Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tdzsaKxsamCWBVwoUkqT8RggY6A.roa
File: tdzsaKxsamCWBVwoUkqT8RggY6A.roa (raw, json)
Hash identifier: Fv0PNntXjBHiuO1Z367HBdmxJtFfh7CR44dwT354/lw=
Subject key identifier: B5:DC:EC:68:AC:6C:6A:60:96:05:5C:28:52:4A:93:F1:18:20:63:A0
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019426D9FBB75FE92EE84A5DDE80BBAC74EB
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tdzsaKxsamCWBVwoUkqT8RggY6A.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28099
IP address blocks: 37.235.52.0/24 maxlen: 24
2a03:f80:56::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fb:b7:5f:e9:2e:e8:4a:5d:de:80:bb:ac:74:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5dcec68ac6c6a6096055c28524a93f1182063a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f5:b8:ee:5c:48:6c:b9:f3:54:cd:1f:a8:6e:
af:21:59:30:48:ba:73:d2:b2:06:2d:d8:bf:2e:d2:
a8:0d:bf:06:03:60:93:b7:cc:46:90:6c:f2:7f:6f:
6f:9a:c4:70:28:94:f8:b6:7e:ee:f0:b3:2c:a2:f8:
ea:03:f0:17:99:4b:fd:3f:34:30:fd:8d:de:63:b1:
98:6e:87:07:00:b1:7f:f8:9e:5c:4b:e6:c8:94:97:
de:9e:e7:f0:43:bf:a4:e0:4c:c3:9d:38:b8:19:c7:
78:db:e6:ce:f8:69:4e:bd:3e:d9:5d:29:e0:54:ae:
39:88:ba:59:c5:22:15:58:87:a0:0f:a3:1e:03:6f:
6e:58:50:0d:c2:4c:09:40:63:ae:da:29:2c:8a:bd:
a7:f0:7f:93:51:37:a1:5d:b9:78:3a:2b:f5:7c:0c:
ff:e4:ee:f1:f6:a3:7b:d0:3b:a6:0f:5e:ac:7d:73:
56:8d:5d:88:d2:b6:56:74:94:47:c5:fa:ec:fa:4e:
f2:81:95:e5:9a:ad:f4:84:7b:83:9f:17:73:c0:f8:
e5:e9:2d:58:d4:77:2a:ef:ca:ac:18:69:99:d8:29:
85:f1:cc:14:85:9f:72:2f:8b:8d:60:82:82:2c:b1:
0b:a1:b1:89:ef:b3:29:02:47:8c:15:b2:39:df:a2:
4e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DC:EC:68:AC:6C:6A:60:96:05:5C:28:52:4A:93:F1:18:20:63:A0
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/tdzsaKxsamCWBVwoUkqT8RggY6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.52.0/24
IPv6:
2a03:f80:56::/48
Signature Algorithm: sha256WithRSAEncryption
11:cc:1d:fd:88:c2:9d:86:dc:00:42:57:de:b2:10:b2:be:76:
65:fe:67:bd:7d:40:70:f2:f9:6e:ec:b2:91:48:24:c4:1d:25:
39:61:0d:d3:0f:c5:5a:d3:af:76:7f:16:16:21:9e:36:b8:ed:
39:7e:a0:5c:01:c8:b0:e8:f6:19:d6:04:f7:4c:d1:f8:31:44:
17:2d:6d:93:51:d6:ed:45:9a:22:6b:59:27:18:3e:ce:d6:1e:
4f:f3:4a:c1:02:2d:15:55:c8:02:47:9d:c8:13:5d:d6:e4:08:
29:07:68:20:17:bb:e7:47:e5:0f:93:f4:80:9c:bc:14:f1:d9:
90:9b:8a:ab:96:24:a9:45:54:9b:89:7a:40:46:05:1f:0c:af:
33:28:e1:bf:44:bd:8b:41:d1:e7:5b:9e:34:8c:7f:1c:f1:09:
51:83:98:28:c2:0b:1c:df:4e:42:89:93:d8:ba:36:d3:99:11:
f4:6d:ff:2f:db:af:a8:16:b9:be:7d:11:a8:7f:e8:30:7a:a6:
5a:93:c6:2a:de:97:5f:fb:22:14:99:5b:72:cf:36:73:49:35:
e8:cb:59:e0:a5:77:79:45:d5:9b:77:9d:fe:ab:b2:c7:1c:2d:
9a:63:22:d0:c2:e9:93:ce:6a:9a:1f:67:d9:f2:65:af:01:29:
9a:f4:63:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2fu3X+ku6Epd3oC7rHTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRjZWM2OGFjNmM2YTYwOTYwNTVjMjg1MjRhOTNmMTE4MjA2M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPW47lxIbLnzVM0fqG6vIVkwSLpz
0rIGLdi/LtKoDb8GA2CTt8xGkGzyf29vmsRwKJT4tn7u8LMsovjqA/AXmUv9PzQw
/Y3eY7GYbocHALF/+J5cS+bIlJfenufwQ7+k4EzDnTi4Gcd42+bO+GlOvT7ZXSng
VK45iLpZxSIVWIegD6MeA29uWFANwkwJQGOu2iksir2n8H+TUTehXbl4Oiv1fAz/
5O7x9qN70DumD16sfXNWjV2I0rZWdJRHxfrs+k7ygZXlmq30hHuDnxdzwPjl6S1Y
1Hcq78qsGGmZ2CmF8cwUhZ9yL4uNYIKCLLELobGJ77MpAkeMFbI536JOGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLXc7GisbGpglgVcKFJKk/EYIGOgMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvdGR6c2FLeHNhbUNXQlZ3b1VrcVQ4UmdnWTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAJes0MA8E
AgACMAkDBwAqAw+AAFYwDQYJKoZIhvcNAQELBQADggEBABHMHf2Iwp2G3ABCV96y
ELK+dmX+Z719QHDy+W7sspFIJMQdJTlhDdMPxVrTr3Z/FhYhnja47Tl+oFwByLDo
9hnWBPdM0fgxRBctbZNR1u1FmiJrWScYPs7WHk/zSsECLRVVyAJHncgTXdbkCCkH
aCAXu+dH5Q+T9ICcvBTx2ZCbiquWJKlFVJuJekBGBR8MrzMo4b9EvYtB0edbnjSM
fxzxCVGDmCjCCxzfTkKJk9i6NtOZEfRt/y/br6gWub59Eah/6DB6plqTxirel1/7
IhSZW3LPNnNJNejLWeCld3lF1Zt3nf6rssccLZpjItDC6ZPOapofZ9nyZa8BKZr0
YyI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:07:52 2025 by rpki-client