Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/fWNbS2Zby5cqqjFuy1JL0ESM6XQ.roa
File: fWNbS2Zby5cqqjFuy1JL0ESM6XQ.roa (raw, json)
Hash identifier: RpQ01iay9Z8HEoCXYdjA+H+KDCVwjAEkvyG3bYLQulU=
Subject key identifier: 7D:63:5B:4B:66:5B:CB:97:2A:AA:31:6E:CB:52:4B:D0:44:8C:E9:74
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64BB0EA4E45FE39379E46DD9B0A49C
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/fWNbS2Zby5cqqjFuy1JL0ESM6XQ.roa
Signing time: Thu 09 Jan 2025 09:28:22 +0000
ROA not before: Thu 09 Jan 2025 09:28:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200523
IP address blocks: 62.68.70.0/24 maxlen: 24
80.72.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:bb:0e:a4:e4:5f:e3:93:79:e4:6d:d9:b0:a4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d635b4b665bcb972aaa316ecb524bd0448ce974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f3:82:ab:9c:4b:72:91:58:71:2b:99:fa:92:
85:6a:08:02:02:36:d1:b3:e9:8c:5b:d5:66:f0:ba:
8e:d1:49:51:76:f0:73:c7:26:b6:dc:1c:fa:86:c8:
53:24:ff:00:f8:3c:3c:70:ff:09:3e:51:f9:af:2b:
e5:fb:2e:02:8b:5f:52:8b:85:c6:b2:be:93:7f:22:
20:7b:e1:b0:6e:2d:56:bf:40:8e:06:3f:2a:8c:1e:
f0:39:94:27:ce:4f:c1:ca:32:13:9e:16:90:dd:40:
44:ba:6f:a8:92:04:c9:ac:4f:5c:46:bd:48:3a:72:
53:be:01:c6:e4:59:f9:f4:ca:33:9f:95:69:40:73:
a7:02:0d:6e:2f:4f:99:4a:b9:4d:0c:21:9c:ee:73:
e3:04:68:0b:16:8a:9e:ef:af:ef:a3:57:d6:cf:77:
59:2b:c0:6f:93:c8:c7:0c:99:b4:6e:59:ce:3e:36:
d6:1f:b0:2b:f7:d5:7f:6d:66:69:cc:4a:6d:c8:19:
0d:08:c5:e1:31:f7:72:52:22:f5:05:52:43:3d:fe:
84:9a:3a:d8:2f:f6:23:33:5e:cc:ae:ae:c4:24:fd:
4d:08:ed:c3:d9:26:1c:e3:1a:bc:ce:08:8d:8a:dc:
d3:ce:2f:f8:88:f3:33:4e:59:b9:93:ce:c1:72:6b:
e9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:63:5B:4B:66:5B:CB:97:2A:AA:31:6E:CB:52:4B:D0:44:8C:E9:74
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/fWNbS2Zby5cqqjFuy1JL0ESM6XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.70.0/24
80.72.78.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:26:2f:25:0f:63:fd:1c:7b:be:06:b2:f5:64:e1:9f:d7:8e:
6a:f7:2a:31:d1:21:01:63:61:81:b7:bc:57:58:e1:0b:79:5b:
38:97:91:c2:08:c3:da:19:7c:dd:36:c2:4c:6b:82:9d:7b:69:
f6:6e:2a:3a:8f:9a:b9:38:6f:38:5f:f4:f8:01:20:39:47:29:
74:a9:1a:8a:bf:4b:c0:5b:12:c1:49:82:03:2c:e8:94:46:b8:
b0:fe:08:c3:71:ac:fd:24:10:60:ab:d0:b6:5c:c7:b9:13:a5:
29:25:de:55:7f:40:9b:4d:52:aa:a8:21:8e:0a:18:3b:74:6a:
c7:b9:27:01:05:86:49:41:34:fb:a5:f6:8d:f6:b0:12:1f:b9:
0a:b5:41:62:0b:80:f0:0c:f2:47:13:11:f2:0d:02:96:a8:5d:
79:41:66:58:c9:1d:cc:1d:cd:16:38:c5:c2:d4:01:8a:0f:4f:
37:72:c2:80:b2:7c:1d:f5:9c:ae:3c:2e:9d:9e:77:74:b5:f6:
cc:9b:01:35:1e:84:2d:f4:ec:eb:de:fd:5c:55:f2:ec:66:6a:
9d:47:f7:35:5e:14:71:1e:f3:49:6e:a5:89:10:fe:66:62:a4:
63:98:16:ef:42:92:62:11:e0:cd:2b:45:ef:21:75:f8:85:23:
fb:2c:32:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRKZLsOpORf45N55G3ZsKScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDYzNWI0YjY2NWJjYjk3MmFhYTMxNmVjYjUyNGJkMDQ0OGNlOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPOCq5xLcpFYcSuZ+pKFaggCAjbR
s+mMW9Vm8LqO0UlRdvBzxya23Bz6hshTJP8A+Dw8cP8JPlH5ryvl+y4Ci19Si4XG
sr6TfyIge+Gwbi1Wv0COBj8qjB7wOZQnzk/ByjITnhaQ3UBEum+okgTJrE9cRr1I
OnJTvgHG5Fn59Mozn5VpQHOnAg1uL0+ZSrlNDCGc7nPjBGgLFoqe76/vo1fWz3dZ
K8Bvk8jHDJm0blnOPjbWH7Ar99V/bWZpzEptyBkNCMXhMfdyUiL1BVJDPf6EmjrY
L/YjM17Mrq7EJP1NCO3D2SYc4xq8zgiNitzTzi/4iPMzTlm5k87BcmvptQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH1jW0tmW8uXKqoxbstSS9BEjOl0MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZldOYlMyWmJ5NWNxcWpGdXkxSkwwRVNNNlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkRGAwQA
UEhOMA0GCSqGSIb3DQEBCwUAA4IBAQAtJi8lD2P9HHu+BrL1ZOGf145q9yox0SEB
Y2GBt7xXWOELeVs4l5HCCMPaGXzdNsJMa4Kde2n2bio6j5q5OG84X/T4ASA5Ryl0
qRqKv0vAWxLBSYIDLOiURriw/gjDcaz9JBBgq9C2XMe5E6UpJd5Vf0CbTVKqqCGO
Chg7dGrHuScBBYZJQTT7pfaN9rASH7kKtUFiC4DwDPJHExHyDQKWqF15QWZYyR3M
Hc0WOMXC1AGKD083csKAsnwd9ZyuPC6dnnd0tfbMmwE1HoQt9Ozr3v1cVfLsZmqd
R/c1XhRxHvNJbqWJEP5mYqRjmBbvQpJiEeDNK0XvIXX4hSP7LDIm
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:07:20 2025 by rpki-client