Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/dSov7w2eyIME-dLmYE5huJUu4Yg.roa
File: dSov7w2eyIME-dLmYE5huJUu4Yg.roa (raw, json)
Hash identifier: ZBbSGs3xtCwiRVVA/WAQV08kD/BTL0iXtgfJYGFBfeY=
Subject key identifier: 75:2A:2F:EF:0D:9E:C8:83:04:F9:D2:E6:60:4E:61:B8:95:2E:E1:88
Certificate issuer: /CN=c7a2e4eb9fd3ccd1ba44a362f76f989b7b44d5f2
Certificate serial: 01942368C4E5030C6F957663A28390A246A6
Authority key identifier: C7:A2:E4:EB:9F:D3:CC:D1:BA:44:A3:62:F7:6F:98:9B:7B:44:D5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6Lk65_TzNG6RKNi92-Ym3tE1fI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/dSov7w2eyIME-dLmYE5huJUu4Yg.roa
Signing time: Wed 01 Jan 2025 19:47:36 +0000
ROA not before: Wed 01 Jan 2025 19:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35280
IP address blocks: 194.33.68.0/24 maxlen: 24
194.33.70.0/23 maxlen: 23
2001:67c:2994::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:c4:e5:03:0c:6f:95:76:63:a2:83:90:a2:46:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a2e4eb9fd3ccd1ba44a362f76f989b7b44d5f2
Validity
Not Before: Jan 1 19:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=752a2fef0d9ec88304f9d2e6604e61b8952ee188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b0:61:69:01:37:ef:02:f2:f6:1e:94:44:ae:
39:05:b4:eb:c2:82:3c:37:3c:d5:3d:00:5c:22:5d:
26:08:2a:4f:5d:7c:3f:97:3d:50:53:f7:df:a3:89:
d8:30:d3:38:35:40:f0:6d:04:ef:0a:b3:39:67:c7:
d3:20:9d:6d:4c:76:ae:1c:66:3a:c0:b8:db:5b:02:
9c:94:75:10:1d:2e:2e:c1:18:46:30:f2:ff:4d:cf:
1c:1c:e8:3e:d8:44:89:02:48:47:8f:5d:d7:a8:a3:
92:55:ae:70:36:d3:05:8a:ba:5e:54:90:ec:6d:92:
6e:51:47:3f:87:d5:4a:cb:94:75:65:50:aa:00:da:
17:32:49:78:0d:f7:76:27:47:39:2e:1e:fe:0f:76:
22:80:f7:65:75:08:7c:c9:96:e2:4f:eb:94:7f:1f:
a0:a1:9d:38:da:4d:84:ff:f9:48:30:2c:c0:12:68:
bb:56:ce:24:55:24:c0:95:c7:15:3d:c2:64:e6:0c:
8f:db:bd:6d:af:65:86:77:f2:c9:5d:4f:b2:5d:05:
0b:55:45:af:7b:11:5f:f0:ef:a1:68:dd:b5:5e:11:
e8:73:11:2f:29:59:e7:eb:03:5c:45:27:21:9d:ef:
b9:ca:11:39:56:06:b6:eb:62:d0:15:3f:63:42:a1:
88:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:2A:2F:EF:0D:9E:C8:83:04:F9:D2:E6:60:4E:61:B8:95:2E:E1:88
X509v3 Authority Key Identifier:
keyid:C7:A2:E4:EB:9F:D3:CC:D1:BA:44:A3:62:F7:6F:98:9B:7B:44:D5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6Lk65_TzNG6RKNi92-Ym3tE1fI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/dSov7w2eyIME-dLmYE5huJUu4Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/x6Lk65_TzNG6RKNi92-Ym3tE1fI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.68.0/24
194.33.70.0/23
IPv6:
2001:67c:2994::/48
