Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/FKQuu6Kj3XuAbhD_hkdmiIg9ru0.roa
File: FKQuu6Kj3XuAbhD_hkdmiIg9ru0.roa (raw, json)
Hash identifier: BfDYVCCLX0UZgPY+reA/hpbk3+E5qzw6fvZYP021pLk=
Subject key identifier: 14:A4:2E:BB:A2:A3:DD:7B:80:6E:10:FF:86:47:66:88:88:3D:AE:ED
Certificate issuer: /CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Certificate serial: 019427475B293B2A15B79E6B515D78D83FA2
Authority key identifier: 53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/FKQuu6Kj3XuAbhD_hkdmiIg9ru0.roa
Signing time: Thu 02 Jan 2025 13:49:35 +0000
ROA not before: Thu 02 Jan 2025 13:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 185.239.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:5b:29:3b:2a:15:b7:9e:6b:51:5d:78:d8:3f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Validity
Not Before: Jan 2 13:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14a42ebba2a3dd7b806e10ff86476688883daeed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6f:60:1c:dc:01:d6:07:ba:98:0a:fa:3e:6f:
1d:d2:c3:f8:16:f2:78:54:6d:78:30:26:40:e7:0f:
60:12:5e:88:44:8c:52:c3:76:04:67:80:e1:d2:8e:
5d:ce:b8:c1:41:32:31:bd:a9:f9:42:dd:e5:fa:7d:
37:e4:6f:e3:7d:4c:63:78:76:b0:84:2c:c2:69:01:
34:7b:97:ce:d3:9f:23:4e:87:c9:25:58:f0:93:65:
d4:31:76:dd:c3:2b:9f:92:20:af:12:d5:23:22:d2:
d7:21:cc:78:dd:df:67:23:57:47:6d:0f:cd:50:69:
16:ec:91:36:0a:5f:81:58:f5:fe:95:9e:a1:18:f9:
16:c2:0c:35:9d:00:50:09:4e:c5:2c:3a:f6:1d:5a:
8a:d5:18:a8:fa:fc:44:8a:7f:f4:c6:2f:90:1f:5a:
e6:12:ed:18:e6:76:17:30:e7:35:43:ac:f2:f7:20:
4b:99:e2:db:a8:21:18:73:33:77:12:fb:92:4f:bb:
86:63:99:91:43:04:ea:98:12:ae:0c:96:f2:1b:8d:
b6:ec:b1:7f:04:f0:b5:df:60:6d:1a:4d:19:45:d1:
d0:30:0b:22:4a:93:7a:cd:36:c9:1b:4c:ee:5f:7e:
eb:2c:25:df:84:d4:14:f4:cc:44:7a:9c:83:12:28:
e5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A4:2E:BB:A2:A3:DD:7B:80:6E:10:FF:86:47:66:88:88:3D:AE:ED
X509v3 Authority Key Identifier:
keyid:53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/FKQuu6Kj3XuAbhD_hkdmiIg9ru0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.191.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:bb:91:30:db:83:31:0a:0c:a0:a6:13:95:4a:b6:9b:83:35:
41:c1:75:68:42:ac:de:0b:12:6a:c1:13:6a:a2:62:43:34:e6:
f2:5b:f6:35:e3:42:04:f6:ca:99:72:bb:94:a7:19:b5:ad:14:
de:16:9f:fd:e7:9b:c2:9f:f7:92:ea:7d:09:74:ec:9b:fd:76:
b4:69:48:2a:0b:f6:8c:1b:3e:50:10:4e:5e:00:94:23:ee:7c:
2d:ea:60:7f:dc:44:61:69:07:17:45:60:ca:6a:f3:ab:d4:c0:
3b:67:68:4c:1d:72:22:f7:90:e6:3d:e4:85:32:61:6a:37:05:
22:8d:91:81:02:09:80:02:83:c0:2c:92:87:20:21:08:a3:6e:
ba:2b:1f:c8:17:00:cd:99:fa:48:7b:05:a8:fd:5f:25:9c:49:
0f:2d:10:3b:a6:d1:63:ab:2e:97:af:a3:39:d6:23:2d:92:d9:
88:25:4b:05:95:cb:74:b6:c4:e2:64:c7:05:64:e2:a7:5c:4d:
35:ea:5f:69:33:f4:bf:24:e6:bd:ba:d9:3d:58:37:92:79:4a:
6e:ba:c5:f6:ee:53:e8:1e:36:d9:df:0d:40:d6:c3:b5:e9:32:
26:73:05:84:12:a0:56:f1:77:f1:c8:78:57:15:9f:ab:c5:e7:
35:53:22:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR1spOyoVt55rUV142D+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDAzNTlmOWY4YjIwODE1Y2U0ZDk4OGUxMDliZjgyMzA2
ZTRjNzQwHhcNMjUwMTAyMTM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGE0MmViYmEyYTNkZDdiODA2ZTEwZmY4NjQ3NjY4ODg4M2RhZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW9gHNwB1ge6mAr6Pm8d0sP4FvJ4
VG14MCZA5w9gEl6IRIxSw3YEZ4Dh0o5dzrjBQTIxvan5Qt3l+n035G/jfUxjeHaw
hCzCaQE0e5fO058jTofJJVjwk2XUMXbdwyufkiCvEtUjItLXIcx43d9nI1dHbQ/N
UGkW7JE2Cl+BWPX+lZ6hGPkWwgw1nQBQCU7FLDr2HVqK1Rio+vxEin/0xi+QH1rm
Eu0Y5nYXMOc1Q6zy9yBLmeLbqCEYczN3EvuST7uGY5mRQwTqmBKuDJbyG4227LF/
BPC132BtGk0ZRdHQMAsiSpN6zTbJG0zuX37rLCXfhNQU9MxEepyDEijluwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSkLruio917gG4Q/4ZHZoiIPa7tMB8GA1UdIwQY
MBaAFFPQNZ+fiyCBXOTZiOEJv4Iwbkx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTkt
YTZjNDljZTkwNzU2LzEvRktRdXU2S2ozWHVBYmhEX2hrZG1pSWc5cnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTktYTZjNDljZTkwNzU2
LzEvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue+/MA0G
CSqGSIb3DQEBCwUAA4IBAQBPu5Ew24MxCgygphOVSrabgzVBwXVoQqzeCxJqwRNq
omJDNObyW/Y140IE9sqZcruUpxm1rRTeFp/955vCn/eS6n0JdOyb/Xa0aUgqC/aM
Gz5QEE5eAJQj7nwt6mB/3ERhaQcXRWDKavOr1MA7Z2hMHXIi95DmPeSFMmFqNwUi
jZGBAgmAAoPALJKHICEIo266Kx/IFwDNmfpIewWo/V8lnEkPLRA7ptFjqy6Xr6M5
1iMtktmIJUsFlct0tsTiZMcFZOKnXE016l9pM/S/JOa9utk9WDeSeUpuusX27lPo
HjbZ3w1A1sO16TImcwWEEqBW8XfxyHhXFZ+rxec1UyJ7
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:54:26 2025 by rpki-client