Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/nBiSvI3CgibyhdCc-vXnlYd4Qos.roa
File: nBiSvI3CgibyhdCc-vXnlYd4Qos.roa (raw, json)
Hash identifier: lB+X4Z+d5bHs9BP0hCzXYJGLhwG5CXPhaoH5VNrFQ7s=
Subject key identifier: 9C:18:92:BC:8D:C2:82:26:F2:85:D0:9C:FA:F5:E7:95:87:78:42:8B
Certificate issuer: /CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Certificate serial: 019422FAF7948A4A65ABAF0B40355AB15C3F
Authority key identifier: FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/nBiSvI3CgibyhdCc-vXnlYd4Qos.roa
Signing time: Wed 01 Jan 2025 17:47:40 +0000
ROA not before: Wed 01 Jan 2025 17:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205723
IP address blocks: 194.50.176.0/24 maxlen: 24
2a0a:4540::/48 maxlen: 48
2a0a:4540:2000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f7:94:8a:4a:65:ab:af:0b:40:35:5a:b1:5c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbac50f19d9930aeec09cd27f508fc502ea14d1f
Validity
Not Before: Jan 1 17:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c1892bc8dc28226f285d09cfaf5e7958778428b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:36:b7:4d:5d:c4:b6:a6:b5:60:1b:e4:82:b9:
50:8e:52:a5:e9:0d:08:15:84:70:b4:cd:a8:eb:08:
52:4e:c2:33:4e:4b:4d:4f:87:de:ef:34:89:d5:82:
da:7f:1a:54:6a:84:f7:82:1d:93:34:17:21:45:b0:
f8:4b:be:2b:d1:bc:9f:cc:d5:35:56:41:be:f9:7b:
b3:89:25:f0:70:b0:5b:cb:d0:d0:8e:ff:cd:d1:a0:
86:af:52:9d:6c:e2:82:27:d2:c6:95:96:d2:06:f7:
e3:fb:2f:72:eb:1f:85:c0:16:ea:8d:e1:d4:b7:03:
a3:2d:7f:3c:af:d3:01:08:7c:99:d9:3a:64:91:cf:
e3:9d:d2:77:4a:72:a0:36:0f:c1:84:41:2b:72:6e:
3c:d9:32:9c:19:68:c0:78:da:89:31:b9:49:b0:4e:
f4:df:8d:da:4b:de:3f:ac:ab:72:91:e8:b8:7a:58:
fe:bf:2e:7d:b3:dd:c4:80:b3:84:fc:83:a9:5b:1b:
99:25:10:5a:f1:3c:2e:52:56:4f:94:47:c4:4d:0e:
ff:b2:6c:61:94:1c:64:22:1f:0f:e8:07:32:50:bd:
20:a9:de:31:5b:7b:ab:e8:a1:02:1d:c9:b2:63:3b:
e5:1a:d0:95:d1:b6:90:b7:c7:4c:c1:d6:04:c3:2c:
ed:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:18:92:BC:8D:C2:82:26:F2:85:D0:9C:FA:F5:E7:95:87:78:42:8B
X509v3 Authority Key Identifier:
keyid:FB:AC:50:F1:9D:99:30:AE:EC:09:CD:27:F5:08:FC:50:2E:A1:4D:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/nBiSvI3CgibyhdCc-vXnlYd4Qos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/8fc09d-7d25-425c-8b91-d62e454bf37f/1/1-6xQ8Z2ZMK7sCc0n9Qj8UC6hTR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.176.0/24
IPv6:
2a0a:4540::/48
2a0a:4540:2000::/48
Signature Algorithm: sha256WithRSAEncryption
