Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/fc1Tc2Vdh2udhGPhrIhiUsNRmh8.roa
File: fc1Tc2Vdh2udhGPhrIhiUsNRmh8.roa (raw, json)
Hash identifier: an6cVXKMyV249udKkEMio/99yuvp5X9umnLVJSDoDVM=
Subject key identifier: 7D:CD:53:73:65:5D:87:6B:9D:84:63:E1:AC:88:62:52:C3:51:9A:1F
Certificate issuer: /CN=021b3ea35edfdd138c15506d74a76022dd37694b
Certificate serial: 019427B5C189406F28643D6E42D7CE330EC4
Authority key identifier: 02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/fc1Tc2Vdh2udhGPhrIhiUsNRmh8.roa
Signing time: Thu 02 Jan 2025 15:50:10 +0000
ROA not before: Thu 02 Jan 2025 15:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 553
IP address blocks: 129.69.0.0/16 maxlen: 16
129.143.0.0/16 maxlen: 16
141.58.0.0/16 maxlen: 16
141.70.0.0/16 maxlen: 16
141.70.128.0/17 maxlen: 17
192.67.189.0/24 maxlen: 24
192.67.208.0/24 maxlen: 24
192.108.35.0/24 maxlen: 24
192.108.36.0/22 maxlen: 22
192.108.40.0/22 maxlen: 22
192.108.44.0/24 maxlen: 24
193.196.0.0/15 maxlen: 15
193.196.0.0/21 maxlen: 21
193.196.9.0/24 maxlen: 24
193.196.13.0/24 maxlen: 24
193.196.16.0/20 maxlen: 20
193.196.64.0/18 maxlen: 18
193.196.129.0/24 maxlen: 24
193.196.130.0/23 maxlen: 23
193.196.132.0/22 maxlen: 22
193.196.136.0/21 maxlen: 21
193.196.144.0/21 maxlen: 21
193.196.152.0/24 maxlen: 24
193.196.154.0/23 maxlen: 23
193.196.156.0/22 maxlen: 22
193.196.160.0/22 maxlen: 22
193.196.165.0/24 maxlen: 24
193.196.166.0/23 maxlen: 23
193.196.168.0/21 maxlen: 21
193.196.176.0/20 maxlen: 20
193.196.192.0/18 maxlen: 18
193.197.0.0/24 maxlen: 24
193.197.4.0/23 maxlen: 23
193.197.8.0/22 maxlen: 22
193.197.20.0/23 maxlen: 23
193.197.28.0/22 maxlen: 22
193.197.32.0/19 maxlen: 19
193.197.64.0/22 maxlen: 22
193.197.68.0/23 maxlen: 23
193.197.70.0/24 maxlen: 24
193.197.80.0/22 maxlen: 22
193.197.85.0/24 maxlen: 24
193.197.86.0/23 maxlen: 23
193.197.94.0/24 maxlen: 24
193.197.112.0/22 maxlen: 22
193.197.120.0/21 maxlen: 21
193.197.130.0/24 maxlen: 24
193.197.132.0/22 maxlen: 22
193.197.136.0/21 maxlen: 21
193.197.149.0/24 maxlen: 24
193.197.152.0/22 maxlen: 22
193.197.157.0/24 maxlen: 24
193.197.160.0/22 maxlen: 22
193.197.168.0/21 maxlen: 21
193.197.180.0/22 maxlen: 22
193.197.200.0/21 maxlen: 21
193.197.212.0/24 maxlen: 24
193.197.224.0/19 maxlen: 19
2001:7c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c1:89:40:6f:28:64:3d:6e:42:d7:ce:33:0e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=021b3ea35edfdd138c15506d74a76022dd37694b
Validity
Not Before: Jan 2 15:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dcd5373655d876b9d8463e1ac886252c3519a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cc:65:8b:74:19:fe:ca:bb:ed:31:a1:84:77:
57:2c:5d:be:e0:ff:84:d0:ce:e7:68:eb:aa:cb:2c:
2a:ca:c4:f8:b9:df:ff:02:fe:9b:1c:85:c4:2d:6f:
cf:6e:00:ad:e9:59:77:24:e6:8a:9b:8a:32:4c:ea:
fa:f0:5e:aa:40:fc:e5:6b:7a:88:b9:63:c9:6b:54:
e6:58:71:6d:22:d0:e9:e2:c1:c9:86:bb:60:93:d1:
cf:84:c6:71:a9:95:8f:60:a7:7b:d4:8e:73:e1:17:
dd:13:e8:b7:e7:5a:69:3e:7a:8d:bf:b1:aa:4f:5b:
3e:09:76:cb:3b:f7:55:b5:2a:de:c8:5d:48:7b:fa:
61:0b:39:08:f7:df:f8:48:8f:0d:dd:f2:4e:50:3c:
0d:c3:60:d9:c9:db:0e:0e:16:22:67:fc:38:85:1e:
