Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/FJwzUUbdezVNzNPoBur-f72I-yY.roa
File: FJwzUUbdezVNzNPoBur-f72I-yY.roa (raw, json)
Hash identifier: Be0En7pc+J9Z+qriz5NoqsV2WY9CqrIfwJvj67jTpOU=
Subject key identifier: 14:9C:33:51:46:DD:7B:35:4D:CC:D3:E8:06:EA:FE:7F:BD:88:FB:26
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 019428260B9FABB591CE6C8996F706BCAA31
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/FJwzUUbdezVNzNPoBur-f72I-yY.roa
Signing time: Thu 02 Jan 2025 17:52:49 +0000
ROA not before: Thu 02 Jan 2025 17:52:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36113
IP address blocks: 188.191.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:0b:9f:ab:b5:91:ce:6c:89:96:f7:06:bc:aa:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 17:52:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=149c335146dd7b354dccd3e806eafe7fbd88fb26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fb:b1:17:05:b6:f1:90:3a:0d:79:02:10:39:
24:91:7f:cb:a3:4f:a3:cf:6a:a6:c3:cb:4e:d9:73:
8a:9a:44:0d:d4:33:28:a6:4b:5e:cf:5b:48:c2:82:
aa:11:d4:3a:99:25:a2:ec:40:54:71:6f:b1:57:52:
8a:e8:5e:e0:b9:9e:87:9b:d6:d5:15:a1:4e:90:88:
27:65:03:21:78:78:e3:e0:75:7c:81:23:a7:0c:83:
7f:9c:2c:68:2a:94:2e:0e:2d:c7:0d:80:79:78:c9:
c6:7b:86:4e:fc:1c:4c:43:48:8d:9e:ed:eb:82:da:
a1:70:ea:ba:06:6c:94:3a:40:f1:28:09:ac:d5:16:
e2:95:e3:51:51:56:8c:f1:50:53:1f:3f:51:4e:d1:
00:55:a8:7c:50:1c:78:24:25:ad:d5:03:26:a0:7c:
74:b1:d0:86:d9:78:32:77:7e:27:71:89:05:56:d1:
32:38:26:0f:ba:b3:cf:ba:ba:a3:31:ff:a6:38:b7:
cc:03:5f:88:6e:10:19:ae:42:ec:d9:39:c2:8c:b6:
c1:e9:34:13:2e:16:af:91:3e:07:63:1f:2c:2b:04:
56:6c:56:f0:23:fc:36:02:56:db:e8:68:f0:39:e8:
98:5f:7c:6a:ed:77:06:19:c5:02:31:02:29:a4:68:
3a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9C:33:51:46:DD:7B:35:4D:CC:D3:E8:06:EA:FE:7F:BD:88:FB:26
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/FJwzUUbdezVNzNPoBur-f72I-yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d1:51:de:40:0c:ca:17:6c:0d:a2:cc:cd:11:b6:ba:67:1e:
e7:b7:27:88:44:fc:98:4f:e4:ad:81:e2:0f:f7:d0:db:ee:dd:
8f:c3:ff:47:03:11:18:6a:55:3c:99:ee:fb:ec:45:5a:ac:b7:
11:a6:f9:25:e3:49:67:ab:f4:c5:a2:0e:8b:d9:6f:b1:ef:29:
4a:dc:05:54:b0:85:42:c7:37:94:2e:d9:bb:65:3c:a8:61:ac:
21:ea:62:26:e7:d6:14:a1:62:0f:79:a6:05:09:b4:26:45:1f:
a1:8f:3d:e8:eb:3f:fe:e4:c7:a6:5d:c8:33:ad:68:5c:78:e0:
95:e3:0e:15:17:1e:ac:8f:a7:58:d9:94:1c:3a:01:65:4e:fa:
53:dc:0f:97:ec:aa:99:e4:b2:be:a2:e1:36:4f:b4:a7:a2:78:
66:8a:51:ac:99:84:d6:b7:83:a3:9d:f4:9a:08:b2:e9:d1:96:
f1:f3:3c:a3:27:3e:0a:ef:78:d5:98:6a:5e:c8:21:4c:e0:7a:
05:02:ed:b9:9f:6f:31:fe:ea:89:74:ab:f3:5f:97:8f:e9:d6:
5a:3b:d1:6b:1f:ea:18:d3:e3:ad:a6:c9:ee:86:93:10:09:f7:
26:99:99:8e:ba:ba:51:93:3d:eb:be:b3:e6:db:7b:8b:23:34:
c4:af:67:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJgufq7WRzmyJlvcGvKoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwMTAyMTc1MjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDljMzM1MTQ2ZGQ3YjM1NGRjY2QzZTgwNmVhZmU3ZmJkODhmYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifuxFwW28ZA6DXkCEDkkkX/Lo0+j
z2qmw8tO2XOKmkQN1DMopktez1tIwoKqEdQ6mSWi7EBUcW+xV1KK6F7guZ6Hm9bV
FaFOkIgnZQMheHjj4HV8gSOnDIN/nCxoKpQuDi3HDYB5eMnGe4ZO/BxMQ0iNnu3r
gtqhcOq6BmyUOkDxKAms1RbileNRUVaM8VBTHz9RTtEAVah8UBx4JCWt1QMmoHx0
sdCG2Xgyd34ncYkFVtEyOCYPurPPurqjMf+mOLfMA1+IbhAZrkLs2TnCjLbB6TQT
LhavkT4HYx8sKwRWbFbwI/w2Albb6GjwOeiYX3xq7XcGGcUCMQIppGg65wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBScM1FG3Xs1TczT6Abq/n+9iPsmMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvRkp3elVVYmRlelZOek5Qb0J1ci1mNzJJLXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9vMA0G
CSqGSIb3DQEBCwUAA4IBAQB60VHeQAzKF2wNoszNEba6Zx7ntyeIRPyYT+StgeIP
99Db7t2Pw/9HAxEYalU8me777EVarLcRpvkl40lnq/TFog6L2W+x7ylK3AVUsIVC
xzeULtm7ZTyoYawh6mIm59YUoWIPeaYFCbQmRR+hjz3o6z/+5MemXcgzrWhceOCV
4w4VFx6sj6dY2ZQcOgFlTvpT3A+X7KqZ5LK+ouE2T7SnonhmilGsmYTWt4OjnfSa
CLLp0Zbx8zyjJz4K73jVmGpeyCFM4HoFAu25n28x/uqJdKvzX5eP6dZaO9FrH+oY
0+OtpsnuhpMQCfcmmZmOurpRkz3rvrPm23uLIzTEr2fU
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:40:31 2025 by rpki-client