Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/S3rIqyOOkT-ZHrzoqIUi7vRzSaA.roa
File: S3rIqyOOkT-ZHrzoqIUi7vRzSaA.roa (raw, json)
Hash identifier: vV/S9dlPHB29RWZp9b9UA4u9RcBkLlolZiEQTtGd6xo=
Subject key identifier: 4B:7A:C8:AB:23:8E:91:3F:99:1E:BC:E8:A8:85:22:EE:F4:73:49:A0
Certificate issuer: /CN=bc35904e24db0e990495a3445e77d1136ed618d7
Certificate serial: 0197E0726409CB2CB522E9605D31D766299C
Authority key identifier: BC:35:90:4E:24:DB:0E:99:04:95:A3:44:5E:77:D1:13:6E:D6:18:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDWQTiTbDpkElaNEXnfRE27WGNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/S3rIqyOOkT-ZHrzoqIUi7vRzSaA.roa
Signing time: Sun 06 Jul 2025 15:54:42 +0000
ROA not before: Sun 06 Jul 2025 15:54:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47690
IP address blocks: 213.165.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e0:72:64:09:cb:2c:b5:22:e9:60:5d:31:d7:66:29:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc35904e24db0e990495a3445e77d1136ed618d7
Validity
Not Before: Jul 6 15:54:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b7ac8ab238e913f991ebce8a88522eef47349a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c4:b5:a9:29:5d:04:dd:92:c3:b7:9a:bd:d8:
4f:03:c6:c0:b9:ae:47:d6:ae:dd:b7:a8:ff:1c:80:
09:2a:a3:aa:1e:4c:f3:08:14:bf:b0:6d:1b:8e:8e:
6b:fa:d8:5d:7c:8a:fc:e5:40:2d:e0:9f:f9:f5:c4:
0f:22:08:d6:77:05:c6:e1:0e:f2:97:f9:2a:e2:f6:
92:02:9b:ec:0c:2d:c2:ed:c5:ce:0a:53:7d:97:4e:
4d:da:a1:1c:f8:1a:49:11:6d:55:bf:b2:c7:60:fd:
e7:4a:28:8b:41:eb:ba:ab:ab:7f:0a:45:96:46:a8:
49:c4:bb:fd:79:ed:7a:59:75:d7:12:8a:50:f4:d0:
e4:0b:80:dd:30:2f:12:bc:ea:06:b4:26:70:83:98:
38:96:f6:a6:cf:bc:ca:5b:42:a8:9d:0d:3c:2e:84:
9f:7b:cf:dd:c3:ba:8f:72:44:49:df:31:29:df:21:
c4:35:17:20:1b:55:9c:d1:72:a5:4f:c6:7b:6e:77:
18:d1:dc:2b:fc:28:f6:f4:01:e4:5e:df:8f:26:0e:
8a:50:9d:3b:4e:92:19:7e:c5:3d:cb:7b:d7:6b:f1:
aa:20:fd:23:5c:81:38:88:f4:a4:3b:91:c5:4b:2a:
d7:44:dc:19:4e:30:5c:44:f3:fc:38:8d:2f:d0:db:
e8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:C8:AB:23:8E:91:3F:99:1E:BC:E8:A8:85:22:EE:F4:73:49:A0
X509v3 Authority Key Identifier:
keyid:BC:35:90:4E:24:DB:0E:99:04:95:A3:44:5E:77:D1:13:6E:D6:18:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDWQTiTbDpkElaNEXnfRE27WGNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/S3rIqyOOkT-ZHrzoqIUi7vRzSaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/vDWQTiTbDpkElaNEXnfRE27WGNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.165.32.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:a0:9e:00:7f:82:2b:65:d2:41:f2:9b:7d:82:98:33:32:39:
