Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/3YY6GiMAHoxwyM3tSzQ_rLqI6Qk.roa
File: 3YY6GiMAHoxwyM3tSzQ_rLqI6Qk.roa (raw, json)
Hash identifier: LKb1pDdE0gPQ1/qoBSBh29z3OF0TSjmwJB0/pkVjbww=
Subject key identifier: DD:86:3A:1A:23:00:1E:8C:70:C8:CD:ED:4B:34:3F:AC:BA:88:E9:09
Certificate issuer: /CN=2829eb664506b86bfa1f702f6b1ffb484cc2cb12
Certificate serial: 019424B3D40377FA199F30CA6FF5C0BB4B31
Authority key identifier: 28:29:EB:66:45:06:B8:6B:FA:1F:70:2F:6B:1F:FB:48:4C:C2:CB:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCnrZkUGuGv6H3Avax_7SEzCyxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/3YY6GiMAHoxwyM3tSzQ_rLqI6Qk.roa
Signing time: Thu 02 Jan 2025 01:49:12 +0000
ROA not before: Thu 02 Jan 2025 01:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31500
IP address blocks: 194.110.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d4:03:77:fa:19:9f:30:ca:6f:f5:c0:bb:4b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2829eb664506b86bfa1f702f6b1ffb484cc2cb12
Validity
Not Before: Jan 2 01:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd863a1a23001e8c70c8cded4b343facba88e909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f0:c8:36:2e:c2:f3:92:11:3c:b6:1a:0c:0d:
fc:96:69:ff:21:b3:1b:58:aa:ac:b3:ca:3d:5a:ea:
45:cc:3f:13:71:e4:e6:31:53:95:68:95:33:f2:cf:
38:08:a6:61:ce:fc:bd:28:46:5e:16:3c:43:06:09:
9d:a3:d3:8e:09:fc:68:75:4c:97:f8:20:25:c4:2f:
6d:a2:25:b0:9d:13:18:d6:2e:3c:2b:0c:af:0e:e6:
04:2f:62:38:62:45:9f:e2:ca:9e:70:f5:4c:e2:0e:
67:62:cf:f3:45:f7:59:cd:2c:02:f2:c6:34:09:57:
d9:ac:67:34:7e:29:57:92:3b:bb:78:39:76:cd:64:
be:b4:03:0b:51:05:47:31:06:cc:a5:5f:76:71:18:
6f:9d:0e:3e:91:18:26:9e:b8:3f:a9:f4:13:82:42:
cd:33:f5:d3:fa:ff:22:c2:43:5d:0b:13:d8:5c:40:
3c:ea:a1:bb:f6:f2:33:cc:6a:0c:33:de:8a:9a:7f:
62:bd:ef:68:f8:a4:3d:1a:32:a5:d7:75:a6:d0:bb:
47:af:4e:6b:6f:53:14:b2:8c:da:50:b1:d0:39:1f:
0e:a3:45:78:34:96:c0:31:4a:fd:c7:eb:ab:bf:ce:
17:ce:c8:46:02:68:28:09:5b:4e:09:ac:c2:05:06:
b0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:86:3A:1A:23:00:1E:8C:70:C8:CD:ED:4B:34:3F:AC:BA:88:E9:09
X509v3 Authority Key Identifier:
keyid:28:29:EB:66:45:06:B8:6B:FA:1F:70:2F:6B:1F:FB:48:4C:C2:CB:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCnrZkUGuGv6H3Avax_7SEzCyxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/3YY6GiMAHoxwyM3tSzQ_rLqI6Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e09b24-8aa8-40e6-842c-2f9ec538cc1d/1/KCnrZkUGuGv6H3Avax_7SEzCyxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.66.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:86:31:1a:1a:4c:3d:f6:70:f6:93:46:6c:c0:37:fa:2c:fd:
