Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/EhcozAInIni3I42hS2-IZ59ANWQ.roa
File: EhcozAInIni3I42hS2-IZ59ANWQ.roa (raw, json)
Hash identifier: Kg/K7uY+uXIgHqCDmIvIS6y/awo4V+d4tNxs94DtVrA=
Subject key identifier: 12:17:28:CC:02:27:22:78:B7:23:8D:A1:4B:6F:88:67:9F:40:35:64
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 0194DA2998162CBD004366A9A7864E61BC10
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/EhcozAInIni3I42hS2-IZ59ANWQ.roa
Signing time: Thu 06 Feb 2025 07:29:06 +0000
ROA not before: Thu 06 Feb 2025 07:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.73.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
185.129.93.0/24 maxlen: 24
185.129.94.0/24 maxlen: 24
185.129.95.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:29:98:16:2c:bd:00:43:66:a9:a7:86:4e:61:bc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Feb 6 07:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=121728cc02272278b7238da14b6f88679f403564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:16:24:e6:c9:f1:0d:e8:e8:06:2f:01:a0:78:
dd:2c:69:35:bb:32:67:4c:f3:a0:20:34:0b:f7:29:
cc:4f:7e:5f:4f:06:74:dd:17:8d:b0:9e:36:36:ae:
73:61:44:a1:7c:61:91:33:5d:98:1e:34:98:3e:77:
34:17:83:9b:3b:10:f0:c9:a6:c7:9d:3c:da:11:b6:
ee:46:6a:21:71:6a:ee:71:76:c6:a7:a2:0f:76:a8:
1b:7f:af:e3:b3:f0:1d:4f:3d:24:b6:a5:ea:d2:9f:
05:6a:44:e1:08:2c:1b:c2:ea:5f:ed:15:d5:84:ca:
3c:28:63:12:a1:1c:40:3a:c1:68:ee:cb:ff:99:65:
b8:c7:19:33:ff:de:a6:14:8e:e4:6c:8c:b3:cb:16:
bc:df:4a:ef:9b:1c:79:f4:78:7e:48:29:3a:69:1b:
6d:b7:de:d1:70:7d:e8:11:23:f4:f1:18:9f:b9:3f:
43:19:f9:4c:b1:c1:37:c8:59:ab:17:70:85:85:2f:
36:76:34:b4:15:84:1d:1a:6e:7d:cd:17:0a:de:2f:
56:21:f0:b6:12:86:6d:49:4d:4c:f9:4f:d0:f9:d1:
85:2c:98:a6:1d:a8:da:99:e4:95:40:cf:fe:94:16:
65:e5:86:2d:0e:3a:25:ea:bf:0c:04:4f:d5:36:28:
5d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:17:28:CC:02:27:22:78:B7:23:8D:A1:4B:6F:88:67:9F:40:35:64
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/EhcozAInIni3I42hS2-IZ59ANWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.73.0/24
37.32.76.0/24
185.129.93.0-185.129.95.255
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
01:24:ba:71:b8:a2:98:57:d7:74:69:83:81:91:ec:14:dd:92:
7e:f9:d5:c7:b3:4c:98:67:86:cc:29:06:29:cf:7d:6c:c2:5c:
06:59:78:b6:3f:e2:fd:36:15:6d:0d:c2:98:f8:5a:15:ce:ad:
02:3a:95:0d:a2:69:a1:d0:41:a2:fa:f4:20:c2:d4:32:0e:83:
78:f6:6c:de:33:7c:0c:c0:81:bb:15:4f:72:3e:61:40:d5:02:
fe:c4:f7:63:75:09:6f:5a:7c:4f:42:32:08:e2:4c:86:b2:3d:
e5:ce:af:71:28:3d:bb:43:c0:2a:84:c0:83:e2:40:9c:d5:48:
ee:c2:0f:54:75:76:c8:ae:85:15:34:d9:8f:9c:74:5f:84:3b:
ca:73:4e:40:aa:fd:21:32:b1:ae:78:a0:e2:23:be:16:d6:6e:
11:20:30:26:23:34:a5:7e:68:5a:57:c8:8c:e5:3e:96:29:c2:
b2:57:b8:6d:26:ac:4c:4b:02:e0:d1:47:0f:3d:0a:a1:69:1e:
84:06:1e:9f:74:da:e1:2e:e1:2c:ea:d9:7a:79:9c:c0:28:f7:
d9:fe:fe:16:15:16:91:37:d9:81:32:d5:45:e9:dc:a4:d4:fc:
c2:a7:2e:cb:eb:4b:19:d8:24:db:7d:b8:5e:c3:05:97:a8:fd:
62:58:c9:62
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZTaKZgWLL0AQ2app4ZOYbwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwMjA2MDcyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjE3MjhjYzAyMjcyMjc4YjcyMzhkYTE0YjZmODg2NzlmNDAzNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRYk5snxDejoBi8BoHjdLGk1uzJn
TPOgIDQL9ynMT35fTwZ03ReNsJ42Nq5zYUShfGGRM12YHjSYPnc0F4ObOxDwyabH
nTzaEbbuRmohcWrucXbGp6IPdqgbf6/js/AdTz0ktqXq0p8FakThCCwbwupf7RXV
hMo8KGMSoRxAOsFo7sv/mWW4xxkz/96mFI7kbIyzyxa830rvmxx59Hh+SCk6aRtt
t97RcH3oESP08RifuT9DGflMscE3yFmrF3CFhS82djS0FYQdGm59zRcK3i9WIfC2
EoZtSU1M+U/Q+dGFLJimHajameSVQM/+lBZl5YYtDjol6r8MBE/VNihd6QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBIXKMwCJyJ4tyONoUtviGefQDVkMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvRWhjb3pBSW5JbmkzSTQyaFMyLUlaNTlBTldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDJSBAAwQA
JSBJAwQAJSBMMAwDBAC5gV0DBAW5gUAwDQQCAAIwBwMFAyoPEwAwDQYJKoZIhvcN
AQELBQADggEBAAEkunG4ophX13Rpg4GR7BTdkn751cezTJhnhswpBinPfWzCXAZZ
eLY/4v02FW0Nwpj4WhXOrQI6lQ2iaaHQQaL69CDC1DIOg3j2bN4zfAzAgbsVT3I+
YUDVAv7E92N1CW9afE9CMgjiTIayPeXOr3EoPbtDwCqEwIPiQJzVSO7CD1R1dsiu
hRU02Y+cdF+EO8pzTkCq/SEysa54oOIjvhbWbhEgMCYjNKV+aFpXyIzlPpYpwrJX
uG0mrExLAuDRRw89CqFpHoQGHp902uEu4Szq2Xp5nMAo99n+/hYVFpE32YEy1UXp
3KTU/MKnLsvrSxnYJNt9uF7DBZeo/WJYyWI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:09 2025 by rpki-client