Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/NdVYKLIGP2QzOZX__MqzIgHzXXA.roa
File: NdVYKLIGP2QzOZX__MqzIgHzXXA.roa (raw, json)
Hash identifier: JpTAajbqtuyws0Zyn29UdijI9/GnNDr8LpptWtQUD6A=
Subject key identifier: 35:D5:58:28:B2:06:3F:64:33:39:95:FF:FC:CA:B3:22:01:F3:5D:70
Certificate issuer: /CN=7a7ece94de5df6a1a34c98ec66d3d968e5b29b21
Certificate serial: 019427B58E0BAB0FFE1CCF7870000502D6E4
Authority key identifier: 7A:7E:CE:94:DE:5D:F6:A1:A3:4C:98:EC:66:D3:D9:68:E5:B2:9B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/en7OlN5d9qGjTJjsZtPZaOWymyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/NdVYKLIGP2QzOZX__MqzIgHzXXA.roa
Signing time: Thu 02 Jan 2025 15:49:57 +0000
ROA not before: Thu 02 Jan 2025 15:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 194.147.141.0/24 maxlen: 24
2001:67c:5dc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8e:0b:ab:0f:fe:1c:cf:78:70:00:05:02:d6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a7ece94de5df6a1a34c98ec66d3d968e5b29b21
Validity
Not Before: Jan 2 15:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35d55828b2063f64333995fffccab32201f35d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cb:99:77:f4:6c:1a:94:a8:af:a7:ca:a2:1f:
01:2d:e1:21:85:22:72:32:1b:46:0e:e8:29:57:f3:
68:31:53:0b:da:00:65:36:08:83:49:90:01:a4:7d:
b5:80:62:26:62:c6:b4:32:c6:58:c8:f5:82:bf:4d:
5d:c6:3a:fa:df:84:48:12:fa:4a:a4:06:99:4c:99:
53:d1:6b:b7:a1:0f:f3:18:00:85:46:23:7d:c1:8f:
d2:de:16:26:3c:d5:6c:99:4a:a2:9b:6b:22:7f:e1:
00:7a:ed:a7:e8:aa:71:f5:8e:ca:8d:28:21:5f:53:
c7:cf:4e:4e:ba:77:f9:4d:45:f7:06:9d:c0:8e:74:
aa:91:cf:4a:f5:45:68:fc:00:f0:c5:5e:91:80:d1:
3f:27:25:49:46:ad:ba:75:d3:da:24:92:a3:98:e2:
5f:c1:73:f6:05:6f:41:ba:84:e7:c7:09:1c:4e:a8:
8d:8f:1d:0a:53:25:9b:3a:25:42:e0:75:3f:ed:e1:
3a:49:63:69:f1:72:ce:03:a8:2b:23:2d:f2:c8:8c:
5e:fd:ba:4a:65:d7:8a:4f:ec:30:fa:ae:48:86:92:
23:08:25:79:95:a2:45:92:d6:68:58:a3:46:38:49:
cb:dd:ff:79:16:0d:37:23:41:24:62:91:94:f0:aa:
db:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D5:58:28:B2:06:3F:64:33:39:95:FF:FC:CA:B3:22:01:F3:5D:70
X509v3 Authority Key Identifier:
keyid:7A:7E:CE:94:DE:5D:F6:A1:A3:4C:98:EC:66:D3:D9:68:E5:B2:9B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/en7OlN5d9qGjTJjsZtPZaOWymyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/NdVYKLIGP2QzOZX__MqzIgHzXXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/bf4e88-0058-4df8-999a-fae5fe900cbd/1/en7OlN5d9qGjTJjsZtPZaOWymyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.141.0/24
IPv6:
2001:67c:5dc::/48
