Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/yqhpAot3xi6epn6ENDWr8uOqyio.roa
File: yqhpAot3xi6epn6ENDWr8uOqyio.roa (raw, json)
Hash identifier: kICDDy+hxEl81swZp9LVJwlGqZNulN1S7VyaDfHwQvg=
Subject key identifier: CA:A8:69:02:8B:77:C6:2E:9E:A6:7E:84:34:35:AB:F2:E3:AA:CA:2A
Certificate issuer: /CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
Certificate serial: 019427B3BDE1803E1DE5D92A33210DFFD2A3
Authority key identifier: 19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/yqhpAot3xi6epn6ENDWr8uOqyio.roa
Signing time: Thu 02 Jan 2025 15:47:58 +0000
ROA not before: Thu 02 Jan 2025 15:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211612
IP address blocks: 37.19.204.0/24 maxlen: 24
37.19.208.0/24 maxlen: 24
37.19.219.0/24 maxlen: 24
2a02:6ea0:e400::/40 maxlen: 40
2a02:6ea0:e500::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:bd:e1:80:3e:1d:e5:d9:2a:33:21:0d:ff:d2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19193cd0cfb9395989358e0396312cfbb1c88ffe
Validity
Not Before: Jan 2 15:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=caa869028b77c62e9ea67e843435abf2e3aaca2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6f:dc:8e:cb:c4:34:a5:03:e8:d7:9d:07:db:
09:74:7f:56:c4:5d:4d:29:b8:df:e0:31:02:99:05:
16:07:94:e2:90:a3:15:c3:92:03:62:ed:1e:18:d0:
96:cb:5e:81:6d:34:29:84:1c:d3:e0:ff:69:fb:65:
c3:f2:4c:22:d5:d5:96:a5:ab:c4:4e:f9:a7:2a:c5:
64:5d:c2:03:5a:e3:a7:c4:cc:ef:5c:3f:ba:c8:bf:
91:35:e0:e3:83:cf:4e:4d:a7:97:19:19:de:90:46:
91:93:3a:ae:ef:e2:68:44:a2:3b:aa:37:fd:05:b1:
b3:61:91:7a:71:ff:aa:97:58:f9:1b:20:64:cc:64:
54:90:80:0b:79:65:48:ec:cf:7a:33:0f:1d:8f:2f:
3f:16:10:50:cf:1e:b4:12:e2:a6:4e:da:88:3b:3f:
55:77:27:11:75:01:b6:80:1a:8b:dc:8b:53:fe:4a:
8e:5a:82:e2:47:eb:2f:f0:ba:83:86:47:be:70:6c:
17:3d:b9:24:f7:71:a8:d0:2a:41:3d:a2:f1:6a:ed:
58:66:9b:0b:e7:bb:6a:f4:50:bd:21:31:bf:b3:e7:
11:50:64:9d:2d:f4:7f:2f:31:8a:08:42:86:63:be:
8c:69:2a:8e:b4:41:6e:74:6a:eb:2d:28:d5:45:ae:
1a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A8:69:02:8B:77:C6:2E:9E:A6:7E:84:34:35:AB:F2:E3:AA:CA:2A
X509v3 Authority Key Identifier:
keyid:19:19:3C:D0:CF:B9:39:59:89:35:8E:03:96:31:2C:FB:B1:C8:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRk80M-5OVmJNY4DljEs-7HIj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/yqhpAot3xi6epn6ENDWr8uOqyio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0d68d4-adb3-4ff9-b78a-4ef9d07c4405/1/GRk80M-5OVmJNY4DljEs-7HIj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.204.0/24
37.19.208.0/24
37.19.219.0/24
IPv6:
2a02:6ea0:e400::/39
