Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1-fbIDKPmywfjSliMNErt41fUjww.roa
File: 1-fbIDKPmywfjSliMNErt41fUjww.roa (raw, json)
Hash identifier: w1HLh9PoVfmqCfrb6Bq8urn+xgck6Q2Gt1URzK86aQM=
Subject key identifier: F9:F6:C8:0C:A3:E6:CB:07:E3:4A:58:8C:34:4A:ED:E3:57:D4:8F:0C
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194D785058A7FA885CC350CBFC45186A47E
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1-fbIDKPmywfjSliMNErt41fUjww.roa
Signing time: Wed 05 Feb 2025 19:10:06 +0000
ROA not before: Wed 05 Feb 2025 19:10:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213673
IP address blocks: 64.188.98.0/24 maxlen: 24
64.188.99.0/24 maxlen: 24
77.239.106.0/24 maxlen: 24
77.239.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:85:05:8a:7f:a8:85:cc:35:0c:bf:c4:51:86:a4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 5 19:10:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9f6c80ca3e6cb07e34a588c344aede357d48f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9c:52:e8:72:16:ae:ab:d2:29:0b:d5:3d:9d:
76:2d:41:e6:db:26:27:07:d9:5a:4e:6a:53:33:df:
e9:4d:f0:1e:6c:08:8f:97:da:52:65:47:16:06:1b:
de:4d:1e:05:d4:4d:0f:8e:5f:df:34:49:d9:d6:14:
3a:cc:cc:82:72:4f:be:70:c4:db:03:4f:fa:2c:2b:
bb:e9:90:e3:e8:e3:6b:3a:f4:70:fc:5f:4b:23:85:
aa:49:e9:52:bf:83:62:27:b8:6f:c5:ca:12:cb:09:
b7:99:11:14:bb:2e:a5:b8:da:18:10:0c:3c:92:e3:
00:df:dc:f0:f9:e5:14:6a:f2:a5:c5:5b:84:07:f2:
be:06:1d:3a:d4:46:74:38:f9:97:42:2a:cb:89:73:
12:bd:e3:18:87:77:e9:cd:61:61:86:1b:61:4a:47:
6a:b1:5c:e9:7b:71:f5:9f:1f:7d:4b:ea:b3:e0:bc:
09:63:4c:6c:34:ea:e3:25:64:be:cb:0e:3a:1a:63:
12:1b:fa:e4:10:2f:f0:f8:6e:81:ed:32:2a:4e:bf:
36:af:23:e2:7b:eb:6f:67:93:48:9f:39:37:03:ef:
e3:ed:8c:c4:fe:96:f8:5b:28:2c:63:c7:b4:db:16:
4b:67:2d:94:83:50:57:02:19:38:15:d6:60:68:13:
31:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F6:C8:0C:A3:E6:CB:07:E3:4A:58:8C:34:4A:ED:E3:57:D4:8F:0C
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1-fbIDKPmywfjSliMNErt41fUjww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.98.0/23
77.239.106.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:78:92:6f:0d:96:a2:a2:1a:f8:ca:42:2e:d6:79:d2:67:ae:
a3:e1:83:c4:69:a2:2f:c3:f1:ae:85:61:ea:38:c5:60:5b:7c:
63:a7:5b:bd:62:4a:12:bc:bd:e0:65:ed:85:20:85:00:8f:7f:
5e:c9:c3:d7:dd:37:94:d5:41:be:7d:b4:f0:c0:f1:c1:f5:e0:
14:ee:3b:cf:18:04:39:d9:71:99:22:94:31:d2:a6:a5:75:5b:
84:99:e0:36:b3:e6:ba:b3:4a:b8:0a:e1:42:d9:2c:4b:03:b1:
3a:21:bf:2a:31:73:62:8c:44:2f:21:c7:1f:c3:9e:09:fa:db:
ed:a6:d0:81:2a:89:14:e9:b2:ac:8f:d0:31:ba:19:03:04:bf:
69:7b:18:f0:17:cd:7a:bf:84:d7:74:4c:90:dd:15:8c:c2:3c:
00:4a:10:95:db:a0:cd:9c:b0:21:06:51:af:35:6f:cb:d5:ee:
35:31:42:89:e3:fb:93:a6:35:ab:4c:5f:8f:64:ea:d5:c5:ca:
27:f8:41:4f:5a:28:f3:26:b5:4e:96:32:cd:9c:c5:ad:bb:72:
91:b5:24:20:8e:3d:c7:4b:f6:48:7b:39:e1:e5:3c:2f:71:00:
7d:01:e9:ac:3a:99:0f:34:bd:82:fe:19:5e:94:13:3c:a3:d0:
5d:e3:f9:db
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZTXhQWKf6iFzDUMv8RRhqR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjA1MTkxMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWY2YzgwY2EzZTZjYjA3ZTM0YTU4OGMzNDRhZWRlMzU3ZDQ4ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5xS6HIWrqvSKQvVPZ12LUHm2yYn
B9laTmpTM9/pTfAebAiPl9pSZUcWBhveTR4F1E0Pjl/fNEnZ1hQ6zMyCck++cMTb
A0/6LCu76ZDj6ONrOvRw/F9LI4WqSelSv4NiJ7hvxcoSywm3mREUuy6luNoYEAw8
kuMA39zw+eUUavKlxVuEB/K+Bh061EZ0OPmXQirLiXMSveMYh3fpzWFhhhthSkdq
sVzpe3H1nx99S+qz4LwJY0xsNOrjJWS+yw46GmMSG/rkEC/w+G6B7TIqTr82ryPi
e+tvZ5NInzk3A+/j7YzE/pb4WygsY8e02xZLZy2Ug1BXAhk4FdZgaBMx4wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPn2yAyj5ssH40pYjDRK7eNX1I8MMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMS1mYklES1BteXdmalNsaU1ORXJ0NDFmVWp3dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvMzhmMTI4LWVhODItNDU1NS1iNTE0LTE0Mzk2N2E4ZmUw
OC8xL0hKWS1QU0tFZlVac0ppd2doNHduZ05pRUFBTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAUC8YgME
AU3vajANBgkqhkiG9w0BAQsFAAOCAQEAfXiSbw2WoqIa+MpCLtZ50meuo+GDxGmi
L8PxroVh6jjFYFt8Y6dbvWJKEry94GXthSCFAI9/XsnD1903lNVBvn208MDxwfXg
FO47zxgEOdlxmSKUMdKmpXVbhJngNrPmurNKuArhQtksSwOxOiG/KjFzYoxELyHH
H8OeCfrb7abQgSqJFOmyrI/QMboZAwS/aXsY8BfNer+E13RMkN0VjMI8AEoQldug
zZywIQZRrzVvy9XuNTFCieP7k6Y1q0xfj2Tq1cXKJ/hBT1oo8ya1TpYyzZzFrbty
kbUkII49x0v2SHs54eU8L3EAfQHprDqZDzS9gv4ZXpQTPKPQXeP52w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:17 2025 by rpki-client