Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/DwdwnNYiYszxSFZUvDnifZ1cmVo.roa
File: DwdwnNYiYszxSFZUvDnifZ1cmVo.roa (raw, json)
Hash identifier: z1Ue0CWmwoS4r8rtXwZcldA5j6c831i2ATcqPGIWOrM=
Subject key identifier: 0F:07:70:9C:D6:22:62:CC:F1:48:56:54:BC:39:E2:7D:9D:5C:99:5A
Certificate issuer: /CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Certificate serial: 019424B3E12B77ACEDCCA1A951A2DE46554E
Authority key identifier: 1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/DwdwnNYiYszxSFZUvDnifZ1cmVo.roa
Signing time: Thu 02 Jan 2025 01:49:15 +0000
ROA not before: Thu 02 Jan 2025 01:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198143
IP address blocks: 193.150.24.0/23 maxlen: 23
193.150.24.0/24 maxlen: 24
193.150.25.0/24 maxlen: 24
2001:67c:24a0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e1:2b:77:ac:ed:cc:a1:a9:51:a2:de:46:55:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Validity
Not Before: Jan 2 01:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f07709cd62262ccf1485654bc39e27d9d5c995a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:88:a4:28:80:e6:41:c6:59:9b:33:c4:f8:7f:
9c:f8:67:db:da:97:8c:6a:9e:4f:5d:b7:9a:7b:94:
c9:f3:de:ca:82:33:ad:bc:2f:a7:c8:a1:da:15:98:
ff:58:ce:37:c0:17:39:a5:aa:74:76:9f:ec:4d:19:
80:67:55:5e:bd:eb:51:27:ea:0b:61:9a:2d:18:f6:
f8:b4:c0:8a:2c:da:f1:2a:15:62:91:da:3f:76:3a:
3c:90:4b:45:8b:44:da:e6:b8:75:e9:c9:95:d8:5e:
5a:b4:cd:59:86:c7:10:f8:45:33:c0:f2:58:bb:d2:
3f:14:80:c9:65:5e:6c:c6:9b:28:1a:fe:c8:5a:b8:
cc:34:0c:00:37:59:2c:2e:c5:9a:23:14:3a:c4:c3:
60:68:c4:e4:4a:be:82:e3:eb:ba:85:14:55:7b:f9:
a0:13:27:95:38:d7:2d:9a:e8:5a:a4:4d:46:f3:a5:
52:45:62:3a:db:ba:63:0d:5b:6b:30:65:ef:ed:67:
81:d4:3a:e7:ae:0a:3e:40:6d:da:1f:4b:70:84:14:
85:97:43:71:8e:59:43:fc:8f:f6:52:3e:12:98:88:
b7:a0:a0:04:29:cb:92:ab:ae:c8:34:05:f4:80:45:
9f:90:e6:d1:12:d6:96:f3:4c:9d:74:46:e6:6a:ed:
cb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:07:70:9C:D6:22:62:CC:F1:48:56:54:BC:39:E2:7D:9D:5C:99:5A
X509v3 Authority Key Identifier:
keyid:1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/DwdwnNYiYszxSFZUvDnifZ1cmVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.24.0/23
IPv6:
2001:67c:24a0::/48
Signature Algorithm: sha256WithRSAEncryption
05:69:44:7c:00:5a:1c:15:05:f3:c1:20:01:a7:cc:f9:55:c3:
1d:2c:ea:67:f0:8e:e2:46:20:cc:5a:cc:e7:73:ee:26:13:d9:
33:f2:61:ef:47:4c:b0:68:a7:0f:50:75:df:d8:2a:fc:b6:31:
82:98:fe:ec:3a:16:3e:aa:02:51:71:43:35:2e:76:55:4f:66:
2b:f1:e1:8c:4b:08:27:c9:fe:3f:84:89:9a:2e:9a:9e:2a:05:
59:68:3b:bd:e4:30:a6:11:fb:11:21:63:85:af:8a:c5:65:ed:
83:0b:80:ba:66:09:4c:95:c4:30:3b:6f:9b:1c:a3:69:2b:c2:
89:94:50:ef:84:62:6a:23:31:e5:f3:78:6f:fe:1a:9e:75:05:
ed:a2:7c:6d:8a:68:2f:31:38:dd:66:70:45:9c:2f:00:03:1a:
fb:78:89:b4:92:83:4c:ce:c0:f4:0f:d4:5b:83:67:04:18:49:
ef:df:37:00:7d:ef:73:71:b4:a5:65:6d:0a:47:4d:34:11:62:
31:8c:63:a9:f1:97:34:b5:d5:a7:02:7e:b1:ed:6e:ba:e3:14:
07:95:cf:89:5c:77:14:99:4e:d9:b6:5f:8c:0c:db:11:c0:bd:
ef:48:15:b2:d1:50:57:09:d0:45:70:ed:bd:2f:93:ab:59:49:
9e:cc:42:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks+Erd6ztzKGpUaLeRlVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTI4NDI5MDM0ZGNmYmEwMWY3ZmZmNWM3Y2M4ODU2ZDRk
MDZlMWIwHhcNMjUwMTAyMDE0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjA3NzA5Y2Q2MjI2MmNjZjE0ODU2NTRiYzM5ZTI3ZDlkNWM5OTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoikKIDmQcZZmzPE+H+c+Gfb2peM
ap5PXbeae5TJ897KgjOtvC+nyKHaFZj/WM43wBc5pap0dp/sTRmAZ1VevetRJ+oL
YZotGPb4tMCKLNrxKhVikdo/djo8kEtFi0Ta5rh16cmV2F5atM1ZhscQ+EUzwPJY
u9I/FIDJZV5sxpsoGv7IWrjMNAwAN1ksLsWaIxQ6xMNgaMTkSr6C4+u6hRRVe/mg
EyeVONctmuhapE1G86VSRWI627pjDVtrMGXv7WeB1Drnrgo+QG3aH0twhBSFl0Nx
jllD/I/2Uj4SmIi3oKAEKcuSq67INAX0gEWfkObREtaW80yddEbmau3LFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA8HcJzWImLM8UhWVLw54n2dXJlaMB8GA1UdIwQY
MBaAFB9ShCkDTc+6Aff/9cfMiFbU0G4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUt
MjUzYmU5ZjZlZDNkLzEvRHdkd25OWWlZc3p4U0ZaVXZEbmlmWjFjbVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUtMjUzYmU5ZjZlZDNk
LzEvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwZYYMA8E
AgACMAkDBwAgAQZ8JKAwDQYJKoZIhvcNAQELBQADggEBAAVpRHwAWhwVBfPBIAGn
zPlVwx0s6mfwjuJGIMxazOdz7iYT2TPyYe9HTLBopw9Qdd/YKvy2MYKY/uw6Fj6q
AlFxQzUudlVPZivx4YxLCCfJ/j+EiZoump4qBVloO73kMKYR+xEhY4WvisVl7YML
gLpmCUyVxDA7b5sco2krwomUUO+EYmojMeXzeG/+Gp51Be2ifG2KaC8xON1mcEWc
LwADGvt4ibSSg0zOwPQP1FuDZwQYSe/fNwB973NxtKVlbQpHTTQRYjGMY6nxlzS1
1acCfrHtbrrjFAeVz4lcdxSZTtm2X4wM2xHAve9IFbLRUFcJ0EVw7b0vk6tZSZ7M
Qog=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:42:01 2025 by rpki-client