Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2Gp-2TyYlBQZdoC7KBBkoBlEwx8.roa
File: 2Gp-2TyYlBQZdoC7KBBkoBlEwx8.roa (raw, json)
Hash identifier: E+YYltqW+3R2bXTGfo7oIBFpPiCumZYoMgtQX1B1EGE=
Subject key identifier: D8:6A:7E:D9:3C:98:94:14:19:76:80:BB:28:10:64:A0:19:44:C3:1F
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD62AD9222E457D7557FF1A8478ED2
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2Gp-2TyYlBQZdoC7KBBkoBlEwx8.roa
Signing time: Thu 02 Jan 2025 07:49:10 +0000
ROA not before: Thu 02 Jan 2025 07:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204272
IP address blocks: 194.190.196.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:62:ad:92:22:e4:57:d7:55:7f:f1:a8:47:8e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d86a7ed93c989414197680bb281064a01944c31f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:49:a9:d1:2d:61:77:20:a9:da:0d:12:9b:44:
78:21:f1:d9:e5:40:f7:1c:55:28:a5:72:2f:a2:77:
88:37:57:87:79:a3:0f:ec:00:6e:c3:bf:f4:8b:5c:
13:d6:71:1e:cd:a2:5d:c7:3d:d2:de:37:13:e3:2c:
6e:4c:55:38:46:4e:db:35:ed:01:ed:41:04:33:ad:
b3:a3:b0:38:c4:7c:83:0a:f7:c2:da:43:ae:88:8f:
ca:e0:38:56:fa:c0:b7:79:74:6d:a3:a1:71:25:a8:
41:5b:9f:5f:9a:43:32:a4:d8:08:d2:c0:36:a1:0a:
3c:89:11:bc:60:52:53:f6:8f:65:4e:00:bf:5b:4e:
e6:49:18:89:ef:f8:90:46:40:52:f3:d3:e8:cc:53:
ab:ea:62:27:a0:82:89:0f:3e:41:98:e0:ec:02:c2:
e1:56:0f:94:4e:80:19:76:00:ee:82:e8:e4:4c:fa:
2e:bc:f7:0e:68:fd:63:7e:4a:6d:7a:27:df:c1:0d:
0a:6c:69:87:48:b2:37:5a:bc:ec:a9:a0:ce:3f:03:
6a:1c:d3:f4:c1:04:3a:52:be:09:a1:61:db:6a:4f:
55:5b:4e:d9:69:7a:4d:a4:9b:d3:5f:20:33:fd:a9:
df:e2:0b:fc:f4:43:a6:8a:ef:a2:c5:b7:c1:6c:c6:
8b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6A:7E:D9:3C:98:94:14:19:76:80:BB:28:10:64:A0:19:44:C3:1F
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2Gp-2TyYlBQZdoC7KBBkoBlEwx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.190.196.0/22
Signature Algorithm: sha256WithRSAEncryption
39:71:58:ec:b1:9e:4c:a5:78:76:16:c1:ee:f6:14:b6:f3:6e:
e2:ce:15:5b:78:35:d1:9e:2d:0d:26:34:84:18:5a:40:84:7f:
11:23:f5:ce:ee:c2:bd:1a:e6:b4:3e:51:7f:9b:f0:43:09:63:
3d:27:26:0c:ec:e5:a8:04:56:27:ac:75:dc:09:6c:78:81:fd:
ec:2e:6d:4a:a5:33:4a:1e:bb:73:39:b2:04:6f:2a:e0:08:0a:
8a:2a:8a:13:66:92:3d:5d:23:aa:c5:7b:e8:9f:1a:2d:5c:a0:
bd:d1:d9:ac:1c:92:c8:a3:1c:55:43:e6:a1:9b:7e:44:b6:2f:
bd:c6:1e:41:0b:29:7d:5e:f7:79:76:15:65:4a:b0:ce:bb:63:
67:b9:59:b2:fb:4e:12:7f:3f:2c:1f:45:4a:6a:5f:3d:4b:e1:
c3:31:67:2f:28:64:dd:1f:6e:0c:9a:d4:3b:2b:b9:f9:fb:16:
5b:ba:35:72:fc:bd:a4:b3:57:56:dc:6a:7a:15:88:e5:a0:89:
28:5c:9d:b0:9a:7b:78:b4:80:32:fc:50:53:20:f6:24:2a:3b:
e8:62:a4:dd:20:50:fd:6b:fa:43:57:b0:23:fa:e6:25:22:3a:
6e:0c:ce:8f:3b:2b:50:10:be:35:6e:f4:65:e7:94:05:71:1d:
d4:aa:04:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/WKtkiLkV9dVf/GoR47SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZhN2VkOTNjOTg5NDE0MTk3NjgwYmIyODEwNjRhMDE5NDRjMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ump0S1hdyCp2g0Sm0R4IfHZ5UD3
HFUopXIvoneIN1eHeaMP7ABuw7/0i1wT1nEezaJdxz3S3jcT4yxuTFU4Rk7bNe0B
7UEEM62zo7A4xHyDCvfC2kOuiI/K4DhW+sC3eXRto6FxJahBW59fmkMypNgI0sA2
oQo8iRG8YFJT9o9lTgC/W07mSRiJ7/iQRkBS89PozFOr6mInoIKJDz5BmODsAsLh
Vg+UToAZdgDugujkTPouvPcOaP1jfkpteiffwQ0KbGmHSLI3WrzsqaDOPwNqHNP0
wQQ6Ur4JoWHbak9VW07ZaXpNpJvTXyAz/anf4gv89EOmiu+ixbfBbMaLbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhqftk8mJQUGXaAuygQZKAZRMMfMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvMkdwLTJUeVlsQlFaZG9DN0tCQmtvQmxFd3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwr7EMA0G
CSqGSIb3DQEBCwUAA4IBAQA5cVjssZ5MpXh2FsHu9hS2827izhVbeDXRni0NJjSE
GFpAhH8RI/XO7sK9Gua0PlF/m/BDCWM9JyYM7OWoBFYnrHXcCWx4gf3sLm1KpTNK
HrtzObIEbyrgCAqKKooTZpI9XSOqxXvonxotXKC90dmsHJLIoxxVQ+ahm35Eti+9
xh5BCyl9Xvd5dhVlSrDOu2NnuVmy+04Sfz8sH0VKal89S+HDMWcvKGTdH24MmtQ7
K7n5+xZbujVy/L2ks1dW3Gp6FYjloIkoXJ2wmnt4tIAy/FBTIPYkKjvoYqTdIFD9
a/pDV7Aj+uYlIjpuDM6POytQEL41bvRl55QFcR3UqgQ/
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:54:14 2025 by rpki-client