Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/KMXluT6TOsSlWcB3G1q4rPwDNcA.roa
File: KMXluT6TOsSlWcB3G1q4rPwDNcA.roa (raw, json)
Hash identifier: R/5jz/dg8ARqO/CDKEd0xCdgxtFCjK3wYj6Mgv/XE8c=
Subject key identifier: 28:C5:E5:B9:3E:93:3A:C4:A5:59:C0:77:1B:5A:B8:AC:FC:03:35:C0
Certificate issuer: /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Certificate serial: 019422FAF74C79360901B0FC1419EF268F5D
Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/KMXluT6TOsSlWcB3G1q4rPwDNcA.roa
Signing time: Wed 01 Jan 2025 17:47:40 +0000
ROA not before: Wed 01 Jan 2025 17:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203420
IP address blocks: 194.50.176.0/24 maxlen: 24
2a0a:4540::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f7:4c:79:36:09:01:b0:fc:14:19:ef:26:8f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Validity
Not Before: Jan 1 17:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28c5e5b93e933ac4a559c0771b5ab8acfc0335c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:42:fe:60:c9:a8:c6:58:a9:c4:39:33:41:b1:
30:9a:4c:88:48:94:72:76:66:62:29:b8:21:9a:d5:
23:2c:9b:a0:72:d8:f8:1c:16:09:a0:1f:a8:9e:e3:
ac:e3:87:97:06:e3:eb:2d:5a:13:3d:46:5f:95:0f:
3a:02:49:41:4f:1d:26:65:99:14:bd:7b:c9:04:34:
90:c2:21:88:f4:39:7e:2b:be:6a:ad:19:67:12:74:
85:f3:67:94:78:d4:a9:8a:3b:1e:01:43:86:cb:8e:
74:e1:49:f1:9f:67:a1:9b:73:1a:6c:6a:57:29:45:
cd:8b:9c:47:3c:e0:f9:ae:98:b0:05:7e:d6:d5:7d:
34:e3:8d:98:61:5b:5d:a8:39:0c:f6:8e:f7:18:63:
d1:1e:4c:df:6a:d6:b6:52:a6:7b:07:12:be:5a:88:
ba:7b:c8:d3:cb:1c:93:1f:34:49:92:8e:67:cf:ad:
66:f9:19:8f:7d:c6:41:c6:87:6b:dc:0d:2e:25:2c:
05:e3:18:2a:b1:0e:8d:d7:52:d0:57:5e:b7:d5:65:
a6:41:8b:f1:27:f5:9f:85:a3:da:0c:b4:dc:da:b2:
23:22:f4:2b:ef:d8:7e:3c:73:33:f6:0b:39:e0:88:
f3:14:45:28:3a:a3:9f:ab:c7:4b:be:b5:5e:86:55:
2c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C5:E5:B9:3E:93:3A:C4:A5:59:C0:77:1B:5A:B8:AC:FC:03:35:C0
X509v3 Authority Key Identifier:
keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/KMXluT6TOsSlWcB3G1q4rPwDNcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.176.0/24
IPv6:
2a0a:4540::/48
Signature Algorithm: sha256WithRSAEncryption
17:90:5d:97:1b:29:89:94:1b:1a:0d:c9:c4:e1:8c:04:c2:26:
04:e3:35:cf:a2:c0:a7:de:8d:87:5d:a0:81:74:36:c2:b1:4d:
f6:2e:67:8e:79:63:25:41:2f:94:cf:e2:f1:12:8d:d0:4d:21:
0c:e9:c6:4f:b5:ff:89:c4:bf:b8:b5:b4:b1:e6:e7:c5:a4:a1:
52:fa:13:c4:7d:f2:00:5a:a8:61:b7:a4:98:3e:e0:14:c7:52:
9e:4a:73:77:93:86:75:6c:0e:84:6d:fd:39:a5:29:92:44:3d:
e3:a9:23:a2:87:21:73:3b:7e:0e:5e:0a:25:0b:3d:10:2e:bc:
eb:85:15:69:f3:11:8d:b7:31:b8:45:58:70:7f:09:41:1b:4b:
9f:33:14:c8:56:85:b0:95:1e:08:f4:cf:2a:5d:6f:77:04:78:
56:5b:a0:c4:e7:48:5f:62:52:ce:60:4c:c0:60:32:c7:f0:27:
c6:90:e1:96:2e:5a:53:a6:1e:01:1b:c3:e4:bf:b7:6e:f4:57:
10:19:f9:37:b4:30:bb:69:9b:ac:84:dc:c5:cc:c1:91:10:82:
fe:f4:9d:59:a1:c7:f9:08:3d:43:1d:e0:65:05:4a:33:05:b0:
67:6c:2b:73:ce:6f:02:0d:f5:1e:7a:ab:71:bf:f8:03:ad:5b:
b9:83:fe:0a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQi+vdMeTYJAbD8FBnvJo9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYWM1MGYxOWQ5OTMwYWVlYzA5Y2QyN2Y1MDhmYzUwMmVh
MTRkMWYwHhcNMjUwMTAxMTc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM1ZTViOTNlOTMzYWM0YTU1OWMwNzcxYjVhYjhhY2ZjMDMzNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0L+YMmoxlipxDkzQbEwmkyISJRy
dmZiKbghmtUjLJugctj4HBYJoB+onuOs44eXBuPrLVoTPUZflQ86AklBTx0mZZkU
vXvJBDSQwiGI9Dl+K75qrRlnEnSF82eUeNSpijseAUOGy4504Unxn2ehm3MabGpX
KUXNi5xHPOD5rpiwBX7W1X00442YYVtdqDkM9o73GGPRHkzfata2UqZ7BxK+Woi6
e8jTyxyTHzRJko5nz61m+RmPfcZBxodr3A0uJSwF4xgqsQ6N11LQV1631WWmQYvx
J/WfhaPaDLTc2rIjIvQr79h+PHMz9gs54IjzFEUoOqOfq8dLvrVehlUsFQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFCjF5bk+kzrEpVnAdxtauKz8AzXAMB8GA1UdIwQY
MBaAFPusUPGdmTCu7AnNJ/UI/FAuoU0fMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS02eFE4WjJaTUs3c0NjMG45UWo4VUM2aFRSOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04Yjkx
LWQ2MmU0NTRiZjM3Zi8xL0tNWGx1VDZUT3NTbFdjQjNHMXE0clB3RE5jQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04YjkxLWQ2MmU0NTRiZjM3
Zi8xLzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADCMrAw
DwQCAAIwCQMHACoKRUAAADANBgkqhkiG9w0BAQsFAAOCAQEAF5BdlxspiZQbGg3J
xOGMBMImBOM1z6LAp96Nh12ggXQ2wrFN9i5njnljJUEvlM/i8RKN0E0hDOnGT7X/
icS/uLW0sebnxaShUvoTxH3yAFqoYbekmD7gFMdSnkpzd5OGdWwOhG39OaUpkkQ9
46kjoochczt+Dl4KJQs9EC6864UVafMRjbcxuEVYcH8JQRtLnzMUyFaFsJUeCPTP
Kl1vdwR4VlugxOdIX2JSzmBMwGAyx/AnxpDhli5aU6YeARvD5L+3bvRXEBn5N7Qw
u2mbrITcxczBkRCC/vSdWaHH+Qg9Qx3gZQVKMwWwZ2wrc85vAg31Hnqrcb/4A61b
uYP+Cg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:21:11 2025 by rpki-client