Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/SypHcS2TCeSzWsz9z2kBBl8vAYI.roa
File: SypHcS2TCeSzWsz9z2kBBl8vAYI.roa (raw, json)
Hash identifier: BOfV4yJp6FkVF9lKaxd4Gzr149eV94r4oonhHz+9iv4=
Subject key identifier: 4B:2A:47:71:2D:93:09:E4:B3:5A:CC:FD:CF:69:01:06:5F:2F:01:82
Certificate issuer: /CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Certificate serial: 019424B37B493CABE57E06808BF8513B0419
Authority key identifier: 6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/SypHcS2TCeSzWsz9z2kBBl8vAYI.roa
Signing time: Thu 02 Jan 2025 01:48:49 +0000
ROA not before: Thu 02 Jan 2025 01:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206701
IP address blocks: 194.0.139.0/24 maxlen: 24
194.0.141.0/24 maxlen: 24
194.0.159.0/24 maxlen: 24
194.0.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7b:49:3c:ab:e5:7e:06:80:8b:f8:51:3b:04:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f14b900eff610a4187f6fbd45e3b857d0896a00
Validity
Not Before: Jan 2 01:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b2a47712d9309e4b35accfdcf6901065f2f0182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ee:ff:65:2c:f1:cb:02:a3:a5:e3:a0:9b:8f:
94:73:f5:ed:eb:82:e6:3f:fd:7c:c5:4a:03:e3:6f:
76:45:0f:c7:d5:b2:d1:c0:47:b3:6c:66:dd:f3:d3:
9b:ba:1b:9c:75:cb:79:e4:de:90:0f:26:f3:9b:51:
ad:7d:e8:e3:d2:10:65:9e:e0:93:d2:93:9f:83:98:
15:b0:42:d3:bb:98:6e:32:38:9b:b8:0d:25:91:be:
95:f3:ce:f5:35:fd:09:d3:46:79:0e:41:7f:3b:e9:
02:83:b5:40:23:8d:8a:5e:86:c8:b5:a3:4f:9d:89:
d7:d9:3f:b7:e7:e1:39:67:0c:7b:b7:bf:0b:84:3e:
b2:da:5c:64:5b:09:8a:ff:7e:f4:b2:f6:7b:c8:34:
cb:60:6f:e1:2f:8e:9e:89:73:06:3c:19:0c:83:05:
07:31:7a:f2:38:02:b9:ec:5a:e7:99:d0:1d:d1:33:
93:53:f9:72:cc:c7:d4:ed:63:d7:75:a2:09:e3:ae:
0b:90:32:0a:47:4a:da:37:93:87:11:7e:92:48:83:
b5:ee:8d:b6:6e:2a:85:96:c0:7e:14:47:d2:0b:34:
8d:50:e9:ba:6b:cc:9d:98:a7:7e:24:2b:74:cc:64:
4d:4f:fb:61:46:8f:f9:ea:f5:5c:5b:0b:f8:44:9d:
cc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2A:47:71:2D:93:09:E4:B3:5A:CC:FD:CF:69:01:06:5F:2F:01:82
X509v3 Authority Key Identifier:
keyid:6F:14:B9:00:EF:F6:10:A4:18:7F:6F:BD:45:E3:B8:57:D0:89:6A:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxS5AO_2EKQYf2-9ReO4V9CJagA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/SypHcS2TCeSzWsz9z2kBBl8vAYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/7b1826-a6af-4704-8f85-5181a2f0d197/1/bxS5AO_2EKQYf2-9ReO4V9CJagA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.139.0/24
194.0.141.0/24
