Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/Y6mUrtfcsrfBMccJFoJwIk5h6vk.roa
File: Y6mUrtfcsrfBMccJFoJwIk5h6vk.roa (raw, json)
Hash identifier: z9fQuLza0D9GOy+9H0/BU0TTlBCp1hZNEvVfHT7rOvE=
Subject key identifier: 63:A9:94:AE:D7:DC:B2:B7:C1:31:C7:09:16:82:70:22:4E:61:EA:F9
Certificate issuer: /CN=fcbb5e2e0fd9832d73b1ef8f9e486ffd00b3d789
Certificate serial: 019228332A5FF740134A45C82134E84127B2
Authority key identifier: FC:BB:5E:2E:0F:D9:83:2D:73:B1:EF:8F:9E:48:6F:FD:00:B3:D7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_LteLg_Zgy1zse-Pnkhv_QCz14k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/Y6mUrtfcsrfBMccJFoJwIk5h6vk.roa
Signing time: Wed 25 Sep 2024 08:01:34 +0000
ROA not before: Wed 25 Sep 2024 08:01:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47295
IP address blocks: 93.90.128.0/20 maxlen: 20
194.48.144.0/22 maxlen: 32
194.48.145.145/32 maxlen: 32
2a03:2400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:33:2a:5f:f7:40:13:4a:45:c8:21:34:e8:41:27:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbb5e2e0fd9832d73b1ef8f9e486ffd00b3d789
Validity
Not Before: Sep 25 08:01:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63a994aed7dcb2b7c131c709168270224e61eaf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:da:3a:01:f3:27:ba:50:91:fd:e2:32:d0:25:
6d:83:ef:1c:c2:a2:0a:b5:00:16:a9:de:45:a3:66:
91:f0:8a:26:60:d9:76:41:92:52:b6:0c:4e:75:c4:
33:d7:31:52:d9:44:a4:73:5c:46:8c:c6:da:bf:2b:
05:b9:81:1c:40:6b:0d:c3:56:68:77:d3:44:bd:5d:
61:b9:9c:89:c4:7d:7e:f9:f0:95:4a:90:5d:63:64:
9c:e5:49:84:96:34:78:e6:48:c8:9b:fa:2a:9d:fb:
ca:00:11:60:76:34:72:98:dc:7b:4b:77:53:7b:da:
ab:89:d6:b9:b2:80:16:1d:6e:d9:2b:cc:49:cb:a8:
46:bf:e4:c2:e1:86:c9:95:4f:b6:4f:37:db:2e:12:
73:40:f9:fc:6a:2b:fc:90:14:ed:51:87:2f:20:3a:
c8:2f:fb:7c:1d:7e:c0:6f:64:14:a9:b4:fd:6a:99:
e0:17:0f:f5:4a:cf:d0:a5:49:50:f8:79:f5:43:77:
cf:2d:42:68:07:7b:ca:73:9c:11:30:4b:b5:ce:3d:
91:4f:1f:c1:89:3c:75:78:67:6e:21:0d:1b:06:30:
6d:39:6e:a1:74:76:99:fb:d0:ea:99:cd:c7:fc:95:
e5:28:a6:2d:39:51:09:c5:a6:41:41:40:41:01:f8:
64:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A9:94:AE:D7:DC:B2:B7:C1:31:C7:09:16:82:70:22:4E:61:EA:F9
X509v3 Authority Key Identifier:
keyid:FC:BB:5E:2E:0F:D9:83:2D:73:B1:EF:8F:9E:48:6F:FD:00:B3:D7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_LteLg_Zgy1zse-Pnkhv_QCz14k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/Y6mUrtfcsrfBMccJFoJwIk5h6vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/_LteLg_Zgy1zse-Pnkhv_QCz14k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.128.0/20
194.48.144.0/22
