Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/sY_8uI_Vy_Kyk6ImGlPdHmVKVYk.roa
File: sY_8uI_Vy_Kyk6ImGlPdHmVKVYk.roa (raw, json)
Hash identifier: NexMNxJOVKLfI4XsOD08LdcHHjE/wZ9FYtwH9p7yFUI=
Subject key identifier: B1:8F:FC:B8:8F:D5:CB:F2:B2:93:A2:26:1A:53:DD:1E:65:4A:55:89
Certificate issuer: /CN=8a6060353b98f53316d022fa01d299d75fff22d6
Certificate serial: 019421445F5D5C70369EFFDFBA26858FEBE5
Authority key identifier: 8A:60:60:35:3B:98:F5:33:16:D0:22:FA:01:D2:99:D7:5F:FF:22:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imBgNTuY9TMW0CL6AdKZ11__ItY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/sY_8uI_Vy_Kyk6ImGlPdHmVKVYk.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58245
IP address blocks: 194.33.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5f:5d:5c:70:36:9e:ff:df:ba:26:85:8f:eb:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6060353b98f53316d022fa01d299d75fff22d6
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b18ffcb88fd5cbf2b293a2261a53dd1e654a5589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:98:41:6b:12:0d:68:76:fb:1d:93:63:3e:
78:80:09:dc:9e:d6:ea:fe:38:55:33:33:85:64:6c:
fa:58:77:68:da:cb:0b:69:93:79:db:8d:21:6c:08:
d7:ff:a2:e4:f5:6c:2e:5c:cf:af:38:55:77:0e:f2:
b4:27:60:1c:2c:0b:67:e7:12:3b:28:66:4f:f9:9d:
15:29:6f:10:b1:31:4e:de:6a:ec:6a:ed:37:d4:6a:
e8:ad:9d:30:eb:76:9b:1a:b0:2b:63:65:44:07:71:
62:34:14:1c:7c:89:09:f1:4b:73:eb:a3:4a:3c:2b:
20:44:4c:a1:9c:3d:a2:b0:aa:17:f1:69:1b:b2:34:
0e:0c:eb:6c:25:61:af:bb:dd:b2:c6:12:cf:03:b7:
76:e0:1a:9f:78:5a:6f:9f:74:ef:7b:71:19:8c:a0:
5f:1c:61:c1:94:37:54:4f:ab:ba:86:f8:c7:21:45:
b2:58:bc:ee:c5:cc:8d:54:c6:85:5e:61:e8:f9:79:
11:d0:32:39:ce:71:f9:13:e5:a7:f7:25:f7:ab:b0:
e8:ea:f1:24:5f:41:a6:24:8b:69:fa:ce:4e:b5:57:
94:61:59:c7:d9:e8:0a:bb:31:9c:1a:7c:e3:d2:09:
48:7f:56:a8:a5:84:99:d7:e0:3b:ee:e9:de:99:f3:
c1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8F:FC:B8:8F:D5:CB:F2:B2:93:A2:26:1A:53:DD:1E:65:4A:55:89
X509v3 Authority Key Identifier:
keyid:8A:60:60:35:3B:98:F5:33:16:D0:22:FA:01:D2:99:D7:5F:FF:22:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imBgNTuY9TMW0CL6AdKZ11__ItY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/sY_8uI_Vy_Kyk6ImGlPdHmVKVYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/imBgNTuY9TMW0CL6AdKZ11__ItY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.109.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:d1:89:f1:fe:d9:17:70:05:44:28:31:74:f9:e2:45:8a:ef:
