Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/u7EsYGE7_Br9Pi0maEFcgUPmVYA.roa
File: u7EsYGE7_Br9Pi0maEFcgUPmVYA.roa (raw, json)
Hash identifier: g2rJ0inefleIDtrAszaJpkFIJ5kUgtlZu4harJVJyZU=
Subject key identifier: BB:B1:2C:60:61:3B:FC:1A:FD:3E:2D:26:68:41:5C:81:43:E6:55:80
Certificate issuer: /CN=df1e2d4bd362b62b8045021dc350b120e5530265
Certificate serial: 0196F8A8819F72317DF4E4A875231F79425C
Authority key identifier: DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/u7EsYGE7_Br9Pi0maEFcgUPmVYA.roa
Signing time: Thu 22 May 2025 15:41:54 +0000
ROA not before: Thu 22 May 2025 15:41:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62282
IP address blocks: 37.156.216.0/21 maxlen: 21
37.156.217.0/24 maxlen: 24
37.156.219.0/24 maxlen: 24
37.156.220.0/24 maxlen: 24
37.156.221.0/24 maxlen: 24
37.156.222.0/24 maxlen: 24
185.38.164.0/22 maxlen: 22
185.38.166.0/24 maxlen: 24
185.79.244.0/22 maxlen: 22
185.79.244.0/24 maxlen: 24
185.79.245.0/24 maxlen: 24
185.79.246.0/24 maxlen: 24
185.79.247.0/24 maxlen: 24
185.175.176.0/22 maxlen: 22
185.193.24.0/22 maxlen: 22
185.193.25.0/24 maxlen: 24
185.193.26.0/24 maxlen: 24
185.193.27.0/24 maxlen: 24
2a01:41a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:a8:81:9f:72:31:7d:f4:e4:a8:75:23:1f:79:42:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df1e2d4bd362b62b8045021dc350b120e5530265
Validity
Not Before: May 22 15:41:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbb12c60613bfc1afd3e2d2668415c8143e65580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:be:26:90:5c:77:c1:30:d1:a2:d1:fe:ec:43:
c6:9f:ad:9f:58:4a:1d:d7:78:73:ea:8b:be:ae:ab:
82:2a:73:a0:b2:a7:5e:64:04:c4:6f:6d:21:a6:0c:
b0:1a:84:fe:4c:69:d1:c2:dc:fd:c6:4b:cb:46:6e:
91:89:60:d5:d1:b7:02:7a:35:45:31:cf:bf:05:93:
bf:5b:da:50:0f:c9:af:f3:9d:82:cc:04:f7:ad:b4:
06:83:0c:c8:33:03:6a:3e:77:3e:43:3d:dc:b2:d5:
74:c8:69:3d:ec:c4:be:4d:a9:4b:81:d3:12:03:2a:
be:84:43:5c:ed:97:da:da:61:71:d4:8c:74:65:a5:
83:2a:d3:cb:71:d2:38:23:c6:40:86:ef:f5:e6:0e:
aa:7d:62:0d:1c:26:97:37:c0:be:b1:ce:cd:ed:58:
c4:5e:3b:59:d0:b6:17:28:66:b6:a2:c8:c1:63:5e:
62:30:e7:ed:a7:2f:05:c7:5c:02:f7:71:37:f7:90:
82:00:38:1e:29:f8:e5:26:6d:fb:40:4d:30:9a:36:
ef:24:65:53:b8:f7:e8:6b:b2:19:d5:32:d9:46:66:
97:b6:e4:be:51:e0:49:4d:32:4c:d0:72:53:16:b3:
71:ac:8f:6d:4b:71:ee:6d:42:b9:08:7b:3a:8d:a4:
96:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B1:2C:60:61:3B:FC:1A:FD:3E:2D:26:68:41:5C:81:43:E6:55:80
X509v3 Authority Key Identifier:
keyid:DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/u7EsYGE7_Br9Pi0maEFcgUPmVYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.216.0/21
185.38.164.0/22
