Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2dbe04-43a8-4963-8e86-3fe8f896e551/1/dk4GVxnPxj9mrIWRHBmkYZR_RAY.roa
File: dk4GVxnPxj9mrIWRHBmkYZR_RAY.roa (raw, json)
Hash identifier: eaMuW15awNbcED9U+mZfT6o28nxoJ9RTD5vuUNkkC90=
Subject key identifier: 76:4E:06:57:19:CF:C6:3F:66:AC:85:91:1C:19:A4:61:94:7F:44:06
Certificate issuer: /CN=9f29e8554020bdefa17c5561438fb4baf5831f52
Certificate serial: 019425209E40178631187F7CCCD501C791CF
Authority key identifier: 9F:29:E8:55:40:20:BD:EF:A1:7C:55:61:43:8F:B4:BA:F5:83:1F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nynoVUAgve-hfFVhQ4-0uvWDH1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2dbe04-43a8-4963-8e86-3fe8f896e551/1/dk4GVxnPxj9mrIWRHBmkYZR_RAY.roa
Signing time: Thu 02 Jan 2025 03:48:02 +0000
ROA not before: Thu 02 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55002
IP address blocks: 193.143.128.0/24 maxlen: 24
193.143.129.0/24 maxlen: 24
195.234.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:9e:40:17:86:31:18:7f:7c:cc:d5:01:c7:91:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f29e8554020bdefa17c5561438fb4baf5831f52
Validity
Not Before: Jan 2 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=764e065719cfc63f66ac85911c19a461947f4406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:72:20:be:11:fd:ec:da:85:7c:91:ee:f5:59:
c8:3a:8e:59:97:5f:d1:a1:5f:ee:5c:3c:de:58:7e:
e8:39:90:9b:96:95:85:03:ac:58:37:86:9c:54:f6:
1f:78:1e:8a:bf:46:97:c1:88:3c:95:cf:9b:81:cf:
b2:aa:7e:3d:2c:92:73:73:f0:72:9f:c5:4e:93:c9:
32:29:2e:05:05:43:1d:e6:bf:08:35:a8:b5:08:5e:
fb:36:ca:30:a2:fb:7d:06:bb:87:92:8c:2a:4a:b2:
61:10:6d:0d:16:a8:23:fa:77:19:29:c8:52:f9:cc:
0d:14:5f:29:20:8d:49:dc:35:1f:16:a4:57:10:36:
9d:f0:57:6e:be:7e:ae:8b:36:41:f3:d1:e2:83:86:
51:05:b1:56:30:c2:6f:0d:3a:16:cc:dd:4d:5b:9c:
25:01:0c:3e:f1:39:f2:f7:91:16:dd:0f:68:56:08:
2c:2d:23:cf:47:58:83:e2:1b:e0:2e:a8:42:20:57:
0f:95:f8:7a:5f:d7:9a:ed:7a:5e:d3:78:e5:04:1b:
29:fb:eb:f1:fb:db:4d:85:2c:d7:0e:27:b3:6b:b1:
2a:82:87:0e:62:ef:ab:8e:1e:75:9b:2e:a0:1f:8a:
40:5f:68:ca:68:aa:e0:ef:a1:c4:f5:d6:d5:dd:32:
16:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4E:06:57:19:CF:C6:3F:66:AC:85:91:1C:19:A4:61:94:7F:44:06
X509v3 Authority Key Identifier:
keyid:9F:29:E8:55:40:20:BD:EF:A1:7C:55:61:43:8F:B4:BA:F5:83:1F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nynoVUAgve-hfFVhQ4-0uvWDH1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2dbe04-43a8-4963-8e86-3fe8f896e551/1/dk4GVxnPxj9mrIWRHBmkYZR_RAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2dbe04-43a8-4963-8e86-3fe8f896e551/1/nynoVUAgve-hfFVhQ4-0uvWDH1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.128.0/23