5e:4a:a2:4b:42:f5:cc:41:7e:5f:a1:a9:15:84:c5:c3:39:53:
21:e7:3c:14:fb:1e:9b:fe:56:49:cc:1f:00:6e:32:8e:1b:55:
4d:c8:87:ba:de:4d:7f:a3:fd:79:40:7c:72:74:b1:12:5d:23:
61:12:bf:48:da:b2:51:e9:94:ee:72:b4:46:7e:08:0a:29:09:
58:3a:b9:10:ed:22:ec:8d:4d:e8:9a:06:f7:9d:b5:e7:68:a0:
ae:c0:1a:c5:54:fc:51:38:3e:7c:ad:48:cf:9d:1c:d4:5c:68:
77:f1:04:6a:29:f5:e4:f3:c8:33:d4:a0:3b:d2:4f:50:05:c0:
f0:88:24:0f:69:0b:c1:f8:a9:92:b5:da:84:0a:30:12:a8:91:
a8:ab:ab:12:26:d5:75:24:51:8b:61:54:41:87:52:e6:18:2b:
38:88:ee:b7:c1:a4:e6:25:bc:78:7b:8c:ee:59:21:f7:3c:92:
d9:c8:7f:d1:2e:d1:3d:a0:9e:eb:2c:b7:2c:a2:f1:95:3b:86:
8e:c3:fb:f3:22:a6:51:20:f1:f0:59:73:92:00:ed:f6:3b:72:
2b:e2:db:ab:fa:0e:ca:4c:aa:2e:8c:68:c8:e6:4e:2a:3d:ef:
dd:9f:c4:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRF9dXHA2nv/fuiaFj+vlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjA2MDM1M2I5OGY1MzMxNmQwMjJmYTAxZDI5OWQ3NWZm
ZjIyZDYwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThmZmNiODhmZDVjYmYyYjI5M2EyMjYxYTUzZGQxZTY1NGE1NTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv+YQWsSDWh2+x2TYz54gAncntbq
/jhVMzOFZGz6WHdo2ssLaZN5240hbAjX/6Lk9WwuXM+vOFV3DvK0J2AcLAtn5xI7
KGZP+Z0VKW8QsTFO3mrsau031GrorZ0w63abGrArY2VEB3FiNBQcfIkJ8Utz66NK
PCsgREyhnD2isKoX8WkbsjQODOtsJWGvu92yxhLPA7d24BqfeFpvn3Tve3EZjKBf
HGHBlDdUT6u6hvjHIUWyWLzuxcyNVMaFXmHo+XkR0DI5znH5E+Wn9yX3q7Do6vEk
X0GmJItp+s5OtVeUYVnH2egKuzGcGnzj0glIf1aopYSZ1+A77unemfPBNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGP/LiP1cvyspOiJhpT3R5lSlWJMB8GA1UdIwQY
MBaAFIpgYDU7mPUzFtAi+gHSmddf/yLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1CZ05UdVk5VE1XMENMNkFkS1oxMV9fSXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85NjlkYzItZmE1Ni00NWI2LWEzZGUt
NTJlZTQzNjQyZTEwLzEvc1lfOHVJX1Z5X0t5azZJbUdsUGRIbVZLVllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85NjlkYzItZmE1Ni00NWI2LWEzZGUtNTJlZTQzNjQyZTEw
LzEvaW1CZ05UdVk5VE1XMENMNkFkS1oxMV9fSXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiFtMA0G
CSqGSIb3DQEBCwUAA4IBAQBb0Ynx/tkXcAVEKDF0+eJFiu9eSqJLQvXMQX5foakV
hMXDOVMh5zwU+x6b/lZJzB8AbjKOG1VNyIe63k1/o/15QHxydLESXSNhEr9I2rJR
6ZTucrRGfggKKQlYOrkQ7SLsjU3omgb3nbXnaKCuwBrFVPxROD58rUjPnRzUXGh3
8QRqKfXk88gz1KA70k9QBcDwiCQPaQvB+KmStdqECjASqJGoq6sSJtV1JFGLYVRB
h1LmGCs4iO63waTmJbx4e4zuWSH3PJLZyH/RLtE9oJ7rLLcsovGVO4aOw/vzIqZR
IPHwWXOSAO32O3Ir4tur+g7KTKoujGjI5k4qPe/dn8Tl
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:46 2025 by rpki-client