Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/GysfUH2MCfjA8nLdJEk_MWpeRaY.roa
File: GysfUH2MCfjA8nLdJEk_MWpeRaY.roa (raw, json)
Hash identifier: FTtF1KAkY5eA9jWzzhIkCpHcwIHK9I+CYjxuXsSKzrw=
Subject key identifier: 1B:2B:1F:50:7D:8C:09:F8:C0:F2:72:DD:24:49:3F:31:6A:5E:45:A6
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01942746EE3C92192C42E87D24731F77B394
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/GysfUH2MCfjA8nLdJEk_MWpeRaY.roa
Signing time: Thu 02 Jan 2025 13:49:07 +0000
ROA not before: Thu 02 Jan 2025 13:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21700
IP address blocks: 194.195.16.0/20 maxlen: 24
194.195.48.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:ee:3c:92:19:2c:42:e8:7d:24:73:1f:77:b3:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 13:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b2b1f507d8c09f8c0f272dd24493f316a5e45a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0d:df:1c:df:1a:5a:36:82:d2:25:85:34:97:
27:af:41:74:52:10:c9:14:ec:ec:52:76:99:e7:df:
5a:5b:16:07:55:90:2d:30:79:49:79:2a:fa:19:de:
72:52:12:fe:5e:89:78:25:5c:fc:88:7b:d8:ab:ae:
f3:0b:67:2e:a9:7c:ed:95:af:b4:de:0b:ec:86:90:
a3:1a:d9:f3:a7:8d:15:a1:cc:0f:71:87:89:ea:5e:
e1:25:04:9a:35:d7:79:ce:fa:e3:03:40:ec:e7:76:
64:33:8e:9c:87:c4:e7:32:e0:e8:79:53:ab:2c:20:
46:64:0a:0e:28:dc:f2:f3:3b:53:f3:32:c0:d7:6b:
95:12:39:cb:6f:e3:c6:fd:31:99:91:35:e6:21:29:
99:8a:0d:b5:28:cb:e7:95:86:a2:52:e2:05:fd:83:
79:bf:09:61:f5:b0:e2:af:2f:96:f6:86:35:cb:9e:
db:5a:a9:b5:62:1e:89:b0:64:03:af:9f:ea:0f:31:
b5:fe:dc:0c:7a:f1:c6:af:5e:83:e7:12:36:42:65:
6e:b2:64:5b:7b:05:84:82:4f:df:f9:88:27:b1:e6:
5b:9d:5e:02:9d:fc:12:17:1b:9e:4a:d0:88:ff:02:
77:19:de:81:31:16:bd:e0:2a:8f:4d:2e:37:b6:ba:
1b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:2B:1F:50:7D:8C:09:F8:C0:F2:72:DD:24:49:3F:31:6A:5E:45:A6
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/GysfUH2MCfjA8nLdJEk_MWpeRaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.16.0/20
194.195.48.0/20
Signature Algorithm: sha256WithRSAEncryption
58:cb:6b:9a:5c:d8:00:3d:8c:27:87:81:42:53:96:38:75:b4:
b8:72:f0:dc:1b:1b:4c:a1:fd:b6:b0:48:ca:74:32:85:6c:1e:
36:91:15:a2:76:cc:cc:94:bf:73:c0:3e:84:5b:32:66:d6:31:
9f:18:46:4e:bc:f0:78:24:c6:16:25:0c:02:4e:0e:45:47:b3:
41:ed:31:3c:24:bb:34:cd:5d:12:a5:cf:53:e7:5a:93:a7:52:
12:3e:83:29:ad:0d:1f:c7:05:02:bf:18:88:ef:b3:38:cd:13:
2b:0c:8b:83:e9:06:e1:4d:23:53:43:32:34:3a:b0:33:b5:0a:
0f:0e:65:c7:17:b5:41:37:98:41:48:85:f5:09:76:38:0d:bc:
bf:2a:f2:63:0a:7f:36:fa:6b:b2:bc:81:1f:3b:c4:1d:9f:23:
23:ad:d8:25:ee:ba:7f:d7:fc:ae:f8:00:f8:01:35:ca:78:10:
3c:46:c2:f2:fc:f2:26:a8:19:32:29:6c:50:60:a5:99:68:55:
9d:83:1a:b6:1a:e8:6f:22:0a:0b:33:d8:8e:4a:06:64:7b:d6:
e0:35:73:46:46:e2:b6:2c:98:25:f4:f2:59:e7:e3:5c:12:66:
fa:1b:48:21:b6:c9:96:09:e3:8c:3a:f8:fc:c9:1f:83:ca:84:
6a:eb:33:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnRu48khksQuh9JHMfd7OUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjUwMTAyMTM0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjJiMWY1MDdkOGMwOWY4YzBmMjcyZGQyNDQ5M2YzMTZhNWU0NWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+g3fHN8aWjaC0iWFNJcnr0F0UhDJ
FOzsUnaZ599aWxYHVZAtMHlJeSr6Gd5yUhL+Xol4JVz8iHvYq67zC2cuqXztla+0
3gvshpCjGtnzp40VocwPcYeJ6l7hJQSaNdd5zvrjA0Ds53ZkM46ch8TnMuDoeVOr
LCBGZAoOKNzy8ztT8zLA12uVEjnLb+PG/TGZkTXmISmZig21KMvnlYaiUuIF/YN5
vwlh9bDiry+W9oY1y57bWqm1Yh6JsGQDr5/qDzG1/twMevHGr16D5xI2QmVusmRb
ewWEgk/f+YgnseZbnV4CnfwSFxueStCI/wJ3Gd6BMRa94CqPTS43trob2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBsrH1B9jAn4wPJy3SRJPzFqXkWmMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvR3lzZlVIMk1DZmpBOG5MZEpFa19NV3BlUmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEwsMQAwQE
wsMwMA0GCSqGSIb3DQEBCwUAA4IBAQBYy2uaXNgAPYwnh4FCU5Y4dbS4cvDcGxtM
of22sEjKdDKFbB42kRWidszMlL9zwD6EWzJm1jGfGEZOvPB4JMYWJQwCTg5FR7NB
7TE8JLs0zV0Spc9T51qTp1ISPoMprQ0fxwUCvxiI77M4zRMrDIuD6QbhTSNTQzI0
OrAztQoPDmXHF7VBN5hBSIX1CXY4Dby/KvJjCn82+muyvIEfO8QdnyMjrdgl7rp/
1/yu+AD4ATXKeBA8RsLy/PImqBkyKWxQYKWZaFWdgxq2GuhvIgoLM9iOSgZke9bg
NXNGRuK2LJgl9PJZ5+NcEmb6G0ghtsmWCeOMOvj8yR+DyoRq6zMW
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:55 2025 by rpki-client