195.234.135.0/24
Signature Algorithm: sha256WithRSAEncryption
94:d3:f6:a2:5f:77:b6:10:fe:8c:ff:47:20:df:3c:17:db:93:
79:73:cd:8f:88:ef:b9:59:f6:eb:7c:19:58:5c:91:a3:ff:e4:
6e:42:8f:7c:50:90:2c:b9:6c:1c:0c:17:06:8f:50:35:8c:38:
b2:5b:00:ea:76:80:76:26:6c:0c:80:38:c4:02:2e:e6:6f:68:
b1:c0:ba:bb:37:da:59:42:4e:3e:43:5f:fd:f7:2e:81:8c:ca:
28:53:7b:dd:87:be:14:af:9a:2f:a8:ba:c9:16:9c:a9:20:7e:
48:e9:68:8b:3b:66:09:f1:11:d0:53:dd:e2:5f:08:e5:d1:6a:
4d:e4:30:70:bd:cb:fb:3b:41:f1:5c:c8:e2:ff:b8:05:79:e0:
13:bf:e6:5f:87:81:36:b8:11:2c:a9:7f:51:60:47:2b:eb:ea:
07:82:c7:1f:e2:0e:62:31:bd:5f:1d:d7:45:13:a7:42:8e:0e:
81:b3:b7:d3:5b:a4:b1:f9:a5:8e:f8:01:d4:b7:8d:95:b5:0a:
ed:d1:38:02:90:a1:f6:ac:4c:cf:d3:01:d3:5c:e7:d3:db:bc:
eb:c6:cd:0f:20:08:99:81:47:12:ac:fe:2b:99:3c:76:ff:a5:
79:9d:0a:d3:03:79:e7:fe:07:fd:e4:f1:88:60:b3:18:80:90:
75:4c:e0:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIJ5AF4YxGH98zNUBx5HPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjllODU1NDAyMGJkZWZhMTdjNTU2MTQzOGZiNGJhZjU4
MzFmNTIwHhcNMjUwMTAyMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjRlMDY1NzE5Y2ZjNjNmNjZhYzg1OTExYzE5YTQ2MTk0N2Y0NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3IgvhH97NqFfJHu9VnIOo5Zl1/R
oV/uXDzeWH7oOZCblpWFA6xYN4acVPYfeB6Kv0aXwYg8lc+bgc+yqn49LJJzc/By
n8VOk8kyKS4FBUMd5r8INai1CF77Nsowovt9BruHkowqSrJhEG0NFqgj+ncZKchS
+cwNFF8pII1J3DUfFqRXEDad8Fduvn6uizZB89Hig4ZRBbFWMMJvDToWzN1NW5wl
AQw+8Tny95EW3Q9oVggsLSPPR1iD4hvgLqhCIFcPlfh6X9ea7Xpe03jlBBsp++vx
+9tNhSzXDieza7EqgocOYu+rjh51my6gH4pAX2jKaKrg76HE9dbV3TIWcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHZOBlcZz8Y/ZqyFkRwZpGGUf0QGMB8GA1UdIwQY
MBaAFJ8p6FVAIL3voXxVYUOPtLr1gx9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlub1ZVQWd2ZS1oZkZWaFE0LTB1dldESDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yZGJlMDQtNDNhOC00OTYzLThlODYt
M2ZlOGY4OTZlNTUxLzEvZGs0R1Z4blB4ajltcklXUkhCbWtZWlJfUkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yZGJlMDQtNDNhOC00OTYzLThlODYtM2ZlOGY4OTZlNTUx
LzEvbnlub1ZVQWd2ZS1oZkZWaFE0LTB1dldESDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwY+AAwQA
w+qHMA0GCSqGSIb3DQEBCwUAA4IBAQCU0/aiX3e2EP6M/0cg3zwX25N5c82PiO+5
WfbrfBlYXJGj/+RuQo98UJAsuWwcDBcGj1A1jDiyWwDqdoB2JmwMgDjEAi7mb2ix
wLq7N9pZQk4+Q1/99y6BjMooU3vdh74Ur5ovqLrJFpypIH5I6WiLO2YJ8RHQU93i
Xwjl0WpN5DBwvcv7O0HxXMji/7gFeeATv+Zfh4E2uBEsqX9RYEcr6+oHgscf4g5i
Mb1fHddFE6dCjg6Bs7fTW6Sx+aWO+AHUt42VtQrt0TgCkKH2rEzP0wHTXOfT27zr
xs0PIAiZgUcSrP4rmTx2/6V5nQrTA3nn/gf95PGIYLMYgJB1TODK
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:16:04 2025 by rpki-client