194.0.159.0/24
194.0.168.0/24
Signature Algorithm: sha256WithRSAEncryption
34:cb:e2:0c:26:01:cf:21:30:7e:59:fd:3a:ce:6d:c8:e9:7d:
a7:32:e0:a8:40:2e:ab:22:3d:d0:07:33:29:a2:cb:cf:92:53:
80:e3:8c:8e:b9:d5:42:92:86:a2:3a:ad:5c:3e:2a:43:8b:f6:
d2:71:b2:1c:c5:0a:6d:3d:e3:44:f6:7c:4f:a0:a4:b2:ec:3f:
04:1d:e3:4f:33:33:b4:49:9b:38:9e:33:6d:88:78:73:3c:67:
67:06:b1:ed:7f:36:fd:79:60:34:ae:87:ae:e7:41:df:b4:c6:
77:e1:7e:3c:76:20:52:f3:c4:f6:8a:6a:a5:80:7a:9d:89:70:
94:b6:d1:d0:89:e2:1a:bd:2f:a8:5f:6f:c0:11:fa:bd:cc:01:
95:58:66:6d:26:2c:50:d6:29:ff:6a:3c:fe:2f:13:ba:46:b7:
49:82:08:54:3b:49:fa:2a:ac:3a:b4:dd:ee:24:85:c4:93:e9:
64:a1:4e:78:6c:5d:a0:62:d4:59:67:34:1c:eb:01:b1:75:9e:
1c:d2:0e:4c:50:19:27:33:29:dc:e1:02:ac:c5:66:39:f5:62:
10:38:62:35:cf:6b:f9:d5:f1:46:0a:34:87:78:c2:e9:42:7e:
ed:05:45:6b:d6:4c:42:64:0f:02:3b:fe:52:ad:75:e1:54:e2:
43:10:73:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQks3tJPKvlfgaAi/hROwQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTRiOTAwZWZmNjEwYTQxODdmNmZiZDQ1ZTNiODU3ZDA4
OTZhMDAwHhcNMjUwMTAyMDE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjJhNDc3MTJkOTMwOWU0YjM1YWNjZmRjZjY5MDEwNjVmMmYwMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO7/ZSzxywKjpeOgm4+Uc/Xt64Lm
P/18xUoD4292RQ/H1bLRwEezbGbd89Obuhucdct55N6QDybzm1Gtfejj0hBlnuCT
0pOfg5gVsELTu5huMjibuA0lkb6V8871Nf0J00Z5DkF/O+kCg7VAI42KXobItaNP
nYnX2T+35+E5Zwx7t78LhD6y2lxkWwmK/370svZ7yDTLYG/hL46eiXMGPBkMgwUH
MXryOAK57FrnmdAd0TOTU/lyzMfU7WPXdaIJ464LkDIKR0raN5OHEX6SSIO17o22
biqFlsB+FEfSCzSNUOm6a8ydmKd+JCt0zGRNT/thRo/56vVcWwv4RJ3MawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEsqR3Etkwnks1rM/c9pAQZfLwGCMB8GA1UdIwQY
MBaAFG8UuQDv9hCkGH9vvUXjuFfQiWoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUt
NTE4MWEyZjBkMTk3LzEvU3lwSGNTMlRDZVN6V3N6OXoya0JCbDh2QVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS83YjE4MjYtYTZhZi00NzA0LThmODUtNTE4MWEyZjBkMTk3
LzEvYnhTNUFPXzJFS1FZZjItOVJlTzRWOUNKYWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwgCLAwQA
wgCNAwQAwgCfAwQAwgCoMA0GCSqGSIb3DQEBCwUAA4IBAQA0y+IMJgHPITB+Wf06
zm3I6X2nMuCoQC6rIj3QBzMposvPklOA44yOudVCkoaiOq1cPipDi/bScbIcxQpt
PeNE9nxPoKSy7D8EHeNPMzO0SZs4njNtiHhzPGdnBrHtfzb9eWA0roeu50HftMZ3
4X48diBS88T2imqlgHqdiXCUttHQieIavS+oX2/AEfq9zAGVWGZtJixQ1in/ajz+
LxO6RrdJgghUO0n6Kqw6tN3uJIXEk+lkoU54bF2gYtRZZzQc6wGxdZ4c0g5MUBkn
Mync4QKsxWY59WIQOGI1z2v51fFGCjSHeMLpQn7tBUVr1kxCZA8CO/5SrXXhVOJD
EHMu
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:34:55 2025 by rpki-client