Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/A1zWJg2CJQGEvaPLRfXFaazQhvQ.roa
File: A1zWJg2CJQGEvaPLRfXFaazQhvQ.roa (raw, json)
Hash identifier: H7QCexlOgZLozacae12wwjeLVFVkOmdjOf3cI4BvWLk=
Subject key identifier: 03:5C:D6:26:0D:82:25:01:84:BD:A3:CB:45:F5:C5:69:AC:D0:86:F4
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD5F0F714106B22A653EED5EBC7985
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/A1zWJg2CJQGEvaPLRfXFaazQhvQ.roa
Signing time: Thu 02 Jan 2025 07:49:09 +0000
ROA not before: Thu 02 Jan 2025 07:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61378
IP address blocks: 194.226.182.0/24 maxlen: 24
195.19.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:5f:0f:71:41:06:b2:2a:65:3e:ed:5e:bc:79:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=035cd6260d82250184bda3cb45f5c569acd086f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:cc:46:5b:24:8b:3f:00:b4:18:2f:1c:8e:
f2:41:33:62:5d:3b:fb:4d:fe:42:2e:fc:5c:96:1b:
bb:81:1b:27:89:59:61:8f:a2:96:a6:67:97:0e:99:
8a:09:a5:00:0f:4d:54:57:06:f8:9b:48:f5:22:c1:
e4:48:e5:ab:2f:bc:84:99:55:9d:68:b2:8a:35:8f:
02:c4:df:5f:f1:89:74:03:08:1d:84:c5:1f:8e:8d:
91:dd:18:20:d6:40:d5:86:4f:03:e9:9b:81:5f:63:
fc:1a:ba:c0:fa:93:94:73:2f:63:2b:7e:8a:ba:20:
fd:b3:94:07:cb:61:75:58:a0:ba:1d:03:ef:30:e2:
99:2f:2a:56:c9:3a:3f:75:92:6d:98:65:18:42:23:
3e:29:90:57:4b:c2:f0:1e:d4:e2:b7:03:28:73:9d:
83:15:05:7a:2d:23:53:1f:df:6a:37:78:b1:23:e1:
8f:9e:84:d5:e2:fa:4a:82:17:0c:86:4f:cf:6e:de:
bd:fe:a5:71:cf:89:19:0a:3d:4d:0e:53:0a:93:8c:
38:be:80:35:61:6c:74:ba:88:2a:19:78:ce:79:88:
4d:f6:d0:31:05:37:34:31:9a:65:4d:e1:de:10:80:
e4:35:61:89:2e:05:14:1a:88:7b:0b:95:78:8f:6c:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5C:D6:26:0D:82:25:01:84:BD:A3:CB:45:F5:C5:69:AC:D0:86:F4
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/A1zWJg2CJQGEvaPLRfXFaazQhvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.226.182.0/24
195.19.193.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:ae:89:9f:a7:fe:24:18:8a:e3:d7:db:7c:cf:19:95:85:fc:
95:e6:38:5f:22:89:28:08:47:3b:be:8d:dc:83:1e:9f:de:82:
cf:73:51:9e:02:a3:f0:d1:ba:ff:33:18:92:49:07:81:58:2b:
c0:5e:2b:89:97:a5:6d:d4:15:1f:15:bd:f3:60:b2:d8:66:e7:
26:44:f2:11:03:33:23:e4:6c:62:5f:ed:d1:6d:76:47:d2:69:
20:3e:f5:2a:b8:ba:6e:88:0b:d9:cc:9d:26:d0:d9:29:7f:99:
32:a3:ad:43:bd:0c:d4:74:f9:0d:b8:90:bc:25:c8:36:d3:41:
8a:e1:8c:84:c2:2b:d4:e8:80:00:3c:e0:29:91:f5:a3:8e:9d:
19:26:0c:f2:a3:fe:ee:5c:4a:46:46:95:f5:8b:4c:7d:8a:5e:
82:6d:a1:d0:e5:d4:40:63:78:31:14:be:9a:a9:f6:47:8c:1a:
d9:b0:ad:00:b2:1f:ea:55:c6:90:b2:31:79:3f:c9:0b:8e:76:
8c:87:bb:fa:1f:11:4e:99:75:5b:7c:5b:22:c9:32:56:f3:b4:
73:9f:8b:b2:65:69:1a:5c:23:63:7d:ee:2a:5b:43:2c:c8:57:
d7:4b:15:c0:97:a2:3b:b7:bd:5f:ae:96:68:e1:2c:e2:49:0e:
9b:fb:82:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/V8PcUEGsiplPu1evHmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzVjZDYyNjBkODIyNTAxODRiZGEzY2I0NWY1YzU2OWFjZDA4NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqrMRlskiz8AtBgvHI7yQTNiXTv7
Tf5CLvxclhu7gRsniVlhj6KWpmeXDpmKCaUAD01UVwb4m0j1IsHkSOWrL7yEmVWd
aLKKNY8CxN9f8Yl0AwgdhMUfjo2R3Rgg1kDVhk8D6ZuBX2P8GrrA+pOUcy9jK36K
uiD9s5QHy2F1WKC6HQPvMOKZLypWyTo/dZJtmGUYQiM+KZBXS8LwHtTitwMoc52D
FQV6LSNTH99qN3ixI+GPnoTV4vpKghcMhk/Pbt69/qVxz4kZCj1NDlMKk4w4voA1
YWx0uogqGXjOeYhN9tAxBTc0MZplTeHeEIDkNWGJLgUUGoh7C5V4j2w0xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFANc1iYNgiUBhL2jy0X1xWms0Ib0MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvQTF6V0pnMkNKUUdFdmFQTFJmWEZhYXpRaHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwuK2AwQA
wxPBMA0GCSqGSIb3DQEBCwUAA4IBAQCuromfp/4kGIrj19t8zxmVhfyV5jhfIoko
CEc7vo3cgx6f3oLPc1GeAqPw0br/MxiSSQeBWCvAXiuJl6Vt1BUfFb3zYLLYZucm
RPIRAzMj5GxiX+3RbXZH0mkgPvUquLpuiAvZzJ0m0Nkpf5kyo61DvQzUdPkNuJC8
Jcg200GK4YyEwivU6IAAPOApkfWjjp0ZJgzyo/7uXEpGRpX1i0x9il6CbaHQ5dRA
Y3gxFL6aqfZHjBrZsK0Ash/qVcaQsjF5P8kLjnaMh7v6HxFOmXVbfFsiyTJW87Rz
n4uyZWkaXCNjfe4qW0MsyFfXSxXAl6I7t71frpZo4SziSQ6b+4J5
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:57:02 2025 by rpki-client