Signature Algorithm: sha256WithRSAEncryption
65:aa:43:0f:9d:3e:aa:a7:64:5a:cc:ca:d5:8c:49:25:54:d7:
49:98:c4:8f:d0:d6:34:e0:65:6d:a5:8a:31:96:d5:c0:12:fe:
64:2a:1e:62:6b:33:85:e0:44:3a:ee:79:75:6b:84:8e:17:f0:
e8:4f:bd:8b:ee:53:58:ec:33:de:37:5d:19:fb:e6:58:79:aa:
f4:34:6d:99:b4:65:2f:2f:a1:d4:cc:06:87:26:42:19:a4:ed:
cd:1e:bc:24:e6:4f:b6:1b:39:29:ff:a9:1a:3d:09:fb:55:3f:
c6:86:ee:7c:c8:a6:fd:4b:f8:ef:0f:9a:c6:0e:69:b1:3e:f9:
df:11:5e:72:73:8f:00:eb:bb:90:91:9b:5a:54:50:13:7c:14:
2f:e5:99:a4:18:e5:fc:7e:30:d3:c3:60:56:23:9f:cb:9d:af:
e6:f2:cf:d8:1c:bc:88:f9:c7:f1:b0:90:00:7c:9a:21:36:9d:
f8:86:6d:42:73:8b:b1:4e:3d:b8:23:ed:a7:b1:98:74:4c:63:
b4:0d:85:cc:4d:6d:b4:c4:65:83:4b:65:d8:77:ec:c9:81:0f:
21:33:54:cd:7a:20:4f:20:73:63:db:8c:c5:f4:24:2a:af:67:
1f:0b:ca:8e:cd:99:1d:7b:41:f6:b7:d7:06:38:41:66:9b:c2:
5e:5d:2a:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQntY4Lqw/+HM94cAAFAtbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhN2VjZTk0ZGU1ZGY2YTFhMzRjOThlYzY2ZDNkOTY4ZTVi
MjliMjEwHhcNMjUwMTAyMTU0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ1NTgyOGIyMDYzZjY0MzMzOTk1ZmZmY2NhYjMyMjAxZjM1ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8uZd/RsGpSor6fKoh8BLeEhhSJy
MhtGDugpV/NoMVML2gBlNgiDSZABpH21gGImYsa0MsZYyPWCv01dxjr634RIEvpK
pAaZTJlT0Wu3oQ/zGACFRiN9wY/S3hYmPNVsmUqim2sif+EAeu2n6Kpx9Y7KjSgh
X1PHz05Ounf5TUX3Bp3AjnSqkc9K9UVo/ADwxV6RgNE/JyVJRq26ddPaJJKjmOJf
wXP2BW9BuoTnxwkcTqiNjx0KUyWbOiVC4HU/7eE6SWNp8XLOA6grIy3yyIxe/bpK
ZdeKT+ww+q5IhpIjCCV5laJFktZoWKNGOEnL3f95Fg03I0EkYpGU8KrbqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDXVWCiyBj9kMzmV//zKsyIB811wMB8GA1UdIwQY
MBaAFHp+zpTeXfaho0yY7GbT2WjlspshMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW43T2xONWQ5cUdqVEpqc1p0UFphT1d5bXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iZjRlODgtMDA1OC00ZGY4LTk5OWEt
ZmFlNWZlOTAwY2JkLzEvTmRWWUtMSUdQMlF6T1pYX19NcXpJZ0h6WFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iZjRlODgtMDA1OC00ZGY4LTk5OWEtZmFlNWZlOTAwY2Jk
LzEvZW43T2xONWQ5cUdqVEpqc1p0UFphT1d5bXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwpONMA8E
AgACMAkDBwAgAQZ8BdwwDQYJKoZIhvcNAQELBQADggEBAGWqQw+dPqqnZFrMytWM
SSVU10mYxI/Q1jTgZW2lijGW1cAS/mQqHmJrM4XgRDrueXVrhI4X8OhPvYvuU1js
M943XRn75lh5qvQ0bZm0ZS8vodTMBocmQhmk7c0evCTmT7YbOSn/qRo9CftVP8aG
7nzIpv1L+O8PmsYOabE++d8RXnJzjwDru5CRm1pUUBN8FC/lmaQY5fx+MNPDYFYj
n8udr+byz9gcvIj5x/GwkAB8miE2nfiGbUJzi7FOPbgj7aexmHRMY7QNhcxNbbTE
ZYNLZdh37MmBDyEzVM16IE8gc2PbjMX0JCqvZx8Lyo7NmR17Qfa31wY4QWabwl5d
Kt0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:39:21 2025 by rpki-client