Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vdZi0Nx3ovzwid-PHmmCuuvDz5A.roa
File: vdZi0Nx3ovzwid-PHmmCuuvDz5A.roa (raw, json)
Hash identifier: g6gO7G1REogANybWfoklCvlFYHEDto3pv394yogW7kQ=
Subject key identifier: BD:D6:62:D0:DC:77:A2:FC:F0:89:DF:8F:1E:69:82:BA:EB:C3:CF:90
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824EA5FAB9F43D6CCA1269B1A5C5F1A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vdZi0Nx3ovzwid-PHmmCuuvDz5A.roa
Signing time: Thu 02 Jan 2025 17:51:35 +0000
ROA not before: Thu 02 Jan 2025 17:51:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41745
IP address blocks: 193.124.33.0/24 maxlen: 24
194.87.35.0/24 maxlen: 24
194.87.62.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.133.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:ea:5f:ab:9f:43:d6:cc:a1:26:9b:1a:5c:5f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd662d0dc77a2fcf089df8f1e6982baebc3cf90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b6:f9:91:98:59:a1:63:d0:58:16:12:85:a8:
5d:03:af:e2:f5:80:e1:cb:42:3e:a5:35:00:d1:04:
03:4e:29:82:0b:48:95:5e:61:cc:5f:c0:a3:0e:20:
5f:03:c4:f6:30:6c:ed:82:8f:3c:c8:9a:3a:b2:92:
15:a5:7f:a6:98:64:e1:09:e7:4d:59:19:99:33:64:
9d:07:12:72:71:ad:ad:03:b9:3a:fa:c1:d6:13:f7:
f0:07:f5:0c:d5:a4:2a:e8:20:98:59:c6:04:7c:3a:
ea:59:89:39:a7:bf:2a:e3:b6:96:6b:8e:90:7c:84:
e7:39:d2:75:9f:98:98:57:43:5f:6f:62:e5:d6:9d:
cc:f4:e6:1a:91:21:5b:e9:e0:75:7d:a6:86:eb:69:
42:96:a7:ab:2a:5d:8b:f3:92:3a:a2:68:82:96:d3:
19:48:5b:3a:ef:bb:ce:78:4d:93:e1:22:29:6c:fd:
2f:88:24:d0:f9:29:e0:5f:a2:04:1d:4f:8e:3c:a4:
cc:fd:7c:02:ca:34:b8:fe:19:41:f6:7f:2b:38:00:
44:0e:fd:4d:54:78:c6:09:46:c4:55:34:6b:51:9d:
3f:d6:19:fa:ed:45:42:c1:9d:5f:26:40:f8:08:33:
2f:b6:d4:e6:35:64:1a:00:c4:5e:07:2e:8b:86:1e:
77:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D6:62:D0:DC:77:A2:FC:F0:89:DF:8F:1E:69:82:BA:EB:C3:CF:90
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vdZi0Nx3ovzwid-PHmmCuuvDz5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.33.0/24
194.87.35.0/24
194.87.62.0/24
194.87.191.0/24
194.87.219.0/24
194.87.252.0/24
195.58.50.0/24
195.133.75.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a9:b9:09:66:26:f9:4e:e7:1a:bf:60:f5:a0:cf:59:d8:46:
4f:79:43:5e:63:f9:9e:28:cc:50:b2:5a:8b:16:1f:c1:6e:d6:
e7:61:44:de:b5:39:f8:87:4f:f0:05:e8:31:ca:e3:61:63:05:
db:65:04:79:7b:27:9e:d9:22:08:96:12:2c:d1:6a:3e:b9:8b:
5f:f8:32:b4:55:c5:17:b1:33:a6:31:c7:26:09:61:5e:74:7c:
36:77:ce:62:66:43:83:10:51:9e:e9:38:de:b3:e9:be:6a:87:
f5:a9:4c:79:ba:ed:d3:4e:c7:c9:e7:5c:4d:48:ab:4c:4d:33:
a0:52:d3:0a:44:e0:7d:05:60:4c:bd:97:37:e5:d3:1a:ed:f7:
84:48:a5:03:42:25:e4:14:5a:f2:1d:94:cd:d1:6f:f9:d0:b1:
c3:93:45:f3:f7:79:2b:9f:1c:45:df:66:79:66:2a:c7:af:44:
26:ae:e4:01:47:f9:42:5c:69:53:a1:4a:6e:de:bf:e4:df:fd:
3e:c6:b8:59:28:f3:bc:43:f0:b8:94:10:bb:ac:54:bf:6b:8d:
75:23:33:44:7c:f8:91:8f:c9:e1:47:61:83:a4:6b:84:13:d0:
26:27:05:04:1b:4a:2c:eb:f5:0a:4d:e1:3e:c8:e2:e0:ff:46:
ec:cb:49:f2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQoJOpfq59D1syhJpsaXF8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ2NjJkMGRjNzdhMmZjZjA4OWRmOGYxZTY5ODJiYWViYzNjZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrb5kZhZoWPQWBYShahdA6/i9YDh
y0I+pTUA0QQDTimCC0iVXmHMX8CjDiBfA8T2MGztgo88yJo6spIVpX+mmGThCedN
WRmZM2SdBxJyca2tA7k6+sHWE/fwB/UM1aQq6CCYWcYEfDrqWYk5p78q47aWa46Q
fITnOdJ1n5iYV0Nfb2Ll1p3M9OYakSFb6eB1faaG62lClqerKl2L85I6omiCltMZ
SFs677vOeE2T4SIpbP0viCTQ+SngX6IEHU+OPKTM/XwCyjS4/hlB9n8rOABEDv1N
VHjGCUbEVTRrUZ0/1hn67UVCwZ1fJkD4CDMvttTmNWQaAMReBy6Lhh53qQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFL3WYtDcd6L88Infjx5pgrrrw8+QMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdmRaaTBOeDNvdnp3aWQtUEhtbUN1dXZEejVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXwhAwQA
wlcjAwQAwlc+AwQAwle/AwQAwlfbAwQAwlf8AwQAwzoyAwQAw4VLMA0GCSqGSIb3
DQEBCwUAA4IBAQBkqbkJZib5Tucav2D1oM9Z2EZPeUNeY/meKMxQslqLFh/Bbtbn
YUTetTn4h0/wBegxyuNhYwXbZQR5eyee2SIIlhIs0Wo+uYtf+DK0VcUXsTOmMccm
CWFedHw2d85iZkODEFGe6Tjes+m+aof1qUx5uu3TTsfJ51xNSKtMTTOgUtMKROB9
BWBMvZc35dMa7feESKUDQiXkFFryHZTN0W/50LHDk0Xz93krnxxF32Z5ZirHr0Qm
ruQBR/lCXGlToUpu3r/k3/0+xrhZKPO8Q/C4lBC7rFS/a411IzNEfPiRj8nhR2GD
pGuEE9AmJwUEG0os6/UKTeE+yOLg/0bsy0ny
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:06:00 2025 by rpki-client