Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/1zPmCa_n4npQByWV57mbbNaogt8.roa
File: 1zPmCa_n4npQByWV57mbbNaogt8.roa (raw, json)
Hash identifier: dFtgg8FcI20vmgo3zE4v/V+3CGTP1fI2Dy6va/nig+E=
Subject key identifier: D7:33:E6:09:AF:E7:E2:7A:50:07:25:95:E7:B9:9B:6C:D6:A8:82:DF
Certificate issuer: /CN=94962e2afa7748f45265d89fd15624b584e72466
Certificate serial: 019427B4B26D8E704412EAA92A306B602D2E
Authority key identifier: 94:96:2E:2A:FA:77:48:F4:52:65:D8:9F:D1:56:24:B5:84:E7:24:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJYuKvp3SPRSZdif0VYktYTnJGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/1zPmCa_n4npQByWV57mbbNaogt8.roa
Signing time: Thu 02 Jan 2025 15:49:00 +0000
ROA not before: Thu 02 Jan 2025 15:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 131.220.0.0/16 maxlen: 17
193.23.254.0/24 maxlen: 32
193.30.3.0/24 maxlen: 24
2a00:5ba0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:b2:6d:8e:70:44:12:ea:a9:2a:30:6b:60:2d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94962e2afa7748f45265d89fd15624b584e72466
Validity
Not Before: Jan 2 15:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d733e609afe7e27a50072595e7b99b6cd6a882df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8a:b9:0e:f8:5d:09:ed:fb:50:7c:85:3c:a5:
91:1d:0a:73:01:58:ff:af:5c:95:95:eb:1f:93:75:
cd:ed:bd:19:4c:f4:23:3c:15:d7:f1:7f:e7:01:48:
2f:15:ca:db:8a:94:80:76:29:14:6c:dd:70:6e:d0:
6f:ee:4e:d6:fb:c4:29:c5:06:38:e2:b9:d7:f3:5e:
2b:d6:4c:b1:d5:a0:da:d0:3a:de:f0:42:0b:e3:80:
ae:50:f4:be:54:92:29:3e:91:b4:73:29:70:51:07:
bf:05:ee:f2:69:d6:f4:21:c4:14:bd:ca:63:2b:f0:
dc:c3:3f:ac:96:e9:8e:ef:2f:00:c5:27:65:87:3b:
7a:58:8a:ef:02:93:bf:ed:fd:cc:52:21:79:9f:61:
68:1c:7e:c6:e1:02:d5:c6:f8:f9:e7:4c:a9:8a:62:
97:21:e6:53:2b:e5:aa:dc:f3:67:6c:83:11:45:a5:
f9:13:32:6b:06:86:2c:4e:ae:62:25:e4:d7:52:39:
ba:98:af:62:30:1c:3c:10:1e:e7:b2:ff:a1:b9:b7:
7c:ff:29:a4:32:d2:78:3b:b8:63:a3:8c:7b:08:ca:
cb:b1:1f:a1:aa:2b:c8:5f:53:0f:5f:82:33:2c:ca:
44:91:ba:2d:3e:ef:53:8e:64:a5:2a:b5:94:19:e5:
f7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:33:E6:09:AF:E7:E2:7A:50:07:25:95:E7:B9:9B:6C:D6:A8:82:DF
X509v3 Authority Key Identifier:
keyid:94:96:2E:2A:FA:77:48:F4:52:65:D8:9F:D1:56:24:B5:84:E7:24:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJYuKvp3SPRSZdif0VYktYTnJGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/1zPmCa_n4npQByWV57mbbNaogt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2db683-c9e9-4647-823b-cd403bdee4df/1/lJYuKvp3SPRSZdif0VYktYTnJGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.220.0.0/16
193.23.254.0/24
