Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/PYygUoIKKC4pne34uq_8AnOzE-Y.roa
File: PYygUoIKKC4pne34uq_8AnOzE-Y.roa (raw, json)
Hash identifier: Ens3nA1ewTeibrvm3RPQEqSzRDO2XcMQ6D+rs7PyPsY=
Subject key identifier: 3D:8C:A0:52:82:0A:28:2E:29:9D:ED:F8:BA:AF:FC:02:73:B3:13:E6
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019422FB6729493C45DA2BCADD5C3A8DE11A
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/PYygUoIKKC4pne34uq_8AnOzE-Y.roa
Signing time: Wed 01 Jan 2025 17:48:08 +0000
ROA not before: Wed 01 Jan 2025 17:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212338
IP address blocks: 194.39.110.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:67:29:49:3c:45:da:2b:ca:dd:5c:3a:8d:e1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 17:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8ca052820a282e299dedf8baaffc0273b313e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:42:45:5e:53:ed:38:38:02:51:cd:ae:2e:
e4:49:80:5f:03:71:14:ed:aa:4d:81:ae:46:d6:ae:
1a:7e:87:2d:3c:07:df:13:d9:42:41:85:75:5b:be:
07:5e:bb:82:72:8d:f4:bc:0a:34:73:27:7d:0c:8a:
06:70:23:e3:17:f9:53:4c:c1:79:74:9b:3e:ea:43:
d5:36:c5:70:bf:8a:13:61:f2:5b:d3:bd:d7:4e:83:
ec:21:e2:92:59:75:f9:38:83:8a:64:94:35:65:43:
af:a7:eb:f7:95:e3:2d:a3:f0:43:1c:f3:73:d6:5c:
3f:d7:cb:ea:d5:aa:0c:83:d6:e3:8f:e0:29:8a:32:
cd:ff:34:99:51:a0:ee:5a:14:4c:07:50:2e:d3:51:
a2:c1:0c:ef:77:6e:4d:36:11:5b:dc:4f:d2:aa:f5:
ea:45:e7:27:b3:05:04:9e:26:8c:38:5d:db:cf:d3:
51:f1:0b:e9:04:b4:cc:eb:36:06:b5:eb:68:2e:c7:
02:f9:40:c2:fd:67:b7:1c:f6:bc:18:d4:d5:51:f7:
71:b5:43:ac:04:eb:96:89:b8:2d:b1:69:b3:3b:b4:
06:9e:bf:f6:fe:c1:26:a9:17:bb:b7:c9:6e:05:3e:
2e:ff:7a:a1:59:5f:20:af:93:43:22:f3:81:20:27:
8b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8C:A0:52:82:0A:28:2E:29:9D:ED:F8:BA:AF:FC:02:73:B3:13:E6
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/PYygUoIKKC4pne34uq_8AnOzE-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.110.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:86:4d:8b:db:fa:f2:00:2d:83:35:0b:80:1c:8f:58:b0:98:
07:2d:da:73:d4:06:84:bf:1a:24:4c:57:a4:fe:1a:5a:75:00:
fb:d6:a3:c4:39:46:37:db:a8:2a:6b:18:8c:9b:76:27:4a:41:
9b:cc:4b:45:95:77:45:85:ad:94:36:3d:f8:57:68:d8:bc:50:
98:4b:44:8c:55:f2:e7:91:67:78:8f:92:e8:34:e2:1a:60:39:
b6:2c:10:32:09:23:3d:9b:6b:bc:f2:9b:2d:9b:87:32:ea:63:
58:ef:66:b2:4b:3c:06:85:01:92:06:b8:b5:dd:65:7e:20:6c:
6d:84:69:f6:77:d5:41:aa:12:18:b4:6a:d4:6c:4e:60:c9:34:
1c:e3:0d:49:a7:69:ef:0d:2a:47:5e:2e:f4:b9:64:a7:c5:b0:
75:f9:c4:7e:71:dd:bd:63:32:d8:7a:ab:38:a4:a6:b1:01:47:
60:5b:e1:34:1f:35:15:bb:f3:c6:be:f1:d7:f6:e3:3e:81:c0:
db:8e:6f:fb:81:34:de:79:82:23:7d:c2:29:2e:98:95:9b:ee:
e8:73:9f:2c:6b:77:05:87:74:76:a6:17:09:cb:f2:8c:5d:75:
d1:56:18:f0:c3:a0:ee:2c:89:49:55:53:a3:b8:68:a6:2b:a6:
c1:40:fa:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2cpSTxF2ivK3Vw6jeEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwMTAxMTc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhjYTA1MjgyMGEyODJlMjk5ZGVkZjhiYWFmZmMwMjczYjMxM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKdCRV5T7Tg4AlHNri7kSYBfA3EU
7apNga5G1q4afoctPAffE9lCQYV1W74HXruCco30vAo0cyd9DIoGcCPjF/lTTMF5
dJs+6kPVNsVwv4oTYfJb073XToPsIeKSWXX5OIOKZJQ1ZUOvp+v3leMto/BDHPNz
1lw/18vq1aoMg9bjj+ApijLN/zSZUaDuWhRMB1Au01GiwQzvd25NNhFb3E/SqvXq
RecnswUEniaMOF3bz9NR8QvpBLTM6zYGtetoLscC+UDC/We3HPa8GNTVUfdxtUOs
BOuWibgtsWmzO7QGnr/2/sEmqRe7t8luBT4u/3qhWV8gr5NDIvOBICeLCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2MoFKCCiguKZ3t+Lqv/AJzsxPmMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvUFl5Z1VvSUtLQzRwbmUzNHVxXzhBbk96RS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiduMA0G
CSqGSIb3DQEBCwUAA4IBAQC7hk2L2/ryAC2DNQuAHI9YsJgHLdpz1AaEvxokTFek
/hpadQD71qPEOUY326gqaxiMm3YnSkGbzEtFlXdFha2UNj34V2jYvFCYS0SMVfLn
kWd4j5LoNOIaYDm2LBAyCSM9m2u88pstm4cy6mNY72aySzwGhQGSBri13WV+IGxt
hGn2d9VBqhIYtGrUbE5gyTQc4w1Jp2nvDSpHXi70uWSnxbB1+cR+cd29YzLYeqs4
pKaxAUdgW+E0HzUVu/PGvvHX9uM+gcDbjm/7gTTeeYIjfcIpLpiVm+7oc58sa3cF
h3R2phcJy/KMXXXRVhjww6DuLIlJVVOjuGimK6bBQPr0
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:11:40 2025 by rpki-client