Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/2CUDnPzPHNqbCWKCZFVlFgWU_Ww.roa
File: 2CUDnPzPHNqbCWKCZFVlFgWU_Ww.roa (raw, json)
Hash identifier: bthC2bFYzQs+lVNqZxrhsxyhvDDeUXNWtR+Uh+f7dJw=
Subject key identifier: D8:25:03:9C:FC:CF:1C:DA:9B:09:62:82:64:55:65:16:05:94:FD:6C
Certificate issuer: /CN=1151a4811148f7d0598f5ff021dadd3a10e5f29c
Certificate serial: 01941F8C974BDBB713D24F5CC47DAAA30017
Authority key identifier: 11:51:A4:81:11:48:F7:D0:59:8F:5F:F0:21:DA:DD:3A:10:E5:F2:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EVGkgRFI99BZj1_wIdrdOhDl8pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/2CUDnPzPHNqbCWKCZFVlFgWU_Ww.roa
Signing time: Wed 01 Jan 2025 01:48:14 +0000
ROA not before: Wed 01 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207593
IP address blocks: 194.35.187.0/24 maxlen: 24
194.36.19.0/24 maxlen: 24
194.36.83.0/24 maxlen: 24
194.36.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:97:4b:db:b7:13:d2:4f:5c:c4:7d:aa:a3:00:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1151a4811148f7d0598f5ff021dadd3a10e5f29c
Validity
Not Before: Jan 1 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d825039cfccf1cda9b096282645565160594fd6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:10:99:96:9b:f4:64:55:28:0e:52:0f:cc:3b:
21:de:aa:e9:fc:da:1a:5d:2e:3c:2d:15:a4:a6:6a:
a4:5f:05:18:75:a1:42:a1:1a:e5:00:26:5a:77:5c:
a6:0c:f9:17:c4:cb:79:ec:46:c2:cc:0b:43:0e:a4:
d4:e2:dd:85:22:a5:b2:97:8d:0d:1a:08:d6:18:f7:
66:3e:da:bc:e6:0b:40:88:69:e4:3a:7d:26:30:0b:
df:9d:8f:53:a2:b2:0a:18:5f:a9:dd:59:15:c9:27:
8d:fe:7a:de:36:47:a4:51:8b:ae:1d:d4:32:61:6c:
ec:52:49:09:1c:bc:ca:ac:3a:5a:4e:7a:fe:01:85:
ef:53:a9:a9:dd:38:ce:3e:c0:6d:21:ca:5a:cd:43:
21:c0:e1:de:4d:25:53:32:d8:a1:6d:98:de:d9:a1:
99:e2:a8:de:61:89:c0:80:8f:01:69:9f:f8:83:99:
45:e3:46:b6:1b:12:88:19:e7:f5:ed:73:a9:f0:33:
d8:a0:69:fe:db:53:68:bb:8f:77:c4:b1:2c:ca:29:
10:a7:63:c2:6d:24:0f:12:2f:36:34:fa:5e:b4:db:
31:a1:76:89:ab:fc:71:40:82:3e:1f:d4:ba:42:b4:
14:53:36:4f:9a:60:68:29:23:92:e4:c9:61:2d:2d:
78:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:25:03:9C:FC:CF:1C:DA:9B:09:62:82:64:55:65:16:05:94:FD:6C
X509v3 Authority Key Identifier:
keyid:11:51:A4:81:11:48:F7:D0:59:8F:5F:F0:21:DA:DD:3A:10:E5:F2:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EVGkgRFI99BZj1_wIdrdOhDl8pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/2CUDnPzPHNqbCWKCZFVlFgWU_Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2d0dae-d2bc-49d1-8115-34cb9d5c9432/1/EVGkgRFI99BZj1_wIdrdOhDl8pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.187.0/24
