Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/431rlJYo17j0gku4c27wDtJolTM.roa
File: 431rlJYo17j0gku4c27wDtJolTM.roa (raw, json)
Hash identifier: jaBbQlKOlkbVqr+yC/J8Npu1Ar6ocmTAFupUcjE7xOo=
Subject key identifier: E3:7D:6B:94:96:28:D7:B8:F4:82:4B:B8:73:6E:F0:0E:D2:68:95:33
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019427489BF2DF2F00DDC0EFAB4C535AF7D0
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/431rlJYo17j0gku4c27wDtJolTM.roa
Signing time: Thu 02 Jan 2025 13:50:57 +0000
ROA not before: Thu 02 Jan 2025 13:50:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 37.221.95.0/24 maxlen: 24
45.84.197.0/24 maxlen: 24
45.133.75.0/24 maxlen: 24
45.137.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:9b:f2:df:2f:00:dd:c0:ef:ab:4c:53:5a:f7:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e37d6b949628d7b8f4824bb8736ef00ed2689533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bd:80:45:fd:bd:af:a6:e5:e5:12:2f:1f:7d:
16:e0:20:e1:d7:c5:56:8a:01:b0:39:68:e9:6d:14:
94:7c:53:0c:8a:60:3a:b2:be:11:89:c2:81:e5:62:
f8:9b:8a:fb:8c:48:ab:a6:cf:84:ed:15:cb:0a:97:
1d:42:5d:50:e5:59:47:eb:c0:fb:45:e0:2a:b9:2d:
32:b9:e6:e7:5e:41:e7:58:43:e1:57:d7:eb:05:cc:
c6:f4:fe:ae:21:4e:79:14:85:c8:9f:8a:b5:6e:d6:
07:4e:ef:03:be:19:a0:32:57:33:e6:c7:c8:d1:ec:
01:1c:f5:30:d7:41:8d:ef:79:08:c9:1f:99:9f:16:
bb:62:b7:6d:a2:cf:66:ed:0d:76:f3:eb:f8:10:31:
31:51:3c:46:09:34:ac:a9:6f:2a:5f:83:bc:76:92:
b8:64:dd:12:5b:72:39:31:4e:1d:71:09:de:54:f1:
00:15:2a:ed:08:b3:fd:a4:2d:a5:6d:95:5b:c4:c9:
b5:18:e2:f4:0d:9b:27:87:c3:46:89:7b:62:a5:b9:
a3:e1:57:a7:d2:2d:b2:22:f4:76:0d:eb:ab:08:39:
69:9d:43:26:dd:53:7f:5f:b4:0f:1a:db:9a:ea:2e:
38:96:4d:3c:73:a1:83:a8:f0:ca:82:da:e0:fa:5a:
8a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7D:6B:94:96:28:D7:B8:F4:82:4B:B8:73:6E:F0:0E:D2:68:95:33
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/431rlJYo17j0gku4c27wDtJolTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.95.0/24
45.84.197.0/24
45.133.75.0/24
45.137.68.0/24
Signature Algorithm: sha256WithRSAEncryption
30:fe:3a:ed:a5:93:8f:8e:3c:31:7b:70:dc:30:27:77:1d:76:
38:08:ef:a2:5b:ad:ce:05:bd:5a:2d:87:75:aa:b2:0f:85:f5:
13:0d:f7:8f:d6:b9:97:80:8c:ca:fd:b7:c5:e8:a4:1f:d6:fb:
2e:5b:15:d0:3c:c9:30:23:d4:79:a5:dd:5a:a7:f6:55:a6:71:
4b:1a:5a:cf:35:56:76:77:e1:3a:1d:97:bd:6d:92:c7:f2:2c:
4d:47:00:9f:f2:de:7c:cd:2d:57:9f:0c:88:69:ee:34:0c:84:
e4:0d:fd:14:b7:fc:a9:5e:76:7b:e1:de:10:ca:bd:6c:86:b9:
2c:0b:e0:68:34:ed:0d:c6:bf:6e:eb:7f:a6:6b:dd:ad:1f:06:
8d:cd:df:f2:53:fe:b6:58:cf:09:53:b3:74:9a:7d:db:88:df:
0e:a7:6b:21:a1:94:eb:5a:c2:fd:44:39:cc:28:82:ff:53:7a:
3c:9e:ba:bc:59:78:fa:0b:85:1a:3c:80:08:fb:55:bb:e4:82:
b4:c8:9d:a7:a6:48:e4:d8:7c:9b:0b:6c:f5:16:ae:15:60:69:
02:02:56:68:36:fc:e9:95:c7:58:c0:b5:eb:a4:5e:5b:83:ce:
9a:ae:e6:68:e4:bc:33:58:de:e9:15:ec:28:8c:69:a8:41:74:
ac:c7:3a:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSJvy3y8A3cDvq0xTWvfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzdkNmI5NDk2MjhkN2I4ZjQ4MjRiYjg3MzZlZjAwZWQyNjg5NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb2ARf29r6bl5RIvH30W4CDh18VW
igGwOWjpbRSUfFMMimA6sr4RicKB5WL4m4r7jEirps+E7RXLCpcdQl1Q5VlH68D7
ReAquS0yuebnXkHnWEPhV9frBczG9P6uIU55FIXIn4q1btYHTu8DvhmgMlcz5sfI
0ewBHPUw10GN73kIyR+Znxa7Yrdtos9m7Q128+v4EDExUTxGCTSsqW8qX4O8dpK4
ZN0SW3I5MU4dcQneVPEAFSrtCLP9pC2lbZVbxMm1GOL0DZsnh8NGiXtipbmj4Ven
0i2yIvR2DeurCDlpnUMm3VN/X7QPGtua6i44lk08c6GDqPDKgtrg+lqKeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFON9a5SWKNe49IJLuHNu8A7SaJUzMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvNDMxcmxKWW8xN2owZ2t1NGMyN3dEdEpvbFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJd1fAwQA
LVTFAwQALYVLAwQALYlEMA0GCSqGSIb3DQEBCwUAA4IBAQAw/jrtpZOPjjwxe3Dc
MCd3HXY4CO+iW63OBb1aLYd1qrIPhfUTDfeP1rmXgIzK/bfF6KQf1vsuWxXQPMkw
I9R5pd1ap/ZVpnFLGlrPNVZ2d+E6HZe9bZLH8ixNRwCf8t58zS1XnwyIae40DITk
Df0Ut/ypXnZ74d4Qyr1shrksC+BoNO0Nxr9u63+ma92tHwaNzd/yU/62WM8JU7N0
mn3biN8Op2shoZTrWsL9RDnMKIL/U3o8nrq8WXj6C4UaPIAI+1W75IK0yJ2npkjk
2HybC2z1Fq4VYGkCAlZoNvzplcdYwLXrpF5bg86aruZo5LwzWN7pFewojGmoQXSs
xzrB
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:51:50 2025 by rpki-client