Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/KOmHsYTT8dHL3QRmpI2yEaWq1H0.roa
File: KOmHsYTT8dHL3QRmpI2yEaWq1H0.roa (raw, json)
Hash identifier: lw5VEiyghZjGPBV+Cuu9js4RXnD7F0lqD5TiyyWbpk8=
Subject key identifier: 28:E9:87:B1:84:D3:F1:D1:CB:DD:04:66:A4:8D:B2:11:A5:AA:D4:7D
Certificate issuer: /CN=0013ca9a0ae71b10d29dba0cb3ecab5f10df5179
Certificate serial: 01942368C9621BF18E16166D24FC2F828CE7
Authority key identifier: 00:13:CA:9A:0A:E7:1B:10:D2:9D:BA:0C:B3:EC:AB:5F:10:DF:51:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABPKmgrnGxDSnboMs-yrXxDfUXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/KOmHsYTT8dHL3QRmpI2yEaWq1H0.roa
Signing time: Wed 01 Jan 2025 19:47:37 +0000
ROA not before: Wed 01 Jan 2025 19:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39425
IP address blocks: 37.156.37.0/24 maxlen: 24
89.35.4.0/23 maxlen: 23
89.37.186.0/23 maxlen: 23
89.40.133.0/24 maxlen: 27
89.43.240.0/21 maxlen: 24
89.43.240.0/22 maxlen: 23
89.43.244.0/23 maxlen: 24
89.43.246.0/24 maxlen: 24
89.43.247.0/24 maxlen: 24
89.46.24.0/21 maxlen: 21
92.114.88.0/22 maxlen: 22
94.176.186.0/23 maxlen: 23
188.241.111.0/24 maxlen: 24
188.241.121.0/24 maxlen: 24
193.162.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:c9:62:1b:f1:8e:16:16:6d:24:fc:2f:82:8c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0013ca9a0ae71b10d29dba0cb3ecab5f10df5179
Validity
Not Before: Jan 1 19:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28e987b184d3f1d1cbdd0466a48db211a5aad47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8f:14:c3:64:21:45:b5:f8:d9:50:6a:e9:05:
b6:67:a4:5f:fe:c1:3c:83:1d:4a:ca:f5:20:91:48:
26:b7:78:95:37:5d:62:29:55:93:11:3f:81:04:bb:
99:bc:d5:d9:54:d6:3c:61:e2:d1:c9:35:96:a8:db:
9e:ea:aa:6c:43:fb:b3:e1:06:66:84:e2:33:ac:c2:
cc:c2:bd:16:c6:f0:5b:ae:f4:44:31:09:a0:b9:9b:
c9:66:b9:23:06:09:ae:d9:66:0e:be:b5:17:68:91:
f0:aa:04:b9:01:6b:b6:ed:2a:85:00:5e:87:9b:44:
ed:dc:02:28:4f:5e:53:25:d7:69:25:b2:07:d8:11:
b8:78:17:25:14:1f:a6:d5:3d:6d:b9:39:b6:12:36:
a3:a9:29:59:9d:44:1b:72:75:4e:1d:3a:94:fe:a1:
dc:77:03:84:02:99:b7:0e:a6:44:0b:f1:4b:4b:aa:
39:81:5a:8f:c6:4e:b7:43:66:c5:41:d9:fd:72:ab:
be:2f:c6:bb:32:13:62:72:bd:33:5b:dd:2b:56:56:
4e:ca:f2:50:19:db:19:58:9c:0a:17:08:b7:e4:1b:
f6:13:7d:7f:91:e4:98:00:3d:03:8f:cf:ab:b4:6e:
41:2e:7c:59:00:2c:85:1d:c3:45:0d:63:3b:a0:7b:
d3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E9:87:B1:84:D3:F1:D1:CB:DD:04:66:A4:8D:B2:11:A5:AA:D4:7D
X509v3 Authority Key Identifier:
keyid:00:13:CA:9A:0A:E7:1B:10:D2:9D:BA:0C:B3:EC:AB:5F:10:DF:51:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABPKmgrnGxDSnboMs-yrXxDfUXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/KOmHsYTT8dHL3QRmpI2yEaWq1H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/ABPKmgrnGxDSnboMs-yrXxDfUXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.37.0/24
