Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/ShfkVecVvyoW3_YQq7LwcMaYmQs.roa
File: ShfkVecVvyoW3_YQq7LwcMaYmQs.roa (raw, json)
Hash identifier: BoQNVikNhGTcu9edVXF4u7v7ipMyHbA4n2LulfglPKU=
Subject key identifier: 4A:17:E4:55:E7:15:BF:2A:16:DF:F6:10:AB:B2:F0:70:C6:98:99:0B
Certificate issuer: /CN=25fd5781576f3d4225af99453e93a92598527126
Certificate serial: 01942747D8DFA332B608901E291F64CCDC12
Authority key identifier: 25:FD:57:81:57:6F:3D:42:25:AF:99:45:3E:93:A9:25:98:52:71:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jf1XgVdvPUIlr5lFPpOpJZhScSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/ShfkVecVvyoW3_YQq7LwcMaYmQs.roa
Signing time: Thu 02 Jan 2025 13:50:07 +0000
ROA not before: Thu 02 Jan 2025 13:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208738
IP address blocks: 185.252.184.0/24 maxlen: 24
185.252.186.0/24 maxlen: 24
185.252.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d8:df:a3:32:b6:08:90:1e:29:1f:64:cc:dc:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25fd5781576f3d4225af99453e93a92598527126
Validity
Not Before: Jan 2 13:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a17e455e715bf2a16dff610abb2f070c698990b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1c:5d:66:49:6d:57:12:0f:14:1e:f9:27:e2:
47:e2:46:38:77:71:e5:19:9c:ed:df:23:44:5c:ae:
2c:de:a3:7b:93:d1:ac:ed:68:b9:b6:03:ce:47:8e:
8b:79:32:a9:b4:4e:d7:4c:4a:c8:7d:4b:d5:9b:cc:
ab:e2:b5:9a:82:60:f3:ec:64:47:83:81:11:a1:05:
06:78:53:ba:36:e5:75:59:1a:42:1c:58:7d:35:58:
03:5a:f8:fd:d7:3d:a8:6f:62:5a:2c:f6:ce:cd:79:
eb:f0:af:89:76:e3:6b:d0:53:f1:f5:b2:6d:da:cc:
9b:53:65:9d:f0:58:97:a6:d9:e9:a9:2f:6c:be:4c:
2e:1c:71:a8:be:41:36:4b:9f:bd:dc:da:cb:51:77:
08:79:10:e2:02:1f:7c:05:45:61:f2:20:a7:5e:d5:
4f:67:73:1e:b2:f2:ca:25:5e:d1:ad:5a:9c:17:58:
bc:ea:3a:22:fc:e5:d0:40:7e:65:34:76:17:f4:5d:
c1:77:89:32:df:89:7d:49:29:bc:19:9b:9e:e6:aa:
b3:cf:70:3b:1a:53:7a:c5:ac:b9:da:0e:dc:ff:4e:
92:70:e5:cf:5b:96:cf:36:b6:fc:4a:f9:64:12:21:
d7:cc:e9:24:c3:50:56:2d:07:26:2f:33:46:f0:7e:
74:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:17:E4:55:E7:15:BF:2A:16:DF:F6:10:AB:B2:F0:70:C6:98:99:0B
X509v3 Authority Key Identifier:
keyid:25:FD:57:81:57:6F:3D:42:25:AF:99:45:3E:93:A9:25:98:52:71:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jf1XgVdvPUIlr5lFPpOpJZhScSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/ShfkVecVvyoW3_YQq7LwcMaYmQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Jf1XgVdvPUIlr5lFPpOpJZhScSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.184.0/24