06:ce:7f:8c:23:1c:8c:98:e3:82:3b:aa:85:ca:88:02:6a:9a:
c6:1d:94:27:29:f9:49:e4:12:38:14:4b:86:b0:84:4f:18:67:
65:4f:3a:55:ef:c7:90:a6:19:e7:25:8a:98:ee:6d:67:8d:cf:
31:90:5b:25:db:ca:10:f6:d8:56:16:95:e7:8e:9e:31:7a:40:
84:6e:d6:5c:fc:8e:6e:ab:da:5c:d8:f6:94:1c:8f:b4:05:a2:
e2:13:f5:cc:ab:5d:26:2e:55:4b:2e:71:7d:d3:bf:02:32:b2:
7c:b8:4d:26:32:81:30:68:4b:9c:56:b0:bf:f2:46:75:95:5b:
46:ea:f5:b2:b7:06:f7:26:e8:25:f7:0e:b8:4c:a9:45:80:f0:
28:02:ed:99:ba:c1:69:c9:06:05:b4:dd:fc:36:ff:7e:b9:d2:
13:9d:07:21:6e:46:d8:84:96:ee:c7:9e:8d:48:ad:c2:16:f6:
02:8b:45:9b:a1:b1:87:dc:e3:d0:59:db:1c:ca:0b:18:72:fe:
81:98:3b:df:9f:a0:9c:ff:00:84:7f:4a:6e:98:52:ea:3e:71:
7e:10:fd:3e:8e:c8:10:83:5e:db:48:5a:72:51:a3:a7:ff:8c:
06:cf:9b:54:56:38:ec:51:4c:ef:5b:8a:f1:e7:8f:c5:fa:04:
cf:aa:6d:5a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQi+veUikplq68LQDVasVw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiYWM1MGYxOWQ5OTMwYWVlYzA5Y2QyN2Y1MDhmYzUwMmVh
MTRkMWYwHhcNMjUwMTAxMTc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE4OTJiYzhkYzI4MjI2ZjI4NWQwOWNmYWY1ZTc5NTg3Nzg0MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDa3TV3Etqa1YBvkgrlQjlKl6Q0I
FYRwtM2o6whSTsIzTktNT4fe7zSJ1YLafxpUaoT3gh2TNBchRbD4S74r0byfzNU1
VkG++XuziSXwcLBby9DQjv/N0aCGr1KdbOKCJ9LGlZbSBvfj+y9y6x+FwBbqjeHU
twOjLX88r9MBCHyZ2Tpkkc/jndJ3SnKgNg/BhEErcm482TKcGWjAeNqJMblJsE70
343aS94/rKtykei4elj+vy59s93EgLOE/IOpWxuZJRBa8TwuUlZPlEfETQ7/smxh
lBxkIh8P6AcyUL0gqd4xW3ur6KECHcmyYzvlGtCV0baQt8dMwdYEwyztJwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJwYkryNwoIm8oXQnPr155WHeEKLMB8GA1UdIwQY
MBaAFPusUPGdmTCu7AnNJ/UI/FAuoU0fMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS02eFE4WjJaTUs3c0NjMG45UWo4VUM2aFRSOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04Yjkx
LWQ2MmU0NTRiZjM3Zi8xL25CaVN2STNDZ2lieWhkQ2MtdlhubFlkNFFvcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvOGZjMDlkLTdkMjUtNDI1Yy04YjkxLWQ2MmU0NTRiZjM3
Zi8xLzEtNnhROFoyWk1LN3NDYzBuOVFqOFVDNmhUUjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBADCMrAw
GAQCAAIwEgMHACoKRUAAAAMHACoKRUAgADANBgkqhkiG9w0BAQsFAAOCAQEABs5/
jCMcjJjjgjuqhcqIAmqaxh2UJyn5SeQSOBRLhrCETxhnZU86Ve/HkKYZ5yWKmO5t
Z43PMZBbJdvKEPbYVhaV546eMXpAhG7WXPyObqvaXNj2lByPtAWi4hP1zKtdJi5V
Sy5xfdO/AjKyfLhNJjKBMGhLnFawv/JGdZVbRur1srcG9yboJfcOuEypRYDwKALt
mbrBackGBbTd/Db/frnSE50HIW5G2ISW7seejUitwhb2AotFm6Gxh9zj0FnbHMoL
GHL+gZg735+gnP8AhH9KbphS6j5xfhD9Po7IEINe20haclGjp/+MBs+bVFY47FFM
71uK8eePxfoEz6ptWg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:39 2025 by rpki-client