Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FFEXFOW85pR4iSRtCc5ygp52kbw.roa
File: FFEXFOW85pR4iSRtCc5ygp52kbw.roa (raw, json)
Hash identifier: TaD/sf0kCT2Z3287u3hvlzpLzoG02kv6JpOHDN3UBHg=
Subject key identifier: 14:51:17:14:E5:BC:E6:94:78:89:24:6D:09:CE:72:82:9E:76:91:BC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01959FD69300954BF1AC09FB689E6DF9FB96
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FFEXFOW85pR4iSRtCc5ygp52kbw.roa
Signing time: Sun 16 Mar 2025 16:43:14 +0000
ROA not before: Sun 16 Mar 2025 16:43:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400992
IP address blocks: 185.121.12.0/24 maxlen: 24
185.121.15.0/24 maxlen: 24
185.232.205.0/24 maxlen: 24
185.236.25.0/24 maxlen: 24
185.236.26.0/24 maxlen: 24
185.236.27.0/24 maxlen: 24
185.250.180.0/24 maxlen: 24
193.17.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9f:d6:93:00:95:4b:f1:ac:09:fb:68:9e:6d:f9:fb:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 16 16:43:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14511714e5bce6947889246d09ce72829e7691bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:e6:2a:dc:ce:76:61:a7:4b:b5:6f:c9:44:
1b:39:a1:d2:96:6b:30:01:bc:a9:fe:4e:e6:97:d0:
da:93:7a:3a:a5:d1:11:44:0d:bc:97:5d:95:a8:7d:
72:f4:8d:1f:5a:6a:3c:ed:2f:a3:ad:21:7a:f3:b3:
ad:b3:73:18:be:c7:44:e7:fe:4c:c6:14:34:4f:0d:
86:79:cd:cd:b8:a3:a4:36:80:fa:58:48:7c:8a:88:
39:17:9a:e3:8e:c9:7e:37:46:92:db:0e:7d:b9:24:
96:4f:e2:6b:ca:75:73:34:ad:64:18:f6:f9:72:e0:
7b:d6:43:cf:d2:e8:6b:97:19:8e:d5:58:98:d5:cb:
0a:c1:88:94:3b:5e:db:c2:3c:48:06:f6:a7:86:de:
6a:ec:fc:c5:06:52:28:28:67:6d:4c:c8:ea:0e:19:
d3:8b:70:82:d7:31:2e:6b:c8:a3:b6:fc:3a:17:67:
d9:19:56:35:86:f2:da:97:ed:55:01:1f:a7:51:55:
73:99:fd:bd:5e:d5:b9:f8:f8:0e:99:d4:94:f3:76:
1b:04:19:47:c3:f9:b5:62:ef:13:70:91:48:ef:e6:
cd:9c:28:6d:23:cc:1a:ee:c6:5c:0a:b4:9f:9c:24:
b0:8d:da:ca:eb:02:6f:57:ce:66:11:16:86:fe:97:
28:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:51:17:14:E5:BC:E6:94:78:89:24:6D:09:CE:72:82:9E:76:91:BC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FFEXFOW85pR4iSRtCc5ygp52kbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/24
185.121.15.0/24
185.232.205.0/24
185.236.25.0-185.236.27.255
185.250.180.0/24
193.17.183.0/24
Signature Algorithm: sha256WithRSAEncryption
33:6e:ef:1c:c1:c5:78:de:bc:fc:30:5d:88:f1:8c:e6:16:13:
88:c3:56:7a:9a:b9:f9:a3:ef:4b:c4:c0:95:9b:67:9d:f5:4c:
6e:10:e3:56:c4:a2:54:b7:c5:3e:1b:e4:26:26:b4:36:b0:aa:
07:0e:cd:8e:c8:c9:ca:06:e2:6e:a5:14:d3:01:54:b9:ee:6a:
b5:46:7f:c8:af:64:6e:9a:77:b8:2b:b5:86:91:51:2c:57:fa:
56:be:56:29:a3:b8:ba:a6:7c:d1:e8:42:3a:81:09:5c:45:04:
72:fa:b1:a0:d0:2c:46:76:da:f8:46:83:96:a4:d5:9c:2c:41:
34:d5:81:00:d4:a2:35:0d:17:ae:b1:57:75:24:12:5c:d6:3c:
a4:2c:bb:ca:fa:85:1d:b9:4a:a3:59:f8:24:1d:02:aa:38:3e:
97:77:7e:47:38:5b:b5:5d:a0:87:64:cc:4a:c5:54:be:c8:ce:
4c:0a:e0:19:bc:cb:cb:09:5a:de:94:f2:f7:65:f9:ee:0d:fb:
56:88:2c:bf:e6:f5:63:db:28:94:69:fa:2e:1f:90:3d:07:4b:
fd:4e:98:ce:9d:f3:28:ab:8e:c1:68:4e:f7:98:32:8d:79:1c:
12:18:bc:39:59:51:cb:02:82:ca:32:1a:86:2e:5a:ba:12:7c:
f8:cc:41:99
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZWf1pMAlUvxrAn7aJ5t+fuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzE2MTY0MzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDUxMTcxNGU1YmNlNjk0Nzg4OTI0NmQwOWNlNzI4MjllNzY5MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI7mKtzOdmGnS7VvyUQbOaHSlmsw
Abyp/k7ml9Dak3o6pdERRA28l12VqH1y9I0fWmo87S+jrSF687Ots3MYvsdE5/5M
xhQ0Tw2Gec3NuKOkNoD6WEh8iog5F5rjjsl+N0aS2w59uSSWT+JrynVzNK1kGPb5
cuB71kPP0uhrlxmO1ViY1csKwYiUO17bwjxIBvanht5q7PzFBlIoKGdtTMjqDhnT
i3CC1zEua8ijtvw6F2fZGVY1hvLal+1VAR+nUVVzmf29XtW5+PgOmdSU83YbBBlH
w/m1Yu8TcJFI7+bNnChtI8wa7sZcCrSfnCSwjdrK6wJvV85mERaG/pcomwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBRRFxTlvOaUeIkkbQnOcoKedpG8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRkZFWEZPVzg1cFI0aVNSdENjNXlncDUya2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAuXkMAwQA
uXkPAwQAuejNMAwDBAC57BkDBAK57BgDBAC5+rQDBADBEbcwDQYJKoZIhvcNAQEL
BQADggEBADNu7xzBxXjevPwwXYjxjOYWE4jDVnqaufmj70vEwJWbZ531TG4Q41bE
olS3xT4b5CYmtDawqgcOzY7IycoG4m6lFNMBVLnuarVGf8ivZG6ad7grtYaRUSxX
+la+VimjuLqmfNHoQjqBCVxFBHL6saDQLEZ22vhGg5ak1ZwsQTTVgQDUojUNF66x
V3UkElzWPKQsu8r6hR25SqNZ+CQdAqo4Ppd3fkc4W7VdoIdkzErFVL7IzkwK4Bm8
y8sJWt6U8vdl+e4N+1aILL/m9WPbKJRp+i4fkD0HS/1OmM6d8yirjsFoTveYMo15
HBIYvDlZUcsCgsoyGoYuWroSfPjMQZk=
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:43:39 2025 by rpki-client