Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/CYNZ0RAHrT9vV8_0mrfX5LM1kug.roa
File: CYNZ0RAHrT9vV8_0mrfX5LM1kug.roa (raw, json)
Hash identifier: O/PKWyYrv2+2Dwkphq4C7HezWG7bAEi2rS0D+m+yIdU=
Subject key identifier: 09:83:59:D1:10:07:AD:3F:6F:57:CF:F4:9A:B7:D7:E4:B3:35:92:E8
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 01942444EE5090FFB91DB305172BA638F4C3
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/CYNZ0RAHrT9vV8_0mrfX5LM1kug.roa
Signing time: Wed 01 Jan 2025 23:48:04 +0000
ROA not before: Wed 01 Jan 2025 23:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16015
IP address blocks: 213.253.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ee:50:90:ff:b9:1d:b3:05:17:2b:a6:38:f4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 23:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=098359d11007ad3f6f57cff49ab7d7e4b33592e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:59:82:d5:9f:e1:ad:8c:e5:15:af:ce:16:76:
1f:a9:be:ba:f3:00:c5:a5:b4:13:6c:5e:0f:08:a6:
89:20:95:f9:17:25:d2:71:50:2a:d0:f1:f0:25:42:
8c:60:86:0d:57:6e:fe:28:7f:83:4f:9b:e5:0f:25:
3f:31:01:21:f6:78:03:56:47:41:ab:0e:b3:44:90:
60:16:c0:99:8d:a8:8c:91:c0:0a:a8:67:c3:76:dd:
2d:1a:f6:3e:39:5d:e7:89:bb:cf:d4:92:a8:bb:2a:
61:5b:73:78:14:fb:2f:b2:78:2d:53:97:99:fc:bc:
3f:b3:36:d6:49:a8:e3:20:c5:bc:c9:bf:98:6f:52:
fa:32:c4:55:2a:3a:63:aa:7a:7b:74:a9:a7:fc:03:
eb:5d:35:cd:ea:88:f3:66:81:5c:24:ca:da:d1:bb:
49:f6:43:05:26:07:62:ea:98:cf:21:3d:b2:22:a6:
82:32:25:47:fc:c2:42:55:a0:b1:9e:14:20:9b:8b:
a0:1c:7b:3e:0b:f8:37:32:08:74:6e:e0:e1:f5:bf:
1a:0a:e3:23:16:43:a2:62:5f:6e:fe:03:4f:c9:c4:
98:68:bb:fc:39:37:0e:55:8e:ab:60:f4:a2:54:c9:
a9:df:88:48:bd:ca:aa:6c:3b:78:4a:50:52:27:0d:
34:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:83:59:D1:10:07:AD:3F:6F:57:CF:F4:9A:B7:D7:E4:B3:35:92:E8
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/CYNZ0RAHrT9vV8_0mrfX5LM1kug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.253.194.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:c8:d3:72:e5:b0:8e:02:78:3e:43:f9:5c:9d:e6:ba:da:1e:
e9:b1:40:a3:72:3f:df:3d:97:01:c9:11:44:d6:3a:d7:1a:c1:
c4:58:2c:17:80:91:87:ca:27:aa:de:f2:9b:46:22:32:0d:59:
0a:19:db:78:92:55:91:b3:45:b9:fe:3f:21:db:08:12:58:8b:
9f:ff:08:26:54:00:7b:6c:62:26:2e:45:ba:94:07:34:44:06:
06:19:55:7e:84:2c:ec:b6:09:46:a9:19:83:a6:7d:c1:ab:b6:
57:53:a0:84:cc:78:20:d9:1b:09:e0:84:42:83:09:2f:30:55:
27:ba:70:5b:ec:61:5c:7b:20:86:97:bb:83:01:67:d6:5f:ab:
90:95:91:cf:d3:84:03:4f:d0:ba:1a:7d:6d:cc:cc:35:63:6a:
e9:88:28:ba:09:fd:13:f8:35:7f:36:b9:aa:e4:dc:37:e3:30:
4a:10:f6:91:3a:f4:4a:f0:7a:ce:f4:27:9f:f6:e9:f3:4b:47:
65:a7:ce:f1:0c:b8:69:d2:9d:d4:0c:03:92:08:1b:e8:34:9c:
2f:1f:d1:aa:94:32:54:4b:d1:ee:31:2e:e7:bf:1a:a5:52:50:
d3:b7:5a:d2:aa:fc:66:5c:a2:94:8f:fc:57:93:6a:db:bf:e6:
89:2a:7a:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRO5QkP+5HbMFFyumOPTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjUwMTAxMjM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTgzNTlkMTEwMDdhZDNmNmY1N2NmZjQ5YWI3ZDdlNGIzMzU5MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1mC1Z/hrYzlFa/OFnYfqb668wDF
pbQTbF4PCKaJIJX5FyXScVAq0PHwJUKMYIYNV27+KH+DT5vlDyU/MQEh9ngDVkdB
qw6zRJBgFsCZjaiMkcAKqGfDdt0tGvY+OV3nibvP1JKouyphW3N4FPsvsngtU5eZ
/Lw/szbWSajjIMW8yb+Yb1L6MsRVKjpjqnp7dKmn/APrXTXN6ojzZoFcJMra0btJ
9kMFJgdi6pjPIT2yIqaCMiVH/MJCVaCxnhQgm4ugHHs+C/g3Mgh0buDh9b8aCuMj
FkOiYl9u/gNPycSYaLv8OTcOVY6rYPSiVMmp34hIvcqqbDt4SlBSJw00vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmDWdEQB60/b1fP9Jq31+SzNZLoMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvQ1lOWjBSQUhyVDl2VjhfMG1yZlg1TE0xa3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1f3CMA0G
CSqGSIb3DQEBCwUAA4IBAQA7yNNy5bCOAng+Q/lcnea62h7psUCjcj/fPZcByRFE
1jrXGsHEWCwXgJGHyieq3vKbRiIyDVkKGdt4klWRs0W5/j8h2wgSWIuf/wgmVAB7
bGImLkW6lAc0RAYGGVV+hCzstglGqRmDpn3Bq7ZXU6CEzHgg2RsJ4IRCgwkvMFUn
unBb7GFceyCGl7uDAWfWX6uQlZHP04QDT9C6Gn1tzMw1Y2rpiCi6Cf0T+DV/Nrmq
5Nw34zBKEPaROvRK8HrO9Cef9unzS0dlp87xDLhp0p3UDAOSCBvoNJwvH9GqlDJU
S9HuMS7nvxqlUlDTt1rSqvxmXKKUj/xXk2rbv+aJKnrF
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:45:16 2025 by rpki-client