Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dffa1f-cf4a-4c90-b307-db36eea8307f/1/g4OghidcBHhG6H0ygzNjK0BOBQ4.roa
File: g4OghidcBHhG6H0ygzNjK0BOBQ4.roa (raw, json)
Hash identifier: yN/WoqH4d4SXT4k7UzUmKgAO2KnbhoqPw7tsWQrX0cU=
Subject key identifier: 83:83:A0:86:27:5C:04:78:46:E8:7D:32:83:33:63:2B:40:4E:05:0E
Certificate issuer: /CN=2dcd2c2c1411b46b18f70e677101ada11ccb5198
Certificate serial: 019536DFACE2D3803ED27047514928D07449
Authority key identifier: 2D:CD:2C:2C:14:11:B4:6B:18:F7:0E:67:71:01:AD:A1:1C:CB:51:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lc0sLBQRtGsY9w5ncQGtoRzLUZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/dffa1f-cf4a-4c90-b307-db36eea8307f/1/g4OghidcBHhG6H0ygzNjK0BOBQ4.roa
Signing time: Mon 24 Feb 2025 07:33:03 +0000
ROA not before: Mon 24 Feb 2025 07:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 37.252.192.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:36:df:ac:e2:d3:80:3e:d2:70:47:51:49:28:d0:74:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dcd2c2c1411b46b18f70e677101ada11ccb5198
Validity
Not Before: Feb 24 07:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8383a086275c047846e87d328333632b404e050e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8a:31:6f:7f:2e:55:60:c8:ca:92:2c:1f:5b:
6f:45:ad:a8:d5:f8:a1:43:d2:22:16:40:45:f9:87:
ed:1c:4e:80:c4:84:7f:2d:e7:5c:ef:bd:1d:2a:1a:
ad:ec:2a:f5:f3:ca:46:6b:a7:0e:e8:ec:af:d7:d6:
5d:55:0c:74:3c:1a:98:a8:73:84:ad:af:da:20:2b:
d4:98:a5:9d:14:4c:56:06:17:65:fd:5c:c2:77:57:
7f:53:cb:0d:37:88:23:19:99:04:7d:ae:3a:fd:de:
75:a1:e1:0a:5d:53:4f:d9:25:86:e5:01:7f:08:98:
c0:ef:21:eb:68:6d:48:ec:a3:be:61:44:95:46:82:
f5:e2:97:0a:94:04:dd:e1:e7:c1:c2:ba:b1:87:22:
44:e6:fd:71:c0:2d:96:ed:19:c9:46:e6:10:7f:a2:
e7:ca:41:f3:3a:ef:1d:18:b1:a2:a7:91:69:2b:93:
d0:fc:ee:d8:1d:83:8b:ee:73:3c:c9:b2:c3:91:27:
7b:1f:a4:e9:13:b0:2c:2a:ab:8a:38:ea:96:f5:c4:
f4:45:b5:a7:e2:ad:db:d5:90:51:df:f4:f9:ac:5c:
18:78:87:99:ee:f1:b9:99:ce:90:22:95:e7:67:82:
2a:cb:9a:b7:b3:e1:df:b4:33:58:7a:7d:dc:f9:d0:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:83:A0:86:27:5C:04:78:46:E8:7D:32:83:33:63:2B:40:4E:05:0E
X509v3 Authority Key Identifier:
keyid:2D:CD:2C:2C:14:11:B4:6B:18:F7:0E:67:71:01:AD:A1:1C:CB:51:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lc0sLBQRtGsY9w5ncQGtoRzLUZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dffa1f-cf4a-4c90-b307-db36eea8307f/1/g4OghidcBHhG6H0ygzNjK0BOBQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dffa1f-cf4a-4c90-b307-db36eea8307f/1/Lc0sLBQRtGsY9w5ncQGtoRzLUZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.192.0/21
