Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/SFuqJn2DzpiEwmJBsRfw9_GaM2E.roa
File: SFuqJn2DzpiEwmJBsRfw9_GaM2E.roa (raw, json)
Hash identifier: +vZ9yeoCyMalYsdF7K+e902XvcsekiSx1I5xtnBl3PU=
Subject key identifier: 48:5B:AA:26:7D:83:CE:98:84:C2:62:41:B1:17:F0:F7:F1:9A:33:61
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 0194236A3D2BBBCE50FC0CAA25026CA809A4
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/SFuqJn2DzpiEwmJBsRfw9_GaM2E.roa
Signing time: Wed 01 Jan 2025 19:49:12 +0000
ROA not before: Wed 01 Jan 2025 19:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47328
IP address blocks: 83.222.124.0/22 maxlen: 24
185.190.188.0/24 maxlen: 24
185.190.189.0/24 maxlen: 24
212.124.96.0/22 maxlen: 24
212.124.100.0/22 maxlen: 24
212.124.104.0/22 maxlen: 24
212.124.108.0/22 maxlen: 24
212.124.112.0/21 maxlen: 24
212.124.120.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3d:2b:bb:ce:50:fc:0c:aa:25:02:6c:a8:09:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 19:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=485baa267d83ce9884c26241b117f0f7f19a3361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f0:a6:ea:9e:92:8c:13:47:c9:f6:96:05:40:
c8:9a:3a:97:80:91:a1:7a:20:1e:2b:32:3f:72:67:
c2:86:f9:75:df:ae:cf:6f:a5:38:a6:65:d6:4f:35:
e0:c4:6b:b9:21:37:02:8e:fc:57:0b:93:1e:44:ca:
ef:db:5c:c4:8f:1d:f2:55:6c:de:1e:89:46:d6:26:
6e:7f:e3:c3:1d:43:29:b4:20:a0:8d:c3:60:80:13:
2c:26:0d:cf:13:03:b4:88:48:fc:0f:24:92:73:f3:
d7:3f:63:2a:89:bf:05:e2:9f:92:75:a9:de:af:76:
c1:78:58:33:39:e3:54:45:90:9d:b1:2a:24:58:36:
94:99:e6:14:2e:af:9c:9e:81:a4:18:f6:67:37:2f:
66:97:e1:88:c7:96:50:3c:41:7a:e7:e0:31:39:f7:
47:20:c1:06:79:0d:29:d2:88:3f:b5:85:65:ce:5f:
af:f9:04:45:11:c7:86:0f:28:71:99:41:ae:95:7a:
ab:bc:5a:70:03:d6:bc:0b:35:33:73:58:8b:92:4f:
9f:f2:b6:68:6f:1e:d6:27:a8:69:6f:16:07:3d:45:
55:f1:6f:d2:24:a6:f4:58:fb:a9:9f:03:fe:42:6e:
da:95:af:6b:f1:fa:29:ff:76:04:12:e8:4f:dc:a6:
25:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5B:AA:26:7D:83:CE:98:84:C2:62:41:B1:17:F0:F7:F1:9A:33:61
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/SFuqJn2DzpiEwmJBsRfw9_GaM2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.222.124.0/22
185.190.188.0/23
212.124.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1f:5e:86:7f:08:00:d6:95:14:83:6d:30:12:81:c1:f6:75:39:
f4:b7:1a:72:f3:ce:17:62:d4:0f:03:5f:57:2c:ad:5c:39:92:
af:72:91:f5:ee:bb:00:15:f4:35:95:d8:29:cc:2d:34:2f:72:
3d:3f:5c:39:84:33:e1:b7:16:c8:73:8e:79:16:3b:69:d7:08:
81:1a:df:f9:36:1b:4a:c5:df:d7:cc:25:1e:12:4e:81:af:d6:
fb:f2:48:b9:ef:ed:dd:45:ce:28:91:4d:15:47:a9:3a:53:f1:
c1:11:c4:11:66:f9:de:d4:92:67:c2:c1:e8:a2:6e:e4:78:8b:
a8:bc:4e:87:15:60:78:d1:7c:e2:38:88:13:0b:3c:9c:7a:cc:
88:cc:c6:9b:4f:76:e7:0a:3a:d4:20:02:18:9c:e8:22:c2:54:
03:70:a0:92:fd:00:ce:d9:7a:ef:a0:34:7e:4f:b8:18:c0:77:
5a:01:b7:de:be:1a:46:20:49:26:9e:c4:40:c9:ac:34:31:a3:
6a:da:52:a4:4d:47:ac:3f:14:3f:59:c5:e7:96:c0:3a:a2:b3:
90:c8:1c:19:84:ed:85:71:47:62:3e:cf:c8:19:47:2f:e9:c1:
28:e0:03:ee:4c:4b:1b:e1:23:55:ee:b0:39:c7:4d:ee:d0:88:
2a:fd:7e:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjaj0ru85Q/AyqJQJsqAmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjUwMTAxMTk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODViYWEyNjdkODNjZTk4ODRjMjYyNDFiMTE3ZjBmN2YxOWEzMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/Cm6p6SjBNHyfaWBUDImjqXgJGh
eiAeKzI/cmfChvl1367Pb6U4pmXWTzXgxGu5ITcCjvxXC5MeRMrv21zEjx3yVWze
HolG1iZuf+PDHUMptCCgjcNggBMsJg3PEwO0iEj8DySSc/PXP2Mqib8F4p+Sdane
r3bBeFgzOeNURZCdsSokWDaUmeYULq+cnoGkGPZnNy9ml+GIx5ZQPEF65+AxOfdH
IMEGeQ0p0og/tYVlzl+v+QRFEceGDyhxmUGulXqrvFpwA9a8CzUzc1iLkk+f8rZo
bx7WJ6hpbxYHPUVV8W/SJKb0WPupnwP+Qm7ala9r8fop/3YEEuhP3KYljQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEhbqiZ9g86YhMJiQbEX8PfxmjNhMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvU0Z1cUpuMkR6cGlFd21KQnNSZnc5X0dhTTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU958AwQB
ub68AwQF1HxgMA0GCSqGSIb3DQEBCwUAA4IBAQAfXoZ/CADWlRSDbTASgcH2dTn0
txpy884XYtQPA19XLK1cOZKvcpH17rsAFfQ1ldgpzC00L3I9P1w5hDPhtxbIc455
Fjtp1wiBGt/5NhtKxd/XzCUeEk6Br9b78ki57+3dRc4okU0VR6k6U/HBEcQRZvne
1JJnwsHoom7keIuovE6HFWB40XziOIgTCzycesyIzMabT3bnCjrUIAIYnOgiwlQD
cKCS/QDO2XrvoDR+T7gYwHdaAbfevhpGIEkmnsRAyaw0MaNq2lKkTUesPxQ/WcXn
lsA6orOQyBwZhO2FcUdiPs/IGUcv6cEo4APuTEsb4SNV7rA5x03u0Igq/X6a
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:06 2025 by rpki-client