Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/yT1Jx8Ou-jYtMpuKi40cHf-H83c.roa
File: yT1Jx8Ou-jYtMpuKi40cHf-H83c.roa (raw, json)
Hash identifier: Lx4YPLeLSMnJ3NGAZ4PST+Ci/ylYMYy1Z+vRgBl8ZqA=
Subject key identifier: C9:3D:49:C7:C3:AE:FA:36:2D:32:9B:8A:8B:8D:1C:1D:FF:87:F3:77
Certificate issuer: /CN=f26144c824959711b652d78c18702bf432f2195c
Certificate serial: 019426D946584DC9BB5D5A8316DC700A12E8
Authority key identifier: F2:61:44:C8:24:95:97:11:B6:52:D7:8C:18:70:2B:F4:32:F2:19:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mFEyCSVlxG2UteMGHAr9DLyGVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/yT1Jx8Ou-jYtMpuKi40cHf-H83c.roa
Signing time: Thu 02 Jan 2025 11:49:21 +0000
ROA not before: Thu 02 Jan 2025 11:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25151
IP address blocks: 193.33.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:46:58:4d:c9:bb:5d:5a:83:16:dc:70:0a:12:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26144c824959711b652d78c18702bf432f2195c
Validity
Not Before: Jan 2 11:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c93d49c7c3aefa362d329b8a8b8d1c1dff87f377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:aa:97:0a:b9:5a:8d:43:f4:d1:06:72:21:55:
88:7c:c2:c3:f4:cb:7e:39:54:13:b1:54:54:13:04:
6a:94:20:ac:aa:9f:5c:92:20:f2:04:2b:b6:3a:16:
83:bd:2e:66:9b:1c:9c:52:44:02:9c:99:5a:71:b1:
b7:e4:29:e5:8c:a9:79:da:1d:ea:95:e1:94:da:b8:
d3:7e:84:3e:e5:c7:cb:2c:66:76:c6:bb:29:a9:d3:
f0:cd:9b:6e:76:74:6e:0d:ae:c2:85:56:eb:46:3b:
92:05:1a:48:95:61:ba:fa:f5:96:b2:14:d8:60:af:
74:98:84:94:36:cf:d4:2a:86:6b:ce:b6:db:45:72:
d8:1b:95:de:79:0d:df:9d:e2:bd:9f:ae:02:cf:cf:
be:9a:0e:99:51:ac:10:e0:20:d4:a0:93:e4:5e:e7:
af:73:31:dc:f9:17:ee:f6:3b:60:b2:42:bc:c8:4b:
0c:77:75:cb:a4:18:93:ce:c8:02:f7:98:aa:8a:e3:
e9:78:1a:f0:dc:56:a1:23:38:1c:59:6c:e8:c8:76:
f3:66:b5:ba:73:ae:4c:41:a2:5b:b9:55:a5:3f:d0:
10:27:0f:80:b2:3d:90:b0:ec:00:8a:be:63:9a:44:
4a:29:37:6d:89:65:f5:23:c3:d4:c0:41:73:be:aa:
90:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3D:49:C7:C3:AE:FA:36:2D:32:9B:8A:8B:8D:1C:1D:FF:87:F3:77
X509v3 Authority Key Identifier:
keyid:F2:61:44:C8:24:95:97:11:B6:52:D7:8C:18:70:2B:F4:32:F2:19:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mFEyCSVlxG2UteMGHAr9DLyGVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/yT1Jx8Ou-jYtMpuKi40cHf-H83c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a66c25-2711-4659-b162-35b483bb4c84/1/8mFEyCSVlxG2UteMGHAr9DLyGVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.220.0/24
