Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SYJUJnaWldNU2YgvYIUVmDALJhs.roa
File: SYJUJnaWldNU2YgvYIUVmDALJhs.roa (raw, json)
Hash identifier: gwpLherQSi2HzWOcKDzz8rnNXYmyBS57Lky5eYM4GJw=
Subject key identifier: 49:82:54:26:76:96:95:D3:54:D9:88:2F:60:85:15:98:30:0B:26:1B
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FC7E9BBE183295432CEB51A210EC0
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SYJUJnaWldNU2YgvYIUVmDALJhs.roa
Signing time: Wed 01 Jan 2025 13:48:15 +0000
ROA not before: Wed 01 Jan 2025 13:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197848
IP address blocks: 78.133.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c7:e9:bb:e1:83:29:54:32:ce:b5:1a:21:0e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49825426769695d354d9882f60851598300b261b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d8:c8:90:04:de:02:20:12:cb:aa:d8:5d:5a:
5e:c0:78:34:f1:29:b6:cc:bf:15:97:22:ac:9c:c9:
ac:70:a7:5e:de:17:bd:77:51:be:70:70:c8:80:17:
2a:5a:90:41:30:75:b5:db:6f:33:44:dc:30:35:da:
66:46:0a:3a:bb:b6:9c:62:72:61:c4:73:dd:74:30:
82:86:15:34:95:7d:49:f7:c9:53:f1:fb:b4:a8:3a:
5c:ac:5c:47:d3:0f:2d:27:30:8d:dc:ea:95:3e:92:
93:1f:06:77:7c:b7:f7:b3:f4:11:ac:8d:40:bc:71:
2a:e6:2e:71:9a:d2:84:06:a5:6a:dd:50:23:2d:ce:
5d:bf:f9:3f:0e:a0:ae:9a:be:96:50:6d:7a:81:45:
a0:4b:72:24:24:50:83:09:f7:d4:55:71:3c:5b:b2:
4c:81:35:39:56:96:5b:27:bc:c0:ac:57:c0:4e:49:
6e:4a:c1:d4:6f:2f:7f:dd:1b:23:ee:12:67:52:86:
52:bf:37:79:9f:89:c8:48:6e:8d:f5:1b:f3:7f:28:
e3:97:17:9a:78:02:ee:6f:60:b8:02:33:9a:f6:3f:
c6:cb:dd:51:b7:4d:7c:be:31:e1:f2:c6:bf:f7:47:
6b:d7:30:24:26:44:9f:4c:5d:e4:bd:d1:89:ab:7e:
59:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:82:54:26:76:96:95:D3:54:D9:88:2F:60:85:15:98:30:0B:26:1B
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SYJUJnaWldNU2YgvYIUVmDALJhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.240.0/22
Signature Algorithm: sha256WithRSAEncryption
10:c6:b5:62:16:f7:d1:64:76:1c:a7:bd:00:0d:5b:9f:ec:d6:
2f:5a:79:b8:1d:0a:79:8e:37:2d:12:0d:ed:0d:6d:1c:44:2e:
a8:0d:bf:00:e7:50:da:d2:37:69:9b:a2:4b:0e:46:6d:c2:b4:
de:2a:45:ce:b4:3d:36:d8:59:84:8d:2f:27:4a:05:3c:d1:a6:
68:1e:3c:f6:d4:30:e2:ed:f4:7b:91:68:19:6d:c0:dd:72:f8:
e4:2b:26:0e:0a:41:e2:77:dd:ef:1f:52:a9:a0:ee:7c:62:6b:
ee:09:45:d3:4d:c5:1a:73:ed:a2:60:64:e9:c8:7f:d3:6f:7e:
c5:e6:38:31:8f:b7:4b:3a:0f:3a:c5:30:0c:3e:9f:ac:c2:01:
ae:81:d9:4a:e8:48:f8:bc:f4:b6:37:8f:0f:f0:51:07:ea:20:
55:7d:7d:c8:d2:85:c0:d9:ea:bc:cd:8b:ea:75:f7:43:84:d6:
61:19:e2:62:09:7f:43:21:7b:0b:99:13:fe:71:1b:ca:38:05:
70:28:4c:30:64:d6:ad:6c:0c:38:c5:fd:0b:40:02:dd:1c:01:
05:e4:df:80:98:b9:39:89:35:3f:8d:bd:db:79:39:27:c7:28:
05:0e:3d:8c:57:00:59:4b:cc:c7:90:7b:b3:0f:c4:6b:5b:32:
94:94:ed:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8fpu+GDKVQyzrUaIQ7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTgyNTQyNjc2OTY5NWQzNTRkOTg4MmY2MDg1MTU5ODMwMGIyNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdjIkATeAiASy6rYXVpewHg08Sm2
zL8VlyKsnMmscKde3he9d1G+cHDIgBcqWpBBMHW1228zRNwwNdpmRgo6u7acYnJh
xHPddDCChhU0lX1J98lT8fu0qDpcrFxH0w8tJzCN3OqVPpKTHwZ3fLf3s/QRrI1A
vHEq5i5xmtKEBqVq3VAjLc5dv/k/DqCumr6WUG16gUWgS3IkJFCDCffUVXE8W7JM
gTU5VpZbJ7zArFfATkluSsHUby9/3Rsj7hJnUoZSvzd5n4nISG6N9Rvzfyjjlxea
eALub2C4AjOa9j/Gy91Rt018vjHh8sa/90dr1zAkJkSfTF3kvdGJq35ZlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmCVCZ2lpXTVNmIL2CFFZgwCyYbMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvU1lKVUpuYVdsZE5VMllndllJVVZtREFMSmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCToXwMA0G
CSqGSIb3DQEBCwUAA4IBAQAQxrViFvfRZHYcp70ADVuf7NYvWnm4HQp5jjctEg3t
DW0cRC6oDb8A51Da0jdpm6JLDkZtwrTeKkXOtD022FmEjS8nSgU80aZoHjz21DDi
7fR7kWgZbcDdcvjkKyYOCkHid93vH1KpoO58YmvuCUXTTcUac+2iYGTpyH/Tb37F
5jgxj7dLOg86xTAMPp+swgGugdlK6Ej4vPS2N48P8FEH6iBVfX3I0oXA2eq8zYvq
dfdDhNZhGeJiCX9DIXsLmRP+cRvKOAVwKEwwZNatbAw4xf0LQALdHAEF5N+AmLk5
iTU/jb3beTknxygFDj2MVwBZS8zHkHuzD8RrWzKUlO0f
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:59 2025 by rpki-client