Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/DYBzC-5u7t_HprST38-QLKcVjs4.roa
File: DYBzC-5u7t_HprST38-QLKcVjs4.roa (raw, json)
Hash identifier: ChDyCFx1UALSR9HHBFecLKZBlzvOX/te8ZE5v0iziss=
Subject key identifier: 0D:80:73:0B:EE:6E:EE:DF:C7:A6:B4:93:DF:CF:90:2C:A7:15:8E:CE
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 01936E81563220DF9AFB8C2547B6ECF66A47
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/DYBzC-5u7t_HprST38-QLKcVjs4.roa
Signing time: Wed 27 Nov 2024 16:43:10 +0000
ROA not before: Wed 27 Nov 2024 16:43:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 194.33.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:81:56:32:20:df:9a:fb:8c:25:47:b6:ec:f6:6a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Nov 27 16:43:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d80730bee6eeedfc7a6b493dfcf902ca7158ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:47:2c:f5:5a:8a:89:19:f5:21:ec:5f:75:86:
9f:a3:dc:d1:9b:de:3b:79:68:64:12:44:16:d4:24:
9f:ec:e8:f3:ca:1d:b5:ae:02:1e:19:f4:b8:6c:65:
2f:8f:d4:70:8b:27:88:b3:47:50:f3:b6:db:3b:4d:
15:4d:61:b7:ab:ed:10:0c:3b:5d:8a:fe:c9:5d:3d:
b0:b9:3e:c1:e1:8f:be:9e:88:fc:26:2f:34:14:14:
d3:92:c8:49:c6:87:51:9c:ed:fb:6c:ae:98:a1:34:
6a:40:f0:91:6f:04:99:76:e1:e9:c9:69:49:bd:72:
6d:f4:32:88:4d:ec:29:5c:57:7e:58:36:1f:26:8a:
84:f8:3c:d9:49:1f:41:e5:38:79:71:37:a6:99:ae:
40:99:0c:f7:58:06:b9:95:9a:0b:33:80:01:2d:95:
db:c9:76:1f:40:6c:c2:7f:71:0f:93:3e:2f:69:98:
7c:9e:a0:28:7b:4c:ab:17:26:75:8a:35:83:f1:3f:
b1:c7:a2:07:00:b4:9b:72:dd:49:d4:f2:a3:54:54:
e9:a0:96:e0:0a:a5:51:8e:13:66:40:d0:de:5d:90:
a0:5b:5a:c7:fd:a4:2c:de:01:67:98:6c:08:68:4c:
61:1a:2c:fc:c2:77:77:0e:2a:b1:6b:d2:da:42:13:
2f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:80:73:0B:EE:6E:EE:DF:C7:A6:B4:93:DF:CF:90:2C:A7:15:8E:CE
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/DYBzC-5u7t_HprST38-QLKcVjs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.151.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f9:46:af:f7:5b:41:1f:d6:80:e6:72:99:f8:cd:26:fa:13:
85:b7:2e:aa:ae:4a:ea:20:97:4b:e8:30:db:0c:89:41:82:58:
77:cd:7e:37:3a:82:8b:82:c0:0f:5c:a2:59:23:c8:35:b6:71:
8f:c0:63:68:94:63:ce:ae:73:c2:64:22:cb:f3:15:36:fb:8a:
ca:59:4f:43:fa:04:3c:5e:18:04:ca:a9:24:61:29:fc:cd:eb:
9b:c3:04:c9:b0:63:8b:54:d9:dc:10:9a:b1:16:9b:7a:d7:1d:
5f:ea:e3:77:e9:72:8f:70:54:94:41:84:2b:da:b5:98:36:16:
c3:2f:57:98:2c:78:aa:92:f2:3c:a2:00:eb:04:a6:78:dd:dc:
11:3d:fb:07:ba:86:f9:47:7d:cf:fc:2a:24:83:76:fb:1d:df:
c1:7f:1e:12:ef:5b:37:3e:56:0a:ee:88:10:7e:67:33:f6:08:
2a:e1:d4:9a:0f:e7:db:08:99:47:de:de:8b:02:25:d6:9f:4c:
cc:79:ed:41:5c:c9:9c:15:f9:6e:0e:a9:21:50:74:cd:e6:47:
9a:c3:1c:34:b0:d4:ff:b7:77:af:33:1d:01:93:cc:c4:fc:e8:
f4:ef:16:e6:6f:ba:43:28:ca:3c:e1:59:0b:10:31:15:94:4e:
ca:65:49:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNugVYyIN+a+4wlR7bs9mpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQxMTI3MTY0MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDgwNzMwYmVlNmVlZWRmYzdhNmI0OTNkZmNmOTAyY2E3MTU4ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkcs9VqKiRn1IexfdYafo9zRm947
eWhkEkQW1CSf7Ojzyh21rgIeGfS4bGUvj9RwiyeIs0dQ87bbO00VTWG3q+0QDDtd
iv7JXT2wuT7B4Y++noj8Ji80FBTTkshJxodRnO37bK6YoTRqQPCRbwSZduHpyWlJ
vXJt9DKITewpXFd+WDYfJoqE+DzZSR9B5Th5cTemma5AmQz3WAa5lZoLM4ABLZXb
yXYfQGzCf3EPkz4vaZh8nqAoe0yrFyZ1ijWD8T+xx6IHALSbct1J1PKjVFTpoJbg
CqVRjhNmQNDeXZCgW1rH/aQs3gFnmGwIaExhGiz8wnd3Diqxa9LaQhMv7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2Acwvubu7fx6a0k9/PkCynFY7OMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvRFlCekMtNXU3dF9IcHJTVDM4LVFMS2NWanM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiGXMA0G
CSqGSIb3DQEBCwUAA4IBAQAs+Uav91tBH9aA5nKZ+M0m+hOFty6qrkrqIJdL6DDb
DIlBglh3zX43OoKLgsAPXKJZI8g1tnGPwGNolGPOrnPCZCLL8xU2+4rKWU9D+gQ8
XhgEyqkkYSn8zeubwwTJsGOLVNncEJqxFpt61x1f6uN36XKPcFSUQYQr2rWYNhbD
L1eYLHiqkvI8ogDrBKZ43dwRPfsHuob5R33P/Cokg3b7Hd/Bfx4S71s3PlYK7ogQ
fmcz9ggq4dSaD+fbCJlH3t6LAiXWn0zMee1BXMmcFfluDqkhUHTN5keawxw0sNT/
t3evMx0Bk8zE/Oj07xbmb7pDKMo84VkLEDEVlE7KZUlz
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:03:06 2025 by rpki-client