Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/yZvcP-Ps4yo6pgIgUKI5eTzNp2U.roa
File: yZvcP-Ps4yo6pgIgUKI5eTzNp2U.roa (raw, json)
Hash identifier: MDG4N8hqJwJQSXIs3A2EDMOqJcbMoF8xcYaXQrrz3Zg=
Subject key identifier: C9:9B:DC:3F:E3:EC:E3:2A:3A:A6:02:20:50:A2:39:79:3C:CD:A7:65
Certificate issuer: /CN=c25d43dcde10b923179d5b1bd74ea43acc221093
Certificate serial: 019425FD844A831146565D325C6BACF3BB5E
Authority key identifier: C2:5D:43:DC:DE:10:B9:23:17:9D:5B:1B:D7:4E:A4:3A:CC:22:10:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wl1D3N4QuSMXnVsb106kOswiEJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/yZvcP-Ps4yo6pgIgUKI5eTzNp2U.roa
Signing time: Thu 02 Jan 2025 07:49:19 +0000
ROA not before: Thu 02 Jan 2025 07:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48829
IP address blocks: 195.130.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:84:4a:83:11:46:56:5d:32:5c:6b:ac:f3:bb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c25d43dcde10b923179d5b1bd74ea43acc221093
Validity
Not Before: Jan 2 07:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c99bdc3fe3ece32a3aa6022050a239793ccda765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d1:60:16:01:b3:f0:0b:a7:81:78:7c:fc:02:
a0:b2:a3:36:85:49:e4:a0:9f:38:fa:85:25:25:4a:
40:88:3e:54:5c:5d:93:a5:a4:04:f6:d7:25:ab:99:
ff:8e:06:6a:29:b8:35:28:16:b2:3b:67:f6:c6:8a:
42:ac:46:2b:24:54:33:d9:6f:21:02:4c:1e:1a:69:
78:e7:9b:b1:5d:50:ec:46:3d:25:66:41:d0:29:97:
b9:65:1c:06:d9:d4:03:04:f0:8d:0f:25:7b:c9:b3:
d3:89:42:55:4a:1e:2f:80:8a:51:92:b1:53:fd:90:
10:9a:72:72:97:2f:a2:51:8c:08:f0:4a:cd:a0:40:
c7:c9:94:56:73:43:f0:90:05:3a:e3:b5:ae:45:12:
84:cf:26:4d:4d:c4:9c:63:9f:9b:f1:1d:28:40:c9:
73:23:37:71:6f:8d:b3:87:6b:76:ea:c3:2e:bf:7b:
95:00:26:0b:83:1d:d8:50:9c:ad:34:f3:16:37:0f:
b0:8e:9f:01:62:0e:00:80:14:a6:cb:c2:56:65:83:
a9:8c:88:d6:d5:d8:37:50:a1:4f:03:f5:c8:6e:80:
7b:0b:9e:f9:9e:55:b4:c9:2b:db:97:18:ad:06:b9:
65:1b:98:c9:02:66:0b:2d:2b:c6:ce:7d:7e:d1:15:
90:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:9B:DC:3F:E3:EC:E3:2A:3A:A6:02:20:50:A2:39:79:3C:CD:A7:65
X509v3 Authority Key Identifier:
keyid:C2:5D:43:DC:DE:10:B9:23:17:9D:5B:1B:D7:4E:A4:3A:CC:22:10:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wl1D3N4QuSMXnVsb106kOswiEJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/yZvcP-Ps4yo6pgIgUKI5eTzNp2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/wl1D3N4QuSMXnVsb106kOswiEJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.203.0/24