Signature Algorithm: sha256WithRSAEncryption
81:ff:80:e3:20:e2:9e:43:e2:ef:d5:b6:28:b4:9d:b3:25:b9:
c7:54:fa:62:84:ad:80:81:d8:fd:53:d1:a6:9b:14:f9:15:63:
49:a5:c3:19:88:30:55:c4:cc:a0:f9:49:c9:f3:72:a0:1e:1e:
79:45:cd:9a:6d:ad:ef:45:45:8a:04:10:83:9a:83:15:6e:82:
28:1e:42:9a:18:aa:ec:f7:3c:4b:81:0b:cd:8d:2e:7f:15:c4:
50:b2:f8:81:da:53:60:59:5a:9e:72:cb:35:1d:6b:2b:e2:05:
08:2a:60:3f:3d:bf:9b:f9:bb:c2:3d:28:03:d8:4b:01:b5:f8:
c4:a3:07:ec:21:21:bf:e4:67:ed:12:1e:d0:e1:92:b1:4c:e5:
86:cd:a0:ac:8e:42:ac:fb:c8:64:30:46:eb:1a:47:a6:da:10:
13:9f:e4:a6:9c:95:5f:e0:e3:bb:b4:2b:f5:42:a8:76:02:2c:
12:cc:34:ca:6c:e4:2d:ea:fd:12:6b:af:ae:34:2e:63:b9:a9:
a2:1d:f7:f6:9b:73:f2:dd:dd:9f:53:c5:6e:85:6c:cb:5c:eb:
72:0f:44:d0:78:6e:fe:1a:62:32:a0:70:28:17:59:77:0e:84:
d8:90:4a:8d:e2:46:b4:93:7e:78:19:6b:6f:cb:dd:03:fc:15:
62:1d:1e:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU236zi04A+0nBHUUko0HRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkY2QyYzJjMTQxMWI0NmIxOGY3MGU2NzcxMDFhZGExMWNj
YjUxOTgwHhcNMjUwMjI0MDczMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzgzYTA4NjI3NWMwNDc4NDZlODdkMzI4MzMzNjMyYjQwNGUwNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYoxb38uVWDIypIsH1tvRa2o1fih
Q9IiFkBF+YftHE6AxIR/Ledc770dKhqt7Cr188pGa6cO6Oyv19ZdVQx0PBqYqHOE
ra/aICvUmKWdFExWBhdl/VzCd1d/U8sNN4gjGZkEfa46/d51oeEKXVNP2SWG5QF/
CJjA7yHraG1I7KO+YUSVRoL14pcKlATd4efBwrqxhyJE5v1xwC2W7RnJRuYQf6Ln
ykHzOu8dGLGip5FpK5PQ/O7YHYOL7nM8ybLDkSd7H6TpE7AsKquKOOqW9cT0RbWn
4q3b1ZBR3/T5rFwYeIeZ7vG5mc6QIpXnZ4Iqy5q3s+HftDNYen3c+dC9BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIODoIYnXAR4Ruh9MoMzYytATgUOMB8GA1UdIwQY
MBaAFC3NLCwUEbRrGPcOZ3EBraEcy1GYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGMwc0xCUVJ0R3NZOXc1bmNRR3RvUnpMVVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZmZhMWYtY2Y0YS00YzkwLWIzMDct
ZGIzNmVlYTgzMDdmLzEvZzRPZ2hpZGNCSGhHNkgweWd6TmpLMEJPQlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZmZhMWYtY2Y0YS00YzkwLWIzMDctZGIzNmVlYTgzMDdm
LzEvTGMwc0xCUVJ0R3NZOXc1bmNRR3RvUnpMVVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJfzAMA0G
CSqGSIb3DQEBCwUAA4IBAQCB/4DjIOKeQ+Lv1bYotJ2zJbnHVPpihK2Agdj9U9Gm
mxT5FWNJpcMZiDBVxMyg+UnJ83KgHh55Rc2aba3vRUWKBBCDmoMVboIoHkKaGKrs
9zxLgQvNjS5/FcRQsviB2lNgWVqecss1HWsr4gUIKmA/Pb+b+bvCPSgD2EsBtfjE
owfsISG/5GftEh7Q4ZKxTOWGzaCsjkKs+8hkMEbrGkem2hATn+SmnJVf4OO7tCv1
Qqh2AiwSzDTKbOQt6v0Sa6+uNC5juamiHff2m3Py3d2fU8VuhWzLXOtyD0TQeG7+
GmIyoHAoF1l3DoTYkEqN4ka0k354GWtvy90D/BViHR4M
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:08:55 2025 by rpki-client