Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/f3f8c4-19b0-4f3b-88e3-cceaeb5d2db9/1/ryWVvW7NydfH0Lg55_MWvg1kBGg.roa
File: ryWVvW7NydfH0Lg55_MWvg1kBGg.roa (raw, json)
Hash identifier: PtmvLKXYoeUQyGlzTXT4GMeJ6VdsraUUI7+TJbIbgOw=
Subject key identifier: AF:25:95:BD:6E:CD:C9:D7:C7:D0:B8:39:E7:F3:16:BE:0D:64:04:68
Certificate issuer: /CN=da35b27eb523b67f8d691c8062f3370e149302fd
Certificate serial: 01941FFA1DC264472132CA800DC4C31FA878
Authority key identifier: DA:35:B2:7E:B5:23:B6:7F:8D:69:1C:80:62:F3:37:0E:14:93:02:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2jWyfrUjtn-NaRyAYvM3DhSTAv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/f3f8c4-19b0-4f3b-88e3-cceaeb5d2db9/1/ryWVvW7NydfH0Lg55_MWvg1kBGg.roa
Signing time: Wed 01 Jan 2025 03:47:52 +0000
ROA not before: Wed 01 Jan 2025 03:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 193.222.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:1d:c2:64:47:21:32:ca:80:0d:c4:c3:1f:a8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da35b27eb523b67f8d691c8062f3370e149302fd
Validity
Not Before: Jan 1 03:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af2595bd6ecdc9d7c7d0b839e7f316be0d640468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:db:ef:06:4e:b0:b2:6d:ba:0f:48:69:8e:bc:
f1:df:d3:d2:6e:38:de:8e:01:5e:0a:f8:fd:1b:ad:
00:84:0e:84:69:a8:44:c2:1e:6b:b3:2d:f5:c8:e1:
16:54:d5:7e:ad:a1:c9:4d:3c:63:bc:c3:bb:91:0c:
33:eb:69:20:d8:bb:51:02:dd:d4:b8:23:45:ed:07:
5d:71:b1:ec:c2:77:d7:b3:48:44:21:a1:42:cf:e6:
b2:f1:6f:e2:af:da:90:a7:2d:2b:20:7a:a4:80:84:
f8:8b:16:92:fe:5c:23:3a:09:5a:f2:74:22:45:96:
8e:b7:32:79:e1:6c:83:57:b7:f3:35:54:bd:cc:ac:
75:11:f6:78:fc:1e:12:06:34:2b:05:c5:d5:d7:e5:
83:a7:49:29:ae:92:84:38:c1:c6:db:9e:3f:7a:cb:
c7:e4:8c:13:31:ce:23:59:e4:64:2e:6e:6a:d0:82:
18:2d:8a:59:df:32:8e:fb:a5:de:12:57:95:e1:12:
64:ab:c6:34:6f:2f:f1:65:69:64:d9:84:6d:22:ed:
c2:38:f5:da:7a:e5:f2:32:48:04:db:a2:04:8c:48:
be:8a:3a:39:ae:14:06:f6:3a:62:85:ed:91:73:a7:
53:5e:9e:8e:ab:10:4e:87:94:70:e4:2e:7c:00:5c:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:25:95:BD:6E:CD:C9:D7:C7:D0:B8:39:E7:F3:16:BE:0D:64:04:68
X509v3 Authority Key Identifier:
keyid:DA:35:B2:7E:B5:23:B6:7F:8D:69:1C:80:62:F3:37:0E:14:93:02:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2jWyfrUjtn-NaRyAYvM3DhSTAv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f3f8c4-19b0-4f3b-88e3-cceaeb5d2db9/1/ryWVvW7NydfH0Lg55_MWvg1kBGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f3f8c4-19b0-4f3b-88e3-cceaeb5d2db9/1/2jWyfrUjtn-NaRyAYvM3DhSTAv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.138.0/24
