Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/s0YMc-wd0BVwoDkQPmP7mh5qsOM.roa
File: s0YMc-wd0BVwoDkQPmP7mh5qsOM.roa (raw, json)
Hash identifier: QPH+M8G+QUl4ptonFiy2TDOn+afoTnDuChM5Hy37ebY=
Subject key identifier: B3:46:0C:73:EC:1D:D0:15:70:A0:39:10:3E:63:FB:9A:1E:6A:B0:E3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019428250CDA2FA731647E499EA65432E949
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/s0YMc-wd0BVwoDkQPmP7mh5qsOM.roa
Signing time: Thu 02 Jan 2025 17:51:44 +0000
ROA not before: Thu 02 Jan 2025 17:51:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 193.124.16.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.127.0/24 maxlen: 24
212.193.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:0c:da:2f:a7:31:64:7e:49:9e:a6:54:32:e9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3460c73ec1dd01570a039103e63fb9a1e6ab0e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:90:2e:ff:8f:b1:09:01:04:bb:d1:3c:fb:87:
f1:5b:a6:aa:08:61:1c:42:ab:ae:32:81:f9:68:11:
33:9a:01:94:f9:43:78:57:31:ae:cc:37:6c:f8:f3:
31:a0:5c:a3:46:a4:b7:99:1e:ac:d7:32:6b:30:16:
e6:87:4e:4d:04:01:c0:9d:28:89:43:b4:d9:f6:37:
46:75:46:eb:d0:00:1b:c3:30:66:ac:6b:74:94:df:
cf:04:f5:89:a1:83:67:4e:40:66:35:db:9b:70:1d:
6e:93:a8:20:17:a3:9a:54:b8:8e:df:4f:4f:8c:ec:
7c:a6:c8:21:8e:62:b8:ce:76:f1:e6:c8:26:84:1f:
cd:29:9c:26:6b:63:2b:c5:2c:76:36:9a:a0:8c:8b:
43:01:bb:d0:0e:c7:4e:4f:60:69:56:0b:af:91:d3:
8c:bd:83:8e:1b:1f:fd:f7:9c:ba:3c:34:42:67:1f:
c8:c7:69:7a:78:3c:a8:16:08:04:06:f2:82:cf:49:
ce:1d:9d:49:d6:9c:92:d0:ec:c7:b9:41:25:12:35:
a9:66:0a:dc:46:c9:88:ea:d9:f0:d2:5d:d3:47:ef:
b3:45:14:c0:fb:20:68:0f:9b:c6:05:89:31:01:3e:
27:83:1b:9b:a7:0f:61:dd:ac:56:f2:c8:73:c1:9b:
66:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:46:0C:73:EC:1D:D0:15:70:A0:39:10:3E:63:FB:9A:1E:6A:B0:E3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/s0YMc-wd0BVwoDkQPmP7mh5qsOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.16.0/24
194.87.38.0/24
194.87.72.0/24
194.87.114.0/24
194.87.127.0/24
212.193.7.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:34:a9:1e:7b:af:33:b1:d4:1d:93:39:c2:a8:4d:81:16:fc:
95:2b:17:e3:45:a8:30:8f:13:dd:9a:4a:34:dd:f4:ad:e7:aa:
9c:80:56:db:9f:b0:e2:1f:77:53:a5:30:d2:cf:62:a1:2d:34:
21:cb:3b:88:fb:2b:31:b3:02:5a:3a:de:04:ce:25:a0:59:5a:
81:dc:8d:b4:98:4c:3f:51:31:93:52:20:17:88:1a:52:29:c8:
18:34:83:86:e5:6c:e7:4f:a5:11:25:8f:eb:32:09:9b:6c:ee:
0c:5f:ca:5e:6e:73:89:61:4d:a8:67:e0:05:2e:90:f5:4d:4a:
f4:97:57:6f:21:58:ec:ad:af:1f:1e:fb:41:0a:bd:4e:bf:8a:
b4:77:9c:5f:42:88:b5:1a:c2:4e:af:5e:ff:ee:da:ef:88:39:
86:5f:32:aa:df:de:07:34:9f:17:88:85:c3:79:39:13:ea:98:
c9:32:f3:ad:53:8e:17:a7:95:f1:60:e7:ef:87:ee:69:7d:17:
62:dd:5a:ee:47:5b:79:7b:e6:df:e1:62:31:79:5e:c7:bc:34:
6d:73:8f:56:d7:e0:5f:68:6d:14:f7:22:96:74:60:ac:83:6b:
b9:a3:c9:d4:70:71:b7:6f:58:50:22:46:c0:65:ff:e5:65:36:
90:76:60:51
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJQzaL6cxZH5JnqZUMulJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQ2MGM3M2VjMWRkMDE1NzBhMDM5MTAzZTYzZmI5YTFlNmFiMGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZAu/4+xCQEEu9E8+4fxW6aqCGEc
QquuMoH5aBEzmgGU+UN4VzGuzDds+PMxoFyjRqS3mR6s1zJrMBbmh05NBAHAnSiJ
Q7TZ9jdGdUbr0AAbwzBmrGt0lN/PBPWJoYNnTkBmNdubcB1uk6ggF6OaVLiO309P
jOx8psghjmK4znbx5sgmhB/NKZwma2MrxSx2NpqgjItDAbvQDsdOT2BpVguvkdOM
vYOOGx/995y6PDRCZx/Ix2l6eDyoFggEBvKCz0nOHZ1J1pyS0OzHuUElEjWpZgrc
RsmI6tnw0l3TR++zRRTA+yBoD5vGBYkxAT4ngxubpw9h3axW8shzwZtmZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLNGDHPsHdAVcKA5ED5j+5oearDjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvczBZTWMtd2QwQlZ3b0RrUVBtUDdtaDVxc09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwQAwQA
wlcmAwQAwldIAwQAwldyAwQAwld/AwQA1MEHMA0GCSqGSIb3DQEBCwUAA4IBAQBc
NKkee68zsdQdkznCqE2BFvyVKxfjRagwjxPdmko03fSt56qcgFbbn7DiH3dTpTDS
z2KhLTQhyzuI+ysxswJaOt4EziWgWVqB3I20mEw/UTGTUiAXiBpSKcgYNIOG5Wzn
T6URJY/rMgmbbO4MX8pebnOJYU2oZ+AFLpD1TUr0l1dvIVjsra8fHvtBCr1Ov4q0
d5xfQoi1GsJOr17/7trviDmGXzKq394HNJ8XiIXDeTkT6pjJMvOtU44Xp5XxYOfv
h+5pfRdi3VruR1t5e+bf4WIxeV7HvDRtc49W1+BfaG0U9yKWdGCsg2u5o8nUcHG3
b1hQIkbAZf/lZTaQdmBR
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:02 2025 by rpki-client