Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/d-gD_stjAzo445PqKWpkeuPKi48.roa
File: d-gD_stjAzo445PqKWpkeuPKi48.roa (raw, json)
Hash identifier: N9NpLKhmhDQnk+b+LZB+ZZNehcKI5fvIIHeixBGutWI=
Subject key identifier: 77:E8:03:FE:CB:63:03:3A:38:E3:93:EA:29:6A:64:7A:E3:CA:8B:8F
Certificate issuer: /CN=974e35ec2180daebd1bf3dd44403a9e0bfcb56ca
Certificate serial: 0195A82FF4F5AD193DE88020BEC06ACDDDA6
Authority key identifier: 97:4E:35:EC:21:80:DA:EB:D1:BF:3D:D4:44:03:A9:E0:BF:CB:56:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0417CGA2uvRvz3URAOp4L_LVso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/d-gD_stjAzo445PqKWpkeuPKi48.roa
Signing time: Tue 18 Mar 2025 07:37:49 +0000
ROA not before: Tue 18 Mar 2025 07:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 194.39.242.0/24 maxlen: 24
2a0c:dd00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:2f:f4:f5:ad:19:3d:e8:80:20:be:c0:6a:cd:dd:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=974e35ec2180daebd1bf3dd44403a9e0bfcb56ca
Validity
Not Before: Mar 18 07:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77e803fecb63033a38e393ea296a647ae3ca8b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b3:11:24:ce:c5:7d:81:6a:28:3b:8a:dd:50:
3b:26:c7:0b:fd:86:bf:df:bd:91:18:64:a4:a9:c9:
65:fe:8f:2d:04:a6:15:84:98:51:b2:32:08:aa:28:
17:e9:0d:8e:0e:be:26:91:4b:4b:49:f5:72:5a:e0:
ec:58:5b:a8:c3:0a:47:65:36:1d:e1:52:12:ad:f3:
09:76:ee:3a:4b:2a:1e:d1:d6:a0:d2:08:cc:72:1f:
e0:0e:cb:90:f3:de:f0:f6:35:36:9a:99:7d:f0:26:
cd:a6:6b:9c:1c:3d:a6:50:97:26:74:4d:56:d6:68:
f1:61:1e:4a:db:70:4b:df:89:c5:39:0c:32:11:ae:
6f:da:40:e9:79:08:6e:a9:c1:c3:b6:f0:40:82:65:
77:c7:7c:37:5f:80:0a:ae:26:8e:ba:57:d8:2f:41:
8a:46:f8:9c:f3:7e:b1:08:85:e7:78:e3:27:ba:2a:
76:16:0f:46:da:b7:0c:57:17:86:85:f3:1e:5b:c1:
f1:90:41:2a:13:80:4b:f6:04:66:dd:04:37:d1:c2:
a8:ac:36:8b:6d:34:82:7e:79:78:c8:31:4e:ff:4d:
c8:48:14:0a:80:27:2d:96:ac:72:86:2a:69:77:07:
95:c5:6b:f2:05:4c:90:ee:c8:62:e4:12:db:f1:e0:
45:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E8:03:FE:CB:63:03:3A:38:E3:93:EA:29:6A:64:7A:E3:CA:8B:8F
X509v3 Authority Key Identifier:
keyid:97:4E:35:EC:21:80:DA:EB:D1:BF:3D:D4:44:03:A9:E0:BF:CB:56:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0417CGA2uvRvz3URAOp4L_LVso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/d-gD_stjAzo445PqKWpkeuPKi48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/df4a0a-c33d-4e0e-b15e-cdf4c6b424e1/1/l0417CGA2uvRvz3URAOp4L_LVso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.242.0/24
IPv6:
