Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/SPcGIGkkzQDmSeZ7dKXkZX_TMgQ.roa
File: SPcGIGkkzQDmSeZ7dKXkZX_TMgQ.roa (raw, json)
Hash identifier: rHVmlh8TGkwEc4idYqR8fskh8r3CxSQPC0McskOxXCc=
Subject key identifier: 48:F7:06:20:69:24:CD:00:E6:49:E6:7B:74:A5:E4:65:7F:D3:32:04
Certificate issuer: /CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Certificate serial: 01942068438271F05C75B43B13E52824B68D
Authority key identifier: 54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/SPcGIGkkzQDmSeZ7dKXkZX_TMgQ.roa
Signing time: Wed 01 Jan 2025 05:48:11 +0000
ROA not before: Wed 01 Jan 2025 05:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205005
IP address blocks: 185.2.144.0/23 maxlen: 23
185.121.208.0/22 maxlen: 22
2a00:1be7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:43:82:71:f0:5c:75:b4:3b:13:e5:28:24:b6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f2b9a759357682ac419b5c0211cc0e420252ba
Validity
Not Before: Jan 1 05:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48f706206924cd00e649e67b74a5e4657fd33204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:af:39:d8:b2:9e:62:ee:01:01:74:2a:3b:3a:
8b:f2:38:b5:aa:d1:60:9a:ff:0c:ab:0a:ee:2f:83:
d8:f3:67:16:ea:9e:f8:4e:f5:5c:39:80:0d:fc:35:
f6:09:e0:85:0d:e0:f7:72:8d:75:b0:10:1f:b2:26:
ac:e1:77:6a:12:4c:0e:fa:cd:d5:31:b5:87:11:87:
b1:cb:33:ff:42:26:92:fc:19:9a:18:42:cd:31:7a:
c7:a2:33:85:5f:cc:93:1c:e8:81:52:91:f8:3c:8e:
39:54:98:98:b6:76:a9:bc:c8:bf:7d:f2:b9:e5:7a:
2a:9d:4c:a1:40:f8:20:7b:b9:c0:07:88:23:88:3b:
34:fe:b6:4c:1f:bf:60:f8:4b:10:ff:a2:6e:66:d3:
85:90:07:40:4b:d2:1a:00:19:84:28:e6:c8:4e:29:
df:c2:ea:f5:b9:55:ae:3c:bb:76:8d:21:d3:13:7b:
c6:67:ab:40:7c:9e:12:ea:ac:a9:25:42:2e:8e:76:
ca:0d:a4:0c:d0:f5:12:1c:1a:ee:c3:43:2a:3b:43:
c4:9d:b5:cd:26:c2:fc:e4:4f:55:88:f2:0b:d7:cc:
17:df:b2:68:2e:30:4c:06:3f:8c:32:78:63:8e:bd:
a8:11:b9:24:84:46:d3:5e:77:e1:55:f9:3d:78:92:
42:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F7:06:20:69:24:CD:00:E6:49:E6:7B:74:A5:E4:65:7F:D3:32:04
X509v3 Authority Key Identifier:
keyid:54:F2:B9:A7:59:35:76:82:AC:41:9B:5C:02:11:CC:0E:42:02:52:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPK5p1k1doKsQZtcAhHMDkICUro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/SPcGIGkkzQDmSeZ7dKXkZX_TMgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/07489a-805e-4339-b43a-539da69774c8/1/VPK5p1k1doKsQZtcAhHMDkICUro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.144.0/23
185.121.208.0/22
