Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/yjnwve9VZeaHi-3CXqtllo4WdPo.roa
File: yjnwve9VZeaHi-3CXqtllo4WdPo.roa (raw, json)
Hash identifier: WA7EwoGEGMljyqpgeJdqa6J+Ku8E4d4I5NTIiFkV1O4=
Subject key identifier: CA:39:F0:BD:EF:55:65:E6:87:8B:ED:C2:5E:AB:65:96:8E:16:74:FA
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 0194228DA13A760FCCBA6361D68CADDE6751
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/yjnwve9VZeaHi-3CXqtllo4WdPo.roa
Signing time: Wed 01 Jan 2025 15:48:14 +0000
ROA not before: Wed 01 Jan 2025 15:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49027
IP address blocks: 195.33.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:a1:3a:76:0f:cc:ba:63:61:d6:8c:ad:de:67:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 15:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca39f0bdef5565e6878bedc25eab65968e1674fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cf:de:ae:60:d1:4c:e7:18:c3:56:e5:83:84:
39:37:94:05:1a:d8:fa:28:30:e1:54:86:89:80:8c:
a3:7d:60:a1:fc:b6:2c:9c:02:d2:26:3d:be:5d:65:
fb:c2:cc:91:ed:03:58:4d:07:ad:52:4c:37:58:d6:
30:0f:6a:3d:6e:88:8c:82:c4:f8:c8:31:04:c5:5f:
47:63:5e:c6:06:e8:12:4c:d9:98:74:ff:0f:5b:75:
3b:2c:08:4f:e6:ba:36:f2:b7:53:07:84:aa:82:94:
db:dd:66:79:54:34:de:cc:bd:ec:fb:41:42:5e:c1:
ec:77:e6:7b:71:06:a1:25:d1:e6:2b:0f:2b:1e:39:
bd:09:f5:09:01:23:8e:07:e1:e2:de:d3:66:a5:88:
2b:90:1e:24:cd:02:f7:26:10:5d:f7:e9:68:f8:55:
19:29:24:3e:4e:0d:b0:1a:5b:64:81:ef:74:a1:7b:
8e:29:6d:1f:63:0f:d6:4d:be:ba:d1:96:14:d3:05:
3a:3a:5a:65:66:3f:c9:7a:d7:9d:1e:86:de:33:62:
35:42:18:47:9a:ca:80:aa:07:0e:30:ea:db:7f:4c:
ea:47:66:b8:7a:c0:c4:42:17:51:9f:e6:c3:6f:ea:
c1:8e:e9:76:a0:94:88:df:b0:8c:c6:f6:b8:fe:2d:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:39:F0:BD:EF:55:65:E6:87:8B:ED:C2:5E:AB:65:96:8E:16:74:FA
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/yjnwve9VZeaHi-3CXqtllo4WdPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.33.202.0/24
Signature Algorithm: sha256WithRSAEncryption
33:af:b5:e1:bb:0a:ed:2f:37:91:05:00:bd:44:99:8f:b8:ca:
e9:f0:11:3d:04:d8:bd:db:2f:ec:b3:f1:81:3e:b0:d2:30:4e:
22:d2:ea:a7:d7:a0:f3:ba:1d:14:14:cb:8c:cd:d6:ad:ae:d9:
c4:f5:26:18:f6:f8:67:27:bb:26:69:4c:20:06:31:19:0d:ae:
70:28:db:27:34:cc:cc:7f:a2:d3:42:2d:61:3e:49:63:06:5c:
27:a5:71:eb:b8:b6:4c:e6:6b:96:5a:0b:4b:0b:65:87:ef:7b:
b0:05:e9:42:be:11:42:99:76:9d:73:d7:33:fe:8c:68:97:74:
62:ec:1d:7b:8d:61:e7:b9:61:07:aa:e8:39:40:0d:1b:a1:09:
3a:b2:2c:6e:5a:49:ec:dd:b5:3e:f0:93:23:fc:64:3b:13:e7:
69:4a:08:e2:b0:e4:ee:7b:a6:d4:39:b3:2f:06:4e:f5:a5:18:
24:3e:73:79:af:b4:2b:82:82:67:47:4f:49:fd:48:ae:59:16:
6c:c3:2a:95:b3:13:f0:9f:37:24:ea:b2:e1:9d:26:91:75:4c:
f5:c1:32:71:00:ff:bd:a9:41:9d:fe:2a:9e:2c:20:7e:21:55:
d8:08:5d:cc:36:f1:39:8f:47:e4:95:73:a2:2f:7a:f5:fb:b0:
32:ff:19:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijaE6dg/MumNh1oyt3mdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwMTAxMTU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM5ZjBiZGVmNTU2NWU2ODc4YmVkYzI1ZWFiNjU5NjhlMTY3NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc/ermDRTOcYw1blg4Q5N5QFGtj6
KDDhVIaJgIyjfWCh/LYsnALSJj2+XWX7wsyR7QNYTQetUkw3WNYwD2o9boiMgsT4
yDEExV9HY17GBugSTNmYdP8PW3U7LAhP5ro28rdTB4SqgpTb3WZ5VDTezL3s+0FC
XsHsd+Z7cQahJdHmKw8rHjm9CfUJASOOB+Hi3tNmpYgrkB4kzQL3JhBd9+lo+FUZ
KSQ+Tg2wGltkge90oXuOKW0fYw/WTb660ZYU0wU6OlplZj/JetedHobeM2I1QhhH
msqAqgcOMOrbf0zqR2a4esDEQhdRn+bDb+rBjul2oJSI37CMxva4/i1rfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMo58L3vVWXmh4vtwl6rZZaOFnT6MB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEveWpud3ZlOVZaZWFIaS0zQ1hxdGxsbzRXZFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyHKMA0G
CSqGSIb3DQEBCwUAA4IBAQAzr7XhuwrtLzeRBQC9RJmPuMrp8BE9BNi92y/ss/GB
PrDSME4i0uqn16Dzuh0UFMuMzdatrtnE9SYY9vhnJ7smaUwgBjEZDa5wKNsnNMzM
f6LTQi1hPkljBlwnpXHruLZM5muWWgtLC2WH73uwBelCvhFCmXadc9cz/oxol3Ri
7B17jWHnuWEHqug5QA0boQk6sixuWkns3bU+8JMj/GQ7E+dpSgjisOTue6bUObMv
Bk71pRgkPnN5r7QrgoJnR09J/UiuWRZswyqVsxPwnzck6rLhnSaRdUz1wTJxAP+9
qUGd/iqeLCB+IVXYCF3MNvE5j0fklXOiL3r1+7Ay/xkd
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:34:27 2025 by rpki-client