18:6b:b7:4d:14:fa:7a:53:85:fe:67:ed:
fa:f5:ab:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRSuW2YYZ3SRov9jiMY3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjUwMTAxMjM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2QwYmI2NTc2N2VkNTQyYzVhZDY5MGVmMDllNTRjOWI2MWYxOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzw6VTK3l27M08+Q6CuOVkmizVhjm
Q3/teREA4idyh3CVLg22jPlUAq4MffBVL5+E50SESxcBHgM90bYA4YwhW0TU4JK2
uUw6RDpOGqdKIuxOQMY2IaK3uLxE9SrblRYb7xpOZSu1NUmFDKRgG7D0K4bR75D7
BfW861py2FhPDFDwsV1lyklupJJBCXxbO6+x8b7Yd+dh/YmXIIZOl5SukcHqPdw8
vsLM1QyiJTxcmxI+eiwDb9tvNaDu6V2+syOV1qhsPCp7MhCtvOIhahax/dajn8a6
0SRBqhoH8ZHdbZgRVxujpZdYW2GKdr/cl3d/2To2ZQg14Dae6LAxNYzFFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzQu2V2ftVCxa1pDvCeVMm2HxkyMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvZk5DN1pYWi0xVUxGcldrTzhKNVV5YllmR1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/tKMA0G
CSqGSIb3DQEBCwUAA4IBAQB2ZTImym50b9ESGcfgPG+txnwpFi87SE6Kq/2k32Pa
CEoDeDV5gIxuBpWc5bNt207V6H53v26L5TQLxecF1f9jOc+bEPb5gC69cWzklVES
eUFrG77xTOEG1DddJblTS0UE3fIPprhbQYnghja2My5nDzjBJsa1DYVvN15FiKF3
U+/g0v4gXbjGmR0jBuidr0PN7JJxn6Gqi9+xXYD6m685a+eQpSVN53xMDv7JmpAu
atnmi485FG307DpkHzKMDmu8zpPy8PhWLntVgz3FAUWUx5upl+yjZJ+5SrCe2xPT
xaHYrJFB4tcy+WLNppC43c8Ya7dNFPp6U4X+Z+369aur
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:03:39 2025 by rpki-client