bb:10:dc:73:5e:22:04:66:6b:ce:87:76:3f:db:f6:f8:7a:82:
65:5f:11:f1:d9:be:04:28:59:5f:80:6c:42:0e:f5:3f:d5:65:
24:cf:e2:09:d1:d0:71:e5:78:81:55:a0:3b:be:8b:0c:e3:f1:
bd:55:ab:c5:ff:90:cb:23:f2:1a:75:c5:e9:24:95:66:94:34:
6e:71:29:19:01:d6:e2:5d:87:c7:4b:25:87:f6:95:c1:89:d3:
00:3b:23:d0:51:70:83:c0:70:87:33:fd:ac:47:23:cf:a6:50:
a0:51:cb:28:cb:2c:69:4f:5e:0c:82:f8:dc:cd:12:4a:44:26:
fb:6f:92:3c:d6:9c:59:ec:87:ab:c0:44:64:da:23:ed:dd:b7:
f3:63:e3:fc:e9:de:8e:46:8f:ce:2f:95:fb:09:74:29:a1:ca:
1f:c0:75:b6:6a:57:48:37:74:86:bd:f4:33:91:d3:bc:bb:c7:
cd:26:22:92:26:b4:c6:9d:30:d2:32:0d:75:81:3c:7e:a5:f1:
3f:e4:c7:1c:ee:08:64:60:5e:f5:51:2c:66:69:b1:de:ab:ab:
cc:69:7c:3f:e4:79:c4:7f:d1:8d:33:db:d6:a6:53:7b:ae:33:
18:bb:bb:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfgcmQJyyy1IulgXTHXZimcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzU5MDRlMjRkYjBlOTkwNDk1YTM0NDVlNzdkMTEzNmVk
NjE4ZDcwHhcNMjUwNzA2MTU1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjdhYzhhYjIzOGU5MTNmOTkxZWJjZThhODg1MjJlZWY0NzM0OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMS1qSldBN2Sw7eavdhPA8bAua5H
1q7dt6j/HIAJKqOqHkzzCBS/sG0bjo5r+thdfIr85UAt4J/59cQPIgjWdwXG4Q7y
l/kq4vaSApvsDC3C7cXOClN9l05N2qEc+BpJEW1Vv7LHYP3nSiiLQeu6q6t/CkWW
RqhJxLv9ee16WXXXEopQ9NDkC4DdMC8SvOoGtCZwg5g4lvamz7zKW0KonQ08LoSf
e8/dw7qPckRJ3zEp3yHENRcgG1Wc0XKlT8Z7bncY0dwr/Cj29AHkXt+PJg6KUJ07
TpIZfsU9y3vXa/GqIP0jXIE4iPSkO5HFSyrXRNwZTjBcRPP8OI0v0NvonwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEt6yKsjjpE/mR686KiFIu70c0mgMB8GA1UdIwQY
MBaAFLw1kE4k2w6ZBJWjRF530RNu1hjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRXUVRpVGJEcGtFbGFORVhuZlJFMjdXR05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82MzJkYzAtNGQyZC00MGMyLWFiNjUt
YzM4YjFmOWQ0NTdjLzEvUzNySXF5T09rVC1aSHJ6b3FJVWk3dlJ6U2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82MzJkYzAtNGQyZC00MGMyLWFiNjUtYzM4YjFmOWQ0NTdj
LzEvdkRXUVRpVGJEcGtFbGFORVhuZlJFMjdXR05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aUgMA0G
CSqGSIb3DQEBCwUAA4IBAQCyoJ4Af4IrZdJB8pt9gpgzMjm7ENxzXiIEZmvOh3Y/
2/b4eoJlXxHx2b4EKFlfgGxCDvU/1WUkz+IJ0dBx5XiBVaA7vosM4/G9VavF/5DL
I/IadcXpJJVmlDRucSkZAdbiXYfHSyWH9pXBidMAOyPQUXCDwHCHM/2sRyPPplCg
UcsoyyxpT14MgvjczRJKRCb7b5I81pxZ7IerwERk2iPt3bfzY+P86d6ORo/OL5X7
CXQpocofwHW2aldIN3SGvfQzkdO8u8fNJiKSJrTGnTDSMg11gTx+pfE/5Mcc7ghk
YF71USxmabHeq6vMaXw/5HnEf9GNM9vWplN7rjMYu7vk
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:55:07 2025 by rpki-client