Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/1SfNvqGgo1qML8I5aKV28i3iaWs.roa
File: 1SfNvqGgo1qML8I5aKV28i3iaWs.roa (raw, json)
Hash identifier: pMgk3yqfYUxUqHeyCSRb0WlafuNDjwlQN8z3HdRW4rk=
Subject key identifier: D5:27:CD:BE:A1:A0:A3:5A:8C:2F:C2:39:68:A5:76:F2:2D:E2:69:6B
Certificate issuer: /CN=102bc98d33270952534130afb4de696d8c340215
Certificate serial: 019425FC860A15A82607A583D19260FFBBB4
Authority key identifier: 10:2B:C9:8D:33:27:09:52:53:41:30:AF:B4:DE:69:6D:8C:34:02:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECvJjTMnCVJTQTCvtN5pbYw0AhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/1SfNvqGgo1qML8I5aKV28i3iaWs.roa
Signing time: Thu 02 Jan 2025 07:48:13 +0000
ROA not before: Thu 02 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49126
IP address blocks: 185.95.164.0/24 maxlen: 24
185.95.165.0/24 maxlen: 24
185.95.166.0/24 maxlen: 24
185.95.167.0/24 maxlen: 24
185.153.220.0/24 maxlen: 24
185.153.221.0/24 maxlen: 24
185.153.222.0/24 maxlen: 24
185.153.223.0/24 maxlen: 24
185.216.112.0/24 maxlen: 24
185.216.113.0/24 maxlen: 24
185.216.114.0/24 maxlen: 24
185.216.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:86:0a:15:a8:26:07:a5:83:d1:92:60:ff:bb:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=102bc98d33270952534130afb4de696d8c340215
Validity
Not Before: Jan 2 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d527cdbea1a0a35a8c2fc23968a576f22de2696b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d9:77:f7:cd:42:00:a9:74:07:73:6a:7e:ba:
a2:e6:d6:20:0b:81:8a:7e:1c:c3:ae:f4:9b:b9:5d:
24:ff:ed:57:16:38:47:b1:85:a8:87:47:fe:09:71:
c4:af:78:ad:36:fd:5a:4d:51:03:37:d9:e4:73:02:
7d:32:cd:c3:61:2d:55:8b:c3:4f:73:8c:c9:4c:62:
57:d2:69:ce:e0:e8:9c:e5:a2:f1:d6:b5:18:13:0e:
43:b6:a8:a0:d6:f2:aa:20:11:f1:84:89:92:84:1c:
c5:32:ed:78:13:8a:f4:64:db:49:87:49:91:d4:58:
03:df:67:19:f2:71:27:03:e7:fe:dd:cd:09:82:89:
54:4a:9e:7d:9b:b0:57:42:b2:26:08:c0:0f:a4:ce:
3a:62:30:47:39:a9:cd:09:3d:7c:66:b7:ff:e3:5a:
36:98:1b:a2:32:86:22:84:3d:b8:2f:53:c7:ff:1e:
8c:c9:b6:e4:6d:8f:86:00:92:f4:34:ba:41:52:96:
44:b1:4f:9a:6c:22:e3:51:c2:99:2f:5c:35:31:14:
af:5c:37:98:05:79:f8:2b:43:9e:bc:96:d0:87:94:
9d:16:84:0d:98:a1:85:75:67:e0:a1:0d:ae:5f:de:
fe:1c:49:aa:2e:5f:6a:39:e9:b1:d8:37:25:c5:ad:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:27:CD:BE:A1:A0:A3:5A:8C:2F:C2:39:68:A5:76:F2:2D:E2:69:6B
X509v3 Authority Key Identifier:
keyid:10:2B:C9:8D:33:27:09:52:53:41:30:AF:B4:DE:69:6D:8C:34:02:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECvJjTMnCVJTQTCvtN5pbYw0AhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/1SfNvqGgo1qML8I5aKV28i3iaWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/93c9d8-5183-407b-82d0-8ee5fa4331be/1/ECvJjTMnCVJTQTCvtN5pbYw0AhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.164.0/22
