Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/ytDh0ELobkf6U6UFJvD32uKf2TU.roa
File: ytDh0ELobkf6U6UFJvD32uKf2TU.roa (raw, json)
Hash identifier: 6lPwePJBHo15gagGb2dahE1/Q3UgWM6DtWlU5CdkrLk=
Subject key identifier: CA:D0:E1:D0:42:E8:6E:47:FA:53:A5:05:26:F0:F7:DA:E2:9F:D9:35
Certificate issuer: /CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Certificate serial: 019427483D544EFFC48BE83EFE414EF36988
Authority key identifier: 57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/ytDh0ELobkf6U6UFJvD32uKf2TU.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60721
IP address blocks: 193.33.236.0/23 maxlen: 24
193.33.236.0/24 maxlen: 24
193.33.237.0/24 maxlen: 24
195.211.117.0/24 maxlen: 24
195.211.118.0/24 maxlen: 24
195.211.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3d:54:4e:ff:c4:8b:e8:3e:fe:41:4e:f3:69:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cad0e1d042e86e47fa53a50526f0f7dae29fd935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9c:d5:2a:6a:13:98:23:95:f2:d5:a0:1b:ed:
d7:6c:55:f8:87:db:d5:95:c4:06:b4:34:1e:a7:05:
36:e7:1e:a8:5d:0f:27:f1:b1:f6:44:33:db:cc:57:
62:49:02:11:22:ca:c6:a7:28:73:1b:6c:5b:b3:f7:
18:89:a4:9f:74:af:7a:33:3c:e3:5f:c5:c6:a7:70:
fd:6f:2c:dd:16:45:90:ed:90:71:c5:ea:f4:c3:0d:
22:81:21:f4:3c:22:80:9f:59:8b:e3:b6:f6:53:c2:
b2:0a:4f:9a:18:e2:6e:86:fb:f3:9a:e8:c3:7b:48:
cb:f9:83:03:ec:a8:5f:4d:47:e0:77:98:ef:b8:af:
7d:ea:74:52:0b:fb:9c:94:33:b7:7a:cb:c2:67:45:
fe:53:8a:93:e6:88:0a:e3:16:90:76:40:b0:9e:62:
1c:83:a5:12:da:89:60:92:93:8b:0b:0a:45:e4:64:
91:48:c0:80:63:bd:32:45:2d:71:b4:25:8a:1a:e5:
f7:3c:5b:1b:6e:63:e7:d6:ff:4f:ee:c4:2c:f3:fe:
2f:53:6d:60:7c:76:9c:f0:b3:4a:46:25:dc:01:b5:
2f:e7:63:da:52:20:bc:8d:a4:36:ca:28:15:f8:75:
3b:d7:a4:63:5a:16:5d:ae:38:df:10:07:10:9c:39:
54:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D0:E1:D0:42:E8:6E:47:FA:53:A5:05:26:F0:F7:DA:E2:9F:D9:35
X509v3 Authority Key Identifier:
keyid:57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/ytDh0ELobkf6U6UFJvD32uKf2TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.236.0/23
195.211.117.0-195.211.119.255
Signature Algorithm: sha256WithRSAEncryption
a1:be:54:6a:31:96:43:c9:1f:c8:a6:e3:2a:23:d7:87:46:78:
a6:3d:cb:23:a1:6f:b4:77:61:bf:30:10:df:8d:ec:00:d8:53:
ed:1b:d6:c9:30:fe:de:ab:cb:b3:82:45:3c:e7:a4:ad:bc:c7:
37:f3:7c:80:cb:5f:7b:da:bc:0a:37:e8:a8:52:f5:93:96:c3:
85:ae:91:fb:2f:93:a8:b0:a8:e4:07:c4:60:96:7f:c7:b0:04:
de:c2:25:b1:c8:8a:fd:3e:cd:c2:14:07:3f:4b:e4:3d:cb:e0:
fb:e9:1a:2a:de:a1:98:93:15:4c:b7:5e:12:b7:ef:c0:6f:31:
02:75:ad:a1:ae:58:d4:02:6f:67:dc:65:c9:5b:9a:a9:0b:da:
cf:d6:2f:13:aa:fd:23:b6:60:49:8b:88:f4:82:98:67:f7:48:
57:d8:de:a6:5e:92:d8:56:ec:38:bb:50:2b:6d:ea:1d:ab:a2:
81:de:f5:f0:0a:ce:eb:5a:fd:f6:2f:ee:88:c6:f1:50:43:1e:
cf:0a:3e:34:18:1c:08:51:dc:7c:6a:99:64:6e:bb:7d:e1:af:
84:0f:2f:74:e2:9a:6d:47:9e:8f:ff:c5:00:b2:5d:f1:75:2d:
5d:e7:83:f1:1d:ee:8b:b0:d7:5a:d3:37:ed:38:9e:c9:b7:8d:
e3:73:39:8d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnSD1UTv/Ei+g+/kFO82mIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MWNiNTFjYmE2OGViN2VmOTg2N2E3NWQxN2FiMjgwMTgx
OTZhYTEwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQwZTFkMDQyZTg2ZTQ3ZmE1M2E1MDUyNmYwZjdkYWUyOWZkOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JzVKmoTmCOV8tWgG+3XbFX4h9vV
lcQGtDQepwU25x6oXQ8n8bH2RDPbzFdiSQIRIsrGpyhzG2xbs/cYiaSfdK96Mzzj
X8XGp3D9byzdFkWQ7ZBxxer0ww0igSH0PCKAn1mL47b2U8KyCk+aGOJuhvvzmujD
e0jL+YMD7KhfTUfgd5jvuK996nRSC/uclDO3esvCZ0X+U4qT5ogK4xaQdkCwnmIc
g6US2olgkpOLCwpF5GSRSMCAY70yRS1xtCWKGuX3PFsbbmPn1v9P7sQs8/4vU21g
fHac8LNKRiXcAbUv52PaUiC8jaQ2yigV+HU716RjWhZdrjjfEAcQnDlUrQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMrQ4dBC6G5H+lOlBSbw99rin9k1MB8GA1UdIwQY
MBaAFFcctRy6aOt++YZ6ddF6soAYGWqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3Yzkt
ZGQ4NjI3NzRhMDkyLzEveXREaDBFTG9ia2Y2VTZVRkp2RDMydUtmMlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3YzktZGQ4NjI3NzRhMDky
LzEvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwSHsMAwD
BADD03UDBAPD03AwDQYJKoZIhvcNAQELBQADggEBAKG+VGoxlkPJH8im4yoj14dG
eKY9yyOhb7R3Yb8wEN+N7ADYU+0b1skw/t6ry7OCRTznpK28xzfzfIDLX3vavAo3
6KhS9ZOWw4Wukfsvk6iwqOQHxGCWf8ewBN7CJbHIiv0+zcIUBz9L5D3L4PvpGire
oZiTFUy3XhK378BvMQJ1raGuWNQCb2fcZclbmqkL2s/WLxOq/SO2YEmLiPSCmGf3
SFfY3qZekthW7Di7UCtt6h2rooHe9fAKzuta/fYv7ojG8VBDHs8KPjQYHAhR3Hxq
mWRuu33hr4QPL3Timm1Hno//xQCyXfF1LV3ng/Ed7ouw11rTN+04nsm3jeNzOY0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:38 2025 by rpki-client