Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/Vtkp4nVzagTb1teWd63BFZh8RwU.roa
File: Vtkp4nVzagTb1teWd63BFZh8RwU.roa (raw, json)
Hash identifier: TYSKwA87i0+WxUKYjqVqa3ovHNk1VR5486G73L2E0tU=
Subject key identifier: 56:D9:29:E2:75:73:6A:04:DB:D6:D7:96:77:AD:C1:15:98:7C:47:05
Certificate issuer: /CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Certificate serial: 0194803E7D4ACFC3F32F4455A40FE4463171
Authority key identifier: 00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/Vtkp4nVzagTb1teWd63BFZh8RwU.roa
Signing time: Sun 19 Jan 2025 20:26:06 +0000
ROA not before: Sun 19 Jan 2025 20:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204506
IP address blocks: 93.157.207.0/24 maxlen: 24
2001:678:210::/48 maxlen: 48
2a0f:4507:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:80:3e:7d:4a:cf:c3:f3:2f:44:55:a4:0f:e4:46:31:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Validity
Not Before: Jan 19 20:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56d929e275736a04dbd6d79677adc115987c4705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0f:9b:00:3b:54:55:5d:dd:0a:b4:c7:77:78:
3a:3e:b6:dc:b8:6b:03:cd:08:14:cd:2e:8f:7b:7f:
5a:87:c6:7b:89:d1:2d:d1:73:97:2e:7a:0b:d1:ab:
fa:4e:d9:6c:cc:c1:de:28:15:98:6c:f5:90:f1:39:
1d:b3:7e:ee:fe:21:47:0a:56:e7:f7:05:2c:46:6c:
fc:08:36:b5:37:2d:94:0a:a7:03:a0:c0:48:15:f0:
9b:7f:f9:24:f4:2e:86:43:60:28:b3:1d:0e:62:4c:
37:c9:a3:2c:b7:91:00:6f:73:39:79:ad:94:6b:75:
79:d4:1d:1b:38:88:9f:2c:ec:18:32:59:55:87:73:
ba:66:4d:d3:98:35:a7:d9:67:a2:51:91:70:75:92:
54:df:86:f0:a7:74:49:cb:49:60:d2:aa:e2:d5:ee:
51:23:57:9e:58:ea:70:9b:5d:cc:1e:e8:0f:e0:b3:
dd:d4:ca:69:8d:f4:00:a2:43:4a:93:f5:8d:d3:cb:
f6:36:0e:8e:99:56:ff:3e:d6:31:c4:18:b6:f2:b3:
db:6c:2f:1c:5d:d0:59:11:a5:91:72:a4:43:aa:6a:
63:81:a4:78:d6:2b:0a:68:f3:de:32:4a:03:eb:fd:
c3:47:99:18:bb:50:be:c0:73:81:a4:c8:da:99:47:
e2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D9:29:E2:75:73:6A:04:DB:D6:D7:96:77:AD:C1:15:98:7C:47:05
X509v3 Authority Key Identifier:
keyid:00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/Vtkp4nVzagTb1teWd63BFZh8RwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.207.0/24
IPv6:
2001:678:210::/48
2a0f:4507:8000::/33
Signature Algorithm: sha256WithRSAEncryption
b3:e9:a4:28:c9:10:f4:a2:1d:9f:f8:38:2d:44:b8:c0:0b:2e:
e3:da:ce:4d:84:30:f8:a9:f3:83:26:b7:b2:fe:06:01:e1:2e:
f9:db:ce:ae:b1:ed:83:d4:ac:45:85:4e:30:26:25:fd:df:0e:
92:67:3e:98:a2:45:50:d9:d3:a0:c6:21:e7:1a:f6:14:c1:43:
db:7b:99:36:75:4b:55:a9:6b:d9:e7:19:23:bc:85:fd:f6:72:
ce:2f:d3:76:b2:8f:2f:d0:ee:56:b4:fb:e3:4a:a5:6c:9b:63:
e6:9c:78:94:6f:2c:22:fa:83:b2:54:7d:f3:59:d1:3b:d1:f5:
e9:cf:58:ad:6f:ba:cb:69:25:af:ca:ec:d8:eb:a1:ac:62:93:
9a:50:c5:ea:b1:21:ed:27:b0:36:fa:c0:15:93:34:38:79:19:
52:81:3d:27:9c:fe:ae:3f:9c:be:6f:af:f3:24:29:eb:89:b8:
13:2b:bc:b3:fb:34:fc:e6:05:c3:39:27:4c:cf:6a:2d:a3:32:
c6:6f:58:7e:f4:be:53:89:09:67:c9:51:d0:e7:59:5a:02:5c:
d4:a7:80:ee:94:de:ac:c0:88:34:dd:67:fe:c7:b2:72:78:e6:
c6:97:87:5a:d9:7f:ba:04:c2:2c:70:7f:23:98:ed:2c:83:43:
55:e9:d1:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZSAPn1Kz8PzL0RVpA/kRjFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwM2IyYzM4NzEwNjkwMDJhZDBiMmY0MmIwY2JmNWU5MmUz
YmU0YjMwHhcNMjUwMTE5MjAyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQ5MjllMjc1NzM2YTA0ZGJkNmQ3OTY3N2FkYzExNTk4N2M0NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA+bADtUVV3dCrTHd3g6PrbcuGsD
zQgUzS6Pe39ah8Z7idEt0XOXLnoL0av6TtlszMHeKBWYbPWQ8Tkds37u/iFHClbn
9wUsRmz8CDa1Ny2UCqcDoMBIFfCbf/kk9C6GQ2Aosx0OYkw3yaMst5EAb3M5ea2U
a3V51B0bOIifLOwYMllVh3O6Zk3TmDWn2WeiUZFwdZJU34bwp3RJy0lg0qri1e5R
I1eeWOpwm13MHugP4LPd1MppjfQAokNKk/WN08v2Ng6OmVb/PtYxxBi28rPbbC8c
XdBZEaWRcqRDqmpjgaR41isKaPPeMkoD6/3DR5kYu1C+wHOBpMjamUfiEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbZKeJ1c2oE29bXlnetwRWYfEcFMB8GA1UdIwQY
MBaAFAA7LDhxBpACrQsvQrDL9ekuO+SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGIt
YjM1YTBhMTQ1M2ZiLzEvVnRrcDRuVnphZ1RiMXRlV2Q2M0JGWmg4UndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGItYjM1YTBhMTQ1M2Zi
LzEvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAXZ3PMBcE
AgACMBEDBwAgAQZ4AhADBgcqD0UHgDANBgkqhkiG9w0BAQsFAAOCAQEAs+mkKMkQ
9KIdn/g4LUS4wAsu49rOTYQw+Knzgya3sv4GAeEu+dvOrrHtg9SsRYVOMCYl/d8O
kmc+mKJFUNnToMYh5xr2FMFD23uZNnVLValr2ecZI7yF/fZyzi/TdrKPL9DuVrT7
40qlbJtj5px4lG8sIvqDslR981nRO9H16c9YrW+6y2klr8rs2OuhrGKTmlDF6rEh
7SewNvrAFZM0OHkZUoE9J5z+rj+cvm+v8yQp64m4Eyu8s/s0/OYFwzknTM9qLaMy
xm9YfvS+U4kJZ8lR0OdZWgJc1KeA7pTerMCINN1n/seycnjmxpeHWtl/ugTCLHB/
I5jtLINDVenR4g==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:43:03 2025 by rpki-client