Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/SGD9M6mEugHCxM7uV2PsXdJ2hNI.roa
File: SGD9M6mEugHCxM7uV2PsXdJ2hNI.roa (raw, json)
Hash identifier: LARKN5V/8dBxyk/X3NXKXQZvWRUhVkqxaNvzjumJGHs=
Subject key identifier: 48:60:FD:33:A9:84:BA:01:C2:C4:CE:EE:57:63:EC:5D:D2:76:84:D2
Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial: 0194206872B48D4C119A412E9F1E84EF7248
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/SGD9M6mEugHCxM7uV2PsXdJ2hNI.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213925
IP address blocks: 194.147.211.0/24 maxlen: 24
2a12:66c6::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:72:b4:8d:4c:11:9a:41:2e:9f:1e:84:ef:72:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4860fd33a984ba01c2c4ceee5763ec5dd27684d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e6:98:a9:34:bf:f4:4e:6e:49:c7:09:ab:0c:
b9:3e:19:cd:5d:67:ab:32:cf:ad:a5:a8:07:13:38:
0c:68:f2:7d:08:89:3f:32:03:7e:19:ab:9c:37:6e:
a0:f6:c4:c1:0a:00:62:83:06:94:ec:e8:48:de:fe:
42:c5:8f:4d:46:e7:ef:99:2c:db:42:e0:1e:f6:5b:
0e:f7:4c:53:1c:9d:29:c0:41:23:46:f9:34:a0:87:
89:a4:eb:f2:79:22:39:0d:66:eb:7c:d4:9d:f9:95:
74:62:1a:40:35:5b:d8:82:1c:dc:ec:78:94:ff:d6:
22:88:8c:ab:6a:ef:4d:d6:a1:e2:63:cb:a2:b9:e7:
ed:fe:4a:7a:f1:ca:db:f4:ba:c2:56:0c:38:53:fb:
64:1b:fc:0b:e7:86:48:a9:60:85:65:1d:f1:de:ba:
ec:b9:6a:b5:02:6f:8c:b9:27:49:60:b5:ae:49:c4:
65:52:3b:c0:18:bb:a4:c0:10:ae:d0:b5:85:4f:31:
c1:4f:c3:6a:ea:d1:a3:29:d5:5e:13:ad:ae:e0:c6:
59:ab:ef:1e:d2:0c:23:a6:62:8d:d3:21:c7:66:11:
4a:b5:61:2a:c9:c9:00:eb:28:93:7d:d9:98:af:84:
cf:42:94:81:58:35:07:25:0c:6c:04:95:4a:f5:45:
f7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:60:FD:33:A9:84:BA:01:C2:C4:CE:EE:57:63:EC:5D:D2:76:84:D2
X509v3 Authority Key Identifier:
keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/SGD9M6mEugHCxM7uV2PsXdJ2hNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.211.0/24
IPv6:
2a12:66c6::/32
Signature Algorithm: sha256WithRSAEncryption
39:cf:f8:fd:63:17:b0:21:08:2e:0e:2f:30:c9:c5:ae:8d:c2:
d9:99:3b:0e:f7:d3:1a:63:35:30:49:58:91:49:7b:d8:e1:74:
7b:d4:8a:ca:c3:aa:cc:7c:5e:a5:7e:82:52:16:70:8d:fc:80:
f6:eb:df:ba:81:9d:cc:8f:31:32:1f:ad:c4:09:5e:77:c7:21:
8c:36:37:2d:d7:31:f4:9a:b0:0d:89:91:e4:cf:12:1e:9d:5c:
5e:b2:f0:c0:73:f8:ce:4a:65:86:2e:67:5b:f9:ea:98:13:46:
f2:a5:c8:cb:cb:42:17:fb:47:13:c6:a1:2a:25:7e:78:4f:f5:
b0:d2:92:26:e4:b3:98:f2:61:8b:bc:3d:57:a3:61:6c:39:99:
82:50:c1:0b:98:3f:07:93:67:56:a1:2c:d4:cf:a1:fc:0e:e6:
9e:e6:94:b3:90:5b:80:a1:78:e8:1d:82:08:41:5d:a6:91:e7:
b5:97:cb:84:f3:e4:a9:c9:24:f8:e2:60:55:28:3e:24:c9:f2:
b6:96:a7:1f:b7:24:5e:52:f2:94:13:9e:5e:cf:0e:d6:b6:6c:
55:ef:6e:0f:fe:a2:d9:e7:69:6f:be:89:cd:28:f0:11:97:03:
44:d0:f8:b2:e7:40:47:55:ed:a8:20:a3:26:c9:31:46:32:4d:
e0:5c:76:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaHK0jUwRmkEunx6E73JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYwZmQzM2E5ODRiYTAxYzJjNGNlZWU1NzYzZWM1ZGQyNzY4NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+aYqTS/9E5uSccJqwy5PhnNXWer
Ms+tpagHEzgMaPJ9CIk/MgN+GaucN26g9sTBCgBigwaU7OhI3v5CxY9NRufvmSzb
QuAe9lsO90xTHJ0pwEEjRvk0oIeJpOvyeSI5DWbrfNSd+ZV0YhpANVvYghzc7HiU
/9YiiIyrau9N1qHiY8uiueft/kp68crb9LrCVgw4U/tkG/wL54ZIqWCFZR3x3rrs
uWq1Am+MuSdJYLWuScRlUjvAGLukwBCu0LWFTzHBT8Nq6tGjKdVeE62u4MZZq+8e
0gwjpmKN0yHHZhFKtWEqyckA6yiTfdmYr4TPQpSBWDUHJQxsBJVK9UX3zQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEhg/TOphLoBwsTO7ldj7F3SdoTSMB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvU0dEOU02bUV1Z0hDeE03dVYyUHNYZEoyaE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpPTMA0E
AgACMAcDBQAqEmbGMA0GCSqGSIb3DQEBCwUAA4IBAQA5z/j9YxewIQguDi8wycWu
jcLZmTsO99MaYzUwSViRSXvY4XR71IrKw6rMfF6lfoJSFnCN/ID269+6gZ3MjzEy
H63ECV53xyGMNjct1zH0mrANiZHkzxIenVxesvDAc/jOSmWGLmdb+eqYE0bypcjL
y0IX+0cTxqEqJX54T/Ww0pIm5LOY8mGLvD1Xo2FsOZmCUMELmD8Hk2dWoSzUz6H8
Duae5pSzkFuAoXjoHYIIQV2mkee1l8uE8+SpyST44mBVKD4kyfK2lqcftyReUvKU
E55ezw7WtmxV724P/qLZ52lvvonNKPARlwNE0Piy50BHVe2oIKMmyTFGMk3gXHYC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:09 2025 by rpki-client