Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/0dU4nqEloVTcpEFXy475oUdUoRM.roa
File: 0dU4nqEloVTcpEFXy475oUdUoRM.roa (raw, json)
Hash identifier: +4pYEKPa/Azd7C288MxT6V8nhRo2gQ9C9f/LKpJ2E7E=
Subject key identifier: D1:D5:38:9E:A1:25:A1:54:DC:A4:41:57:CB:8E:F9:A1:47:54:A1:13
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B29FF7475094D0B0E4E2B611863234
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/0dU4nqEloVTcpEFXy475oUdUoRM.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397242
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9f:f7:47:50:94:d0:b0:e4:e2:b6:11:86:32:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1d5389ea125a154dca44157cb8ef9a14754a113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e6:17:e5:21:91:70:ac:d1:7c:37:a8:2b:7a:
24:f4:ae:99:c4:c7:47:d1:ee:48:6c:99:84:64:03:
4e:71:62:7e:4f:78:df:25:02:7f:7b:5b:fe:0f:8e:
cb:b8:f4:d1:3f:ec:9b:1a:17:e9:38:3c:e5:b2:c4:
56:56:cb:96:c3:17:91:8a:da:f4:48:cc:94:e4:a1:
df:1a:0f:f8:1d:bf:9c:3c:04:ef:17:00:71:83:d1:
9e:17:3c:71:05:46:24:f9:13:f0:91:31:41:fc:4f:
dd:37:b2:25:b7:19:b3:f5:84:0a:fa:a4:06:2c:62:
62:82:5d:6f:8f:10:30:ad:00:85:3a:c6:23:15:6b:
fc:8c:4f:1e:44:d8:bc:60:1a:d4:e8:4a:77:24:44:
51:19:fb:d4:8a:e6:75:3d:71:6d:e9:f0:21:f5:ed:
2e:fd:10:2b:98:e0:7a:51:f4:24:c2:18:3a:9c:75:
50:d0:4a:1e:81:64:0b:18:c6:a4:08:38:21:a5:0e:
9d:23:3e:c4:8d:a9:63:ac:fb:ac:ff:67:d2:98:fe:
ea:bc:6a:d1:85:2a:95:63:12:8a:4b:66:5f:10:24:
4a:26:ce:67:31:8e:ec:de:be:0d:51:5b:61:01:83:
0b:fb:bc:7b:bf:73:15:0d:4e:a6:07:3a:78:f9:e2:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D5:38:9E:A1:25:A1:54:DC:A4:41:57:CB:8E:F9:A1:47:54:A1:13
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/0dU4nqEloVTcpEFXy475oUdUoRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:17:ea:59:f5:c3:56:9a:c1:fc:21:68:88:82:e9:9a:dc:ed:
97:08:7f:fc:79:c9:08:cc:bf:89:f7:00:52:85:e8:73:53:3a:
13:8e:5a:44:02:91:3e:2c:57:98:1b:f9:fa:af:38:95:fb:8f:
07:39:fc:a5:c5:d8:a3:c9:aa:02:4f:75:bf:9b:45:99:28:a1:
17:e4:bd:3d:04:46:9a:ce:3e:d4:b9:c9:64:0a:86:0a:27:a4:
be:57:07:9a:7c:b5:55:c5:5a:1f:81:cf:4e:75:de:26:4a:bb:
33:29:6f:31:03:df:24:72:d1:86:59:b7:a6:ed:da:72:71:8f:
11:57:1b:ce:df:b9:7b:eb:a9:84:8f:b9:65:03:ac:6e:e8:9e:
9c:c2:2a:63:df:52:64:6f:c5:86:7d:cd:d9:f0:a0:31:7c:37:
be:3f:65:f0:0c:ba:35:8a:5d:eb:35:fe:c8:03:b8:a0:9b:1f:
78:2d:3a:ae:bf:7c:17:18:6c:94:8c:d6:7d:c0:25:3c:11:8a:
b9:04:99:22:40:06:18:0c:56:63:8b:df:e0:4b:2d:13:ff:74:
c2:34:4b:a0:36:73:72:eb:2d:56:e1:b4:2e:0e:91:d5:0d:86:
65:b2:73:94:dc:2c:88:29:3e:74:b9:26:0b:9c:53:27:ab:10:
85:ea:3c:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksp/3R1CU0LDk4rYRhjI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQ1Mzg5ZWExMjVhMTU0ZGNhNDQxNTdjYjhlZjlhMTQ3NTRhMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+YX5SGRcKzRfDeoK3ok9K6ZxMdH
0e5IbJmEZANOcWJ+T3jfJQJ/e1v+D47LuPTRP+ybGhfpODzlssRWVsuWwxeRitr0
SMyU5KHfGg/4Hb+cPATvFwBxg9GeFzxxBUYk+RPwkTFB/E/dN7Iltxmz9YQK+qQG
LGJigl1vjxAwrQCFOsYjFWv8jE8eRNi8YBrU6Ep3JERRGfvUiuZ1PXFt6fAh9e0u
/RArmOB6UfQkwhg6nHVQ0EoegWQLGMakCDghpQ6dIz7EjaljrPus/2fSmP7qvGrR
hSqVYxKKS2ZfECRKJs5nMY7s3r4NUVthAYML+7x7v3MVDU6mBzp4+eJHFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNHVOJ6hJaFU3KRBV8uO+aFHVKETMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvMGRVNG5xRWxvVlRjcEVGWHk0NzVvVWRVb1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBaF+pZ9cNWmsH8IWiI
guma3O2XCH/8eckIzL+J9wBShehzUzoTjlpEApE+LFeYG/n6rziV+48HOfylxdij
yaoCT3W/m0WZKKEX5L09BEaazj7UuclkCoYKJ6S+VweafLVVxVofgc9Odd4mSrsz
KW8xA98kctGGWbem7dpycY8RVxvO37l766mEj7llA6xu6J6cwipj31Jkb8WGfc3Z
8KAxfDe+P2XwDLo1il3rNf7IA7igmx94LTquv3wXGGyUjNZ9wCU8EYq5BJkiQAYY
DFZji9/gSy0T/3TCNEugNnNy6y1W4bQuDpHVDYZlsnOU3CyIKT50uSYLnFMnqxCF
6jxH
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:59:26 2025 by rpki-client