Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/yd8_f-atyxFNKtcv_cFVTfpnZt4.roa
File: yd8_f-atyxFNKtcv_cFVTfpnZt4.roa (raw, json)
Hash identifier: pN1o2J3yJeBV6MHLs3BSzPMoqupOmN0yj1atUVgcuyU=
Subject key identifier: C9:DF:3F:7F:E6:AD:CB:11:4D:2A:D7:2F:FD:C1:55:4D:FA:67:66:DE
Certificate issuer: /CN=bf6c1df662374d4aecd0c8b3f84312df42125599
Certificate serial: 019427B5CE57806159C23841923B7FE2598D
Authority key identifier: BF:6C:1D:F6:62:37:4D:4A:EC:D0:C8:B3:F8:43:12:DF:42:12:55:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v2wd9mI3TUrs0Miz-EMS30ISVZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/yd8_f-atyxFNKtcv_cFVTfpnZt4.roa
Signing time: Thu 02 Jan 2025 15:50:13 +0000
ROA not before: Thu 02 Jan 2025 15:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 194.33.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:ce:57:80:61:59:c2:38:41:92:3b:7f:e2:59:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf6c1df662374d4aecd0c8b3f84312df42125599
Validity
Not Before: Jan 2 15:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9df3f7fe6adcb114d2ad72ffdc1554dfa6766de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3e:9d:60:ed:89:c2:b8:6b:96:3c:d9:63:dd:
fc:39:6d:f7:a5:2f:05:89:8f:23:62:06:fe:6e:84:
bc:9b:26:71:6a:ec:23:d4:25:98:5d:ad:9c:6b:9a:
91:8f:ae:ab:77:8c:84:80:df:5e:f1:d7:6b:5d:36:
64:89:85:a2:e8:e6:77:77:b8:0c:89:04:0b:0c:6a:
a0:af:17:6f:ec:f3:ea:f8:3f:f6:f6:2d:6b:81:25:
4a:43:21:d3:59:6f:d3:11:67:28:66:94:50:f6:1b:
eb:24:ef:b3:83:ef:e1:76:2e:fc:b1:03:77:6b:9d:
70:9a:3e:43:d2:c6:f0:85:e7:e9:f7:c4:cb:ec:9d:
46:2f:16:a6:03:9b:18:c6:90:d2:ae:57:e3:e3:99:
a9:f5:ba:4d:e3:b5:56:fb:0d:af:e5:b6:0a:72:e6:
80:bc:d8:94:f8:82:33:b5:87:07:ea:ea:0a:2f:49:
d6:ec:64:c9:c7:50:04:6d:49:44:f0:4c:91:3d:a7:
cc:8d:ae:a1:4f:fd:b5:6a:78:e6:b1:54:fa:fc:07:
87:f6:a4:e7:c1:0e:05:eb:02:3b:eb:02:0f:58:3e:
58:9f:06:97:f9:76:83:b2:bc:b8:25:59:e6:a9:c6:
13:67:7e:f4:44:4d:3d:7e:7d:05:e9:ae:da:8e:14:
81:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DF:3F:7F:E6:AD:CB:11:4D:2A:D7:2F:FD:C1:55:4D:FA:67:66:DE
X509v3 Authority Key Identifier:
keyid:BF:6C:1D:F6:62:37:4D:4A:EC:D0:C8:B3:F8:43:12:DF:42:12:55:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v2wd9mI3TUrs0Miz-EMS30ISVZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/yd8_f-atyxFNKtcv_cFVTfpnZt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/v2wd9mI3TUrs0Miz-EMS30ISVZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.184.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:73:f0:96:b5:ad:d9:ab:9f:6c:aa:ca:5f:57:1e:1e:d0:f1:
