Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/sgdpYlOxDLoHYILXuTm3v3bYEzg.roa
File: sgdpYlOxDLoHYILXuTm3v3bYEzg.roa (raw, json)
Hash identifier: +/nmav0ZbVD1Gx6Gr8N5DlkIf+hFuj3oURKnEUjNOqw=
Subject key identifier: B2:07:69:62:53:B1:0C:BA:07:60:82:D7:B9:39:B7:BF:76:D8:13:38
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD5F474D1E0285935EEEBCBF77F222
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/sgdpYlOxDLoHYILXuTm3v3bYEzg.roa
Signing time: Thu 02 Jan 2025 07:49:09 +0000
ROA not before: Thu 02 Jan 2025 07:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62135
IP address blocks: 194.85.254.0/24 maxlen: 24
194.85.255.0/24 maxlen: 24
2a0c:a9c7:2::/48 maxlen: 48
2a0c:a9c7:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:5f:47:4d:1e:02:85:93:5e:ee:bc:bf:77:f2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b207696253b10cba076082d7b939b7bf76d81338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:a6:46:d5:c4:aa:d6:84:9f:62:59:84:c8:
a7:2b:15:df:27:77:24:2f:e4:8c:e3:2d:b3:7b:d4:
c0:6a:f8:02:60:a5:8e:fa:0c:0f:c7:f1:ff:a7:09:
22:80:a6:20:52:1e:80:f9:86:1a:05:c7:a9:88:b1:
cb:e8:df:2f:28:cf:0b:b1:d4:78:71:5a:ff:f9:17:
5e:2c:e9:49:6e:71:ec:66:1d:88:d7:6e:a1:c1:1b:
17:9c:bf:bd:77:1c:60:68:fe:f2:76:fa:f8:dd:44:
45:32:73:a8:ad:26:3b:93:77:4e:61:80:c7:a1:1a:
dd:ae:1e:b2:ba:20:97:79:00:6f:75:85:0b:81:72:
14:5c:23:b0:b5:1b:14:eb:73:32:92:31:61:6f:bc:
72:19:70:34:92:50:d9:b4:9a:12:2d:48:4c:34:da:
24:d7:b7:05:3e:48:48:1a:7b:1a:ed:6f:ca:19:b2:
33:3c:86:68:35:bd:b5:0d:f1:f8:5d:15:c0:9e:4a:
39:84:3e:7a:61:59:2b:a0:94:e9:24:12:bd:79:76:
93:7e:5c:16:8f:e5:08:83:16:58:3c:af:ba:90:0d:
89:d8:f3:da:40:a0:56:26:21:e5:bd:10:9e:ab:a8:
a6:a3:4b:66:73:bf:82:1c:18:c4:62:8c:73:19:12:
69:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:07:69:62:53:B1:0C:BA:07:60:82:D7:B9:39:B7:BF:76:D8:13:38
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/sgdpYlOxDLoHYILXuTm3v3bYEzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.254.0/23
IPv6:
2a0c:a9c7:2::/47
Signature Algorithm: sha256WithRSAEncryption
38:3c:53:4a:4e:b6:8c:af:58:6a:62:61:95:6d:33:e6:62:6f:
30:56:0a:87:54:38:14:fc:73:0f:32:ea:c6:0b:e0:4f:f6:59:
1b:65:31:c6:78:1c:0e:02:b3:87:22:e5:b7:26:0b:b1:a0:4c:
e8:bd:6c:e5:40:cc:be:c3:33:99:b3:f4:e3:0c:b9:c6:29:3f:
86:1b:35:10:50:19:ac:dc:44:cb:ec:29:6d:80:1c:f3:e6:9b:
73:bf:42:ae:7d:dd:0d:dd:55:38:b3:a2:1d:43:f4:61:68:e9:
13:20:f6:37:53:af:02:09:6d:cb:dd:14:86:6e:91:83:75:a2:
c4:81:5b:78:79:1a:c1:52:43:ca:03:36:86:9f:86:2c:a9:8a:
87:1a:c9:eb:7c:a2:f3:5e:42:4f:5e:41:2b:c6:dc:30:88:16:
c9:9f:82:fb:b6:5b:dc:ac:ac:ee:53:4d:08:99:0c:86:35:87:
03:75:d1:54:fd:57:72:57:27:85:ef:a4:9b:c0:7b:34:e1:ee:
db:b6:b2:48:57:0a:56:60:76:93:f7:de:d8:96:73:9b:c5:b6:
89:9c:88:1c:a5:e5:a6:62:3c:eb:17:12:b8:f5:56:db:61:89:
d1:76:62:ae:8d:ee:a5:14:42:59:5e:1e:b7:49:95:97:84:2b:
b6:c5:fd:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/V9HTR4ChZNe7ry/d/IiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA3Njk2MjUzYjEwY2JhMDc2MDgyZDdiOTM5YjdiZjc2ZDgxMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FmmRtXEqtaEn2JZhMinKxXfJ3ck
L+SM4y2ze9TAavgCYKWO+gwPx/H/pwkigKYgUh6A+YYaBcepiLHL6N8vKM8LsdR4
cVr/+RdeLOlJbnHsZh2I126hwRsXnL+9dxxgaP7ydvr43URFMnOorSY7k3dOYYDH
oRrdrh6yuiCXeQBvdYULgXIUXCOwtRsU63MykjFhb7xyGXA0klDZtJoSLUhMNNok
17cFPkhIGnsa7W/KGbIzPIZoNb21DfH4XRXAnko5hD56YVkroJTpJBK9eXaTflwW
j+UIgxZYPK+6kA2J2PPaQKBWJiHlvRCeq6imo0tmc7+CHBjEYoxzGRJprQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLIHaWJTsQy6B2CC17k5t7922BM4MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvc2dkcFlsT3hETG9IWUlMWHVUbTN2M2JZRXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwlX+MA8E
AgACMAkDBwEqDKnHAAIwDQYJKoZIhvcNAQELBQADggEBADg8U0pOtoyvWGpiYZVt
M+ZibzBWCodUOBT8cw8y6sYL4E/2WRtlMcZ4HA4Cs4ci5bcmC7GgTOi9bOVAzL7D
M5mz9OMMucYpP4YbNRBQGazcRMvsKW2AHPPmm3O/Qq593Q3dVTizoh1D9GFo6RMg
9jdTrwIJbcvdFIZukYN1osSBW3h5GsFSQ8oDNoafhiypiocayet8ovNeQk9eQSvG
3DCIFsmfgvu2W9ysrO5TTQiZDIY1hwN10VT9V3JXJ4XvpJvAezTh7tu2skhXClZg
dpP33tiWc5vFtomciByl5aZiPOsXErj1VtthidF2Yq6N7qUUQlleHrdJlZeEK7bF
/eE=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:54:15 2025 by rpki-client