b8:d5:a5:2b:18:ea:fa:5d:2a:1b:71:de:23:59:00:26:d1:09:
be:96:61:77:a5:33:94:1d:f2:66:45:5f:d6:ba:0c:b6:49:f1:
4a:f4:8e:2b:a3:eb:94:1f:19:6c:6f:7a:28:d9:c1:d9:20:9f:
56:95:1f:4c:98:95:a5:1f:d3:8a:02:ab:90:50:21:e1:ef:cd:
07:32:a1:3f:75:17:ca:55:c0:f5:04:2b:5b:4f:9a:9c:16:63:
e9:e0:da:fc:aa:1a:dd:91:59:16:3b:fd:72:04:86:ec:a2:27:
e7:38:39:b7:28:b8:ca:d0:d7:67:43:2b:83:07:bf:bd:9a:38:
20:c7:1a:8e:70:82:55:a8:06:37:23:25:11:92:0c:d0:2a:04:
e3:a1:2b:a0:dd:ee:91:bd:05:fa:dc:81:63:6f:cd:42:6b:81:
ab:7e:76:97:66:2b:24:1c:c3:88:13:93:47:1a:83:cb:29:f7:
dc:d3:f7:20:99:e6:61:6c:72:1e:d6:f9:ff:c8:e8:27:40:c9:
d7:45:c4:38:19:e8:d8:a4:a1:9b:b2:46:cd:6f:52:13:9c:24:
03:0b:bf:f5:cf:97:5a:6a:6a:5b:d6:d5:1d:38:08:ec:90:99:
f3:a4:04:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks9QDd/oZnzDKb/XAu0sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MjllYjY2NDUwNmI4NmJmYTFmNzAyZjZiMWZmYjQ4NGNj
MmNiMTIwHhcNMjUwMTAyMDE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDg2M2ExYTIzMDAxZThjNzBjOGNkZWQ0YjM0M2ZhY2JhODhlOTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvDINi7C85IRPLYaDA38lmn/IbMb
WKqss8o9WupFzD8TceTmMVOVaJUz8s84CKZhzvy9KEZeFjxDBgmdo9OOCfxodUyX
+CAlxC9toiWwnRMY1i48KwyvDuYEL2I4YkWf4sqecPVM4g5nYs/zRfdZzSwC8sY0
CVfZrGc0filXkju7eDl2zWS+tAMLUQVHMQbMpV92cRhvnQ4+kRgmnrg/qfQTgkLN
M/XT+v8iwkNdCxPYXEA86qG79vIzzGoMM96Kmn9ive9o+KQ9GjKl13Wm0LtHr05r
b1MUsozaULHQOR8Oo0V4NJbAMUr9x+urv84XzshGAmgoCVtOCazCBQaw9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2GOhojAB6McMjN7Us0P6y6iOkJMB8GA1UdIwQY
MBaAFCgp62ZFBrhr+h9wL2sf+0hMwssSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0NuclprVUd1R3Y2SDNBdmF4XzdTRXpDeXhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lMDliMjQtOGFhOC00MGU2LTg0MmMt
MmY5ZWM1MzhjYzFkLzEvM1lZNkdpTUFIb3h3eU0zdFN6UV9yTHFJNlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lMDliMjQtOGFhOC00MGU2LTg0MmMtMmY5ZWM1MzhjYzFk
LzEvS0NuclprVUd1R3Y2SDNBdmF4XzdTRXpDeXhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm5CMA0G
CSqGSIb3DQEBCwUAA4IBAQB9hjEaGkw99nD2k0ZswDf6LP241aUrGOr6XSobcd4j
WQAm0Qm+lmF3pTOUHfJmRV/Wugy2SfFK9I4ro+uUHxlsb3oo2cHZIJ9WlR9MmJWl
H9OKAquQUCHh780HMqE/dRfKVcD1BCtbT5qcFmPp4Nr8qhrdkVkWO/1yBIbsoifn
ODm3KLjK0NdnQyuDB7+9mjggxxqOcIJVqAY3IyURkgzQKgTjoSug3e6RvQX63IFj
b81Ca4GrfnaXZiskHMOIE5NHGoPLKffc0/cgmeZhbHIe1vn/yOgnQMnXRcQ4GejY
pKGbskbNb1ITnCQDC7/1z5daampb1tUdOAjskJnzpARA
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:56:45 2025 by rpki-client