Signature Algorithm: sha256WithRSAEncryption
62:03:79:c4:32:79:1f:8b:23:2c:21:00:b3:a6:b7:81:88:96:
e8:09:b6:c5:a8:ad:97:0f:fe:82:03:cb:3e:f3:a6:15:ed:65:
60:63:c2:93:db:ff:c2:ec:32:b0:2f:56:00:15:67:ad:1b:ac:
c9:ed:ea:e6:4b:8f:12:a3:e7:d6:11:57:92:c3:24:46:cb:bd:
25:a2:cb:79:03:39:2b:53:7f:44:08:51:55:78:3b:7c:8a:2a:
ca:b0:4d:b0:0e:37:a0:44:1b:c9:99:7a:b3:61:2e:47:17:02:
e4:5c:e1:24:fe:30:11:d5:13:92:2e:9b:97:ea:a8:ad:10:0d:
23:4a:99:61:74:62:bf:75:2d:b6:04:30:b2:53:c2:e6:bd:4d:
39:f2:a6:c4:c8:ec:2a:b7:ef:b1:60:50:1b:81:49:72:7b:58:
7c:50:ac:4e:9c:a9:50:f0:aa:50:b1:90:d0:ca:ef:66:fd:f2:
b9:97:84:76:32:a1:c7:56:af:93:35:09:7f:a7:76:3a:80:6e:
4d:71:e0:8f:5e:57:29:79:8e:20:47:96:89:3f:b5:46:73:50:
a7:ae:05:bf:9c:b1:36:4d:55:dc:20:e8:16:0a:d1:67:7b:0e:
96:bf:78:96:15:b2:ed:14:b4:e7:92:14:e3:d1:64:25:19:7a:
8f:12:02:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+h3CZEchMsqADcTDH6h4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMzViMjdlYjUyM2I2N2Y4ZDY5MWM4MDYyZjMzNzBlMTQ5
MzAyZmQwHhcNMjUwMTAxMDM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjI1OTViZDZlY2RjOWQ3YzdkMGI4MzllN2YzMTZiZTBkNjQwNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodvvBk6wsm26D0hpjrzx39PSbjje
jgFeCvj9G60AhA6EaahEwh5rsy31yOEWVNV+raHJTTxjvMO7kQwz62kg2LtRAt3U
uCNF7QddcbHswnfXs0hEIaFCz+ay8W/ir9qQpy0rIHqkgIT4ixaS/lwjOgla8nQi
RZaOtzJ54WyDV7fzNVS9zKx1EfZ4/B4SBjQrBcXV1+WDp0kprpKEOMHG254/esvH
5IwTMc4jWeRkLm5q0IIYLYpZ3zKO+6XeEleV4RJkq8Y0by/xZWlk2YRtIu3COPXa
euXyMkgE26IEjEi+ijo5rhQG9jpihe2Rc6dTXp6OqxBOh5Rw5C58AFx3jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8llb1uzcnXx9C4OefzFr4NZARoMB8GA1UdIwQY
MBaAFNo1sn61I7Z/jWkcgGLzNw4UkwL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmpXeWZyVWp0bi1OYVJ5QVl2TTNEaFNUQXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mM2Y4YzQtMTliMC00ZjNiLTg4ZTMt
Y2NlYWViNWQyZGI5LzEvcnlXVnZXN055ZGZIMExnNTVfTVd2ZzFrQkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mM2Y4YzQtMTliMC00ZjNiLTg4ZTMtY2NlYWViNWQyZGI5
LzEvMmpXeWZyVWp0bi1OYVJ5QVl2TTNEaFNUQXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwd6KMA0G
CSqGSIb3DQEBCwUAA4IBAQBiA3nEMnkfiyMsIQCzpreBiJboCbbFqK2XD/6CA8s+
86YV7WVgY8KT2//C7DKwL1YAFWetG6zJ7ermS48So+fWEVeSwyRGy70lost5Azkr
U39ECFFVeDt8iirKsE2wDjegRBvJmXqzYS5HFwLkXOEk/jAR1ROSLpuX6qitEA0j
SplhdGK/dS22BDCyU8LmvU058qbEyOwqt++xYFAbgUlye1h8UKxOnKlQ8KpQsZDQ
yu9m/fK5l4R2MqHHVq+TNQl/p3Y6gG5NceCPXlcpeY4gR5aJP7VGc1CnrgW/nLE2
TVXcIOgWCtFnew6Wv3iWFbLtFLTnkhTj0WQlGXqPEgJZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:27:02 2025 by rpki-client