185.153.220.0/22
185.216.112.0/22
Signature Algorithm: sha256WithRSAEncryption
04:dd:e3:be:d6:b1:6b:43:15:e4:7d:52:a8:a0:2c:6c:aa:57:
e3:d0:89:8b:f1:78:13:73:6c:34:7e:ca:59:ff:4d:44:f7:7d:
30:94:57:9d:94:b9:2b:27:8f:31:b2:98:90:02:1f:f9:76:b3:
82:5e:01:9a:ba:57:80:ef:ee:54:0d:1a:14:bf:09:c1:58:1e:
5f:b3:f0:35:41:fd:0d:41:44:86:b3:36:9a:71:46:4f:49:7c:
7f:ab:fe:ad:9b:39:9f:0b:8c:60:8c:00:67:3e:49:7f:74:d2:
f0:1b:59:01:34:76:99:11:6f:38:08:99:e5:f4:51:6f:d0:f1:
ef:a2:1b:21:a1:0a:c6:c8:15:85:0a:a2:27:b6:35:62:71:5f:
4a:87:af:37:c8:c7:8f:16:12:46:f4:07:a8:f3:3f:bd:78:f0:
3a:8c:03:2a:b3:c0:64:79:ce:33:1c:e6:e9:12:74:e3:f3:96:
6e:95:c9:06:a1:2b:4a:89:30:f8:cc:e5:d5:51:e0:fd:7c:98:
88:89:6f:8d:87:12:50:57:07:35:6f:a4:de:b4:23:13:a1:63:
47:2b:95:15:da:29:43:13:f5:52:07:93:b0:b3:b7:0e:23:7c:
35:e9:6c:45:cf:ac:6e:7e:7c:82:55:46:66:96:d1:7c:87:76:
73:3b:20:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/IYKFagmB6WD0ZJg/7u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMmJjOThkMzMyNzA5NTI1MzQxMzBhZmI0ZGU2OTZkOGMz
NDAyMTUwHhcNMjUwMTAyMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI3Y2RiZWExYTBhMzVhOGMyZmMyMzk2OGE1NzZmMjJkZTI2OTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdl3981CAKl0B3Nqfrqi5tYgC4GK
fhzDrvSbuV0k/+1XFjhHsYWoh0f+CXHEr3itNv1aTVEDN9nkcwJ9Ms3DYS1Vi8NP
c4zJTGJX0mnO4Oic5aLx1rUYEw5Dtqig1vKqIBHxhImShBzFMu14E4r0ZNtJh0mR
1FgD32cZ8nEnA+f+3c0JgolUSp59m7BXQrImCMAPpM46YjBHOanNCT18Zrf/41o2
mBuiMoYihD24L1PH/x6MybbkbY+GAJL0NLpBUpZEsU+abCLjUcKZL1w1MRSvXDeY
BXn4K0OevJbQh5SdFoQNmKGFdWfgoQ2uX97+HEmqLl9qOemx2Dclxa3KDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNUnzb6hoKNajC/COWildvIt4mlrMB8GA1UdIwQY
MBaAFBAryY0zJwlSU0Ewr7TeaW2MNAIVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUN2SmpUTW5DVkpUUVRDdnRONXBiWXcwQWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS85M2M5ZDgtNTE4My00MDdiLTgyZDAt
OGVlNWZhNDMzMWJlLzEvMVNmTnZxR2dvMXFNTDhJNWFLVjI4aTNpYVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS85M2M5ZDgtNTE4My00MDdiLTgyZDAtOGVlNWZhNDMzMWJl
LzEvRUN2SmpUTW5DVkpUUVRDdnRONXBiWXcwQWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuV+kAwQC
uZncAwQCudhwMA0GCSqGSIb3DQEBCwUAA4IBAQAE3eO+1rFrQxXkfVKooCxsqlfj
0ImL8XgTc2w0fspZ/01E930wlFedlLkrJ48xspiQAh/5drOCXgGauleA7+5UDRoU
vwnBWB5fs/A1Qf0NQUSGszaacUZPSXx/q/6tmzmfC4xgjABnPkl/dNLwG1kBNHaZ
EW84CJnl9FFv0PHvohshoQrGyBWFCqIntjVicV9Kh683yMePFhJG9Aeo8z+9ePA6
jAMqs8Bkec4zHObpEnTj85ZulckGoStKiTD4zOXVUeD9fJiIiW+NhxJQVwc1b6Te
tCMToWNHK5UV2ilDE/VSB5Ows7cOI3w16WxFz6xufnyCVUZmltF8h3ZzOyDt
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:03:40 2025 by rpki-client