Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/SYVN9bD-D6g-q6PSw1lAmEmBCdM.roa
File: SYVN9bD-D6g-q6PSw1lAmEmBCdM.roa (raw, json)
Hash identifier: 8y9eU7Dyp9dbN8gBD3TP0Dw1DJ4qk7nK7iHI24q9eEI=
Subject key identifier: 49:85:4D:F5:B0:FE:0F:A8:3E:AB:A3:D2:C3:59:40:98:49:81:09:D3
Certificate issuer: /CN=a1479239d443985876b0859d33b1a0e7114d1a20
Certificate serial: 01894402A59CEFF4CD2F12A9433796DA5C1B
Authority key identifier: A1:47:92:39:D4:43:98:58:76:B0:85:9D:33:B1:A0:E7:11:4D:1A:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oUeSOdRDmFh2sIWdM7Gg5xFNGiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/SYVN9bD-D6g-q6PSw1lAmEmBCdM.roa
Signing time: Tue 11 Jul 2023 08:12:51 +0000
ROA not before: Tue 11 Jul 2023 08:12:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34993
IP address blocks: 193.25.122.0/23 maxlen: 23
185.57.148.0/22 maxlen: 22
37.148.252.0/22 maxlen: 22
141.98.220.0/22 maxlen: 22
193.25.168.0/23 maxlen: 23
89.248.208.0/24 maxlen: 24
89.248.210.0/23 maxlen: 23
185.151.188.0/22 maxlen: 22
2a0a:1580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:02:a5:9c:ef:f4:cd:2f:12:a9:43:37:96:da:5c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1479239d443985876b0859d33b1a0e7114d1a20
Validity
Not Before: Jul 11 08:12:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49854df5b0fe0fa83eaba3d2c3594098498109d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ff:b3:07:53:ad:b1:63:1a:28:d6:23:c5:e4:
2f:d9:fc:51:06:15:c0:dc:5e:9f:2b:40:0b:35:16:
40:b0:95:7b:a5:1e:15:06:fd:c6:91:c6:fd:45:58:
c6:70:b3:fc:ae:5b:e5:08:90:e6:db:f8:d9:14:bb:
27:e9:76:96:7f:74:cb:68:0d:0d:2c:63:9e:15:85:
1c:66:fd:93:5f:d6:d6:cd:f3:31:9f:07:e8:3b:7f:
a2:0d:2d:97:5d:b4:5d:bb:58:95:00:66:26:b1:32:
ea:2a:e9:ec:f6:d5:fa:da:2c:df:73:b4:a5:d2:aa:
39:60:7c:87:45:26:46:02:78:53:a2:98:84:65:89:
c6:31:1c:58:5a:d1:4f:f3:ab:ed:ec:8f:19:ff:1b:
56:2d:4a:37:aa:6d:17:f2:6b:50:03:52:ab:ad:12:
96:9d:81:4e:32:ba:f6:fc:0b:8a:1a:51:2e:02:ec:
ad:27:33:32:15:af:97:ec:c0:09:97:86:36:66:31:
89:f0:d4:58:f7:96:ec:bf:88:4a:20:c9:13:87:73:
f9:1d:1c:42:7f:1d:43:c2:70:da:da:2b:87:ca:cf:
93:2b:9f:b1:6b:4a:4a:28:09:39:f7:e3:ba:f7:21:
d1:de:04:42:2e:23:5b:14:90:7d:b1:2f:cf:38:db:
ef:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:85:4D:F5:B0:FE:0F:A8:3E:AB:A3:D2:C3:59:40:98:49:81:09:D3
X509v3 Authority Key Identifier:
keyid:A1:47:92:39:D4:43:98:58:76:B0:85:9D:33:B1:A0:E7:11:4D:1A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUeSOdRDmFh2sIWdM7Gg5xFNGiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/SYVN9bD-D6g-q6PSw1lAmEmBCdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/oUeSOdRDmFh2sIWdM7Gg5xFNGiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.252.0/22
89.248.208.0/24
