Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/4TBEbTwznRUyfO-99-DGzicdpVY.roa
File: 4TBEbTwznRUyfO-99-DGzicdpVY.roa (raw, json)
Hash identifier: NUzc37NEChJ2ehR4MuI3RA+Wwr1maBIZ+yC3jO0gtfU=
Subject key identifier: E1:30:44:6D:3C:33:9D:15:32:7C:EF:BD:F7:E0:C6:CE:27:1D:A5:56
Certificate issuer: /CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Certificate serial: 01956F0DF376AAC3E5DCE9D3E28931AF7648
Authority key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/4TBEbTwznRUyfO-99-DGzicdpVY.roa
Signing time: Fri 07 Mar 2025 05:22:20 +0000
ROA not before: Fri 07 Mar 2025 05:22:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23338
IP address blocks: 194.32.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:0d:f3:76:aa:c3:e5:dc:e9:d3:e2:89:31:af:76:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f873cd3939203c778a8eaaf1683e9464ac3400
Validity
Not Before: Mar 7 05:22:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e130446d3c339d15327cefbdf7e0c6ce271da556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:01:a5:fa:70:40:d3:db:2c:66:f5:18:85:02:
b9:72:cf:a6:9c:c0:d2:3c:cb:b3:31:1d:ef:ff:12:
28:2c:1c:c9:93:63:9c:fe:42:6e:94:80:6d:64:69:
44:cd:d9:34:de:a0:c7:88:62:52:5e:95:d2:ef:b8:
d3:28:fa:2e:dc:45:0e:ca:58:fd:26:f1:c6:b8:c6:
7d:48:0d:52:5f:9c:82:7c:a4:c1:b7:0a:ce:36:4e:
da:90:7d:37:56:4d:53:87:06:43:08:41:27:74:21:
1b:ee:c6:14:27:cc:a8:09:e3:67:4c:e8:cf:43:8b:
71:82:2c:db:40:e6:d5:ca:dd:fe:c1:93:e9:f7:ef:
67:95:93:de:fc:a6:86:26:cc:b8:1b:66:47:38:e7:
99:41:4d:da:7d:df:5c:1f:da:5a:ad:a0:93:8f:fb:
a4:66:e2:c1:3f:48:7d:7c:34:4b:f3:ce:0f:5c:2e:
57:12:2e:b8:09:d1:fe:e6:bc:20:bb:0f:6a:ef:11:
44:0f:05:97:52:3b:2b:9a:4e:b2:06:fd:81:87:62:
f0:77:de:67:a2:d3:1f:0d:de:b5:c3:2f:a9:dd:d4:
67:d8:3b:80:ca:be:42:f5:5e:e1:6c:38:6b:f3:04:
e1:52:e6:7e:e0:d9:54:db:2b:ff:2e:b2:aa:57:da:
c2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:30:44:6D:3C:33:9D:15:32:7C:EF:BD:F7:E0:C6:CE:27:1D:A5:56
X509v3 Authority Key Identifier:
keyid:39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/4TBEbTwznRUyfO-99-DGzicdpVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.80.0/24
Signature Algorithm: sha256WithRSAEncryption
48:07:9c:42:61:e5:92:a8:58:57:b4:c1:58:a0:fe:11:2e:61:
6c:25:08:91:bb:4e:50:09:f0:52:71:37:8f:62:d4:01:e6:08:
f8:25:77:c0:55:fb:a8:0e:15:d9:5e:de:f0:b8:ba:00:2e:2b:
c1:db:d3:3f:e4:54:02:aa:18:60:ec:60:11:81:48:89:19:1d:
8d:98:21:7d:80:64:37:b0:22:c9:04:2b:a5:ab:00:37:ec:5d:
6e:7b:5d:64:56:d7:2c:67:9b:62:ad:e6:31:d5:4e:68:1e:7b:
a7:0e:73:83:b3:6c:fb:cb:a3:2c:c9:b2:39:fa:25:93:cd:11:
29:db:b8:01:82:a8:89:ee:ad:b6:83:a8:51:38:31:60:be:9d:
dc:7a:68:b5:7d:02:0a:00:11:42:44:a4:d1:bc:b3:75:8f:41:
34:dd:d3:06:d1:90:8a:24:b0:29:f6:50:f3:ff:e9:94:bb:24:
e6:1e:0e:08:30:f6:6d:b6:69:cc:69:50:c9:6e:40:5a:59:e2:
fc:c8:80:26:f5:aa:2c:c7:80:58:48:9d:df:87:4f:34:81:4c:
45:b1:c9:52:a8:2b:ca:d3:ca:27:e3:18:3f:d8:6e:3d:2a:08:
58:15:28:17:18:3c:33:9a:ee:60:f1:ce:ad:a6:7a:ec:82:45:
93:c6:7b:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVvDfN2qsPl3OnT4okxr3ZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Zjg3M2NkMzkzOTIwM2M3NzhhOGVhYWYxNjgzZTk0NjRh
YzM0MDAwHhcNMjUwMzA3MDUyMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMwNDQ2ZDNjMzM5ZDE1MzI3Y2VmYmRmN2UwYzZjZTI3MWRhNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQGl+nBA09ssZvUYhQK5cs+mnMDS
PMuzMR3v/xIoLBzJk2Oc/kJulIBtZGlEzdk03qDHiGJSXpXS77jTKPou3EUOylj9
JvHGuMZ9SA1SX5yCfKTBtwrONk7akH03Vk1ThwZDCEEndCEb7sYUJ8yoCeNnTOjP
Q4txgizbQObVyt3+wZPp9+9nlZPe/KaGJsy4G2ZHOOeZQU3afd9cH9paraCTj/uk
ZuLBP0h9fDRL884PXC5XEi64CdH+5rwguw9q7xFEDwWXUjsrmk6yBv2Bh2Lwd95n
otMfDd61wy+p3dRn2DuAyr5C9V7hbDhr8wThUuZ+4NlU2yv/LrKqV9rCOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEwRG08M50VMnzvvffgxs4nHaVWMB8GA1UdIwQY
MBaAFDn4c805OSA8d4qOqvFoPpRkrDQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMt
NGU2NTViNWI2NDI3LzEvNFRCRWJUd3puUlV5Zk8tOTktREd6aWNkcFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85MGU5MjMtMmYyZC00MDg2LTgxOWMtNGU2NTViNWI2NDI3
LzEvT2ZoenpUazVJRHgzaW82cThXZy1sR1NzTkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiBQMA0G
CSqGSIb3DQEBCwUAA4IBAQBIB5xCYeWSqFhXtMFYoP4RLmFsJQiRu05QCfBScTeP
YtQB5gj4JXfAVfuoDhXZXt7wuLoALivB29M/5FQCqhhg7GARgUiJGR2NmCF9gGQ3
sCLJBCulqwA37F1ue11kVtcsZ5tireYx1U5oHnunDnODs2z7y6MsybI5+iWTzREp
27gBgqiJ7q22g6hRODFgvp3cemi1fQIKABFCRKTRvLN1j0E03dMG0ZCKJLAp9lDz
/+mUuyTmHg4IMPZttmnMaVDJbkBaWeL8yIAm9aosx4BYSJ3fh080gUxFsclSqCvK
08on4xg/2G49KghYFSgXGDwzmu5g8c6tpnrsgkWTxnv1
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:49:11 2025 by rpki-client