193.30.3.0/24
IPv6:
2a00:5ba0::/29
Signature Algorithm: sha256WithRSAEncryption
21:47:cd:bc:96:da:7c:45:0f:e4:eb:75:36:ff:98:2d:5d:53:
8d:18:2b:6e:fe:83:9b:a4:5d:ee:10:30:20:e6:5f:10:4c:c7:
4b:41:f7:dd:b7:10:2d:8f:dd:5b:a9:32:07:38:91:8a:09:47:
4a:fc:e1:5a:21:d0:23:8b:1f:dc:85:d8:0e:34:6e:12:ae:8a:
08:31:21:44:1c:14:06:5e:65:7a:b1:bb:5a:fa:3c:d7:dc:d2:
13:e1:80:d4:be:c5:6d:61:b6:59:e3:20:f1:52:3c:29:4d:2b:
19:88:fa:8a:69:7d:fc:63:f7:69:d4:ab:b0:80:ef:3e:f0:ff:
08:36:3f:f3:77:fe:f0:50:77:00:b9:e7:de:ab:1d:4b:cd:f9:
c6:3e:8a:7b:d9:71:7c:fd:0f:ae:9e:91:a8:31:65:e2:ba:75:
b5:d7:a0:49:c8:bb:a2:88:5e:73:2c:fd:7f:42:3d:8a:2e:d3:
2b:2d:d5:88:c4:bb:76:97:3a:2f:57:1b:89:f5:bc:1b:31:47:
e2:30:fb:60:83:4e:68:50:17:64:b9:80:a5:fc:96:c4:d1:fc:
80:ec:9d:f9:11:f9:7a:8b:c0:e0:aa:d0:32:c5:1b:73:40:a3:
6c:3f:d8:a3:cb:73:bf:37:49:29:b1:8f:1c:97:32:c3:dd:8c:
c8:05:12:58
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQntLJtjnBEEuqpKjBrYC0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTYyZTJhZmE3NzQ4ZjQ1MjY1ZDg5ZmQxNTYyNGI1ODRl
NzI0NjYwHhcNMjUwMTAyMTU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzMzZTYwOWFmZTdlMjdhNTAwNzI1OTVlN2I5OWI2Y2Q2YTg4MmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYq5DvhdCe37UHyFPKWRHQpzAVj/
r1yVlesfk3XN7b0ZTPQjPBXX8X/nAUgvFcrbipSAdikUbN1wbtBv7k7W+8QpxQY4
4rnX814r1kyx1aDa0Dre8EIL44CuUPS+VJIpPpG0cylwUQe/Be7yadb0IcQUvcpj
K/Dcwz+slumO7y8AxSdlhzt6WIrvApO/7f3MUiF5n2FoHH7G4QLVxvj550ypimKX
IeZTK+Wq3PNnbIMRRaX5EzJrBoYsTq5iJeTXUjm6mK9iMBw8EB7nsv+hubd8/ymk
MtJ4O7hjo4x7CMrLsR+hqivIX1MPX4IzLMpEkbotPu9TjmSlKrWUGeX3QwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNcz5gmv5+J6UAcllee5m2zWqILfMB8GA1UdIwQY
MBaAFJSWLir6d0j0UmXYn9FWJLWE5yRmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpZdUt2cDNTUFJTWmRpZjBWWWt0WVRuSkdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yZGI2ODMtYzllOS00NjQ3LTgyM2It
Y2Q0MDNiZGVlNGRmLzEvMXpQbUNhX240bnBRQnlXVjU3bWJiTmFvZ3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yZGI2ODMtYzllOS00NjQ3LTgyM2ItY2Q0MDNiZGVlNGRm
LzEvbEpZdUt2cDNTUFJTWmRpZjBWWWt0WVRuSkdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAg9wDBADB
F/4DBADBHgMwDQQCAAIwBwMFAyoAW6AwDQYJKoZIhvcNAQELBQADggEBACFHzbyW
2nxFD+TrdTb/mC1dU40YK27+g5ukXe4QMCDmXxBMx0tB9923EC2P3VupMgc4kYoJ
R0r84Voh0COLH9yF2A40bhKuiggxIUQcFAZeZXqxu1r6PNfc0hPhgNS+xW1htlnj
IPFSPClNKxmI+oppffxj92nUq7CA7z7w/wg2P/N3/vBQdwC5596rHUvN+cY+invZ
cXz9D66ekagxZeK6dbXXoEnIu6KIXnMs/X9CPYou0yst1YjEu3aXOi9XG4n1vBsx
R+Iw+2CDTmhQF2S5gKX8lsTR/IDsnfkR+XqLwOCq0DLFG3NAo2w/2KPLc783SSmx
jxyXMsPdjMgFElg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:21 2025 by rpki-client