89.248.210.0/23
141.98.220.0/22
185.57.148.0/22
185.151.188.0/22
193.25.122.0/23
193.25.168.0/23
IPv6:
2a0a:1580::/29
Signature Algorithm: sha256WithRSAEncryption
66:d5:e4:8f:42:5e:28:3f:2d:37:fd:7b:72:43:69:94:07:a8:
99:d3:a1:09:54:52:1e:81:92:b0:3a:7d:42:d1:1e:f0:52:06:
5e:b3:ba:2e:32:2f:5a:72:df:dc:9d:52:33:3b:f2:28:f0:64:
4d:04:7c:96:4a:d1:01:03:6a:af:fd:ab:86:b2:04:cb:e2:a2:
d4:5d:90:af:ad:f7:1f:ce:92:49:2e:7b:b3:64:de:36:f1:c2:
de:d6:f0:b9:74:b7:b6:4a:43:b6:08:28:9c:07:df:32:ad:00:
31:94:45:1b:90:cc:52:87:c4:27:92:73:98:79:32:87:ab:12:
27:25:5e:69:0e:75:90:10:8b:e7:ab:b5:20:e0:4f:e5:cb:de:
00:a3:b2:fe:7f:26:1c:11:c5:29:28:fa:82:91:4d:49:94:35:
06:a9:bf:53:95:e4:e7:76:e2:38:b1:8d:9e:18:84:21:7b:b9:
a7:e0:4f:4b:96:b3:d7:6a:a8:f5:06:56:0b:9f:35:06:51:b2:
2a:35:11:bf:0c:8a:a3:34:24:f0:d3:8a:52:84:3e:13:1b:8a:
31:72:30:12:f4:60:a6:80:d8:af:64:46:95:5f:d8:a9:7e:53:
d6:74:63:24:2d:7e:d5:df:90:7b:fa:d8:c1:a6:db:d3:f5:65:
37:8d:00:e8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYlEAqWc7/TNLxKpQzeW2lwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDc5MjM5ZDQ0Mzk4NTg3NmIwODU5ZDMzYjFhMGU3MTE0
ZDFhMjAwHhcNMjMwNzExMDgxMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTg1NGRmNWIwZmUwZmE4M2VhYmEzZDJjMzU5NDA5ODQ5ODEwOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/+zB1OtsWMaKNYjxeQv2fxRBhXA
3F6fK0ALNRZAsJV7pR4VBv3Gkcb9RVjGcLP8rlvlCJDm2/jZFLsn6XaWf3TLaA0N
LGOeFYUcZv2TX9bWzfMxnwfoO3+iDS2XXbRdu1iVAGYmsTLqKuns9tX62izfc7Sl
0qo5YHyHRSZGAnhTopiEZYnGMRxYWtFP86vt7I8Z/xtWLUo3qm0X8mtQA1KrrRKW
nYFOMrr2/AuKGlEuAuytJzMyFa+X7MAJl4Y2ZjGJ8NRY95bsv4hKIMkTh3P5HRxC
fx1DwnDa2iuHys+TK5+xa0pKKAk59+O69yHR3gRCLiNbFJB9sS/PONvvnwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEmFTfWw/g+oPquj0sNZQJhJgQnTMB8GA1UdIwQY
MBaAFKFHkjnUQ5hYdrCFnTOxoOcRTRogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VlU09kUkRtRmgyc0lXZE03R2c1eEZOR2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iNjY2ZTQtYjQwNS00YzA3LWJiODkt
NTllYWE4NjcwZmZhLzEvU1lWTjliRC1ENmctcTZQU3cxbEFtRW1CQ2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iNjY2ZTQtYjQwNS00YzA3LWJiODktNTllYWE4NjcwZmZh
LzEvb1VlU09kUkRtRmgyc0lXZE03R2c1eEZOR2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCJZT8AwQA
WfjQAwQBWfjSAwQCjWLcAwQCuTmUAwQCuZe8AwQBwRl6AwQBwRmoMA0EAgACMAcD
BQMqChWAMA0GCSqGSIb3DQEBCwUAA4IBAQBm1eSPQl4oPy03/XtyQ2mUB6iZ06EJ
VFIegZKwOn1C0R7wUgZes7ouMi9act/cnVIzO/Io8GRNBHyWStEBA2qv/auGsgTL
4qLUXZCvrfcfzpJJLnuzZN428cLe1vC5dLe2SkO2CCicB98yrQAxlEUbkMxSh8Qn
knOYeTKHqxInJV5pDnWQEIvnq7Ug4E/ly94Ao7L+fyYcEcUpKPqCkU1JlDUGqb9T
leTnduI4sY2eGIQhe7mn4E9LlrPXaqj1BlYLnzUGUbIqNRG/DIqjNCTw04pShD4T
G4oxcjAS9GCmgNivZEaVX9ipflPWdGMkLX7V35B7+tjBptvT9WU3jQDo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:42 2025 by rpki-client