Signature Algorithm: sha256WithRSAEncryption
3a:ed:f1:ff:7d:dc:54:ce:ff:c0:09:15:22:84:78:58:74:7e:
43:32:da:13:c0:e6:7c:03:31:7a:42:b4:99:77:cd:a1:19:64:
fa:07:61:95:e3:b0:29:a2:e6:9c:c7:9f:52:32:be:34:18:95:
ac:26:a0:82:31:1e:f7:f6:90:05:d8:a2:04:66:b6:5f:b3:79:
8e:e3:28:32:1a:c0:0f:56:09:bc:2d:ef:a7:16:93:a4:4c:71:
29:3c:f5:f6:ea:37:21:16:58:f7:7b:83:15:03:40:af:f0:db:
48:20:ca:1c:2a:17:82:16:5e:80:44:69:b4:f4:97:df:dc:24:
8f:7e:98:bd:e7:61:15:82:65:b2:c1:c2:07:40:11:06:c8:61:
92:d9:ed:1e:7e:98:58:3c:01:17:8e:08:07:fa:be:42:56:f8:
af:3e:90:de:51:92:3b:9c:4f:ac:05:6b:ff:bd:19:db:44:67:
e5:79:19:8c:ff:87:63:e9:d4:fb:ef:0b:a3:62:c7:5c:18:80:
fe:8e:11:59:6f:dd:3f:93:a2:1e:5a:1c:9f:d8:1b:33:b0:66:
bd:1e:84:82:a6:c6:6d:43:b1:3b:9a:45:7b:63:91:77:52:13:
2b:f0:b0:8e:a3:bc:b9:b1:36:06:fe:d2:5d:52:ba:ce:ff:ae:
66:9a:c2:d9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQns73hgD4d5dkqMyEN/9KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTkzY2QwY2ZiOTM5NTk4OTM1OGUwMzk2MzEyY2ZiYjFj
ODhmZmUwHhcNMjUwMTAyMTU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWE4NjkwMjhiNzdjNjJlOWVhNjdlODQzNDM1YWJmMmUzYWFjYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0W/cjsvENKUD6NedB9sJdH9WxF1N
Kbjf4DECmQUWB5TikKMVw5IDYu0eGNCWy16BbTQphBzT4P9p+2XD8kwi1dWWpavE
TvmnKsVkXcIDWuOnxMzvXD+6yL+RNeDjg89OTaeXGRnekEaRkzqu7+JoRKI7qjf9
BbGzYZF6cf+ql1j5GyBkzGRUkIALeWVI7M96Mw8djy8/FhBQzx60EuKmTtqIOz9V
dycRdQG2gBqL3ItT/kqOWoLiR+sv8LqDhke+cGwXPbkk93Go0CpBPaLxau1YZpsL
57tq9FC9ITG/s+cRUGSdLfR/LzGKCEKGY76MaSqOtEFudGrrLSjVRa4aHwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMqoaQKLd8YunqZ+hDQ1q/LjqsoqMB8GA1UdIwQY
MBaAFBkZPNDPuTlZiTWOA5YxLPuxyI/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JrODBNLTVPVm1KTlk0RGxqRXMtN0hJal80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wZDY4ZDQtYWRiMy00ZmY5LWI3OGEt
NGVmOWQwN2M0NDA1LzEveXFocEFvdDN4aTZlcG42RU5EV3I4dU9xeWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wZDY4ZDQtYWRiMy00ZmY5LWI3OGEtNGVmOWQwN2M0NDA1
LzEvR1JrODBNLTVPVm1KTlk0RGxqRXMtN0hJal80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAJRPMAwQA
JRPQAwQAJRPbMA4EAgACMAgDBgEqAm6g5DANBgkqhkiG9w0BAQsFAAOCAQEAOu3x
/33cVM7/wAkVIoR4WHR+QzLaE8DmfAMxekK0mXfNoRlk+gdhleOwKaLmnMefUjK+
NBiVrCaggjEe9/aQBdiiBGa2X7N5juMoMhrAD1YJvC3vpxaTpExxKTz19uo3IRZY
93uDFQNAr/DbSCDKHCoXghZegERptPSX39wkj36YvedhFYJlssHCB0ARBshhktnt
Hn6YWDwBF44IB/q+Qlb4rz6Q3lGSO5xPrAVr/70Z20Rn5XkZjP+HY+nU++8Lo2LH
XBiA/o4RWW/dP5OiHlocn9gbM7BmvR6EgqbGbUOxO5pFe2ORd1ITK/CwjqO8ubE2
Bv7SXVK6zv+uZprC2Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:53 2025 by rpki-client