IPv6:
2a03:2400::/29
Signature Algorithm: sha256WithRSAEncryption
3f:b0:c8:9e:ad:a2:59:f3:b8:19:55:41:23:cd:e2:20:04:5d:
30:c3:fa:8c:97:de:aa:45:20:53:3a:e2:2d:36:99:70:64:b2:
bb:f7:bc:50:9b:ff:c2:f6:ce:85:82:94:07:8e:de:de:2a:97:
1e:2f:bf:c8:fb:1c:b4:e3:a9:d3:3f:6e:8f:52:f4:88:30:85:
0c:48:50:60:ac:96:bf:41:f4:24:85:c4:92:d3:c4:94:43:17:
c7:ab:84:21:f6:86:82:dd:fd:b1:10:ad:32:7f:a7:a9:a5:71:
b9:b5:1a:70:e8:35:ea:f8:99:af:31:e7:84:47:a8:e1:88:1a:
7d:a1:dd:d2:19:5a:32:b8:c5:54:e1:e6:fc:b4:4c:ce:ed:61:
5b:ec:0f:e9:53:fa:07:e1:5d:c9:62:59:9f:f7:09:b3:66:d7:
d3:a3:e5:08:cc:ad:12:86:eb:0d:f7:a2:fd:b6:5b:81:c4:bf:
f7:6e:b0:d4:fd:f3:ea:7b:97:a2:ee:81:0e:57:13:c9:a7:8b:
5c:99:7c:95:6e:2a:b0:da:b5:81:83:66:58:6e:6a:ce:44:c6:
7c:88:5b:5a:24:d5:a6:24:1a:cc:67:4e:bd:60:89:01:0f:3b:
22:d4:a6:05:1c:35:bb:6e:dc:0a:8b:e9:33:ca:f4:83:5c:03:
30:10:d2:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZIoMypf90ATSkXIITToQSeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmI1ZTJlMGZkOTgzMmQ3M2IxZWY4ZjllNDg2ZmZkMDBi
M2Q3ODkwHhcNMjQwOTI1MDgwMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E5OTRhZWQ3ZGNiMmI3YzEzMWM3MDkxNjgyNzAyMjRlNjFlYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNo6AfMnulCR/eIy0CVtg+8cwqIK
tQAWqd5Fo2aR8IomYNl2QZJStgxOdcQz1zFS2USkc1xGjMbavysFuYEcQGsNw1Zo
d9NEvV1huZyJxH1++fCVSpBdY2Sc5UmEljR45kjIm/oqnfvKABFgdjRymNx7S3dT
e9qrida5soAWHW7ZK8xJy6hGv+TC4YbJlU+2TzfbLhJzQPn8aiv8kBTtUYcvIDrI
L/t8HX7Ab2QUqbT9apngFw/1Ss/QpUlQ+Hn1Q3fPLUJoB3vKc5wRMEu1zj2RTx/B
iTx1eGduIQ0bBjBtOW6hdHaZ+9Dqmc3H/JXlKKYtOVEJxaZBQUBBAfhkxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGOplK7X3LK3wTHHCRaCcCJOYer5MB8GA1UdIwQY
MBaAFPy7Xi4P2YMtc7Hvj55Ib/0As9eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0x0ZUxnX1pneTF6c2UtUG5raHZfUUN6MTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zNTNmM2QtNmFmYS00ZTMxLTkxYTkt
NWU2YTkyZTdmNjhmLzEvWTZtVXJ0ZmNzcmZCTWNjSkZvSndJazVoNnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zNTNmM2QtNmFmYS00ZTMxLTkxYTktNWU2YTkyZTdmNjhm
LzEvX0x0ZUxnX1pneTF6c2UtUG5raHZfUUN6MTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXVqAAwQC
wjCQMA0EAgACMAcDBQMqAyQAMA0GCSqGSIb3DQEBCwUAA4IBAQA/sMieraJZ87gZ
VUEjzeIgBF0ww/qMl96qRSBTOuItNplwZLK797xQm//C9s6FgpQHjt7eKpceL7/I
+xy046nTP26PUvSIMIUMSFBgrJa/QfQkhcSS08SUQxfHq4Qh9oaC3f2xEK0yf6ep
pXG5tRpw6DXq+JmvMeeER6jhiBp9od3SGVoyuMVU4eb8tEzO7WFb7A/pU/oH4V3J
Ylmf9wmzZtfTo+UIzK0ShusN96L9tluBxL/3brDU/fPqe5ei7oEOVxPJp4tcmXyV
biqw2rWBg2ZYbmrORMZ8iFtaJNWmJBrMZ069YIkBDzsi1KYFHDW7btwKi+kzyvSD
XAMwENJM
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:01:11 2025 by rpki-client