Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qiUYYad5SHUApQoI4oTYAkcrNZw.roa
File: qiUYYad5SHUApQoI4oTYAkcrNZw.roa (raw, json)
Hash identifier: xlCg0Ek41NWTNps6x83HDYAuNravbGmkSrOqPlnkUJE=
Subject key identifier: AA:25:18:61:A7:79:48:75:00:A5:0A:08:E2:84:D8:02:47:2B:35:9C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824F1AA9DA91CF569908420D2F56CDD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qiUYYad5SHUApQoI4oTYAkcrNZw.roa
Signing time: Thu 02 Jan 2025 17:51:37 +0000
ROA not before: Thu 02 Jan 2025 17:51:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 193.124.44.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:f1:aa:9d:a9:1c:f5:69:90:84:20:d2:f5:6c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa251861a779487500a50a08e284d802472b359c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:64:91:3a:1e:e7:8b:0a:f4:f3:3c:ab:d2:1d:
06:05:0b:9a:fa:39:dc:af:43:81:87:71:67:19:d0:
90:46:b6:4e:bc:30:d5:02:cd:eb:70:eb:1e:9a:b9:
e1:ce:fb:d5:29:ca:b8:4d:be:67:58:6b:d5:44:b0:
e6:21:c4:64:d3:93:90:91:1c:db:47:63:ae:64:c6:
36:76:7c:f8:d5:c9:cc:b3:a6:af:e7:53:be:29:cd:
9b:27:13:f1:4d:d3:47:f6:e8:d5:78:23:60:2d:39:
b9:3c:67:63:31:37:e9:92:83:88:64:25:87:60:c6:
d2:7d:b4:31:e3:fc:d9:a7:47:e0:03:b2:02:4c:11:
fa:21:63:94:78:d0:bd:75:04:8c:c0:de:ab:5d:fd:
90:03:ff:05:ed:ef:b0:f4:28:fb:dc:d8:e5:e1:9d:
be:4a:b6:7f:c2:98:5b:91:ef:12:60:00:2c:ba:dc:
e7:36:a5:0d:44:19:08:4b:fd:21:e9:45:d8:1f:8b:
17:96:59:d6:74:ed:2e:f4:be:56:e8:69:83:cf:a8:
85:d1:4b:cd:ef:f9:00:60:8e:6c:06:07:8b:12:dd:
f4:62:df:3c:95:84:12:b2:21:ad:31:ea:4d:b0:f6:
b6:cf:11:93:64:bf:a1:66:31:55:e4:1e:89:17:61:
fd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:25:18:61:A7:79:48:75:00:A5:0A:08:E2:84:D8:02:47:2B:35:9C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qiUYYad5SHUApQoI4oTYAkcrNZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.87.37.0/24
195.133.17.0/24
195.133.39.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5b:98:6f:d5:6d:c8:fd:7c:c6:06:d5:78:cb:32:29:b7:de:
c5:72:f3:1c:5e:3d:6e:e4:da:23:44:85:3a:ce:36:de:7c:26:
cc:08:47:41:f4:97:a2:e0:f2:1e:07:2e:ab:24:b2:e3:11:83:
6c:74:1e:7d:98:1f:9a:6c:80:28:37:d9:8b:5e:e1:d7:55:a0:
28:60:4c:70:49:4a:46:64:f0:da:f7:65:6f:c2:89:8d:1c:54:
ea:ce:a5:f2:68:4c:99:45:eb:d8:07:29:aa:a9:07:73:0c:bb:
ad:ef:eb:b6:e9:ad:bb:a6:01:61:8b:a6:69:0b:20:fe:c9:ef:
ee:41:74:e3:8e:be:4d:5e:07:e3:2f:44:7e:d3:55:01:ad:a2:
29:85:11:8d:b7:32:80:b3:fa:ea:fb:6d:d4:fc:2b:51:07:e9:
10:00:65:38:e3:4e:9e:78:fe:0b:be:e6:73:13:64:00:96:64:
85:64:28:aa:69:c9:58:b7:c8:ec:ae:e4:1f:f3:7c:2d:20:8f:
37:9d:57:98:bb:2b:d2:fb:fe:a7:c5:33:74:33:c4:0b:bb:67:
d0:50:82:b3:d2:12:56:c7:85:7d:32:18:4e:d1:9b:14:cb:93:
ef:fd:3b:77:9f:a9:44:73:99:23:f2:b5:44:4d:74:d1:f9:62:
cc:f0:94:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJPGqnakc9WmQhCDS9WzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI1MTg2MWE3Nzk0ODc1MDBhNTBhMDhlMjg0ZDgwMjQ3MmIzNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2SROh7niwr08zyr0h0GBQua+jnc
r0OBh3FnGdCQRrZOvDDVAs3rcOsemrnhzvvVKcq4Tb5nWGvVRLDmIcRk05OQkRzb
R2OuZMY2dnz41cnMs6av51O+Kc2bJxPxTdNH9ujVeCNgLTm5PGdjMTfpkoOIZCWH
YMbSfbQx4/zZp0fgA7ICTBH6IWOUeNC9dQSMwN6rXf2QA/8F7e+w9Cj73Njl4Z2+
SrZ/wphbke8SYAAsutznNqUNRBkIS/0h6UXYH4sXllnWdO0u9L5W6GmDz6iF0UvN
7/kAYI5sBgeLEt30Yt88lYQSsiGtMepNsPa2zxGTZL+hZjFV5B6JF2H9MQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKolGGGneUh1AKUKCOKE2AJHKzWcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcWlVWVlhZDVTSFVBcFFvSTRvVFlBa2NyTlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwsAwQA
wlclAwQAw4URAwQAw4UnMA0GCSqGSIb3DQEBCwUAA4IBAQBUW5hv1W3I/XzGBtV4
yzIpt97FcvMcXj1u5NojRIU6zjbefCbMCEdB9Jei4PIeBy6rJLLjEYNsdB59mB+a
bIAoN9mLXuHXVaAoYExwSUpGZPDa92VvwomNHFTqzqXyaEyZRevYBymqqQdzDLut
7+u26a27pgFhi6ZpCyD+ye/uQXTjjr5NXgfjL0R+01UBraIphRGNtzKAs/rq+23U
/CtRB+kQAGU4406eeP4LvuZzE2QAlmSFZCiqaclYt8jsruQf83wtII83nVeYuyvS
+/6nxTN0M8QLu2fQUIKz0hJWx4V9MhhO0ZsUy5Pv/Tt3n6lEc5kj8rVETXTR+WLM
8JTb
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:02 2025 by rpki-client