Signature Algorithm: sha256WithRSAEncryption
67:77:45:9d:0d:68:d3:5f:fd:b9:6f:51:dd:25:ab:0f:a0:64:
d8:af:55:87:dd:e9:30:df:a2:a2:e0:67:f5:18:59:8b:9d:22:
ab:d2:09:42:37:01:43:97:19:93:6b:8a:ae:12:7e:fd:05:9b:
51:a8:57:23:54:6c:7f:b7:ee:b1:cb:8f:a2:ce:ec:6d:c1:9b:
1c:49:06:54:17:2b:be:bb:32:3e:07:25:11:08:5c:91:4f:7a:
44:e9:68:d7:3c:68:45:5b:5a:4c:ba:57:a2:a2:c5:d2:ba:bb:
ff:40:58:ff:d9:20:22:6d:a5:b9:5f:ac:21:3b:c3:aa:d9:1f:
8d:53:3b:3f:af:14:c7:9d:c9:31:5e:f9:3f:69:21:30:d4:e9:
25:6d:16:0e:cc:c8:e0:74:3e:2a:2f:33:5d:1e:5e:29:6c:06:
8e:4e:ce:81:da:d1:5f:c3:27:b3:08:c6:a6:70:e1:99:70:f6:
d1:5f:11:6e:47:6e:b9:21:68:54:25:c7:65:42:a6:af:70:a6:
3d:c6:d9:a8:02:cd:d8:54:94:e7:5d:ef:b1:5f:80:f6:6d:2c:
4d:4a:78:6a:0a:2b:85:35:51:00:b6:c3:58:09:7a:8e:dd:34:
77:64:b4:63:2a:1a:37:f2:55:93:d8:06:bf:a6:82:9e:6e:8c:
33:47:5d:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2UZYTcm7XVqDFtxwChLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjE0NGM4MjQ5NTk3MTFiNjUyZDc4YzE4NzAyYmY0MzJm
MjE5NWMwHhcNMjUwMTAyMTE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNkNDljN2MzYWVmYTM2MmQzMjliOGE4YjhkMWMxZGZmODdmMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaqXCrlajUP00QZyIVWIfMLD9Mt+
OVQTsVRUEwRqlCCsqp9ckiDyBCu2OhaDvS5mmxycUkQCnJlacbG35CnljKl52h3q
leGU2rjTfoQ+5cfLLGZ2xrspqdPwzZtudnRuDa7ChVbrRjuSBRpIlWG6+vWWshTY
YK90mISUNs/UKoZrzrbbRXLYG5XeeQ3fneK9n64Cz8++mg6ZUawQ4CDUoJPkXuev
czHc+Rfu9jtgskK8yEsMd3XLpBiTzsgC95iqiuPpeBrw3FahIzgcWWzoyHbzZrW6
c65MQaJbuVWlP9AQJw+Asj2QsOwAir5jmkRKKTdtiWX1I8PUwEFzvqqQsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMk9ScfDrvo2LTKbiouNHB3/h/N3MB8GA1UdIwQY
MBaAFPJhRMgklZcRtlLXjBhwK/Qy8hlcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1GRXlDU1ZseEcyVXRlTUdIQXI5REx5R1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hNjZjMjUtMjcxMS00NjU5LWIxNjIt
MzViNDgzYmI0Yzg0LzEveVQxSng4T3Utall0TXB1S2k0MGNIZi1IODNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hNjZjMjUtMjcxMS00NjU5LWIxNjItMzViNDgzYmI0Yzg0
LzEvOG1GRXlDU1ZseEcyVXRlTUdIQXI5REx5R1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSHcMA0G
CSqGSIb3DQEBCwUAA4IBAQBnd0WdDWjTX/25b1HdJasPoGTYr1WH3ekw36Ki4Gf1
GFmLnSKr0glCNwFDlxmTa4quEn79BZtRqFcjVGx/t+6xy4+izuxtwZscSQZUFyu+
uzI+ByURCFyRT3pE6WjXPGhFW1pMuleiosXSurv/QFj/2SAibaW5X6whO8Oq2R+N
Uzs/rxTHnckxXvk/aSEw1OklbRYOzMjgdD4qLzNdHl4pbAaOTs6B2tFfwyezCMam
cOGZcPbRXxFuR265IWhUJcdlQqavcKY9xtmoAs3YVJTnXe+xX4D2bSxNSnhqCiuF
NVEAtsNYCXqO3TR3ZLRjKho38lWT2Aa/poKebowzR12L
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:57:07 2025 by rpki-client