Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/MFfi1uWMm7mX9pdkn5QiwF2Y_88.roa
File: MFfi1uWMm7mX9pdkn5QiwF2Y_88.roa (raw, json)
Hash identifier: wkDFcXBuPxZO4E7KTiUs2DofbiNc9cVh0u6ybcZwLbU=
Subject key identifier: 30:57:E2:D6:E5:8C:9B:B9:97:F6:97:64:9F:94:22:C0:5D:98:FF:CF
Certificate issuer: /CN=33af5dc629cd4937597f3fcd858ca5c80ed97c50
Certificate serial: 019420D615627D77228A66A57426C475F38D
Authority key identifier: 33:AF:5D:C6:29:CD:49:37:59:7F:3F:CD:85:8C:A5:C8:0E:D9:7C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M69dxinNSTdZfz_NhYylyA7ZfFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/MFfi1uWMm7mX9pdkn5QiwF2Y_88.roa
Signing time: Wed 01 Jan 2025 07:48:08 +0000
ROA not before: Wed 01 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31645
IP address blocks: 194.32.84.0/23 maxlen: 23
194.32.84.0/24 maxlen: 24
194.32.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:15:62:7d:77:22:8a:66:a5:74:26:c4:75:f3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33af5dc629cd4937597f3fcd858ca5c80ed97c50
Validity
Not Before: Jan 1 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3057e2d6e58c9bb997f697649f9422c05d98ffcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:48:2e:4c:c0:c9:6a:24:24:c0:13:75:34:83:
9e:9c:81:31:95:03:e0:a7:be:ca:7f:c4:f5:ff:7c:
11:f7:c0:a3:0d:1e:87:9b:c8:78:18:f3:71:3a:5e:
ac:ee:bc:ce:7f:8e:51:74:79:5c:22:54:b7:65:23:
cf:b4:b5:9d:74:2b:a9:27:4c:1f:c3:78:d5:b1:cf:
cc:ba:de:f7:53:b0:ee:77:4c:d6:43:e5:36:e3:c6:
03:86:15:6a:4b:10:85:77:c5:ab:22:13:c1:a8:0e:
59:55:bf:e2:5e:68:eb:d7:c8:c7:91:a3:93:3b:f5:
6d:14:3a:80:e1:7b:3e:eb:a3:ea:77:b5:65:c6:55:
d8:bb:0c:4c:b1:e8:11:ba:82:db:20:ce:f4:12:89:
69:4e:8a:97:bd:d3:d4:5c:d1:41:5e:b1:ae:30:47:
7a:d4:e3:4a:1f:5d:a9:8c:ef:da:b1:b9:95:19:c8:
a0:f2:49:11:8e:5a:53:b0:1e:dc:49:1e:37:7c:84:
62:41:1d:70:87:5c:f1:b4:bb:a2:92:df:c8:49:f7:
51:61:ef:37:f2:b8:0e:03:c5:92:d4:28:16:5c:8f:
5c:58:be:18:0d:d9:ca:27:14:d2:fa:b8:94:ca:35:
ad:0a:1a:4a:31:98:68:e5:7d:c4:65:fe:40:df:08:
64:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:57:E2:D6:E5:8C:9B:B9:97:F6:97:64:9F:94:22:C0:5D:98:FF:CF
X509v3 Authority Key Identifier:
keyid:33:AF:5D:C6:29:CD:49:37:59:7F:3F:CD:85:8C:A5:C8:0E:D9:7C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M69dxinNSTdZfz_NhYylyA7ZfFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/MFfi1uWMm7mX9pdkn5QiwF2Y_88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3552ae-c55e-4a0b-b8fe-e26e9f51ddb2/1/M69dxinNSTdZfz_NhYylyA7ZfFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.84.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:28:93:38:06:ae:24:13:21:99:a9:01:86:35:60:9c:1c:e1:
2e:fe:5a:f8:35:3c:15:8d:55:2f:07:37:12:59:37:2d:03:a1:
30:14:66:df:0e:f7:8f:d9:2e:13:53:d2:e7:b2:22:f2:d4:ed:
ed:60:88:a9:cb:63:68:b9:27:7e:c0:a4:97:c7:c2:de:fa:6f:
db:39:7d:95:dc:dc:ce:f2:4e:72:f6:87:72:c6:19:63:eb:bb:
a0:90:cf:ff:76:c5:6f:19:ee:a1:e5:b6:36:2c:52:d6:b4:6b:
83:a4:f5:92:22:14:ac:44:d5:e8:a2:e8:44:fe:47:9d:a8:fb:
42:39:86:8a:75:16:d2:46:b8:47:fe:d5:91:95:b7:50:01:13:
20:92:82:1b:ce:74:1c:eb:a1:16:6e:66:e5:83:2f:2d:dd:6e:
ae:81:11:98:57:12:58:ca:80:a6:49:36:4d:c0:56:05:c5:a5:
c3:c7:64:54:87:74:1f:7f:f6:2e:86:03:8a:f2:dc:08:97:3d:
27:72:e9:f8:10:fc:af:4d:c8:d3:4e:e0:27:1b:c5:d2:2b:fa:
10:18:62:15:bf:cf:a8:a5:19:49:24:da:ce:15:25:58:10:ce:
36:fc:d9:55:49:b8:fd:4c:10:ff:9f:6e:2f:de:5e:be:b4:33:
44:b3:f5:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hVifXciimaldCbEdfONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYWY1ZGM2MjljZDQ5Mzc1OTdmM2ZjZDg1OGNhNWM4MGVk
OTdjNTAwHhcNMjUwMTAxMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU3ZTJkNmU1OGM5YmI5OTdmNjk3NjQ5Zjk0MjJjMDVkOThmZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kguTMDJaiQkwBN1NIOenIExlQPg
p77Kf8T1/3wR98CjDR6Hm8h4GPNxOl6s7rzOf45RdHlcIlS3ZSPPtLWddCupJ0wf
w3jVsc/Mut73U7Dud0zWQ+U248YDhhVqSxCFd8WrIhPBqA5ZVb/iXmjr18jHkaOT
O/VtFDqA4Xs+66Pqd7VlxlXYuwxMsegRuoLbIM70EolpToqXvdPUXNFBXrGuMEd6
1ONKH12pjO/asbmVGcig8kkRjlpTsB7cSR43fIRiQR1wh1zxtLuikt/ISfdRYe83
8rgOA8WS1CgWXI9cWL4YDdnKJxTS+riUyjWtChpKMZho5X3EZf5A3whkkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBX4tbljJu5l/aXZJ+UIsBdmP/PMB8GA1UdIwQY
MBaAFDOvXcYpzUk3WX8/zYWMpcgO2XxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTY5ZHhpbk5TVGRaZnpfTmhZeWx5QTdaZkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zNTUyYWUtYzU1ZS00YTBiLWI4ZmUt
ZTI2ZTlmNTFkZGIyLzEvTUZmaTF1V01tN21YOXBka241UWl3RjJZXzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zNTUyYWUtYzU1ZS00YTBiLWI4ZmUtZTI2ZTlmNTFkZGIy
LzEvTTY5ZHhpbk5TVGRaZnpfTmhZeWx5QTdaZkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiBUMA0G
CSqGSIb3DQEBCwUAA4IBAQCzKJM4Bq4kEyGZqQGGNWCcHOEu/lr4NTwVjVUvBzcS
WTctA6EwFGbfDveP2S4TU9LnsiLy1O3tYIipy2NouSd+wKSXx8Le+m/bOX2V3NzO
8k5y9odyxhlj67ugkM//dsVvGe6h5bY2LFLWtGuDpPWSIhSsRNXoouhE/kedqPtC
OYaKdRbSRrhH/tWRlbdQARMgkoIbznQc66EWbmblgy8t3W6ugRGYVxJYyoCmSTZN
wFYFxaXDx2RUh3Qff/YuhgOK8twIlz0ncun4EPyvTcjTTuAnG8XSK/oQGGIVv8+o
pRlJJNrOFSVYEM42/NlVSbj9TBD/n24v3l6+tDNEs/Ux
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:31:19 2025 by rpki-client