Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/h5VC8VfOvh2FVI-sq1W-WF03wy0.roa
File: h5VC8VfOvh2FVI-sq1W-WF03wy0.roa (raw, json)
Hash identifier: 42Hph67k/LPhwRY52Y37tgXPme/FkjBrpaSNaay87u4=
Subject key identifier: 87:95:42:F1:57:CE:BE:1D:85:54:8F:AC:AB:55:BE:58:5D:37:C3:2D
Certificate issuer: /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial: 0194228E3192B5BB6C37C2DBCB5776BD6C56
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/h5VC8VfOvh2FVI-sq1W-WF03wy0.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22612
IP address blocks: 37.61.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:31:92:b5:bb:6c:37:c2:db:cb:57:76:bd:6c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=879542f157cebe1d85548facab55be585d37c32d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:45:e3:98:60:ca:a7:e4:af:e7:b6:14:5b:bb:
25:5e:ff:d9:3b:48:50:fd:c7:d4:c0:e6:ee:ce:52:
5a:36:e3:5f:c7:87:f4:e5:fd:2e:99:5e:e0:8d:a1:
92:87:5f:2b:b7:58:78:80:56:43:a4:67:30:35:62:
24:53:be:4b:70:d6:62:29:9b:2b:9f:7b:58:e5:af:
3c:1c:84:57:b7:3a:3f:c1:5e:d8:43:36:4a:a2:5a:
e4:0d:a1:e7:99:af:e2:9e:7f:ee:49:27:5c:ed:d9:
79:a1:84:6e:eb:b4:54:6c:5e:15:6e:cb:4c:cb:91:
43:2c:e5:10:ae:f7:b3:cf:1a:5b:2d:71:72:d3:4c:
12:f7:8a:15:fd:91:bc:99:d4:d4:59:81:5d:b0:6d:
e5:07:00:36:eb:fe:73:7c:a3:d9:a8:01:9a:62:ba:
3c:5c:a0:59:3e:a1:30:ec:74:c8:4a:ea:4f:12:11:
a8:e9:cd:f9:b2:40:c5:a1:17:e0:0c:8f:57:e4:e5:
cd:04:62:43:0a:13:ed:26:ed:c2:c4:22:e6:4d:4a:
fc:29:27:9b:41:ad:d2:ef:17:7b:b4:68:9f:6c:d5:
48:ab:97:9b:ed:f1:b7:47:89:4d:89:37:3f:10:37:
e8:91:cc:f1:71:d3:dd:4b:81:e9:b1:95:38:32:6f:
a1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:95:42:F1:57:CE:BE:1D:85:54:8F:AC:AB:55:BE:58:5D:37:C3:2D
X509v3 Authority Key Identifier:
keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/h5VC8VfOvh2FVI-sq1W-WF03wy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.238.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:e2:33:0c:1a:c0:51:31:bf:ba:7a:3b:69:0f:fe:b0:e0:8c:
3a:a7:78:c9:00:a0:d6:71:34:9a:1c:82:59:64:85:e4:14:57:
8b:85:c7:e3:48:c0:47:c1:d2:e7:a2:ea:d8:ea:bc:48:9c:d7:
87:31:f6:8f:62:81:97:13:e2:ff:19:50:b1:eb:92:a4:88:04:
9f:74:26:ab:1a:00:c8:38:9b:05:33:9f:f7:29:ca:ba:2c:3b:
54:41:16:79:e6:6b:88:06:88:d7:42:0a:03:e4:69:53:1c:59:
7f:49:d9:cb:89:85:61:b7:17:2b:94:99:83:b6:f7:da:dd:ab:
01:42:79:24:6a:0a:68:2a:0d:ad:83:51:b1:cf:d5:a2:ce:35:
9e:13:65:d5:35:32:41:d3:66:e0:da:38:dd:57:53:4f:b1:ac:
48:12:d4:85:54:b0:43:8a:04:f4:38:18:12:00:65:c3:33:7c:
bf:c1:e3:2f:01:a0:f6:95:39:aa:b0:93:4b:8a:82:39:35:ee:
46:3d:25:c9:cb:2e:ef:56:fe:20:47:3d:3e:10:45:1e:91:eb:
38:22:00:cc:e5:11:81:fb:b8:81:ec:25:29:46:04:06:32:79:
21:fa:1e:58:6e:b7:6b:02:ba:7f:07:68:25:78:ac:8a:46:88:
71:a7:b3:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjGStbtsN8Lby1d2vWxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk1NDJmMTU3Y2ViZTFkODU1NDhmYWNhYjU1YmU1ODVkMzdjMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkXjmGDKp+Sv57YUW7slXv/ZO0hQ
/cfUwObuzlJaNuNfx4f05f0umV7gjaGSh18rt1h4gFZDpGcwNWIkU75LcNZiKZsr
n3tY5a88HIRXtzo/wV7YQzZKolrkDaHnma/inn/uSSdc7dl5oYRu67RUbF4VbstM
y5FDLOUQrvezzxpbLXFy00wS94oV/ZG8mdTUWYFdsG3lBwA26/5zfKPZqAGaYro8
XKBZPqEw7HTISupPEhGo6c35skDFoRfgDI9X5OXNBGJDChPtJu3CxCLmTUr8KSeb
Qa3S7xd7tGifbNVIq5eb7fG3R4lNiTc/EDfokczxcdPdS4HpsZU4Mm+htQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeVQvFXzr4dhVSPrKtVvlhdN8MtMB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvaDVWQzhWZk92aDJGVkktc3ExVy1XRjAzd3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJT3uMA0G
CSqGSIb3DQEBCwUAA4IBAQDT4jMMGsBRMb+6ejtpD/6w4Iw6p3jJAKDWcTSaHIJZ
ZIXkFFeLhcfjSMBHwdLnourY6rxInNeHMfaPYoGXE+L/GVCx65KkiASfdCarGgDI
OJsFM5/3Kcq6LDtUQRZ55muIBojXQgoD5GlTHFl/SdnLiYVhtxcrlJmDtvfa3asB
QnkkagpoKg2tg1Gxz9WizjWeE2XVNTJB02bg2jjdV1NPsaxIEtSFVLBDigT0OBgS
AGXDM3y/weMvAaD2lTmqsJNLioI5Ne5GPSXJyy7vVv4gRz0+EEUekes4IgDM5RGB
+7iB7CUpRgQGMnkh+h5YbrdrArp/B2gleKyKRohxp7O4
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:03:55 2025 by rpki-client