Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/s3ygEdb9KAfXVPOQSvOJcG0a0TE.roa
File: s3ygEdb9KAfXVPOQSvOJcG0a0TE.roa (raw, json)
Hash identifier: XFf7aWySDnLeVu6PCJbhlEir4Bg1MlpJfMfmkoYr4TY=
Subject key identifier: B3:7C:A0:11:D6:FD:28:07:D7:54:F3:90:4A:F3:89:70:6D:1A:D1:31
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01942824276C62D107710136EB4072718B18
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/s3ygEdb9KAfXVPOQSvOJcG0a0TE.roa
Signing time: Thu 02 Jan 2025 17:50:45 +0000
ROA not before: Thu 02 Jan 2025 17:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199048
IP address blocks: 83.222.186.0/23 maxlen: 24
83.222.188.0/24 maxlen: 24
94.72.146.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:27:6c:62:d1:07:71:01:36:eb:40:72:71:8b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 2 17:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b37ca011d6fd2807d754f3904af389706d1ad131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:10:52:ca:1b:3b:5c:b6:0e:89:b4:b2:33:4c:
ab:39:8b:52:cb:f8:36:71:f7:6f:91:3d:bb:78:86:
c8:82:72:aa:9d:5a:cd:5b:5d:61:15:84:fa:f5:61:
93:d4:78:b0:73:dc:9d:fb:27:c3:be:52:be:4b:c5:
a5:6b:92:ce:c5:12:47:72:d8:c4:17:33:be:00:45:
76:62:5b:ad:2f:ea:f2:af:05:23:57:69:28:d7:5a:
59:07:01:d3:ee:95:7c:e1:4f:c7:a6:d1:0b:76:b5:
0a:d8:46:88:c7:4a:bc:f0:77:1e:f8:b6:32:46:46:
f8:93:41:83:b4:43:8a:1f:8c:27:86:ce:59:87:8b:
aa:75:81:42:5c:e2:25:44:2f:b1:5c:50:6f:fd:06:
84:20:04:c0:27:a3:17:b4:e1:0d:6d:17:a8:88:99:
05:96:3b:23:3b:82:06:3f:d3:f2:9c:cd:e4:08:a2:
78:b3:29:07:36:6f:34:0f:8f:9c:5e:1d:ff:e6:4b:
8b:46:d1:97:3d:98:23:e3:59:74:eb:cb:06:8d:b6:
ec:dd:7f:97:7b:7a:4e:e2:63:c9:83:c1:37:77:c0:
e2:82:d2:ce:fc:6e:64:9a:63:10:48:94:1b:30:e9:
d7:c3:43:03:ff:c2:e7:4b:db:98:5b:24:02:6a:ff:
08:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:7C:A0:11:D6:FD:28:07:D7:54:F3:90:4A:F3:89:70:6D:1A:D1:31
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/s3ygEdb9KAfXVPOQSvOJcG0a0TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.222.186.0-83.222.188.255
94.72.146.0/23
Signature Algorithm: sha256WithRSAEncryption
96:4f:91:f9:d7:ff:9b:3a:9f:aa:e2:23:34:de:18:6e:28:26:
14:db:ef:04:b5:4e:90:6f:a0:19:e1:fe:81:32:c5:d1:89:2b:
5e:4b:7a:98:db:e2:4d:33:c6:9d:0d:1f:a7:e4:df:8a:e3:72:
fb:01:7b:5d:36:6b:0d:a9:d3:2d:15:a4:9c:57:cd:e1:36:9d:
33:c5:5c:93:34:ad:10:25:8c:0b:6c:30:f6:98:d3:4c:5a:e7:
cb:c6:d1:20:ba:8a:4b:5b:06:fe:ff:5c:49:65:40:8a:61:11:
d4:a5:94:12:77:e8:9a:69:ba:b3:bf:44:f5:e1:0f:76:9f:07:
89:e2:3b:f6:97:2e:da:ff:81:10:ed:fd:f3:99:7b:15:59:c5:
ce:3f:f4:ca:f2:ff:68:6c:ef:cc:55:88:1c:62:bd:46:b0:e6:
45:74:b1:03:59:0c:8c:b3:53:e4:21:cf:d2:3c:3c:25:ae:72:
14:60:43:2b:9d:01:cf:04:6c:2e:3b:c7:2f:4d:ed:91:81:17:
e3:ec:ae:94:6e:40:bc:d7:7e:72:9f:98:37:10:8a:71:db:d5:
67:0b:45:2c:25:a7:09:6c:2c:4b:9c:6f:0b:72:f7:d7:e4:5c:
e4:0b:f6:1e:6b:ce:51:8b:3b:a3:7a:08:04:5c:93:d1:a9:34:
b3:c9:2f:6a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQoJCdsYtEHcQE260BycYsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzdjYTAxMWQ2ZmQyODA3ZDc1NGYzOTA0YWYzODk3MDZkMWFkMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxBSyhs7XLYOibSyM0yrOYtSy/g2
cfdvkT27eIbIgnKqnVrNW11hFYT69WGT1Hiwc9yd+yfDvlK+S8Wla5LOxRJHctjE
FzO+AEV2YlutL+ryrwUjV2ko11pZBwHT7pV84U/HptELdrUK2EaIx0q88Hce+LYy
Rkb4k0GDtEOKH4wnhs5Zh4uqdYFCXOIlRC+xXFBv/QaEIATAJ6MXtOENbReoiJkF
ljsjO4IGP9PynM3kCKJ4sykHNm80D4+cXh3/5kuLRtGXPZgj41l068sGjbbs3X+X
e3pO4mPJg8E3d8DigtLO/G5kmmMQSJQbMOnXw0MD/8LnS9uYWyQCav8IPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLN8oBHW/SgH11TzkErziXBtGtExMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvczN5Z0VkYjlLQWZYVlBPUVN2T0pjRzBhMFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFT3roD
BABT3rwDBAFeSJIwDQYJKoZIhvcNAQELBQADggEBAJZPkfnX/5s6n6riIzTeGG4o
JhTb7wS1TpBvoBnh/oEyxdGJK15Lepjb4k0zxp0NH6fk34rjcvsBe102aw2p0y0V
pJxXzeE2nTPFXJM0rRAljAtsMPaY00xa58vG0SC6iktbBv7/XEllQIphEdSllBJ3
6JppurO/RPXhD3afB4niO/aXLtr/gRDt/fOZexVZxc4/9Mry/2hs78xViBxivUaw
5kV0sQNZDIyzU+Qhz9I8PCWuchRgQyudAc8EbC47xy9N7ZGBF+PsrpRuQLzXfnKf
mDcQinHb1WcLRSwlpwlsLEucbwty99fkXOQL9h5rzlGLO6N6CARck9GpNLPJL2o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:53 2025 by rpki-client