Signature Algorithm: sha256WithRSAEncryption
1f:c2:68:d8:e0:99:c2:85:7c:15:b7:bc:11:94:f1:ba:86:8c:
c4:bb:c1:d1:68:d0:aa:d9:89:db:49:59:fc:73:cb:6b:2c:d6:
f2:b6:a7:2f:b6:ed:5e:9f:03:38:8f:25:a6:65:23:60:a1:6a:
fc:f1:4f:4f:88:78:f8:6f:9f:15:92:55:9d:b4:bc:3e:41:0f:
1a:53:25:45:38:88:2f:cb:75:bc:f2:80:6d:0c:06:e8:44:81:
29:03:e7:9f:fd:dd:f9:60:a5:28:b7:f4:e9:71:ce:bf:76:e4:
dc:38:80:41:b4:fd:1f:d7:64:53:b3:5f:d1:fb:5f:fc:4b:cf:
f4:1c:5a:4d:2a:70:26:b9:f4:1b:43:a6:00:3c:75:07:c3:87:
87:09:d8:f5:0a:5d:4e:a7:7e:33:f2:02:37:97:00:73:95:f2:
d1:ce:b9:26:ce:ba:27:20:b7:5d:90:23:e0:4c:91:5a:23:c4:
7a:7c:7d:51:14:0e:a3:61:cb:a8:c3:08:1e:ea:ba:a0:78:4a:
21:2c:c3:3c:16:1d:a4:48:c3:4c:0b:8e:29:e1:36:3b:4a:2d:
04:a0:7e:f5:36:6e:77:cf:71:3e:37:f3:0b:d3:93:af:80:18:
1c:56:af:00:5f:39:3a:28:26:36:45:83:b0:80:80:1c:ae:97:
f5:54:6a:3d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjaMTlAwxvlXZjooOQokamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YTJlNGViOWZkM2NjZDFiYTQ0YTM2MmY3NmY5ODliN2I0
NGQ1ZjIwHhcNMjUwMTAxMTk0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTJhMmZlZjBkOWVjODgzMDRmOWQyZTY2MDRlNjFiODk1MmVlMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLBhaQE37wLy9h6URK45BbTrwoI8
NzzVPQBcIl0mCCpPXXw/lz1QU/ffo4nYMNM4NUDwbQTvCrM5Z8fTIJ1tTHauHGY6
wLjbWwKclHUQHS4uwRhGMPL/Tc8cHOg+2ESJAkhHj13XqKOSVa5wNtMFirpeVJDs
bZJuUUc/h9VKy5R1ZVCqANoXMkl4Dfd2J0c5Lh7+D3YigPdldQh8yZbiT+uUfx+g
oZ042k2E//lIMCzAEmi7Vs4kVSTAlccVPcJk5gyP271tr2WGd/LJXU+yXQULVUWv
exFf8O+haN21XhHocxEvKVnn6wNcRSchne+5yhE5Vga262LQFT9jQqGIAQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHUqL+8NnsiDBPnS5mBOYbiVLuGIMB8GA1UdIwQY
MBaAFMei5Ouf08zRukSjYvdvmJt7RNXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDZMazY1X1R6Tkc2UktOaTkyLVltM3RFMWZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wZTQ5NzYtZTc1MC00NTY4LTg1ODMt
ZGU2ZWY3Yzk1NTI2LzEvZFNvdjd3MmV5SU1FLWRMbVlFNWh1SlV1NFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wZTQ5NzYtZTc1MC00NTY4LTg1ODMtZGU2ZWY3Yzk1NTI2
LzEveDZMazY1X1R6Tkc2UktOaTkyLVltM3RFMWZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwiFEAwQB
wiFGMA8EAgACMAkDBwAgAQZ8KZQwDQYJKoZIhvcNAQELBQADggEBAB/CaNjgmcKF
fBW3vBGU8bqGjMS7wdFo0KrZidtJWfxzy2ss1vK2py+27V6fAziPJaZlI2Chavzx
T0+IePhvnxWSVZ20vD5BDxpTJUU4iC/LdbzygG0MBuhEgSkD55/93flgpSi39Olx
zr925Nw4gEG0/R/XZFOzX9H7X/xLz/QcWk0qcCa59BtDpgA8dQfDh4cJ2PUKXU6n
fjPyAjeXAHOV8tHOuSbOuicgt12QI+BMkVojxHp8fVEUDqNhy6jDCB7quqB4SiEs
wzwWHaRIw0wLjinhNjtKLQSgfvU2bnfPcT438wvTk6+AGBxWrwBfOTooJjZFg7CA
gByul/VUaj0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:35:36 2025 by rpki-client