Signature Algorithm: sha256WithRSAEncryption
80:63:a3:22:71:b0:c4:90:42:67:de:d3:24:18:20:c0:e6:40:
d5:60:8c:7f:d4:0e:4a:73:2b:36:08:9a:08:ea:0c:1c:13:58:
fe:42:b8:35:d3:2b:32:d0:6a:35:4a:39:3c:e0:98:1c:c6:51:
2e:ee:a7:a7:31:15:79:d5:8a:ee:71:91:d3:60:eb:83:61:49:
07:82:91:08:31:7d:ac:a8:e0:ca:5d:6e:7c:2a:d1:0a:15:6b:
45:c0:97:55:9e:7d:82:65:c2:d9:ea:d8:13:55:98:50:16:c3:
90:3a:eb:d2:53:8d:b4:63:6d:1b:96:95:5e:0c:ae:ce:7d:b8:
6f:c0:ca:e8:26:9c:10:90:3a:62:23:8a:b1:51:e2:34:c4:d7:
cc:71:a3:db:f5:01:08:24:e2:14:da:7b:dd:ee:31:bd:fd:fc:
aa:bf:65:96:08:ec:ae:cc:1f:88:44:30:97:42:1a:2b:09:bd:
94:67:ac:ca:ac:1f:d4:40:22:20:7d:3b:29:eb:32:2c:6e:42:
c4:2b:8a:75:e9:c3:fe:e7:9a:88:ae:d0:dd:2d:f1:cc:13:25:
69:46:34:c4:74:ae:40:05:1a:1b:3e:b5:aa:a8:6d:60:b0:1c:
d9:97:a3:be:9d:f0:f5:0c:81:a0:08:18:9e:d1:cc:c8:36:e9:
8f:f6:d2:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/YRKgxFGVl0yXGus87teMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNWQ0M2RjZGUxMGI5MjMxNzlkNWIxYmQ3NGVhNDNhY2My
MjEwOTMwHhcNMjUwMTAyMDc0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTliZGMzZmUzZWNlMzJhM2FhNjAyMjA1MGEyMzk3OTNjY2RhNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndFgFgGz8AungXh8/AKgsqM2hUnk
oJ84+oUlJUpAiD5UXF2TpaQE9tclq5n/jgZqKbg1KBayO2f2xopCrEYrJFQz2W8h
AkweGml455uxXVDsRj0lZkHQKZe5ZRwG2dQDBPCNDyV7ybPTiUJVSh4vgIpRkrFT
/ZAQmnJyly+iUYwI8ErNoEDHyZRWc0PwkAU647WuRRKEzyZNTcScY5+b8R0oQMlz
Izdxb42zh2t26sMuv3uVACYLgx3YUJytNPMWNw+wjp8BYg4AgBSmy8JWZYOpjIjW
1dg3UKFPA/XIboB7C575nlW0ySvblxitBrllG5jJAmYLLSvGzn1+0RWQTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmb3D/j7OMqOqYCIFCiOXk8zadlMB8GA1UdIwQY
MBaAFMJdQ9zeELkjF51bG9dOpDrMIhCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2wxRDNONFF1U01YblZzYjEwNmtPc3dpRUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NGU0YmItOWJmNS00NzhiLTg1YTEt
NjQ5MzExMTM5ODgzLzEveVp2Y1AtUHM0eW82cGdJZ1VLSTVlVHpOcDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NGU0YmItOWJmNS00NzhiLTg1YTEtNjQ5MzExMTM5ODgz
LzEvd2wxRDNONFF1U01YblZzYjEwNmtPc3dpRUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4LLMA0G
CSqGSIb3DQEBCwUAA4IBAQCAY6MicbDEkEJn3tMkGCDA5kDVYIx/1A5Kcys2CJoI
6gwcE1j+Qrg10ysy0Go1Sjk84JgcxlEu7qenMRV51YrucZHTYOuDYUkHgpEIMX2s
qODKXW58KtEKFWtFwJdVnn2CZcLZ6tgTVZhQFsOQOuvSU420Y20blpVeDK7Ofbhv
wMroJpwQkDpiI4qxUeI0xNfMcaPb9QEIJOIU2nvd7jG9/fyqv2WWCOyuzB+IRDCX
QhorCb2UZ6zKrB/UQCIgfTsp6zIsbkLEK4p16cP+55qIrtDdLfHMEyVpRjTEdK5A
BRobPrWqqG1gsBzZl6O+nfD1DIGgCBie0czINumP9tKo
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:19:44 2025 by rpki-client