Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/FMq-yPKs6HoS6-fA4tTseItbWzw.roa
File: FMq-yPKs6HoS6-fA4tTseItbWzw.roa (raw, json)
Hash identifier: AgKBNi0cNjMz7mr+O2YkEyEkqgYAm5R7iUocefCZeYQ=
Subject key identifier: 14:CA:BE:C8:F2:AC:E8:7A:12:EB:E7:C0:E2:D4:EC:78:8B:5B:5B:3C
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 01857203529AEAF78B7C03AE8D9CABAF14DF
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/FMq-yPKs6HoS6-fA4tTseItbWzw.roa
Signing time: Mon 02 Jan 2023 10:24:58 +0000
ROA not before: Mon 02 Jan 2023 10:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41046
IP address blocks: 77.242.80.0/20 maxlen: 20
82.114.192.0/19 maxlen: 19
81.200.56.0/21 maxlen: 21
178.72.192.0/19 maxlen: 19
178.72.192.0/18 maxlen: 18
178.72.224.0/19 maxlen: 19
81.200.48.0/21 maxlen: 21
81.200.48.0/20 maxlen: 20
2a07:b5c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:52:9a:ea:f7:8b:7c:03:ae:8d:9c:ab:af:14:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 2 10:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14cabec8f2ace87a12ebe7c0e2d4ec788b5b5b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:81:ca:be:df:21:cd:fd:21:35:3d:12:a6:4c:
78:56:9d:2a:82:a1:ff:c1:3e:90:1e:78:da:ad:68:
60:f9:3b:04:53:7d:44:04:c0:85:bc:dc:91:c2:51:
0f:9f:29:fe:46:e9:84:69:4e:dd:21:39:cc:4a:70:
52:12:8f:ea:ee:8c:be:92:5c:63:b7:1d:3a:6b:dd:
86:e4:ef:d9:6d:b7:33:2e:dd:22:3f:29:7a:5f:46:
8c:5e:f7:95:e9:b0:dc:d1:b9:68:63:0b:5d:b5:58:
8d:7f:d5:26:51:b9:34:60:5f:f3:94:37:d5:dc:1f:
8b:bc:31:c5:5f:e4:d1:39:48:91:9e:81:fe:df:1e:
e5:93:f9:50:0e:0a:1f:d8:3f:95:d0:2d:c0:7d:d2:
c2:24:16:65:36:f7:47:88:9c:74:1f:5c:59:1b:b4:
b2:81:f5:38:eb:e3:de:96:35:38:12:2a:56:8c:46:
d3:ff:36:f6:7e:f4:13:05:72:9d:25:65:7c:b9:3d:
8a:dd:a7:23:c6:44:27:f9:4c:5a:e3:f3:9f:75:ed:
81:a2:7f:8e:ca:93:10:89:bd:87:6b:46:2b:9c:a1:
26:29:ba:d9:11:79:1b:fe:4b:11:34:7b:b0:fa:89:
c6:e9:fc:8c:7b:cd:cb:61:80:6c:bb:86:0a:ae:4c:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CA:BE:C8:F2:AC:E8:7A:12:EB:E7:C0:E2:D4:EC:78:8B:5B:5B:3C
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/FMq-yPKs6HoS6-fA4tTseItbWzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.80.0/20
81.200.48.0/20
82.114.192.0/19
178.72.192.0/18
IPv6:
2a07:b5c0::/29
Signature Algorithm: sha256WithRSAEncryption
98:6c:91:9d:7d:81:a8:ac:ba:8c:14:15:c3:29:2b:71:93:15:
31:20:10:02:32:82:42:73:13:4f:c3:a0:f3:06:dc:d8:82:a5:
dd:18:4e:0b:04:8b:7e:df:89:98:76:06:53:13:a0:b7:fa:89:
84:eb:bf:8e:72:ba:44:15:5b:da:18:e5:2e:99:59:d0:53:5a:
e5:74:95:58:6f:16:40:cc:57:5c:4b:fd:ce:73:f5:4f:a0:26:
ba:93:00:9b:32:11:f3:d0:c2:68:0f:d1:f4:c0:40:d3:98:10:
58:e1:d3:b5:c9:47:8b:10:6e:b6:83:c6:a0:4a:7d:56:4d:13:
b9:82:26:3c:2b:2c:80:3c:02:02:3c:7d:15:02:27:8f:a1:83:
de:34:6a:7b:80:6c:b7:05:ed:81:bc:7c:78:eb:76:d2:90:e4:
44:5f:77:9a:1a:60:d8:0a:8a:9d:43:af:a6:2d:28:3e:a0:09:
59:7e:31:47:f4:6c:57:d4:2a:3e:3f:32:d0:0a:a6:a0:11:25:
82:6f:53:20:03:1f:75:0c:de:d3:5f:ee:56:24:82:92:0a:d3:
a8:9d:95:83:a8:de:47:d6:a5:ae:ec:09:71:27:ee:36:1f:84:
0b:55:d1:11:88:e2:9c:e8:c3:1e:52:fc:09:09:8c:e8:b1:7e:
61:a9:79:52
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyA1Ka6veLfAOujZyrrxTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjMwMTAyMTAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGNhYmVjOGYyYWNlODdhMTJlYmU3YzBlMmQ0ZWM3ODhiNWI1YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroHKvt8hzf0hNT0Spkx4Vp0qgqH/
wT6QHnjarWhg+TsEU31EBMCFvNyRwlEPnyn+RumEaU7dITnMSnBSEo/q7oy+klxj
tx06a92G5O/ZbbczLt0iPyl6X0aMXveV6bDc0bloYwtdtViNf9UmUbk0YF/zlDfV
3B+LvDHFX+TROUiRnoH+3x7lk/lQDgof2D+V0C3AfdLCJBZlNvdHiJx0H1xZG7Sy
gfU46+PeljU4EipWjEbT/zb2fvQTBXKdJWV8uT2K3acjxkQn+Uxa4/Ofde2Bon+O
ypMQib2Ha0YrnKEmKbrZEXkb/ksRNHuw+onG6fyMe83LYYBsu4YKrkw9DwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBTKvsjyrOh6EuvnwOLU7HiLW1s8MB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvRk1xLXlQS3M2SG9TNi1mQTR0VHNlSXRiV3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETfJQAwQE
UcgwAwQFUnLAAwQGskjAMA0EAgACMAcDBQMqB7XAMA0GCSqGSIb3DQEBCwUAA4IB
AQCYbJGdfYGorLqMFBXDKStxkxUxIBACMoJCcxNPw6DzBtzYgqXdGE4LBIt+34mY
dgZTE6C3+omE67+OcrpEFVvaGOUumVnQU1rldJVYbxZAzFdcS/3Oc/VPoCa6kwCb
MhHz0MJoD9H0wEDTmBBY4dO1yUeLEG62g8agSn1WTRO5giY8KyyAPAICPH0VAieP
oYPeNGp7gGy3Be2BvHx463bSkOREX3eaGmDYCoqdQ6+mLSg+oAlZfjFH9GxX1Co+
PzLQCqagESWCb1MgAx91DN7TX+5WJIKSCtOonZWDqN5H1qWu7AlxJ+42H4QLVdER
iOKc6MMeUvwJCYzosX5hqXlS
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:48 2025 by rpki-client