Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/NfY8zpyx6EDpP6DxTuquvNoK9sY.roa
File: NfY8zpyx6EDpP6DxTuquvNoK9sY.roa (raw, json)
Hash identifier: mmbOZfwYelbaWl9riAjIdhT8MqPp3t5vAxerApfLsl0=
Subject key identifier: 35:F6:3C:CE:9C:B1:E8:40:E9:3F:A0:F1:4E:EA:AE:BC:DA:0A:F6:C6
Certificate issuer: /CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Certificate serial: 0194228E3C97C4D3352BA6F010D9338A4B53
Authority key identifier: C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/NfY8zpyx6EDpP6DxTuquvNoK9sY.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207858
IP address blocks: 193.28.255.0/24 maxlen: 24
193.29.1.0/24 maxlen: 24
193.29.4.0/24 maxlen: 24
193.29.8.0/24 maxlen: 24
2a0f:7a40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3c:97:c4:d3:35:2b:a6:f0:10:d9:33:8a:4b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35f63cce9cb1e840e93fa0f14eeaaebcda0af6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b4:01:fe:b5:7c:5b:20:fa:4d:5f:7f:49:d8:
5c:ff:8f:df:85:7d:44:80:32:f3:dd:a7:ee:21:a8:
40:ad:f6:26:39:ea:b8:96:98:bb:cd:10:26:55:88:
2b:82:91:3e:fc:55:c3:af:31:8a:31:9c:65:8f:2a:
30:cf:90:14:a2:77:2d:35:20:12:2d:97:64:8a:ed:
a2:83:c0:ef:73:ff:c1:68:a6:63:a9:89:74:76:a7:
56:26:aa:fa:24:c2:7b:da:84:dd:24:77:ef:2a:81:
3a:d4:04:00:8e:3d:46:7d:d0:93:bb:44:d3:94:43:
ca:aa:51:c5:b6:b4:f2:57:d3:fc:72:3e:eb:ab:72:
ce:84:6e:21:d4:19:ce:1a:4b:56:27:3b:c3:b8:e5:
1f:1d:07:61:ba:f7:16:bd:20:c4:cc:b2:1c:17:37:
d0:5b:2d:54:b6:c8:b4:c4:26:52:22:ba:a1:05:38:
85:39:f2:b2:33:08:7a:61:27:b2:3d:5b:79:02:b0:
77:37:96:c9:c3:42:7f:8a:aa:56:64:17:92:8b:e8:
e9:ba:e4:c6:78:6f:d8:ab:54:f2:28:6f:d9:44:29:
51:f9:f1:43:31:ba:08:fb:2a:9d:1b:ee:c6:4a:d6:
48:d0:be:73:d4:a1:ab:0e:1e:83:d0:47:a3:73:b9:
d9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F6:3C:CE:9C:B1:E8:40:E9:3F:A0:F1:4E:EA:AE:BC:DA:0A:F6:C6
X509v3 Authority Key Identifier:
keyid:C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/NfY8zpyx6EDpP6DxTuquvNoK9sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/wzCs3wQbXcx-XsbPj_i9BkjoZww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.255.0/24
193.29.1.0/24
193.29.4.0/24
193.29.8.0/24
IPv6:
2a0f:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
50:d5:d8:03:8f:b2:b5:60:57:d2:06:40:d0:24:06:4c:ab:32:
27:25:f5:93:8d:9e:8a:22:27:33:28:57:d3:c7:61:d9:9c:0f:
9a:f6:ac:92:dd:1a:0b:35:31:4b:3a:69:0c:9a:2c:fd:15:45:
2c:26:6a:f7:7a:ea:ce:ca:d8:44:bf:f6:8e:11:d6:6d:07:56:
60:b6:9f:98:82:1a:cf:bb:00:29:2f:ef:d4:a4:05:4c:c2:81:
cf:c1:c6:db:0d:db:e3:05:65:af:b7:22:0b:f2:11:be:eb:09:
6c:e6:5a:27:b2:c8:4f:3b:f7:69:ab:8d:8a:37:ad:bc:9f:bb:
35:3e:31:64:79:9a:a7:c4:9e:3f:65:5b:13:b3:f1:02:6c:e9:
48:f5:7f:be:5d:80:e8:4d:08:a7:73:52:d2:77:af:03:3f:be:
9a:d2:a8:9d:8f:0e:9c:de:9c:ee:f2:83:6a:74:e2:83:83:84:
89:08:c1:a4:74:be:30:6d:8d:0a:e7:73:d5:28:53:13:87:74:
20:89:b3:69:15:0a:e5:c8:29:0f:e9:8f:05:f3:72:e8:91:7d:
b9:7d:29:fd:1c:ba:3c:2a:0e:1a:83:fb:49:e0:a6:a6:cc:4a:
f9:7f:d5:74:37:89:91:18:cb:64:17:ef:3a:16:9d:a0:74:b3:
3a:1e:85:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQijjyXxNM1K6bwENkziktTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzBhY2RmMDQxYjVkY2M3ZTVlYzZjZjhmZjhiZDA2NDhl
ODY3MGMwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY2M2NjZTljYjFlODQwZTkzZmEwZjE0ZWVhYWViY2RhMGFmNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLQB/rV8WyD6TV9/Sdhc/4/fhX1E
gDLz3afuIahArfYmOeq4lpi7zRAmVYgrgpE+/FXDrzGKMZxljyowz5AUonctNSAS
LZdkiu2ig8Dvc//BaKZjqYl0dqdWJqr6JMJ72oTdJHfvKoE61AQAjj1GfdCTu0TT
lEPKqlHFtrTyV9P8cj7rq3LOhG4h1BnOGktWJzvDuOUfHQdhuvcWvSDEzLIcFzfQ
Wy1Utsi0xCZSIrqhBTiFOfKyMwh6YSeyPVt5ArB3N5bJw0J/iqpWZBeSi+jpuuTG
eG/Yq1TyKG/ZRClR+fFDMboI+yqdG+7GStZI0L5z1KGrDh6D0Eejc7nZaQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDX2PM6csehA6T+g8U7qrrzaCvbGMB8GA1UdIwQY
MBaAFMMwrN8EG13Mfl7Gz4/4vQZI6GcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUt
YTBhZDYxZDE5NGExLzEvTmZZOHpweXg2RURwUDZEeFR1cXV2Tm9LOXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUtYTBhZDYxZDE5NGEx
LzEvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRz/AwQA
wR0BAwQAwR0EAwQAwR0IMA0EAgACMAcDBQMqD3pAMA0GCSqGSIb3DQEBCwUAA4IB
AQBQ1dgDj7K1YFfSBkDQJAZMqzInJfWTjZ6KIiczKFfTx2HZnA+a9qyS3RoLNTFL
OmkMmiz9FUUsJmr3eurOythEv/aOEdZtB1Zgtp+YghrPuwApL+/UpAVMwoHPwcbb
DdvjBWWvtyIL8hG+6wls5lonsshPO/dpq42KN628n7s1PjFkeZqnxJ4/ZVsTs/EC
bOlI9X++XYDoTQinc1LSd68DP76a0qidjw6c3pzu8oNqdOKDg4SJCMGkdL4wbY0K
53PVKFMTh3QgibNpFQrlyCkP6Y8F83LokX25fSn9HLo8Kg4ag/tJ4KamzEr5f9V0
N4mRGMtkF+86Fp2gdLM6HoWF
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:45:46 2025 by rpki-client