Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/RySOnwd5yNUvkpOdlWzbq8gD58I.roa
File: RySOnwd5yNUvkpOdlWzbq8gD58I.roa (raw, json)
Hash identifier: pMm1Q5jN9tu+9MZBtGXjdw1riel86JfdVWVMRs8pgEY=
Subject key identifier: 47:24:8E:9F:07:79:C8:D5:2F:92:93:9D:95:6C:DB:AB:C8:03:E7:C2
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019426D9FC0D51390BC468EB903AC27B166A
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/RySOnwd5yNUvkpOdlWzbq8gD58I.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29691
IP address blocks: 37.235.50.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fc:0d:51:39:0b:c4:68:eb:90:3a:c2:7b:16:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47248e9f0779c8d52f92939d956cdbabc803e7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:52:00:cb:36:0b:0a:22:d0:fc:1e:ce:44:
93:bd:fa:41:99:57:ee:52:2a:63:39:4c:f0:7d:de:
0a:1e:ef:9a:03:4b:4d:a5:1d:78:b6:b4:9e:b6:00:
ee:25:66:d0:bd:40:6d:1b:21:1a:d9:88:58:d8:22:
27:d6:28:6e:d7:86:1e:a4:7d:aa:31:88:13:61:aa:
e7:d2:ac:c7:c7:73:2f:95:2f:d8:06:0d:e3:26:3f:
49:d3:2a:0f:b8:1a:87:6b:4b:10:98:8a:59:c0:d4:
29:ac:54:0b:94:2c:53:e7:e2:78:46:e6:b5:77:88:
d3:78:50:79:2c:fd:8f:01:3b:ef:01:df:66:ae:ca:
1b:12:2a:84:be:f4:54:47:da:d5:23:e0:bd:39:f7:
66:53:58:be:9c:bb:1d:8c:08:b0:4b:55:1c:a0:ce:
87:fc:48:9e:d3:a6:86:10:eb:08:d1:c4:04:10:a0:
88:42:37:aa:89:27:27:fd:7c:ae:9d:b9:e0:87:9f:
44:66:ee:15:6d:a0:25:2a:b1:9e:36:f6:52:9a:37:
c8:e1:a4:37:1d:79:98:8d:e5:b8:94:43:b0:62:80:
e5:9d:7d:8d:cc:7b:d8:f2:08:95:2b:5b:07:3a:fe:
db:57:8e:eb:eb:30:f1:ac:56:ef:30:51:60:49:66:
4d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:24:8E:9F:07:79:C8:D5:2F:92:93:9D:95:6C:DB:AB:C8:03:E7:C2
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/RySOnwd5yNUvkpOdlWzbq8gD58I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.50.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:be:68:d0:9f:47:17:1e:32:10:c5:57:97:86:b2:78:66:46:
d9:19:65:c1:55:b7:2e:89:dd:39:11:53:51:c1:a1:f2:d1:b0:
a7:8d:98:ae:f2:1b:31:d9:3c:ca:58:39:b5:7d:c5:ae:40:4e:
60:74:d1:15:58:c6:d1:61:ef:aa:4e:02:fa:c7:70:17:84:55:
d3:f3:20:e7:65:1a:10:cf:96:97:35:62:3e:52:9a:c5:2f:b7:
81:0b:f9:23:b4:8b:85:6d:2e:71:aa:85:61:14:98:f5:d3:fd:
dc:8b:68:45:cc:ea:e5:62:92:6b:01:fa:8b:da:15:cd:04:62:
ac:d9:16:6d:fe:2a:30:12:a2:e0:61:83:69:ca:a9:87:fa:b5:
4b:ea:e8:dd:0d:00:63:88:86:a8:a0:be:ad:39:0a:c6:08:34:
51:ba:ef:b7:49:3a:9d:70:48:06:bc:55:ab:b2:60:56:d3:cb:
03:5d:5d:4a:0d:1a:37:0d:a6:a4:60:87:2e:e9:4b:8f:e7:38:
82:57:bf:87:16:9d:0d:a7:cc:b7:2c:66:24:5b:e4:5a:23:8d:
46:1e:55:d2:87:06:14:37:d2:48:03:ee:80:80:ab:04:a8:70:
81:86:07:25:6b:79:23:81:e5:e1:cd:c2:a2:0b:db:c4:ff:fa:
96:fb:56:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2fwNUTkLxGjrkDrCexZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI0OGU5ZjA3NzljOGQ1MmY5MjkzOWQ5NTZjZGJhYmM4MDNlN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS9SAMs2Cwoi0PwezkSTvfpBmVfu
UipjOUzwfd4KHu+aA0tNpR14trSetgDuJWbQvUBtGyEa2YhY2CIn1ihu14YepH2q
MYgTYarn0qzHx3MvlS/YBg3jJj9J0yoPuBqHa0sQmIpZwNQprFQLlCxT5+J4Rua1
d4jTeFB5LP2PATvvAd9mrsobEiqEvvRUR9rVI+C9OfdmU1i+nLsdjAiwS1UcoM6H
/Eie06aGEOsI0cQEEKCIQjeqiScn/Xyunbngh59EZu4VbaAlKrGeNvZSmjfI4aQ3
HXmYjeW4lEOwYoDlnX2NzHvY8giVK1sHOv7bV47r6zDxrFbvMFFgSWZNpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEckjp8HecjVL5KTnZVs26vIA+fCMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvUnlTT253ZDV5TlV2a3BPZGxXemJxOGdENThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJesyMA0G
CSqGSIb3DQEBCwUAA4IBAQBNvmjQn0cXHjIQxVeXhrJ4ZkbZGWXBVbcuid05EVNR
waHy0bCnjZiu8hsx2TzKWDm1fcWuQE5gdNEVWMbRYe+qTgL6x3AXhFXT8yDnZRoQ
z5aXNWI+UprFL7eBC/kjtIuFbS5xqoVhFJj10/3ci2hFzOrlYpJrAfqL2hXNBGKs
2RZt/iowEqLgYYNpyqmH+rVL6ujdDQBjiIaooL6tOQrGCDRRuu+3STqdcEgGvFWr
smBW08sDXV1KDRo3DaakYIcu6UuP5ziCV7+HFp0Np8y3LGYkW+RaI41GHlXShwYU
N9JIA+6AgKsEqHCBhgcla3kjgeXhzcKiC9vE//qW+1Za
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:03:37 2025 by rpki-client