Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/F62WfIiTSrMtpYaKvt60lcQtkXw.roa
File: F62WfIiTSrMtpYaKvt60lcQtkXw.roa (raw, json)
Hash identifier: YJlkN/VgWCfVi9nZv63jvrsBfGYFWAiYVqihH5uZ7es=
Subject key identifier: 17:AD:96:7C:88:93:4A:B3:2D:A5:86:8A:BE:DE:B4:95:C4:2D:91:7C
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 019423D6C2C478B352B83C055779D18D1BDD
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/F62WfIiTSrMtpYaKvt60lcQtkXw.roa
Signing time: Wed 01 Jan 2025 21:47:44 +0000
ROA not before: Wed 01 Jan 2025 21:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.133.68.0/22 maxlen: 24
193.104.32.0/24 maxlen: 24
2a05:2440::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c2:c4:78:b3:52:b8:3c:05:57:79:d1:8d:1b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: Jan 1 21:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17ad967c88934ab32da5868abedeb495c42d917c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f2:82:fe:c0:e9:13:60:f0:63:57:04:26:bb:
ca:87:26:37:da:a0:be:6e:fd:18:c5:73:a7:c0:d2:
54:f3:bf:13:e8:ca:49:24:5a:b6:8d:61:fb:8c:54:
b2:a5:67:51:89:39:2e:9c:44:0c:db:77:fc:de:95:
36:8a:d0:2b:67:c8:2b:8d:e7:b1:26:f1:15:5e:1b:
ab:3b:ab:aa:be:6d:5f:90:7b:60:3f:02:f7:62:ac:
3c:04:94:ce:a7:e7:18:56:cb:f1:47:3b:1c:95:1a:
7c:47:96:dd:3b:f5:88:f0:c1:90:b9:ba:d7:b6:07:
68:e3:17:7b:1f:bc:83:62:fd:95:8b:c8:91:0e:9d:
45:aa:e2:42:55:ce:3f:09:58:a4:ec:8b:f6:c5:89:
7d:98:b4:c6:ac:e2:94:12:5e:62:8c:93:cc:57:d4:
ee:6d:a8:58:69:c6:87:83:ec:6a:aa:0f:ce:8a:77:
f0:6f:9c:0d:57:0a:ff:18:e4:5c:0d:7a:2d:33:38:
ef:93:5f:f1:51:cc:d2:de:33:5c:3d:97:94:5c:c3:
5c:e6:2c:7e:2c:29:d8:9a:36:df:ca:01:bd:f0:17:
03:47:23:85:25:8a:06:79:4e:05:ad:81:27:e5:64:
8a:d5:2e:78:c6:a2:21:fb:f8:77:52:d5:53:d5:93:
eb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AD:96:7C:88:93:4A:B3:2D:A5:86:8A:BE:DE:B4:95:C4:2D:91:7C
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/F62WfIiTSrMtpYaKvt60lcQtkXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
193.104.32.0/24
IPv6:
2a05:2440::/29
Signature Algorithm: sha256WithRSAEncryption
16:e6:cd:12:3a:88:03:90:f7:91:07:6d:82:69:e4:b6:15:79:
27:5d:3d:f3:54:3e:a1:7e:25:fa:42:bb:1a:bf:d1:64:59:da:
96:da:0f:4e:94:e8:86:ab:a7:59:91:2a:5b:51:05:85:e2:72:
e8:75:a3:ed:b3:97:64:c4:93:da:1b:48:09:67:85:c0:f6:26:
67:e6:d8:46:dc:4b:ee:87:6b:90:85:f6:80:7b:b0:3d:59:23:
3d:0f:a0:08:99:0c:1b:b6:5b:10:e2:ca:b9:eb:a9:48:61:32:
ad:ac:68:1b:2a:95:51:48:2d:7a:e0:63:c5:6a:d0:98:ca:a0:
04:59:3c:fc:49:bb:fc:e6:c8:e2:34:9f:35:1f:16:3e:50:1e:
20:95:f9:4e:16:31:76:a5:69:d2:7a:68:b8:10:15:68:85:f2:
64:17:5d:8a:27:c0:12:42:f2:5d:c2:43:33:30:86:2a:ea:56:
3b:ea:6b:2a:32:3b:23:4a:16:c0:3a:61:cd:18:72:1b:95:9b:
a7:9a:91:27:75:c8:00:2e:20:b5:92:96:4e:df:16:ed:37:8d:
2e:7d:12:c9:4f:2e:d9:f8:79:05:d7:40:f1:48:94:13:7a:3f:
c5:d6:21:5b:ec:70:fc:4a:8a:bf:03:de:0d:ac:7d:ff:94:d0:
cc:64:13:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj1sLEeLNSuDwFV3nRjRvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjUwMTAxMjE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FkOTY3Yzg4OTM0YWIzMmRhNTg2OGFiZWRlYjQ5NWM0MmQ5MTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/KC/sDpE2DwY1cEJrvKhyY32qC+
bv0YxXOnwNJU878T6MpJJFq2jWH7jFSypWdRiTkunEQM23f83pU2itArZ8grjeex
JvEVXhurO6uqvm1fkHtgPwL3Yqw8BJTOp+cYVsvxRzsclRp8R5bdO/WI8MGQubrX
tgdo4xd7H7yDYv2Vi8iRDp1FquJCVc4/CVik7Iv2xYl9mLTGrOKUEl5ijJPMV9Tu
bahYacaHg+xqqg/Oinfwb5wNVwr/GORcDXotMzjvk1/xUczS3jNcPZeUXMNc5ix+
LCnYmjbfygG98BcDRyOFJYoGeU4FrYEn5WSK1S54xqIh+/h3UtVT1ZPrPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBetlnyIk0qzLaWGir7etJXELZF8MB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvRjYyV2ZJaVRTck10cFlhS3Z0NjBsY1F0a1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYVEAwQA
wWggMA0EAgACMAcDBQMqBSRAMA0GCSqGSIb3DQEBCwUAA4IBAQAW5s0SOogDkPeR
B22CaeS2FXknXT3zVD6hfiX6Qrsav9FkWdqW2g9OlOiGq6dZkSpbUQWF4nLodaPt
s5dkxJPaG0gJZ4XA9iZn5thG3Evuh2uQhfaAe7A9WSM9D6AImQwbtlsQ4sq566lI
YTKtrGgbKpVRSC164GPFatCYyqAEWTz8Sbv85sjiNJ81HxY+UB4glflOFjF2pWnS
emi4EBVohfJkF12KJ8ASQvJdwkMzMIYq6lY76msqMjsjShbAOmHNGHIblZunmpEn
dcgALiC1kpZO3xbtN40ufRLJTy7Z+HkF10DxSJQTej/F1iFb7HD8Soq/A94NrH3/
lNDMZBO0
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:38:20 2025 by rpki-client