Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ba4ad2-f40e-4f4b-a60d-753ab19687d8/1/sDxpznD622IBmCwhTrt_B44PazE.roa
File: sDxpznD622IBmCwhTrt_B44PazE.roa (raw, json)
Hash identifier: AO4E60D91hS3sicpGFN2tbiGRNqbkarpPyksrki/GFA=
Subject key identifier: B0:3C:69:CE:70:FA:DB:62:01:98:2C:21:4E:BB:7F:07:8E:0F:6B:31
Certificate issuer: /CN=dda5a222acb99ab2398439eded7770a65ee66de6
Certificate serial: 0185734CCE6A115DB8C2DD7594A4833C7FAE
Authority key identifier: DD:A5:A2:22:AC:B9:9A:B2:39:84:39:ED:ED:77:70:A6:5E:E6:6D:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3aWiIqy5mrI5hDnt7Xdwpl7mbeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ba4ad2-f40e-4f4b-a60d-753ab19687d8/1/sDxpznD622IBmCwhTrt_B44PazE.roa
Signing time: Mon 02 Jan 2023 16:24:51 +0000
ROA not before: Mon 02 Jan 2023 16:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198298
IP address blocks: 194.33.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:ce:6a:11:5d:b8:c2:dd:75:94:a4:83:3c:7f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dda5a222acb99ab2398439eded7770a65ee66de6
Validity
Not Before: Jan 2 16:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b03c69ce70fadb6201982c214ebb7f078e0f6b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1d:ba:8a:74:42:9d:e0:a8:16:dd:fa:59:18:
83:06:ef:0e:ff:cd:45:72:e0:fc:ed:50:f7:70:70:
fd:22:4c:1e:ed:db:8a:ff:18:73:8c:d2:e8:05:01:
ba:27:2f:51:58:ce:9d:0b:69:a3:98:40:28:bc:0f:
36:a2:b9:0d:72:2c:b7:b4:a7:8e:fa:35:09:23:b9:
85:a9:5f:c3:6a:38:76:9f:ee:d5:a9:ef:b4:92:85:
1b:b5:42:63:c3:d1:35:77:84:72:58:92:45:56:71:
56:a7:3a:64:47:a5:b6:23:af:ee:2b:81:31:40:d8:
de:e4:ca:ac:cb:8d:0d:c7:c4:75:4c:97:53:cf:fd:
37:8b:cd:37:39:05:58:f8:42:76:e3:fe:4a:34:d8:
46:ab:a9:c5:cd:8b:4b:2e:3e:3b:dd:39:72:0c:8a:
08:32:3e:41:48:6c:2b:54:4e:b0:82:1c:b6:ff:24:
69:81:78:a3:f3:22:1d:dc:7c:1a:e3:69:e4:85:fb:
0b:15:85:b7:90:54:d2:33:e2:d1:7e:2c:af:37:5c:
ff:7f:ce:1d:0b:65:a0:92:5f:ed:84:a6:ca:81:67:
68:a2:71:12:12:1b:3b:0e:8b:3a:27:ae:3b:f5:b1:
3b:40:5e:2d:27:fa:9f:72:ea:2c:21:be:42:f9:e9:
06:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3C:69:CE:70:FA:DB:62:01:98:2C:21:4E:BB:7F:07:8E:0F:6B:31
X509v3 Authority Key Identifier:
keyid:DD:A5:A2:22:AC:B9:9A:B2:39:84:39:ED:ED:77:70:A6:5E:E6:6D:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3aWiIqy5mrI5hDnt7Xdwpl7mbeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ba4ad2-f40e-4f4b-a60d-753ab19687d8/1/sDxpznD622IBmCwhTrt_B44PazE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ba4ad2-f40e-4f4b-a60d-753ab19687d8/1/3aWiIqy5mrI5hDnt7Xdwpl7mbeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.12.0/24
