Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/6pAZoUeyJNKjbIkJ9bo52GGChiE.roa
File: 6pAZoUeyJNKjbIkJ9bo52GGChiE.roa (raw, json)
Hash identifier: H9UE5mQZ+sgOHGu/NqWUAUZ7b5ITdi+7fpdJ+eVNZFg=
Subject key identifier: EA:90:19:A1:47:B2:24:D2:A3:6C:89:09:F5:BA:39:D8:61:82:86:21
Certificate issuer: /CN=bdb7aac7c493bc8aa7ec7059d3ec76bbfc2f23d8
Certificate serial: 0194244558403C4BD2ADE947D5E7B7089A3B
Authority key identifier: BD:B7:AA:C7:C4:93:BC:8A:A7:EC:70:59:D3:EC:76:BB:FC:2F:23:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbeqx8STvIqn7HBZ0-x2u_wvI9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/6pAZoUeyJNKjbIkJ9bo52GGChiE.roa
Signing time: Wed 01 Jan 2025 23:48:31 +0000
ROA not before: Wed 01 Jan 2025 23:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57907
IP address blocks: 37.152.48.0/21 maxlen: 21
212.162.156.0/22 maxlen: 22
2a09:d800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:58:40:3c:4b:d2:ad:e9:47:d5:e7:b7:08:9a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb7aac7c493bc8aa7ec7059d3ec76bbfc2f23d8
Validity
Not Before: Jan 1 23:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea9019a147b224d2a36c8909f5ba39d861828621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:3e:c0:aa:1d:76:fa:13:ef:35:ba:b4:cd:bd:
f2:05:cb:bb:9e:76:b5:c5:2f:02:ed:85:47:bf:4f:
18:34:e7:40:28:ec:53:49:2a:6a:12:46:25:47:ed:
84:6a:23:4a:8d:f5:e0:f1:34:32:2f:66:fe:ca:b5:
a2:9d:9b:10:7f:17:9b:fa:08:54:82:61:3f:1e:3b:
9c:78:c0:af:a4:92:8f:92:0b:cc:22:85:44:f0:be:
71:8d:7d:37:46:ee:bd:f1:2b:cc:22:63:a2:63:dd:
48:0d:bc:7f:cf:a8:2a:d3:28:a1:e8:ed:83:46:44:
aa:ec:f6:57:1c:68:9c:51:84:bf:87:76:bd:c1:b2:
f1:b7:18:c2:d7:09:fc:9a:02:5c:2e:9d:5c:88:34:
58:16:0b:3a:23:19:d3:77:81:57:68:61:62:b0:94:
6c:f9:09:dc:1a:30:aa:a6:05:20:37:ec:4b:0e:78:
5c:40:e4:1b:16:5e:e2:7c:ef:bd:e6:56:19:b4:f7:
e0:18:31:7c:d6:4c:b5:ad:8f:46:73:ee:00:99:62:
16:1f:f3:f9:34:61:12:b2:9b:98:39:11:97:d6:bc:
49:7a:e2:15:6f:8c:b4:9c:01:da:ad:f4:6f:59:50:
23:8b:74:80:94:42:ab:50:e9:7f:9a:46:b7:db:4f:
3b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:90:19:A1:47:B2:24:D2:A3:6C:89:09:F5:BA:39:D8:61:82:86:21
X509v3 Authority Key Identifier:
keyid:BD:B7:AA:C7:C4:93:BC:8A:A7:EC:70:59:D3:EC:76:BB:FC:2F:23:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbeqx8STvIqn7HBZ0-x2u_wvI9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/6pAZoUeyJNKjbIkJ9bo52GGChiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/c00989-f654-47c4-bb09-697c0e2c3d35/1/vbeqx8STvIqn7HBZ0-x2u_wvI9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.48.0/21
212.162.156.0/22