89.35.4.0/23
89.37.186.0/23
89.40.133.0/24
89.43.240.0/21
89.46.24.0/21
92.114.88.0/22
94.176.186.0/23
188.241.111.0/24
188.241.121.0/24
193.162.136.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:09:e7:59:5a:45:65:23:0e:3a:0d:93:9f:9d:e6:57:13:16:
28:9a:cd:f6:98:f1:6c:9e:1c:ce:7c:61:9d:0f:0a:3e:01:0c:
17:5e:b0:81:84:a7:0a:33:9a:25:13:02:f8:c7:aa:9f:bd:05:
13:bf:98:96:4f:50:28:1b:1f:c5:64:dc:2b:98:fe:32:8e:fc:
17:98:53:cd:23:aa:40:c4:5a:c1:b6:36:13:c9:bc:e1:58:84:
2f:aa:a0:2c:d9:4b:9a:66:dd:77:d1:eb:05:89:7c:88:23:fd:
d3:2b:43:27:2d:7a:82:ac:fe:d8:5a:6b:be:2a:f7:57:cb:16:
75:35:ba:0d:96:cd:27:f5:25:b6:7b:9c:42:b9:41:e9:e5:a2:
f4:95:50:0e:30:9d:ce:5f:7c:ae:40:72:88:c7:ec:21:7e:af:
ba:76:f6:27:57:13:6e:f0:d1:18:37:c7:03:61:19:2d:74:90:
0c:be:03:7f:36:06:58:1e:41:d3:fb:7e:37:9d:97:2a:bb:ac:
05:3c:cd:69:37:bd:ca:44:68:14:42:c8:52:0a:ea:eb:87:25:
3e:11:f4:82:8c:9b:b4:7e:48:d1:5d:f9:e7:1f:46:a5:32:3c:
8a:26:b1:69:9b:f9:f2:8a:b7:f0:69:c6:6a:d8:e4:9e:f7:da:
4f:67:1c:0a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQjaMliG/GOFhZtJPwvgoznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTNjYTlhMGFlNzFiMTBkMjlkYmEwY2IzZWNhYjVmMTBk
ZjUxNzkwHhcNMjUwMTAxMTk0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU5ODdiMTg0ZDNmMWQxY2JkZDA0NjZhNDhkYjIxMWE1YWFkNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI8Uw2QhRbX42VBq6QW2Z6Rf/sE8
gx1KyvUgkUgmt3iVN11iKVWTET+BBLuZvNXZVNY8YeLRyTWWqNue6qpsQ/uz4QZm
hOIzrMLMwr0WxvBbrvREMQmguZvJZrkjBgmu2WYOvrUXaJHwqgS5AWu27SqFAF6H
m0Tt3AIoT15TJddpJbIH2BG4eBclFB+m1T1tuTm2EjajqSlZnUQbcnVOHTqU/qHc
dwOEApm3DqZEC/FLS6o5gVqPxk63Q2bFQdn9cqu+L8a7MhNicr0zW90rVlZOyvJQ
GdsZWJwKFwi35Bv2E31/keSYAD0Dj8+rtG5BLnxZACyFHcNFDWM7oHvTuwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCjph7GE0/HRy90EZqSNshGlqtR9MB8GA1UdIwQY
MBaAFAATypoK5xsQ0p26DLPsq18Q31F5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJQS21ncm5HeERTbmJvTXMteXJYeERmVVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi83YmRhZmItNDk1MS00M2IzLWFlZjAt
YjU0MzhiOTJjOTliLzEvS09tSHNZVFQ4ZEhMM1FSbXBJMnlFYVdxMUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi83YmRhZmItNDk1MS00M2IzLWFlZjAtYjU0MzhiOTJjOTli
LzEvQUJQS21ncm5HeERTbmJvTXMteXJYeERmVVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJZwlAwQB
WSMEAwQBWSW6AwQAWSiFAwQDWSvwAwQDWS4YAwQCXHJYAwQBXrC6AwQAvPFvAwQA
vPF5AwQAwaKIMA0GCSqGSIb3DQEBCwUAA4IBAQCpCedZWkVlIw46DZOfneZXExYo
ms32mPFsnhzOfGGdDwo+AQwXXrCBhKcKM5olEwL4x6qfvQUTv5iWT1AoGx/FZNwr
mP4yjvwXmFPNI6pAxFrBtjYTybzhWIQvqqAs2UuaZt130esFiXyII/3TK0MnLXqC
rP7YWmu+KvdXyxZ1NboNls0n9SW2e5xCuUHp5aL0lVAOMJ3OX3yuQHKIx+whfq+6
dvYnVxNu8NEYN8cDYRktdJAMvgN/NgZYHkHT+343nZcqu6wFPM1pN73KRGgUQshS
CurrhyU+EfSCjJu0fkjRXfnnH0alMjyKJrFpm/nyirfwacZq2OSe99pPZxwK
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:11 2025 by rpki-client