Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/SVFExGqmN2rWr0pdHn2EBcXlt5k.roa
File: SVFExGqmN2rWr0pdHn2EBcXlt5k.roa (raw, json)
Hash identifier: YNeTDKYu1kVI5UITAgJVP4E8+UH/BHxBF+QWa3NBqu4=
Subject key identifier: 49:51:44:C4:6A:A6:37:6A:D6:AF:4A:5D:1E:7D:84:05:C5:E5:B7:99
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0194266B7C7340F881BE6EBAB55277666288
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/SVFExGqmN2rWr0pdHn2EBcXlt5k.roa
Signing time: Thu 02 Jan 2025 09:49:25 +0000
ROA not before: Thu 02 Jan 2025 09:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 185.220.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:7c:73:40:f8:81:be:6e:ba:b5:52:77:66:62:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 09:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=495144c46aa6376ad6af4a5d1e7d8405c5e5b799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:14:f7:a0:25:1f:32:78:58:7e:20:1f:68:55:
6a:77:05:38:cc:3e:46:0d:92:19:85:2b:fc:5e:49:
87:4b:bb:ce:56:e2:be:ec:4c:9b:d0:3b:e5:ce:7c:
9a:9c:28:01:e5:1e:c9:0f:48:43:69:46:81:a7:37:
1c:e7:17:6d:9f:79:27:1f:32:a3:ee:f1:fb:f2:3e:
a0:51:a4:b9:6a:e9:0a:42:16:fb:83:fb:0c:e9:d9:
d1:33:83:16:0a:5a:c5:24:42:ad:ae:b3:9e:65:b0:
67:10:43:1f:aa:3b:ef:a0:98:bd:d4:a3:fc:ff:83:
e3:64:ab:05:8a:5d:12:b5:d9:3c:45:5a:c8:33:e5:
77:04:bb:d6:a7:cd:04:70:59:96:35:7e:a0:9c:51:
de:d9:d3:16:0a:ce:a3:dc:4a:0f:4e:46:67:d8:90:
18:ed:24:ba:29:4c:e0:51:9b:59:a6:06:7f:ff:d9:
a2:0d:ec:3f:ad:45:20:23:c9:fc:83:82:05:eb:37:
3c:81:d0:1a:6c:4f:2a:dd:85:b0:94:8b:5f:c3:14:
90:77:59:c7:f8:d9:ea:7e:7e:b5:01:22:10:12:0c:
48:f1:2c:fd:04:4e:c5:64:9c:7e:73:38:4d:fa:b1:
a1:b2:d7:3f:c2:fa:7e:ed:68:23:8b:3b:86:12:9f:
e2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:51:44:C4:6A:A6:37:6A:D6:AF:4A:5D:1E:7D:84:05:C5:E5:B7:99
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/SVFExGqmN2rWr0pdHn2EBcXlt5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.196.0/24
Signature Algorithm: sha256WithRSAEncryption
04:d8:68:88:8b:6f:01:f6:73:6e:d2:52:15:1e:80:3f:10:c3:
ab:73:88:cc:b5:3c:54:95:37:ec:7d:a7:e2:f9:0f:ad:59:eb:
13:71:ff:b0:0b:f0:e4:32:12:62:19:06:9d:45:a6:3e:4d:08:
cb:e9:aa:32:e1:14:f8:e2:bc:4b:32:75:b1:3c:a4:7b:08:79:
d0:6b:87:06:ba:d9:1a:fc:91:27:a5:33:66:14:13:1e:91:0e:
55:10:40:72:b6:bf:4d:08:2e:f8:d1:66:8f:85:66:8c:48:34:
fd:f6:a2:12:56:15:1d:8c:62:2f:2d:48:22:02:54:93:a6:f6:
cb:ab:c8:a6:be:9b:3d:70:97:cb:2b:0a:04:c0:29:82:2f:5e:
31:cf:5c:77:4b:0f:07:94:88:27:17:2f:47:94:98:3d:1b:be:
be:3b:ee:b0:27:a4:57:4c:41:44:3f:7c:c1:81:e9:96:ef:33:
67:29:88:ef:ba:eb:3f:27:be:d7:8b:f9:7c:02:2b:2e:94:f5:
52:23:5c:db:f4:5a:eb:d6:5a:7b:e3:2b:0c:c3:fb:b1:83:2d:
3d:70:bc:b9:27:39:e8:a9:0a:37:6c:03:e1:1b:39:3e:b1:09:
48:83:d9:ef:d5:70:54:ef:d8:87:19:47:62:53:c4:c1:6b:4b:
73:7c:cf:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma3xzQPiBvm66tVJ3ZmKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMTAyMDk0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTUxNDRjNDZhYTYzNzZhZDZhZjRhNWQxZTdkODQwNWM1ZTViNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRT3oCUfMnhYfiAfaFVqdwU4zD5G
DZIZhSv8XkmHS7vOVuK+7Eyb0DvlznyanCgB5R7JD0hDaUaBpzcc5xdtn3knHzKj
7vH78j6gUaS5aukKQhb7g/sM6dnRM4MWClrFJEKtrrOeZbBnEEMfqjvvoJi91KP8
/4PjZKsFil0Stdk8RVrIM+V3BLvWp80EcFmWNX6gnFHe2dMWCs6j3EoPTkZn2JAY
7SS6KUzgUZtZpgZ//9miDew/rUUgI8n8g4IF6zc8gdAabE8q3YWwlItfwxSQd1nH
+Nnqfn61ASIQEgxI8Sz9BE7FZJx+czhN+rGhstc/wvp+7WgjizuGEp/i7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFElRRMRqpjdq1q9KXR59hAXF5beZMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvU1ZGRXhHcW1OMnJXcjBwZEhuMkVCY1hsdDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudzEMA0G
CSqGSIb3DQEBCwUAA4IBAQAE2GiIi28B9nNu0lIVHoA/EMOrc4jMtTxUlTfsfafi
+Q+tWesTcf+wC/DkMhJiGQadRaY+TQjL6aoy4RT44rxLMnWxPKR7CHnQa4cGutka
/JEnpTNmFBMekQ5VEEBytr9NCC740WaPhWaMSDT99qISVhUdjGIvLUgiAlSTpvbL
q8imvps9cJfLKwoEwCmCL14xz1x3Sw8HlIgnFy9HlJg9G76+O+6wJ6RXTEFEP3zB
gemW7zNnKYjvuus/J77Xi/l8AisulPVSI1zb9Frr1lp74ysMw/uxgy09cLy5Jzno
qQo3bAPhGzk+sQlIg9nv1XBU79iHGUdiU8TBa0tzfM+y
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:31:19 2025 by rpki-client