194.36.19.0/24
194.36.83.0/24
194.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
94:48:8f:53:45:e2:36:ba:ae:c5:73:1d:7e:d4:bc:a0:64:89:
56:f4:f8:be:6f:cb:ae:73:d9:a5:17:e2:4f:3e:11:bb:9d:42:
85:ed:d0:9b:32:90:92:0d:0a:6a:e7:83:85:e0:fd:cf:55:8e:
67:81:30:f2:0c:c8:3f:02:a9:e2:3a:8c:9c:24:04:22:fc:f2:
0c:0a:10:bc:ec:bb:28:34:dd:e3:52:53:f5:69:e7:fb:5a:56:
6b:c0:3c:5d:e8:4d:9f:83:38:41:63:78:7d:a4:63:f9:1c:48:
7a:5a:ee:bc:01:a4:5e:63:22:38:d9:57:7b:9c:ad:20:f0:3c:
eb:f9:53:07:32:80:05:05:22:7d:0b:0b:74:b3:e8:81:0e:a5:
0b:95:33:eb:ec:92:c3:c1:97:79:1a:8e:8b:67:c8:04:92:87:
28:fd:fb:9d:0c:50:4d:a7:20:97:04:38:d0:ea:86:85:71:5e:
07:4a:48:24:03:bc:64:05:81:e3:44:4a:e3:58:10:a3:dc:af:
92:69:16:96:0f:33:3a:d9:27:3d:2e:b8:73:61:83:e8:12:2c:
b2:0e:b8:b5:3a:86:e7:45:32:a0:9b:81:9b:3d:11:06:62:67:
c0:0c:78:49:cd:9e:72:ec:83:98:52:2f:7c:83:47:7e:df:65:
b3:41:b6:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjJdL27cT0k9cxH2qowAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNTFhNDgxMTE0OGY3ZDA1OThmNWZmMDIxZGFkZDNhMTBl
NWYyOWMwHhcNMjUwMTAxMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI1MDM5Y2ZjY2YxY2RhOWIwOTYyODI2NDU1NjUxNjA1OTRmZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRCZlpv0ZFUoDlIPzDsh3qrp/Noa
XS48LRWkpmqkXwUYdaFCoRrlACZad1ymDPkXxMt57EbCzAtDDqTU4t2FIqWyl40N
GgjWGPdmPtq85gtAiGnkOn0mMAvfnY9TorIKGF+p3VkVySeN/nreNkekUYuuHdQy
YWzsUkkJHLzKrDpaTnr+AYXvU6mp3TjOPsBtIcpazUMhwOHeTSVTMtihbZje2aGZ
4qjeYYnAgI8BaZ/4g5lF40a2GxKIGef17XOp8DPYoGn+21Nou493xLEsyikQp2PC
bSQPEi82NPpetNsxoXaJq/xxQII+H9S6QrQUUzZPmmBoKSOS5MlhLS14xwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNglA5z8zxzamwligmRVZRYFlP1sMB8GA1UdIwQY
MBaAFBFRpIERSPfQWY9f8CHa3ToQ5fKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVZHa2dSRkk5OUJaajFfd0lkcmRPaERsOHB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZDBkYWUtZDJiYy00OWQxLTgxMTUt
MzRjYjlkNWM5NDMyLzEvMkNVRG5QelBITnFiQ1dLQ1pGVmxGZ1dVX1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZDBkYWUtZDJiYy00OWQxLTgxMTUtMzRjYjlkNWM5NDMy
LzEvRVZHa2dSRkk5OUJaajFfd0lkcmRPaERsOHB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwiO7AwQA
wiQTAwQAwiRTAwQAwiR4MA0GCSqGSIb3DQEBCwUAA4IBAQCUSI9TReI2uq7Fcx1+
1LygZIlW9Pi+b8uuc9mlF+JPPhG7nUKF7dCbMpCSDQpq54OF4P3PVY5ngTDyDMg/
AqniOoycJAQi/PIMChC87LsoNN3jUlP1aef7WlZrwDxd6E2fgzhBY3h9pGP5HEh6
Wu68AaReYyI42Vd7nK0g8Dzr+VMHMoAFBSJ9Cwt0s+iBDqULlTPr7JLDwZd5Go6L
Z8gEkoco/fudDFBNpyCXBDjQ6oaFcV4HSkgkA7xkBYHjRErjWBCj3K+SaRaWDzM6
2Sc9LrhzYYPoEiyyDri1OobnRTKgm4GbPREGYmfADHhJzZ5y7IOYUi98g0d+32Wz
QbZ/
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:20 2025 by rpki-client