IPv6:
2a00:1be7::/32
Signature Algorithm: sha256WithRSAEncryption
1e:16:10:b7:39:4b:d4:23:cc:13:b7:93:75:f2:30:56:c0:2f:
0d:b0:79:67:24:c0:66:70:04:17:5a:44:e9:9d:d9:ef:e7:b6:
df:9b:fb:e6:d0:1e:15:d4:37:31:53:91:a8:db:91:3e:7a:8c:
ef:9e:6a:d5:3e:fb:e7:01:73:19:ee:6d:ab:77:15:de:06:1e:
07:6f:bb:cb:21:a8:50:6d:e7:00:34:3e:4e:07:13:fd:18:55:
c9:9e:84:96:fb:8b:01:64:7b:5c:d2:3e:a6:fd:70:49:34:22:
23:32:a7:45:e3:b1:df:e5:d1:db:7d:c6:f5:22:9e:a4:a4:40:
cc:61:b1:8a:bc:dd:c7:18:5e:67:26:dd:1a:a5:b8:ab:19:a4:
a4:6e:62:4b:e9:0b:5b:48:22:c7:f0:3e:31:28:7e:84:12:e3:
66:7c:b9:de:4e:3f:5f:9d:c2:5e:8a:6a:9d:62:f6:b1:47:a4:
b7:04:f0:e8:0b:5a:72:ac:06:40:d0:30:fa:55:2a:68:49:74:
6d:3b:b5:fe:e2:c9:3b:dc:35:75:8c:d6:cd:59:53:76:7a:c5:
58:fc:fc:3b:ef:f6:e4:77:61:4d:86:78:a7:fe:15:12:25:cf:
e1:57:db:35:5a:f0:f4:07:86:8d:0a:81:d4:5b:6e:12:8f:af:
3f:47:7d:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgaEOCcfBcdbQ7E+UoJLaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZjJiOWE3NTkzNTc2ODJhYzQxOWI1YzAyMTFjYzBlNDIw
MjUyYmEwHhcNMjUwMTAxMDU0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGY3MDYyMDY5MjRjZDAwZTY0OWU2N2I3NGE1ZTQ2NTdmZDMzMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna852LKeYu4BAXQqOzqL8ji1qtFg
mv8MqwruL4PY82cW6p74TvVcOYAN/DX2CeCFDeD3co11sBAfsias4XdqEkwO+s3V
MbWHEYexyzP/QiaS/BmaGELNMXrHojOFX8yTHOiBUpH4PI45VJiYtnapvMi/ffK5
5XoqnUyhQPgge7nAB4gjiDs0/rZMH79g+EsQ/6JuZtOFkAdAS9IaABmEKObITinf
wur1uVWuPLt2jSHTE3vGZ6tAfJ4S6qypJUIujnbKDaQM0PUSHBruw0MqO0PEnbXN
JsL85E9ViPIL18wX37JoLjBMBj+MMnhjjr2oEbkkhEbTXnfhVfk9eJJCsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEj3BiBpJM0A5knme3Sl5GV/0zIEMB8GA1UdIwQY
MBaAFFTyuadZNXaCrEGbXAIRzA5CAlK6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2Et
NTM5ZGE2OTc3NGM4LzEvU1BjR0lHa2t6UURtU2VaN2RLWGtaWF9UTWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wNzQ4OWEtODA1ZS00MzM5LWI0M2EtNTM5ZGE2OTc3NGM4
LzEvVlBLNXAxazFkb0tzUVp0Y0FoSE1Ea0lDVXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuQKQAwQC
uXnQMA0EAgACMAcDBQAqABvnMA0GCSqGSIb3DQEBCwUAA4IBAQAeFhC3OUvUI8wT
t5N18jBWwC8NsHlnJMBmcAQXWkTpndnv57bfm/vm0B4V1DcxU5Go25E+eozvnmrV
PvvnAXMZ7m2rdxXeBh4Hb7vLIahQbecAND5OBxP9GFXJnoSW+4sBZHtc0j6m/XBJ
NCIjMqdF47Hf5dHbfcb1Ip6kpEDMYbGKvN3HGF5nJt0apbirGaSkbmJL6QtbSCLH
8D4xKH6EEuNmfLneTj9fncJeimqdYvaxR6S3BPDoC1pyrAZA0DD6VSpoSXRtO7X+
4sk73DV1jNbNWVN2esVY/Pw77/bkd2FNhnin/hUSJc/hV9s1WvD0B4aNCoHUW24S
j68/R31d
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:57:36 2025 by rpki-client