Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/FI6bfjPN7t6NFAgQVExPOIQtMIg.roa
File: FI6bfjPN7t6NFAgQVExPOIQtMIg.roa (raw, json)
Hash identifier: PXiteBbCStnt/SqubPRrbNoWhhfQi1ko8O4Z1tf6P4k=
Subject key identifier: 14:8E:9B:7E:33:CD:EE:DE:8D:14:08:10:54:4C:4F:38:84:2D:30:88
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 01941FFAAEEC1C2E6F6D2BFEADA5D3B0321B
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/FI6bfjPN7t6NFAgQVExPOIQtMIg.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39216
IP address blocks: 185.72.252.0/24 maxlen: 24
185.72.253.0/24 maxlen: 24
188.72.1.0/24 maxlen: 24
188.72.2.0/24 maxlen: 24
188.72.4.0/24 maxlen: 24
188.72.5.0/24 maxlen: 24
188.72.6.0/24 maxlen: 24
188.72.7.0/24 maxlen: 24
188.72.34.0/24 maxlen: 24
188.72.35.0/24 maxlen: 24
188.72.56.0/24 maxlen: 24
188.72.59.0/24 maxlen: 24
188.72.60.0/24 maxlen: 24
188.72.61.0/24 maxlen: 24
188.72.62.0/24 maxlen: 24
188.72.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ae:ec:1c:2e:6f:6d:2b:fe:ad:a5:d3:b0:32:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=148e9b7e33cdeede8d140810544c4f38842d3088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e9:54:59:a2:a5:f8:2b:3c:3d:de:b4:c0:3f:
c4:bd:7a:03:f0:f2:19:22:91:ad:11:38:7b:9e:6e:
60:ad:e0:f5:70:07:9a:f4:c9:b1:4b:9e:b0:87:59:
3e:0a:0d:bb:16:dc:31:18:33:f4:f9:57:30:3d:a7:
81:1c:40:41:04:af:59:94:25:2d:d2:67:d1:71:e7:
b0:59:e3:05:e7:10:f3:ce:e2:1d:db:52:a4:60:97:
97:49:e7:37:f9:fc:1d:e8:b0:83:34:ab:24:f2:a0:
ae:43:44:b3:39:0c:77:8b:9d:7a:66:22:93:f3:0c:
9c:08:98:ca:ea:ef:80:f1:fc:a7:ce:d7:d9:a0:e6:
52:4b:3b:3e:22:8b:5c:c1:3c:b8:52:69:1b:47:f0:
9d:1a:a8:ac:e4:76:8f:99:31:2a:43:10:7f:87:0e:
1f:4d:37:2f:6f:72:36:91:0e:cf:f5:ae:0a:bb:92:
b6:d5:cb:ff:c0:ad:5b:d8:73:99:a7:2d:23:5e:39:
94:1c:b4:29:df:b6:c5:19:ba:a1:5c:79:65:6f:52:
20:c4:20:bf:6c:7a:5e:72:6c:1b:0a:82:1a:23:f1:
fc:76:14:3f:4d:7c:b2:44:6b:5d:cb:7d:af:ba:08:
6c:a9:ba:56:e5:17:7a:b8:47:36:fd:dd:3e:db:1c:
7b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8E:9B:7E:33:CD:EE:DE:8D:14:08:10:54:4C:4F:38:84:2D:30:88
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/FI6bfjPN7t6NFAgQVExPOIQtMIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.252.0/23
188.72.1.0-188.72.2.255
188.72.4.0/22
188.72.34.0/23
188.72.56.0/24
188.72.59.0-188.72.63.255
Signature Algorithm: sha256WithRSAEncryption
a7:bb:3a:f1:cd:ac:5a:a9:a7:40:19:87:30:69:21:62:49:2f:
88:e2:4e:f0:54:3a:99:8e:06:8c:ee:fe:5a:e7:2f:81:63:61:
a2:24:33:18:dd:ac:15:25:fd:01:a1:2e:c1:30:58:3d:ba:dc:
f0:11:5b:f2:5e:2f:c8:aa:fc:8f:88:6b:25:04:68:f2:66:0d:
71:6e:4c:45:6d:ad:72:b9:eb:a3:67:c1:4f:1b:85:1f:33:35:
bc:65:6c:41:7d:e8:96:54:21:13:ad:a6:d2:71:ac:77:cc:50:
25:11:4b:04:2a:51:51:76:41:ed:f7:c9:f6:6a:dc:23:38:6d:
21:b5:d5:d5:67:f1:77:19:da:ce:fd:1d:dd:1f:c7:0b:ae:6b:
aa:d1:2d:7d:4c:c6:59:14:72:ba:00:0d:77:61:b7:0c:97:ea:
94:99:d1:28:7b:69:d1:49:47:6c:8f:01:8f:ef:f2:b3:81:e0:
d3:4b:8b:4a:14:e3:3e:f4:04:75:b1:7d:71:a7:fe:5b:cb:a2:
64:ae:65:fc:3a:e7:a2:ce:21:88:52:f1:7b:e7:a2:ad:3a:b8:
65:ef:31:25:59:48:b2:3f:df:b5:35:12:61:ce:79:25:f8:9d:
7a:33:6d:ca:9a:9e:dc:ed:c0:7f:60:50:1e:84:3e:09:eb:5c:
01:06:c2:91
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQf+q7sHC5vbSv+raXTsDIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDhlOWI3ZTMzY2RlZWRlOGQxNDA4MTA1NDRjNGYzODg0MmQzMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOlUWaKl+Cs8Pd60wD/EvXoD8PIZ
IpGtETh7nm5greD1cAea9MmxS56wh1k+Cg27FtwxGDP0+VcwPaeBHEBBBK9ZlCUt
0mfRceewWeMF5xDzzuId21KkYJeXSec3+fwd6LCDNKsk8qCuQ0SzOQx3i516ZiKT
8wycCJjK6u+A8fynztfZoOZSSzs+IotcwTy4UmkbR/CdGqis5HaPmTEqQxB/hw4f
TTcvb3I2kQ7P9a4Ku5K21cv/wK1b2HOZpy0jXjmUHLQp37bFGbqhXHllb1IgxCC/
bHpecmwbCoIaI/H8dhQ/TXyyRGtdy32vughsqbpW5Rd6uEc2/d0+2xx78wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBSOm34zze7ejRQIEFRMTziELTCIMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvRkk2YmZqUE43dDZORkFnUVZFeFBPSVF0TUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQBuUj8MAwD
BAC8SAEDBAC8SAIDBAK8SAQDBAG8SCIDBAC8SDgwDAMEALxIOwMEBrxIADANBgkq
hkiG9w0BAQsFAAOCAQEAp7s68c2sWqmnQBmHMGkhYkkviOJO8FQ6mY4GjO7+Wucv
gWNhoiQzGN2sFSX9AaEuwTBYPbrc8BFb8l4vyKr8j4hrJQRo8mYNcW5MRW2tcrnr
o2fBTxuFHzM1vGVsQX3ollQhE62m0nGsd8xQJRFLBCpRUXZB7ffJ9mrcIzhtIbXV
1Wfxdxnazv0d3R/HC65rqtEtfUzGWRRyugANd2G3DJfqlJnRKHtp0UlHbI8Bj+/y
s4Hg00uLShTjPvQEdbF9caf+W8uiZK5l/Drnos4hiFLxe+eirTq4Ze8xJVlIsj/f
tTUSYc55JfidejNtypqe3O3Af2BQHoQ+CetcAQbCkQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:52:18 2025 by rpki-client