Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vdYW0znSDWRM3Q_RNEr39-DH-rU.roa
File: vdYW0znSDWRM3Q_RNEr39-DH-rU.roa (raw, json)
Hash identifier: 1ckAcXkibQEnMqTcX6BXj/mHexItSXE9KY/53UgZcBM=
Subject key identifier: BD:D6:16:D3:39:D2:0D:64:4C:DD:0F:D1:34:4A:F7:F7:E0:C7:FA:B5
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067CA34D27749E5211F9C7B5A8406EF
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vdYW0znSDWRM3Q_RNEr39-DH-rU.roa
Signing time: Wed 01 Jan 2025 05:47:40 +0000
ROA not before: Wed 01 Jan 2025 05:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41503
IP address blocks: 194.209.23.0/24 maxlen: 24
212.243.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ca:34:d2:77:49:e5:21:1f:9c:7b:5a:84:06:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd616d339d20d644cdd0fd1344af7f7e0c7fab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:fa:e8:1f:89:97:78:08:91:58:db:b1:43:
f2:16:75:94:b6:90:38:50:b5:23:e9:b5:db:73:85:
c9:50:7b:97:52:d3:15:30:63:1c:58:71:4a:db:66:
52:28:21:18:96:cc:66:67:b2:63:88:ef:d1:d2:cb:
67:38:8d:c1:bf:53:ca:a2:da:6c:9a:c1:13:c8:d6:
28:31:31:4d:d8:dd:46:4b:43:68:21:35:51:7a:9c:
f9:3d:c8:82:08:4d:62:82:07:97:b3:1b:da:70:30:
87:df:4e:0f:48:a3:af:c9:3f:25:7d:cc:df:e4:f1:
0b:5f:0e:b5:0c:3a:de:0f:9b:46:08:ba:92:5b:6d:
62:52:33:a5:7b:d6:8f:92:90:2b:93:32:20:42:fc:
38:f4:85:f5:66:ba:08:6d:45:b7:50:10:bd:f4:b2:
f3:b6:1e:f8:a5:08:bb:b6:a7:9b:b9:98:fb:6a:06:
be:7e:b5:34:2b:67:c3:b5:d5:ef:30:96:8e:c7:9a:
85:9a:be:0a:73:ca:99:35:d1:06:48:fe:5d:36:3b:
ca:d0:2d:1a:b6:66:f8:9a:96:cb:d6:f5:97:71:45:
b0:7f:3c:84:58:1b:07:cb:57:c8:27:3a:85:34:e3:
d8:0f:39:ee:90:42:e5:bf:b4:f1:61:77:3a:b1:7b:
d0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D6:16:D3:39:D2:0D:64:4C:DD:0F:D1:34:4A:F7:F7:E0:C7:FA:B5
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vdYW0znSDWRM3Q_RNEr39-DH-rU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.23.0/24
212.243.33.0/24
Signature Algorithm: sha256WithRSAEncryption
01:3a:20:2e:28:d2:dc:cf:84:16:6f:97:36:da:4b:a7:50:c9:
5c:c2:a9:fe:b0:22:71:f8:73:1d:e2:25:81:46:5b:3b:8c:9f:
b4:4f:55:65:13:36:92:42:34:55:fb:53:fc:dd:6e:77:9a:2b:
05:4c:2d:28:47:de:8a:62:24:e5:6c:16:a5:0a:d3:0c:4e:27:
8c:d5:45:6b:5d:37:e5:3c:f3:5e:55:c9:cc:29:80:7f:9c:8c:
0c:84:93:c4:1e:0a:74:02:68:8a:60:9e:b7:8b:b3:c0:5e:03:
9a:9a:55:92:66:8b:5b:d1:ef:5d:f8:34:e5:ff:7f:d4:7d:d1:
cd:f7:6f:eb:41:e6:6a:93:9e:12:b6:49:16:37:3a:1d:10:e1:
62:22:a5:70:13:8a:5d:1e:17:e1:dd:72:38:63:25:40:d0:25:
6f:de:8f:3e:c5:2d:88:fe:82:83:9e:21:0c:7d:65:97:9d:89:
6e:01:db:26:22:d8:95:d3:1f:d3:5a:34:45:86:1e:e8:da:a6:
ba:b6:f5:7a:78:ad:6a:aa:a3:37:22:62:74:ac:98:04:56:f9:
d5:6f:51:2f:85:7c:47:29:c7:b7:ab:98:2e:b5:12:a3:29:03:
f5:f3:33:ff:e6:4b:7a:e6:38:4e:7b:9c:41:ca:81:75:0b:52:
11:87:22:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ8o00ndJ5SEfnHtahAbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ2MTZkMzM5ZDIwZDY0NGNkZDBmZDEzNDRhZjdmN2UwYzdmYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HL66B+Jl3gIkVjbsUPyFnWUtpA4
ULUj6bXbc4XJUHuXUtMVMGMcWHFK22ZSKCEYlsxmZ7JjiO/R0stnOI3Bv1PKotps
msETyNYoMTFN2N1GS0NoITVRepz5PciCCE1iggeXsxvacDCH304PSKOvyT8lfczf
5PELXw61DDreD5tGCLqSW21iUjOle9aPkpArkzIgQvw49IX1ZroIbUW3UBC99LLz
th74pQi7tqebuZj7aga+frU0K2fDtdXvMJaOx5qFmr4Kc8qZNdEGSP5dNjvK0C0a
tmb4mpbL1vWXcUWwfzyEWBsHy1fIJzqFNOPYDznukELlv7TxYXc6sXvQ+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3WFtM50g1kTN0P0TRK9/fgx/q1MB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvdmRZVzB6blNEV1JNM1FfUk5FcjM5LURILXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwtEXAwQA
1PMhMA0GCSqGSIb3DQEBCwUAA4IBAQABOiAuKNLcz4QWb5c22kunUMlcwqn+sCJx
+HMd4iWBRls7jJ+0T1VlEzaSQjRV+1P83W53misFTC0oR96KYiTlbBalCtMMTieM
1UVrXTflPPNeVcnMKYB/nIwMhJPEHgp0AmiKYJ63i7PAXgOamlWSZotb0e9d+DTl
/3/UfdHN92/rQeZqk54StkkWNzodEOFiIqVwE4pdHhfh3XI4YyVA0CVv3o8+xS2I
/oKDniEMfWWXnYluAdsmItiV0x/TWjRFhh7o2qa6tvV6eK1qqqM3ImJ0rJgEVvnV
b1EvhXxHKce3q5gutRKjKQP18zP/5kt65jhOe5xByoF1C1IRhyJp
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:27:00 2025 by rpki-client