f1:55:04:cc:b3:16:51:de:d8:7b:ee:66:6c:4c:bf:4c:85:79:
26:9c:8f:f7:18:76:6e:99:e4:ba:e1:76:a9:e3:83:11:23:e0:
ff:7d:c9:6c:1c:f2:2e:d2:4c:65:4e:ca:0e:bf:87:c9:d9:19:
06:bb:cb:d0:86:cf:fc:bb:85:e2:3e:1f:ea:d5:eb:42:16:32:
b4:bb:2b:08:c0:8d:a6:f4:6e:87:7d:4f:46:9b:1b:ef:47:2a:
eb:dd:a5:4a:d4:de:f4:b6:cd:14:94:16:87:f3:64:e4:75:6b:
b8:60:e3:9e:dc:99:3d:14:26:1c:df:75:2f:86:5b:2b:8e:79:
ce:37:3b:61:db:1a:0e:76:f5:bc:1c:6b:7e:a6:cf:6d:5c:05:
51:96:31:d7:7b:37:7f:67:0e:dc:17:9f:1e:08:28:9f:59:cf:
bb:c4:a7:7a:4f:11:c6:1b:a8:04:a0:ff:dd:53:ec:87:17:31:
cd:45:5c:2b:e0:d1:f9:f5:47:d0:7f:f6:a3:73:ed:b7:5e:ec:
ea:6c:60:a6:fb:c6:bb:01:f4:cf:92:3b:79:89:55:c5:55:26:
fd:a4:c6:da:56:b9:d2:cc:b9:13:22:7d:03:c1:53:57:60:3f:
16:af:da:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntc5XgGFZwjhBkjt/4lmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNmMxZGY2NjIzNzRkNGFlY2QwYzhiM2Y4NDMxMmRmNDIx
MjU1OTkwHhcNMjUwMTAyMTU1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRmM2Y3ZmU2YWRjYjExNGQyYWQ3MmZmZGMxNTU0ZGZhNjc2NmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0z6dYO2JwrhrljzZY938OW33pS8F
iY8jYgb+boS8myZxauwj1CWYXa2ca5qRj66rd4yEgN9e8ddrXTZkiYWi6OZ3d7gM
iQQLDGqgrxdv7PPq+D/29i1rgSVKQyHTWW/TEWcoZpRQ9hvrJO+zg+/hdi78sQN3
a51wmj5D0sbwhefp98TL7J1GLxamA5sYxpDSrlfj45mp9bpN47VW+w2v5bYKcuaA
vNiU+IIztYcH6uoKL0nW7GTJx1AEbUlE8EyRPafMja6hT/21anjmsVT6/AeH9qTn
wQ4F6wI76wIPWD5YnwaX+XaDsry4JVnmqcYTZ370RE09fn0F6a7ajhSBGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnfP3/mrcsRTSrXL/3BVU36Z2beMB8GA1UdIwQY
MBaAFL9sHfZiN01K7NDIs/hDEt9CElWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjJ3ZDltSTNUVXJzME1pei1FTVMzMElTVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZDIyMGItNWY3MC00OWMyLTljYzct
OTA4NDE5ZDM5NDAxLzEveWQ4X2YtYXR5eEZOS3Rjdl9jRlZUZnBuWnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZDIyMGItNWY3MC00OWMyLTljYzctOTA4NDE5ZDM5NDAx
LzEvdjJ3ZDltSTNUVXJzME1pei1FTVMzMElTVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiG4MA0G
CSqGSIb3DQEBCwUAA4IBAQBuc/CWta3Zq59sqspfVx4e0PHxVQTMsxZR3th77mZs
TL9MhXkmnI/3GHZumeS64Xap44MRI+D/fclsHPIu0kxlTsoOv4fJ2RkGu8vQhs/8
u4XiPh/q1etCFjK0uysIwI2m9G6HfU9GmxvvRyrr3aVK1N70ts0UlBaH82TkdWu4
YOOe3Jk9FCYc33UvhlsrjnnONzth2xoOdvW8HGt+ps9tXAVRljHXezd/Zw7cF58e
CCifWc+7xKd6TxHGG6gEoP/dU+yHFzHNRVwr4NH59UfQf/ajc+23XuzqbGCm+8a7
AfTPkjt5iVXFVSb9pMbaVrnSzLkTIn0DwVNXYD8Wr9rh
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:40:08 2025 by rpki-client