2a0c:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
00:6c:db:d1:94:f1:a1:5c:fd:79:5f:7f:6e:09:95:65:de:a6:
22:48:b7:4a:e2:3b:0c:b0:be:94:4b:be:8f:21:a4:5c:79:38:
35:a3:6c:7d:64:12:74:2f:3f:b9:bd:77:77:00:88:02:bd:68:
68:1a:0f:d1:16:7c:28:42:d9:4c:1b:f7:00:db:64:d8:81:b7:
e7:3e:a7:10:89:07:97:77:e5:b5:bc:f8:3f:e1:c0:ae:a3:ff:
65:7b:8d:1b:33:8f:9f:da:82:cc:ac:ff:a7:96:29:76:44:2c:
ea:d6:88:ad:a5:2c:44:d1:d6:f1:9e:34:2f:26:63:91:15:ea:
ac:5a:60:db:c9:6e:f5:1d:6a:35:dd:6f:a9:b9:0d:8e:0c:9c:
3c:f6:af:04:ef:10:99:bd:49:9b:a1:d6:ab:29:9b:22:a2:53:
ad:f8:f4:ad:86:67:61:42:21:3e:68:4c:64:fa:d3:ac:61:d3:
73:ed:e1:18:e3:60:c5:85:5c:f8:57:d0:a4:ae:2d:57:67:68:
9a:8a:bc:83:1f:54:d9:65:de:bb:4f:50:1f:85:22:86:57:d6:
80:65:05:13:47:ed:23:97:71:09:ac:b2:eb:cd:4f:34:1d:99:
fc:cc:aa:f0:00:4c:4b:00:89:81:ed:91:af:d6:3d:7e:67:6c:
78:ee:5f:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWoL/T1rRk96IAgvsBqzd2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NGUzNWVjMjE4MGRhZWJkMWJmM2RkNDQ0MDNhOWUwYmZj
YjU2Y2EwHhcNMjUwMzE4MDczNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U4MDNmZWNiNjMwMzNhMzhlMzkzZWEyOTZhNjQ3YWUzY2E4YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLMRJM7FfYFqKDuK3VA7JscL/Ya/
372RGGSkqcll/o8tBKYVhJhRsjIIqigX6Q2ODr4mkUtLSfVyWuDsWFuowwpHZTYd
4VISrfMJdu46Syoe0dag0gjMch/gDsuQ897w9jU2mpl98CbNpmucHD2mUJcmdE1W
1mjxYR5K23BL34nFOQwyEa5v2kDpeQhuqcHDtvBAgmV3x3w3X4AKriaOulfYL0GK
Rvic836xCIXneOMnuip2Fg9G2rcMVxeGhfMeW8HxkEEqE4BL9gRm3QQ30cKorDaL
bTSCfnl4yDFO/03ISBQKgCctlqxyhippdweVxWvyBUyQ7shi5BLb8eBF1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHfoA/7LYwM6OOOT6ilqZHrjyouPMB8GA1UdIwQY
MBaAFJdONewhgNrr0b891EQDqeC/y1bKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDA0MTdDR0EydXZSdnozVVJBT3A0TF9MVnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZjRhMGEtYzMzZC00ZTBlLWIxNWUt
Y2RmNGM2YjQyNGUxLzEvZC1nRF9zdGpBem80NDVQcUtXcGtldVBLaTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZjRhMGEtYzMzZC00ZTBlLWIxNWUtY2RmNGM2YjQyNGUx
LzEvbDA0MTdDR0EydXZSdnozVVJBT3A0TF9MVnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwifyMA0E
AgACMAcDBQMqDN0AMA0GCSqGSIb3DQEBCwUAA4IBAQAAbNvRlPGhXP15X39uCZVl
3qYiSLdK4jsMsL6US76PIaRceTg1o2x9ZBJ0Lz+5vXd3AIgCvWhoGg/RFnwoQtlM
G/cA22TYgbfnPqcQiQeXd+W1vPg/4cCuo/9le40bM4+f2oLMrP+nlil2RCzq1oit
pSxE0dbxnjQvJmORFeqsWmDbyW71HWo13W+puQ2ODJw89q8E7xCZvUmbodarKZsi
olOt+PSthmdhQiE+aExk+tOsYdNz7eEY42DFhVz4V9Ckri1XZ2iairyDH1TZZd67
T1AfhSKGV9aAZQUTR+0jl3EJrLLrzU80HZn8zKrwAExLAImB7ZGv1j1+Z2x47l+4
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:44 2025 by rpki-client