IPv6:
2a09:d800::/29
Signature Algorithm: sha256WithRSAEncryption
95:06:24:72:cc:d3:62:c5:a4:fa:27:7a:9e:64:63:4a:c2:11:
ae:f7:a0:b4:24:b4:b2:b4:83:57:7d:90:5a:fc:5e:85:43:80:
c3:57:d3:5d:62:6a:04:d3:56:31:b4:be:dd:85:81:c7:6e:ec:
61:75:8e:72:f1:87:7a:ac:e5:f4:a7:a6:f3:22:cc:f8:f4:a8:
d2:0d:8f:22:ff:91:ef:c4:b7:95:01:61:79:08:90:0d:7b:dd:
a3:49:c7:b8:48:5e:72:97:ef:11:0d:70:b0:ba:77:42:64:4d:
fe:ce:79:e9:4f:20:5a:1b:2e:4e:a2:d2:06:95:fb:9b:0d:b0:
b1:13:cd:9b:2d:96:a7:15:5e:4d:e6:6d:a9:cf:b7:82:cc:4a:
40:30:66:a9:74:14:de:cd:b2:95:1c:cd:c3:d9:ab:7c:a2:94:
ce:a7:c3:f9:a4:40:93:87:ed:c7:8f:cd:e3:3f:d6:4c:ce:39:
1c:2d:14:ce:03:cb:e1:de:94:c3:fe:2f:a9:7e:09:b1:7f:ce:
05:f3:94:bd:48:86:4a:f0:59:95:ff:31:48:79:3b:e5:01:96:
99:da:c3:51:75:a4:21:31:76:8d:4f:8f:51:d2:51:3d:53:e9:
c6:34:74:84:68:a7:e3:cc:e8:fc:5b:fe:ae:d2:16:bc:da:06:
3d:dd:4a:70
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRVhAPEvSrelH1ee3CJo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjdhYWM3YzQ5M2JjOGFhN2VjNzA1OWQzZWM3NmJiZmMy
ZjIzZDgwHhcNMjUwMTAxMjM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTkwMTlhMTQ3YjIyNGQyYTM2Yzg5MDlmNWJhMzlkODYxODI4NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+z7Aqh12+hPvNbq0zb3yBcu7nna1
xS8C7YVHv08YNOdAKOxTSSpqEkYlR+2EaiNKjfXg8TQyL2b+yrWinZsQfxeb+ghU
gmE/HjuceMCvpJKPkgvMIoVE8L5xjX03Ru698SvMImOiY91IDbx/z6gq0yih6O2D
RkSq7PZXHGicUYS/h3a9wbLxtxjC1wn8mgJcLp1ciDRYFgs6IxnTd4FXaGFisJRs
+QncGjCqpgUgN+xLDnhcQOQbFl7ifO+95lYZtPfgGDF81ky1rY9Gc+4AmWIWH/P5
NGESspuYORGX1rxJeuIVb4y0nAHarfRvWVAji3SAlEKrUOl/mka32087xwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOqQGaFHsiTSo2yJCfW6OdhhgoYhMB8GA1UdIwQY
MBaAFL23qsfEk7yKp+xwWdPsdrv8LyPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJlcXg4U1R2SXFuN0hCWjAteDJ1X3d2STlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9jMDA5ODktZjY1NC00N2M0LWJiMDkt
Njk3YzBlMmMzZDM1LzEvNnBBWm9VZXlKTktqYklrSjlibzUyR0dDaGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9jMDA5ODktZjY1NC00N2M0LWJiMDktNjk3YzBlMmMzZDM1
LzEvdmJlcXg4U1R2SXFuN0hCWjAteDJ1X3d2STlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJZgwAwQC
1KKcMA0EAgACMAcDBQMqCdgAMA0GCSqGSIb3DQEBCwUAA4IBAQCVBiRyzNNixaT6
J3qeZGNKwhGu96C0JLSytINXfZBa/F6FQ4DDV9NdYmoE01YxtL7dhYHHbuxhdY5y
8Yd6rOX0p6bzIsz49KjSDY8i/5HvxLeVAWF5CJANe92jSce4SF5yl+8RDXCwundC
ZE3+znnpTyBaGy5OotIGlfubDbCxE82bLZanFV5N5m2pz7eCzEpAMGapdBTezbKV
HM3D2at8opTOp8P5pECTh+3Hj83jP9ZMzjkcLRTOA8vh3pTD/i+pfgmxf84F85S9
SIZK8FmV/zFIeTvlAZaZ2sNRdaQhMXaNT49R0lE9U+nGNHSEaKfjzOj8W/6u0ha8
2gY93Upw
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:00 2025 by rpki-client