Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/DSP2YiR4WzjHqSWGSS08rUQRgbE.roa
File: DSP2YiR4WzjHqSWGSS08rUQRgbE.roa (raw, json)
Hash identifier: wRqBcz801mLsMlnqTiS+wIo1U44VP4wBktKdtKLPifQ=
Subject key identifier: 0D:23:F6:62:24:78:5B:38:C7:A9:25:86:49:2D:3C:AD:44:11:81:B1
Certificate issuer: /CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Certificate serial: 01942747CC6C64DD9C838517234DCE40706A
Authority key identifier: C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/DSP2YiR4WzjHqSWGSS08rUQRgbE.roa
Signing time: Thu 02 Jan 2025 13:50:04 +0000
ROA not before: Thu 02 Jan 2025 13:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200486
IP address blocks: 185.156.204.0/22 maxlen: 24
185.156.205.0/24 maxlen: 24
194.5.100.0/22 maxlen: 24
2a07:a105::/32 maxlen: 32
2a07:a106::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:cc:6c:64:dd:9c:83:85:17:23:4d:ce:40:70:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Validity
Not Before: Jan 2 13:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d23f66224785b38c7a92586492d3cad441181b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7a:eb:ad:d5:e5:dd:4d:50:9d:f6:9d:26:0d:
95:bf:d2:58:6d:9d:48:e8:32:02:03:1c:d3:2f:4e:
f7:bb:2a:0a:ba:7a:8f:ed:16:27:04:ac:1d:1c:79:
05:68:d7:e6:52:9f:4d:81:ee:30:6d:70:ae:c3:36:
7a:07:ea:03:ce:21:6b:0a:01:5e:41:e5:ad:72:9b:
0b:b9:0b:69:77:93:52:93:94:17:53:3a:91:c4:7d:
96:64:18:18:23:eb:e5:3d:87:e7:36:8e:d6:1e:2f:
8b:29:78:b6:0c:0f:43:f7:00:42:d8:63:ae:81:e1:
a8:4a:e1:05:43:76:39:85:f7:a0:96:78:e9:8a:43:
38:5f:0a:32:ff:4a:f5:9a:b9:f9:7a:7c:d3:eb:d6:
d5:77:dc:c2:64:37:ee:d5:e5:6a:dd:28:96:1d:ab:
3d:21:dd:b3:46:c5:54:92:5d:f0:ef:eb:bf:28:bb:
03:8f:fd:43:00:d7:c3:1f:82:bf:72:a9:34:25:19:
63:72:29:e8:2b:89:a8:78:50:b0:65:4e:3b:4c:cc:
96:79:cb:e1:f6:bf:72:e7:24:17:87:31:94:2e:b4:
27:44:57:c2:ec:65:27:4a:eb:35:08:18:ea:60:be:
a2:6c:97:91:90:81:94:53:1e:c4:84:a1:42:c8:93:
ce:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:23:F6:62:24:78:5B:38:C7:A9:25:86:49:2D:3C:AD:44:11:81:B1
X509v3 Authority Key Identifier:
keyid:C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/DSP2YiR4WzjHqSWGSS08rUQRgbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.204.0/22
194.5.100.0/22
IPv6:
2a07:a105::-2a07:a106:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:59:07:b3:f4:da:94:43:21:c9:2e:5e:15:d1:2d:5f:ee:c7:
b8:97:9c:db:b6:65:f9:12:da:b4:ac:5d:52:bf:68:21:fc:7d:
79:ec:99:53:14:40:8f:2c:97:73:da:2d:65:10:af:1e:f2:6a:
89:6f:97:a7:55:f4:f8:8a:1d:6d:e2:31:55:d3:4b:3c:54:13:
dd:2c:46:91:97:da:1d:d9:55:2a:76:a7:f3:c1:1f:4a:c0:b6:
b7:0b:09:c4:2d:dc:a1:99:9a:8c:af:36:9e:c8:3e:9f:c8:d5:
54:9d:dd:7a:2f:5c:ca:97:3b:03:85:b8:74:75:42:18:bb:d2:
24:cf:b5:fa:c4:51:36:fa:3f:08:9f:fd:91:db:c3:0d:4f:f5:
c8:6d:a6:91:d9:5a:79:22:02:f0:13:45:a8:20:e5:27:bf:ac:
9d:15:6e:ec:9b:52:c1:d8:4b:96:cc:df:22:0e:eb:45:4b:68:
0e:d4:23:00:e2:0e:7a:4a:62:e5:2d:9c:8f:3b:81:2f:85:82:
7f:49:09:54:0e:f4:fa:d3:5c:7c:f2:ce:f3:16:76:9c:84:99:
05:44:a7:4b:ee:8c:9e:f0:94:c9:26:5c:4e:35:77:7c:57:af:
e4:31:d3:2b:7b:11:90:7a:12:6d:79:5c:ac:05:5e:3b:36:05:
cf:46:f0:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnR8xsZN2cg4UXI03OQHBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjI1OGNlMjAzZTA0YTMzZjRlOTA2NTExNTNiMjU5Y2Zm
YTNlODgwHhcNMjUwMTAyMTM1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIzZjY2MjI0Nzg1YjM4YzdhOTI1ODY0OTJkM2NhZDQ0MTE4MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3rrrdXl3U1QnfadJg2Vv9JYbZ1I
6DICAxzTL073uyoKunqP7RYnBKwdHHkFaNfmUp9Nge4wbXCuwzZ6B+oDziFrCgFe
QeWtcpsLuQtpd5NSk5QXUzqRxH2WZBgYI+vlPYfnNo7WHi+LKXi2DA9D9wBC2GOu
geGoSuEFQ3Y5hfeglnjpikM4Xwoy/0r1mrn5enzT69bVd9zCZDfu1eVq3SiWHas9
Id2zRsVUkl3w7+u/KLsDj/1DANfDH4K/cqk0JRljcinoK4moeFCwZU47TMyWecvh
9r9y5yQXhzGULrQnRFfC7GUnSus1CBjqYL6ibJeRkIGUUx7EhKFCyJPOVQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA0j9mIkeFs4x6klhkktPK1EEYGxMB8GA1UdIwQY
MBaAFMjyWM4gPgSjP06QZRFTslnP+j6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQt
NmM4OGJmYTdiNTVjLzEvRFNQMllpUjRXempIcVNXR1NTMDhyVVFSZ2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQtNmM4OGJmYTdiNTVj
LzEveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuZzMAwQC
wgVkMBYEAgACMBAwDgMFACoHoQUDBQAqB6EGMA0GCSqGSIb3DQEBCwUAA4IBAQCO
WQez9NqUQyHJLl4V0S1f7se4l5zbtmX5Etq0rF1Sv2gh/H157JlTFECPLJdz2i1l
EK8e8mqJb5enVfT4ih1t4jFV00s8VBPdLEaRl9od2VUqdqfzwR9KwLa3CwnELdyh
mZqMrzaeyD6fyNVUnd16L1zKlzsDhbh0dUIYu9Ikz7X6xFE2+j8In/2R28MNT/XI
baaR2Vp5IgLwE0WoIOUnv6ydFW7sm1LB2EuWzN8iDutFS2gO1CMA4g56SmLlLZyP
O4EvhYJ/SQlUDvT601x88s7zFnachJkFRKdL7oye8JTJJlxONXd8V6/kMdMrexGQ
ehJteVysBV47NgXPRvDM
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:54:12 2025 by rpki-client