2e:67:ff:18:9c:99:7c:1e:5d:af:e0:4d:10:4d:ae:
99:3e:35:9f:93:be:da:7e:ab:dd:bd:a7:61:8d:a8:
e3:90:bf:24:c3:71:35:7b:ab:a8:a5:fe:71:1f:2d:
62:29:fa:4d:39:23:65:2d:ea:fb:d7:b4:57:e3:f8:
3f:28:20:56:6f:f1:6d:9a:84:8a:ab:29:84:9d:4c:
f4:c8:88:08:d6:bb:d9:f7:ed:7b:0f:67:c0:86:7f:
c9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CD:53:73:65:5D:87:6B:9D:84:63:E1:AC:88:62:52:C3:51:9A:1F
X509v3 Authority Key Identifier:
keyid:02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/fc1Tc2Vdh2udhGPhrIhiUsNRmh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.69.0.0/16
129.143.0.0/16
141.58.0.0/16
141.70.0.0/16
192.67.189.0/24
192.67.208.0/24
192.108.35.0-192.108.44.255
193.196.0.0/15
IPv6:
2001:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:93:7f:27:4e:8e:04:dc:82:df:54:a1:99:30:6f:c5:4c:c9:
51:cf:1c:d2:6b:82:27:fd:fb:ec:87:57:bd:bb:8e:eb:39:12:
8c:62:db:ac:1d:1c:6e:48:fe:79:b8:b3:d4:54:e1:a8:50:9b:
f9:74:1d:d8:22:97:fa:6f:5e:09:90:6a:ba:e1:a1:01:44:6d:
b3:9b:0d:56:7c:57:2d:10:0d:68:ea:80:1b:b2:f8:fa:ec:b9:
a6:ca:a3:82:93:10:8e:57:2d:e9:8d:64:92:c3:ac:df:40:13:
a8:9e:2d:41:e0:40:23:66:99:fa:d1:4d:0e:f1:b6:7f:6e:d2:
1b:3a:9e:0e:93:9f:1f:22:ae:8d:93:e7:fe:72:39:7f:8a:2b:
04:ec:ef:70:d8:69:c6:cc:ce:30:3d:21:a3:c7:36:3c:e4:c2:
5e:10:0b:2c:30:15:61:fb:0d:9e:1d:0f:c6:93:0d:b4:a4:c8:
da:bf:19:55:14:4d:d5:f8:f7:86:84:d1:a3:72:28:61:74:6b:
9b:ce:99:32:24:5d:05:24:78:cc:34:90:a4:54:f9:33:aa:00:
17:60:04:1c:85:01:fb:e6:1b:44:38:af:3c:29:4a:cf:95:c8:
ab:a1:9c:d1:40:6a:59:b2:8b:74:4b:24:8e:a2:ff:1b:bf:57:
33:25:b3:d4
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQntcGJQG8oZD1uQtfOMw7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWIzZWEzNWVkZmRkMTM4YzE1NTA2ZDc0YTc2MDIyZGQz
NzY5NGIwHhcNMjUwMTAyMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGNkNTM3MzY1NWQ4NzZiOWQ4NDYzZTFhYzg4NjI1MmMzNTE5YTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcxli3QZ/sq77TGhhHdXLF2+4P+E
0M7naOuqyywqysT4ud//Av6bHIXELW/PbgCt6Vl3JOaKm4oyTOr68F6qQPzla3qI
uWPJa1TmWHFtItDp4sHJhrtgk9HPhMZxqZWPYKd71I5z4RfdE+i351ppPnqNv7Gq
T1s+CXbLO/dVtSreyF1Ie/phCzkI99/4SI8N3fJOUDwNw2DZydsODhYiZ/w4hR4u
Z/8YnJl8Hl2v4E0QTa6ZPjWfk77afqvdvadhjajjkL8kw3E1e6uopf5xHy1iKfpN
OSNlLer717RX4/g/KCBWb/FtmoSKqymEnUz0yIgI1rvZ9+17D2fAhn/JWQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFH3NU3NlXYdrnYRj4ayIYlLDUZofMB8GA1UdIwQY
MBaAFAIbPqNe390TjBVQbXSnYCLdN2lLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAt
YzMyMDRiZGU3NzczLzEvZmMxVGMyVmRoMnVkaEdQaHJJaGlVc05SbWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAtYzMyMDRiZGU3Nzcz
LzEvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA5BAIAATAzAwMAgUUDAwCB
jwMDAI06AwMAjUYDBADAQ70DBADAQ9AwDAMEAMBsIwMEAMBsLAMDAcHEMA0EAgAC
MAcDBQMgAQfAMA0GCSqGSIb3DQEBCwUAA4IBAQBYk38nTo4E3ILfVKGZMG/FTMlR
zxzSa4In/fvsh1e9u47rORKMYtusHRxuSP55uLPUVOGoUJv5dB3YIpf6b14JkGq6
4aEBRG2zmw1WfFctEA1o6oAbsvj67LmmyqOCkxCOVy3pjWSSw6zfQBOoni1B4EAj
Zpn60U0O8bZ/btIbOp4Ok58fIq6Nk+f+cjl/iisE7O9w2GnGzM4wPSGjxzY85MJe
EAssMBVh+w2eHQ/Gkw20pMjavxlVFE3V+PeGhNGjcihhdGubzpkyJF0FJHjMNJCk
VPkzqgAXYAQchQH75htEOK88KUrPlciroZzRQGpZsot0SySOov8bv1czJbPU
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net