Signature Algorithm: sha256WithRSAEncryption
67:57:a0:20:ef:68:51:f7:4e:4b:61:5f:2e:f9:b4:6b:63:31:
e9:75:a9:2d:ff:e6:e7:7c:29:35:ad:ce:3f:b5:3a:24:6b:6b:
78:fb:fe:d7:76:07:0f:15:29:dd:83:24:9a:2c:28:bd:fb:e5:
a0:45:8c:df:36:e5:70:fa:4d:52:d0:89:30:3e:2d:28:42:7b:
0a:13:a8:b2:a3:f7:4c:03:fa:14:fd:f4:2c:a4:20:e7:57:e8:
16:d0:23:98:b5:a7:3f:71:76:fc:b3:d2:e9:90:27:c3:e7:62:
ed:e2:41:8f:8f:79:95:df:78:ee:c1:55:2e:d7:35:70:51:c6:
95:0c:a4:dd:20:43:e0:5a:67:50:99:34:aa:25:40:07:ff:5a:
28:c5:69:b9:7f:0d:0a:26:44:76:9c:71:d7:b7:21:10:21:6b:
e3:84:b4:27:01:66:c6:76:6a:29:61:c3:da:e8:ae:77:b4:47:
4d:73:d6:c2:66:34:54:4d:73:a0:58:e5:c7:73:44:21:4a:c0:
1c:a2:96:da:2d:98:af:ec:23:d4:ae:09:ff:46:70:a0:37:a7:
65:09:66:28:66:a9:d6:4b:3d:21:8c:4f:7d:45:1f:a0:48:90:
8a:63:78:be:c7:21:9b:36:da:fa:4a:27:12:2f:4a:2c:6a:71:
f0:11:ea:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTM5qEV24wt11lKSDPH+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYTVhMjIyYWNiOTlhYjIzOTg0MzllZGVkNzc3MGE2NWVl
NjZkZTYwHhcNMjMwMTAyMTYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNjNjljZTcwZmFkYjYyMDE5ODJjMjE0ZWJiN2YwNzhlMGY2YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR26inRCneCoFt36WRiDBu8O/81F
cuD87VD3cHD9Ikwe7duK/xhzjNLoBQG6Jy9RWM6dC2mjmEAovA82orkNciy3tKeO
+jUJI7mFqV/Dajh2n+7Vqe+0koUbtUJjw9E1d4RyWJJFVnFWpzpkR6W2I6/uK4Ex
QNje5Mqsy40Nx8R1TJdTz/03i803OQVY+EJ24/5KNNhGq6nFzYtLLj473TlyDIoI
Mj5BSGwrVE6wghy2/yRpgXij8yId3Hwa42nkhfsLFYW3kFTSM+LRfiyvN1z/f84d
C2Wgkl/thKbKgWdoonESEhs7Dos6J6479bE7QF4tJ/qfcuosIb5C+ekG+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLA8ac5w+ttiAZgsIU67fweOD2sxMB8GA1UdIwQY
MBaAFN2loiKsuZqyOYQ57e13cKZe5m3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2FXaUlxeTVtckk1aERudDdYZHdwbDdtYmVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYTRhZDItZjQwZS00ZjRiLWE2MGQt
NzUzYWIxOTY4N2Q4LzEvc0R4cHpuRDYyMklCbUN3aFRydF9CNDRQYXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYTRhZDItZjQwZS00ZjRiLWE2MGQtNzUzYWIxOTY4N2Q4
LzEvM2FXaUlxeTVtckk1aERudDdYZHdwbDdtYmVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiEMMA0G
CSqGSIb3DQEBCwUAA4IBAQBnV6Ag72hR905LYV8u+bRrYzHpdakt/+bnfCk1rc4/
tToka2t4+/7XdgcPFSndgySaLCi9++WgRYzfNuVw+k1S0IkwPi0oQnsKE6iyo/dM
A/oU/fQspCDnV+gW0COYtac/cXb8s9LpkCfD52Lt4kGPj3mV33juwVUu1zVwUcaV
DKTdIEPgWmdQmTSqJUAH/1ooxWm5fw0KJkR2nHHXtyEQIWvjhLQnAWbGdmopYcPa
6K53tEdNc9bCZjRUTXOgWOXHc0QhSsAcopbaLZiv7CPUrgn/RnCgN6dlCWYoZqnW
Sz0hjE99RR+gSJCKY3i+xyGbNtr6SicSL0osanHwEepU
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:53:55 2025 by rpki-client