185.252.186.0/23
Signature Algorithm: sha256WithRSAEncryption
11:57:da:27:a5:47:e4:2a:de:6f:6a:17:02:d7:ce:50:2b:e4:
1a:08:86:51:54:1b:55:88:85:46:46:36:d0:dd:7a:ab:ec:7a:
bf:6c:e5:d4:b4:60:0c:22:bf:e3:e8:7d:0a:00:8f:f5:db:ca:
67:27:fe:e0:18:c7:ee:38:a7:93:f5:16:85:b9:25:e0:b9:dd:
a2:63:0c:6f:29:69:0c:7d:3a:b4:d0:ac:2d:4d:61:04:1e:19:
54:99:6b:e5:69:56:fa:14:20:fc:3f:fe:54:94:0e:f3:e3:98:
8e:d4:0a:c1:9c:c0:2b:66:09:68:46:10:f7:d2:20:71:d7:07:
73:e8:78:47:41:b0:e2:bb:b1:07:39:2c:c0:6a:58:62:67:97:
ca:b8:42:40:3e:c9:75:bd:c8:ab:a8:de:be:6f:94:38:76:1d:
a0:e7:ac:9e:e4:10:91:26:d2:8e:01:e5:dd:b5:f4:1c:8f:e5:
c3:0d:47:bc:45:bf:5c:cf:8a:fb:5a:3b:06:05:87:bf:b6:8b:
ef:60:17:4a:6d:56:9f:28:00:a7:6c:9a:b9:b7:51:a7:be:9a:
02:84:06:2e:d0:44:e9:9d:d4:fc:68:1f:8d:6c:97:00:07:12:
15:7a:8a:d0:e5:c6:e0:bf:be:9c:ef:1d:f9:04:1a:c9:8e:86:
7a:77:95:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR9jfozK2CJAeKR9kzNwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZmQ1NzgxNTc2ZjNkNDIyNWFmOTk0NTNlOTNhOTI1OTg1
MjcxMjYwHhcNMjUwMTAyMTM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE3ZTQ1NWU3MTViZjJhMTZkZmY2MTBhYmIyZjA3MGM2OTg5OTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhxdZkltVxIPFB75J+JH4kY4d3Hl
GZzt3yNEXK4s3qN7k9Gs7Wi5tgPOR46LeTKptE7XTErIfUvVm8yr4rWagmDz7GRH
g4ERoQUGeFO6NuV1WRpCHFh9NVgDWvj91z2ob2JaLPbOzXnr8K+JduNr0FPx9bJt
2sybU2Wd8FiXptnpqS9svkwuHHGovkE2S5+93NrLUXcIeRDiAh98BUVh8iCnXtVP
Z3MesvLKJV7RrVqcF1i86joi/OXQQH5lNHYX9F3Bd4ky34l9SSm8GZue5qqzz3A7
GlN6xay52g7c/06ScOXPW5bPNrb8SvlkEiHXzOkkw1BWLQcmLzNG8H50rwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEoX5FXnFb8qFt/2EKuy8HDGmJkLMB8GA1UdIwQY
MBaAFCX9V4FXbz1CJa+ZRT6TqSWYUnEmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmYxWGdWZHZQVUlscjVsRlBwT3BKWmhTY1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NDlkZGUtZTgxNC00ZmIyLTlmOWIt
NTk0ODNmYTA5ZmUxLzEvU2hma1ZlY1Z2eW9XM19ZUXE3THdjTWFZbVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NDlkZGUtZTgxNC00ZmIyLTlmOWItNTk0ODNmYTA5ZmUx
LzEvSmYxWGdWZHZQVUlscjVsRlBwT3BKWmhTY1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufy4AwQB
ufy6MA0GCSqGSIb3DQEBCwUAA4IBAQARV9onpUfkKt5vahcC185QK+QaCIZRVBtV
iIVGRjbQ3Xqr7Hq/bOXUtGAMIr/j6H0KAI/128pnJ/7gGMfuOKeT9RaFuSXgud2i
YwxvKWkMfTq00KwtTWEEHhlUmWvlaVb6FCD8P/5UlA7z45iO1ArBnMArZgloRhD3
0iBx1wdz6HhHQbDiu7EHOSzAalhiZ5fKuEJAPsl1vcirqN6+b5Q4dh2g56ye5BCR
JtKOAeXdtfQcj+XDDUe8Rb9cz4r7WjsGBYe/tovvYBdKbVafKACnbJq5t1GnvpoC
hAYu0ETpndT8aB+NbJcABxIVeorQ5cbgv76c7x35BBrJjoZ6d5VP
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:04:14 2025 by rpki-client