Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/fbZYdgPg6DYOC7L2O9FF8A3uAL0.roa
File: fbZYdgPg6DYOC7L2O9FF8A3uAL0.roa (raw, json)
Hash identifier: c96jguDmh3eRDgkL2jnphzr/ODE3EQMnL3frDBUkSc0=
Subject key identifier: 7D:B6:58:76:03:E0:E8:36:0E:0B:B2:F6:3B:D1:45:F0:0D:EE:00:BD
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDBE343C0BF9FCFCFBED2D3B3E29E7
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/fbZYdgPg6DYOC7L2O9FF8A3uAL0.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47886
IP address blocks: 185.52.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:be:34:3c:0b:f9:fc:fc:fb:ed:2d:3b:3e:29:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7db6587603e0e8360e0bb2f63bd145f00dee00bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e5:39:a8:6a:a0:83:c1:0e:d0:53:80:27:a3:
df:d5:e2:92:a7:d1:85:22:96:26:55:99:75:93:86:
bb:3e:29:fa:f1:48:c4:c3:6d:b2:7c:5f:66:76:fb:
0c:72:0b:28:07:9f:b2:25:a9:2c:0f:4d:f3:ae:b4:
bf:04:61:69:e0:30:f6:68:d5:a9:e4:c2:b4:54:f8:
f1:ee:82:22:c8:e4:98:92:c1:43:47:d9:64:d2:ec:
97:c8:db:31:1b:cc:55:8a:b7:08:86:0f:58:05:50:
9b:b5:67:65:f5:f4:b8:7f:cf:ee:db:1f:e9:d2:97:
2e:4b:61:cd:50:6e:d0:8c:57:01:5a:a4:27:38:39:
bd:b2:80:ca:6c:18:05:97:5f:74:cc:16:ef:16:bf:
2d:cf:9e:62:3c:38:ea:54:23:d1:98:4e:4e:07:b6:
d9:c7:b0:39:0b:0a:59:25:07:e4:79:f0:d5:54:a2:
48:73:23:e3:f4:72:cf:8c:ac:16:13:ac:07:78:5b:
af:34:bf:83:eb:18:6a:59:88:61:bd:89:f3:68:09:
6d:1c:75:25:9c:80:7a:52:e7:e9:ba:4a:e4:25:85:
26:dd:8b:e6:62:c3:5b:76:4f:ee:ae:eb:82:ec:81:
ee:6d:78:de:a5:f0:ec:31:3e:18:9f:a4:7c:84:1d:
d8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B6:58:76:03:E0:E8:36:0E:0B:B2:F6:3B:D1:45:F0:0D:EE:00:BD
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/fbZYdgPg6DYOC7L2O9FF8A3uAL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.4.0/22
Signature Algorithm: sha256WithRSAEncryption
76:01:34:fc:f6:26:12:d5:76:35:8b:4d:76:92:da:a1:c5:5e:
c0:0c:51:93:90:66:6f:6b:95:c3:53:7f:c0:50:11:c3:8a:3f:
29:5c:b4:e3:28:94:17:dd:4f:fe:ce:4c:24:c3:b5:09:be:d1:
b5:4b:00:23:c7:18:e1:46:85:71:78:0e:de:61:0a:87:6b:79:
53:72:84:6c:dc:67:9d:f9:78:a4:43:bb:55:b2:3d:e8:e6:42:
21:b0:4d:f4:7a:2c:18:c0:6d:db:e7:d9:4e:45:01:82:ba:4a:
5b:17:c8:c8:a5:a2:78:be:87:35:b4:dc:b7:4a:01:6d:22:9c:
be:0f:1c:1f:5d:a3:d9:61:e8:3d:95:27:99:89:ba:71:70:75:
1c:2a:64:24:92:62:ba:69:64:f9:5a:0e:74:d2:47:3d:43:f9:
a5:5e:a4:2a:37:1c:5a:c5:da:16:49:17:f6:4d:46:ef:73:b6:
5e:e8:b0:d1:88:b8:63:44:b5:9b:79:bc:63:fc:f2:28:29:ca:
a7:d6:3c:f7:5e:1e:e9:8c:0f:90:e0:50:75:2c:e8:b9:39:c8:
2c:c7:ee:dc:86:9c:d9:eb:9d:29:ab:84:fd:11:d9:08:2e:97:
45:ca:c1:d4:4c:64:83:e1:6d:ce:8e:78:ac:41:61:a7:67:40:
e3:cc:cd:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/b40PAv5/Pz77S07PinnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI2NTg3NjAzZTBlODM2MGUwYmIyZjYzYmQxNDVmMDBkZWUwMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOU5qGqgg8EO0FOAJ6Pf1eKSp9GF
IpYmVZl1k4a7Pin68UjEw22yfF9mdvsMcgsoB5+yJaksD03zrrS/BGFp4DD2aNWp
5MK0VPjx7oIiyOSYksFDR9lk0uyXyNsxG8xVircIhg9YBVCbtWdl9fS4f8/u2x/p
0pcuS2HNUG7QjFcBWqQnODm9soDKbBgFl190zBbvFr8tz55iPDjqVCPRmE5OB7bZ
x7A5CwpZJQfkefDVVKJIcyPj9HLPjKwWE6wHeFuvNL+D6xhqWYhhvYnzaAltHHUl
nIB6UufpukrkJYUm3YvmYsNbdk/uruuC7IHubXjepfDsMT4Yn6R8hB3YxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH22WHYD4Og2Dguy9jvRRfAN7gC9MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvZmJaWWRnUGc2RFlPQzdMMk85RkY4QTN1QUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTQEMA0G
CSqGSIb3DQEBCwUAA4IBAQB2ATT89iYS1XY1i012ktqhxV7ADFGTkGZva5XDU3/A
UBHDij8pXLTjKJQX3U/+zkwkw7UJvtG1SwAjxxjhRoVxeA7eYQqHa3lTcoRs3Ged
+XikQ7tVsj3o5kIhsE30eiwYwG3b59lORQGCukpbF8jIpaJ4voc1tNy3SgFtIpy+
DxwfXaPZYeg9lSeZibpxcHUcKmQkkmK6aWT5Wg500kc9Q/mlXqQqNxxaxdoWSRf2
TUbvc7Ze6LDRiLhjRLWbebxj/PIoKcqn1jz3Xh7pjA+Q4FB1LOi5Ocgsx+7chpzZ
650pq4T9EdkILpdFysHUTGSD4W3OjnisQWGnZ0DjzM1t
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:13 2025 by rpki-client