185.79.244.0/22
185.175.176.0/22
185.193.24.0/22
IPv6:
2a01:41a0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:64:ba:03:40:95:85:8c:39:a2:d2:84:cf:0f:85:11:88:6f:
ea:05:40:d1:14:47:57:83:76:b7:5f:0b:33:2b:93:b0:bd:65:
99:74:05:f8:79:03:de:97:d4:b6:48:ba:07:2c:37:1e:42:87:
43:db:f1:76:e0:0e:a4:46:42:bc:03:ca:c4:52:8e:e7:3e:74:
aa:0f:1d:ef:a0:1c:f8:51:71:bd:35:fb:b7:8b:c5:57:5c:8e:
e2:a9:df:b5:da:df:01:05:2a:ed:3e:72:13:60:aa:a1:d0:33:
be:df:27:20:b8:34:9d:b6:11:ee:ce:bf:5a:56:44:af:64:c8:
9c:f2:6f:ae:c2:37:b6:28:bf:ab:e8:f8:ef:e6:7b:24:2e:13:
5b:ff:db:e5:fc:93:c2:66:c6:b8:8f:2b:1a:c7:e3:c6:3e:c4:
0b:db:d1:c7:16:25:a3:44:4f:94:8d:f1:33:84:05:69:b0:dc:
87:82:c7:ef:34:70:26:26:2f:64:b9:c4:21:76:8e:75:7a:6e:
59:b7:b4:bc:77:d0:c0:7d:22:c2:a7:41:2b:e4:59:3f:23:cf:
bb:6e:80:87:9d:8c:ed:00:7b:1a:8c:c9:e1:64:82:11:0e:eb:
54:6c:13:d3:d0:fa:eb:6b:31:90:60:6a:f9:36:2c:27:3d:27:
21:8b:0c:c8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZb4qIGfcjF99OSodSMfeUJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMWUyZDRiZDM2MmI2MmI4MDQ1MDIxZGMzNTBiMTIwZTU1
MzAyNjUwHhcNMjUwNTIyMTU0MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmIxMmM2MDYxM2JmYzFhZmQzZTJkMjY2ODQxNWM4MTQzZTY1NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy74mkFx3wTDRotH+7EPGn62fWEod
13hz6ou+rquCKnOgsqdeZATEb20hpgywGoT+TGnRwtz9xkvLRm6RiWDV0bcCejVF
Mc+/BZO/W9pQD8mv852CzAT3rbQGgwzIMwNqPnc+Qz3cstV0yGk97MS+TalLgdMS
Ayq+hENc7Zfa2mFx1Ix0ZaWDKtPLcdI4I8ZAhu/15g6qfWINHCaXN8C+sc7N7VjE
XjtZ0LYXKGa2osjBY15iMOftpy8Fx1wC93E395CCADgeKfjlJm37QE0wmjbvJGVT
uPfoa7IZ1TLZRmaXtuS+UeBJTTJM0HJTFrNxrI9tS3HubUK5CHs6jaSWzQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLuxLGBhO/wa/T4tJmhBXIFD5lWAMB8GA1UdIwQY
MBaAFN8eLUvTYrYrgEUCHcNQsSDlUwJlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3g0dFM5Tml0aXVBUlFJZHcxQ3hJT1ZUQW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8yODc5ZmItNjI5Yy00YWJmLWEzNWYt
MDNhZmFlNjg4NjU3LzEvdTdFc1lHRTdfQnI5UGkwbWFFRmNnVVBtVllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8yODc5ZmItNjI5Yy00YWJmLWEzNWYtMDNhZmFlNjg4NjU3
LzEvM3g0dFM5Tml0aXVBUlFJZHcxQ3hJT1ZUQW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJZzYAwQC
uSakAwQCuU/0AwQCua+wAwQCucEYMA0EAgACMAcDBQAqAUGgMA0GCSqGSIb3DQEB
CwUAA4IBAQAMZLoDQJWFjDmi0oTPD4URiG/qBUDRFEdXg3a3XwszK5OwvWWZdAX4
eQPel9S2SLoHLDceQodD2/F24A6kRkK8A8rEUo7nPnSqDx3voBz4UXG9Nfu3i8VX
XI7iqd+12t8BBSrtPnITYKqh0DO+3ycguDSdthHuzr9aVkSvZMic8m+uwje2KL+r
6Pjv5nskLhNb/9vl/JPCZsa4jysax+PGPsQL29HHFiWjRE+UjfEzhAVpsNyHgsfv
NHAmJi9kucQhdo51em5Zt7S8d9DAfSLCp0Er5Fk/I8+7boCHnYztAHsajMnhZIIR
DutUbBPT0PrrazGQYGr5NiwnPSchiwzI
-----END CERTIFICATE-----
Generated at Sat Jul 26 23:57:27 2025 by rpki-client