Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/SC-XsxdAgu2J1rxvQLaYfHoW1SE.roa
File: SC-XsxdAgu2J1rxvQLaYfHoW1SE.roa (raw, json)
Hash identifier: 5FD3bfkZCZGPoE+1Wlr2La0Az/eQkkz+JwW46jnyGyE=
Subject key identifier: 48:2F:97:B3:17:40:82:ED:89:D6:BC:6F:40:B6:98:7C:7A:16:D5:21
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019425FD4B446F700273193442E3412CA20D
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/SC-XsxdAgu2J1rxvQLaYfHoW1SE.roa
Signing time: Thu 02 Jan 2025 07:49:04 +0000
ROA not before: Thu 02 Jan 2025 07:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 194.33.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4b:44:6f:70:02:73:19:34:42:e3:41:2c:a2:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jan 2 07:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=482f97b3174082ed89d6bc6f40b6987c7a16d521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cf:ed:ed:ba:d3:9a:52:90:e5:a5:9c:c1:f0:
b3:90:3a:f9:db:06:89:d2:4a:2c:41:1d:e5:37:11:
01:b7:3b:5b:a1:fb:c2:d9:88:aa:7b:e7:fe:b3:48:
c1:5c:a3:f9:64:9d:4c:83:95:33:73:64:40:39:45:
8d:7b:0b:02:92:e6:6d:a4:d9:5e:f3:d4:4d:0e:95:
bb:26:f5:cd:20:fe:d9:80:29:2a:9c:e1:f8:6f:55:
fa:ab:0a:e4:61:52:37:2d:9f:41:d6:73:a2:c3:50:
9f:7f:60:4c:e2:bc:98:2a:a6:d3:75:a2:e4:75:a4:
aa:c7:9a:6d:19:a0:9a:b7:e8:15:6e:9d:f6:51:24:
67:1a:43:e9:da:e5:26:cc:44:28:49:e6:1e:51:49:
87:45:f7:ea:4e:5c:80:d7:0f:fa:41:cb:b3:1a:af:
bf:14:ac:56:e0:43:cf:ef:29:4c:db:04:42:25:e2:
ce:ba:57:43:79:7d:6d:82:01:cf:ec:31:1f:82:a6:
d5:b4:e4:ef:2c:06:10:2b:0f:de:3e:41:ab:87:d8:
c7:83:05:a2:fd:d9:1f:6a:fe:e4:4c:89:2b:c1:d5:
56:05:d0:83:c0:3a:73:25:17:06:23:b6:f0:6c:a4:
c1:67:c0:bf:e3:2f:30:97:db:26:06:65:f2:ba:17:
d3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:2F:97:B3:17:40:82:ED:89:D6:BC:6F:40:B6:98:7C:7A:16:D5:21
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/SC-XsxdAgu2J1rxvQLaYfHoW1SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.59.0/24
Signature Algorithm: sha256WithRSAEncryption
41:4c:6d:f4:d7:37:72:34:af:c9:24:08:96:d9:7b:59:c6:b5:
99:9e:97:07:33:d3:6d:9d:ca:67:4a:b5:79:50:49:c4:a8:8d:
7b:79:23:bc:17:ac:22:6a:81:f3:83:0d:97:d4:1f:7a:18:c6:
2a:37:17:f3:2d:59:7f:6b:db:2f:06:45:8a:5f:41:ae:40:4f:
78:ed:df:4c:b2:b4:43:d9:cf:1b:14:c4:54:2e:2a:dd:ce:d6:
c2:43:0e:dd:04:6e:75:9c:bf:75:34:0c:64:2f:20:3c:85:40:
81:e4:23:ad:c5:63:c7:9b:ab:f0:bc:64:9f:f9:93:45:ee:3b:
85:9e:7d:e3:ab:a2:45:b7:b9:9c:a8:da:ab:95:d9:17:09:a9:
c7:8e:95:aa:57:47:cb:30:76:1f:61:89:85:97:3f:ae:f7:eb:
e3:cc:8b:0f:6d:e1:bb:29:e8:e8:1e:09:56:3b:7c:c0:b1:b5:
db:c1:c7:8a:57:0d:5a:27:8b:a4:26:e6:da:aa:44:b2:7a:56:
72:68:74:32:d5:63:a1:b0:d2:10:02:ec:d7:5f:f7:54:82:b5:
a1:8d:ac:8a:da:e8:09:d0:61:a4:af:e1:ec:a1:43:31:c1:2c:
2f:0e:ff:f0:82:ca:0f:6e:3d:69:90:bf:36:85:45:5a:bf:89:
7e:2b:af:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/UtEb3ACcxk0QuNBLKINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwMTAyMDc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODJmOTdiMzE3NDA4MmVkODlkNmJjNmY0MGI2OTg3YzdhMTZkNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8/t7brTmlKQ5aWcwfCzkDr52waJ
0kosQR3lNxEBtztbofvC2Yiqe+f+s0jBXKP5ZJ1Mg5Uzc2RAOUWNewsCkuZtpNle
89RNDpW7JvXNIP7ZgCkqnOH4b1X6qwrkYVI3LZ9B1nOiw1Cff2BM4ryYKqbTdaLk
daSqx5ptGaCat+gVbp32USRnGkPp2uUmzEQoSeYeUUmHRffqTlyA1w/6QcuzGq+/
FKxW4EPP7ylM2wRCJeLOuldDeX1tggHP7DEfgqbVtOTvLAYQKw/ePkGrh9jHgwWi
/dkfav7kTIkrwdVWBdCDwDpzJRcGI7bwbKTBZ8C/4y8wl9smBmXyuhfTIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEgvl7MXQILtida8b0C2mHx6FtUhMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvU0MtWHN4ZEFndTJKMXJ4dlFMYVlmSG9XMVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiE7MA0G
CSqGSIb3DQEBCwUAA4IBAQBBTG301zdyNK/JJAiW2XtZxrWZnpcHM9NtncpnSrV5
UEnEqI17eSO8F6wiaoHzgw2X1B96GMYqNxfzLVl/a9svBkWKX0GuQE947d9MsrRD
2c8bFMRULirdztbCQw7dBG51nL91NAxkLyA8hUCB5COtxWPHm6vwvGSf+ZNF7juF
nn3jq6JFt7mcqNqrldkXCanHjpWqV0fLMHYfYYmFlz+u9+vjzIsPbeG7KejoHglW
O3zAsbXbwceKVw1aJ4ukJubaqkSyelZyaHQy1WOhsNIQAuzXX/dUgrWhjayK2ugJ
0GGkr+HsoUMxwSwvDv/wgsoPbj1pkL82hUVav4l+K6/e
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:17:49 2025 by rpki-client