Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/49ae42-0e9a-4e24-ba15-25ef2990f166/1/4_25V1XttJ1qw5vFtRBIGOQ28e4.roa
File: 4_25V1XttJ1qw5vFtRBIGOQ28e4.roa (raw, json)
Hash identifier: jrFE5OHsnZSV8YIte/QlrxAa0XpS7lb+A+yiq4ZHdDE=
Subject key identifier: E3:FD:B9:57:55:ED:B4:9D:6A:C3:9B:C5:B5:10:48:18:E4:36:F1:EE
Certificate issuer: /CN=eca33c96f02a9f0bef25cd3806a2467ca165637b
Certificate serial: 019425FC07C084E8D470965671374C8BD6DD
Authority key identifier: EC:A3:3C:96:F0:2A:9F:0B:EF:25:CD:38:06:A2:46:7C:A1:65:63:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7KM8lvAqnwvvJc04BqJGfKFlY3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/49ae42-0e9a-4e24-ba15-25ef2990f166/1/4_25V1XttJ1qw5vFtRBIGOQ28e4.roa
Signing time: Thu 02 Jan 2025 07:47:41 +0000
ROA not before: Thu 02 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199571
IP address blocks: 37.9.136.0/21 maxlen: 21
185.219.228.0/22 maxlen: 22
2a02:e640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:07:c0:84:e8:d4:70:96:56:71:37:4c:8b:d6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eca33c96f02a9f0bef25cd3806a2467ca165637b
Validity
Not Before: Jan 2 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3fdb95755edb49d6ac39bc5b5104818e436f1ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:78:7e:5b:9b:0a:fb:4b:96:c6:34:ad:dd:16:
bb:59:32:d4:39:e7:bd:8b:4a:6c:64:d7:26:4c:ec:
bc:bc:6d:49:d1:83:dc:f3:14:01:d0:37:63:ec:d7:
1f:d2:92:64:21:6e:78:93:b2:38:b3:c9:99:e7:e8:
9b:52:34:4f:b8:7d:8c:32:9f:a6:73:b4:f7:44:9e:
93:ff:41:07:61:a2:21:7e:9d:0a:1e:d4:ed:1a:00:
24:1f:72:3c:82:66:e1:07:1d:d7:0a:29:b4:71:95:
fb:76:50:36:6a:cf:c5:0f:a4:f6:3a:8f:6a:e2:f7:
8a:79:d4:15:ed:8d:6b:a1:0e:ad:d3:8e:9f:f5:6d:
b4:d4:90:f4:4a:ae:be:91:3f:ab:61:c8:22:85:9a:
b8:c5:21:ad:e8:b3:7b:d4:27:55:49:03:8e:21:3c:
eb:09:de:34:a0:45:71:69:f3:ff:19:db:a2:c6:1b:
c9:68:93:c4:88:40:7e:6b:7e:a3:97:eb:3f:7a:bc:
46:49:c1:ad:45:fd:93:9c:51:f0:db:ef:05:86:e5:
42:ba:af:bf:6f:67:d7:e0:89:28:ff:87:69:d6:9d:
ab:a9:92:94:8f:b0:e4:4d:38:3c:87:84:07:ad:7e:
7f:4b:63:fa:38:e0:e5:e7:35:32:cf:f7:54:6a:4d:
9d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FD:B9:57:55:ED:B4:9D:6A:C3:9B:C5:B5:10:48:18:E4:36:F1:EE
X509v3 Authority Key Identifier:
keyid:EC:A3:3C:96:F0:2A:9F:0B:EF:25:CD:38:06:A2:46:7C:A1:65:63:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7KM8lvAqnwvvJc04BqJGfKFlY3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/49ae42-0e9a-4e24-ba15-25ef2990f166/1/4_25V1XttJ1qw5vFtRBIGOQ28e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/49ae42-0e9a-4e24-ba15-25ef2990f166/1/7KM8lvAqnwvvJc04BqJGfKFlY3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.136.0/21
185.219.228.0/22
IPv6:
2a02:e640::/29
Signature Algorithm: sha256WithRSAEncryption
72:6f:80:ca:37:56:23:82:1a:31:0d:c7:73:9d:33:0d:ae:95:
49:61:08:02:49:46:aa:fb:7e:c3:ab:eb:9b:ca:58:06:e0:44:
e6:ad:d6:65:c8:6d:61:40:e7:05:09:ee:28:74:82:ff:55:bf:
56:1d:bc:aa:77:9c:a4:99:10:c0:70:e7:67:de:29:a3:85:d7:
59:3c:ba:47:8c:03:98:7e:70:35:bd:90:c5:81:11:01:75:b7:
e1:14:56:e9:2e:cb:37:23:0b:d4:d0:07:99:70:b9:8e:0b:be:
c0:0b:77:df:c1:a0:eb:9c:ab:16:2e:37:56:92:a1:a4:ad:5e:
5c:0f:9a:fe:3c:4d:6b:7f:8d:a4:8c:ff:b4:3b:60:f0:f4:d2:
00:3a:6c:3b:0f:12:a8:0d:d0:ea:90:65:dd:e3:94:bb:fb:e8:
2a:eb:77:8b:b8:da:8f:56:55:7f:f5:13:72:be:56:7a:61:4c:
57:ca:f9:67:6a:5e:0a:ea:8c:e9:5d:c4:b5:9e:1a:a9:3e:82:
3a:f2:4d:35:e3:fc:4e:75:80:3e:cb:fa:df:3f:0b:24:ed:cf:
4e:0b:0e:98:4f:c8:6a:c0:7f:84:5c:9e:94:80:24:3c:7f:a9:
80:bd:2f:eb:2f:97:c3:2b:36:77:5a:ad:97:5e:53:c7:0a:17:
8c:52:d8:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/AfAhOjUcJZWcTdMi9bdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYTMzYzk2ZjAyYTlmMGJlZjI1Y2QzODA2YTI0NjdjYTE2
NTYzN2IwHhcNMjUwMTAyMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ZkYjk1NzU1ZWRiNDlkNmFjMzliYzViNTEwNDgxOGU0MzZmMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonh+W5sK+0uWxjSt3Ra7WTLUOee9
i0psZNcmTOy8vG1J0YPc8xQB0Ddj7Ncf0pJkIW54k7I4s8mZ5+ibUjRPuH2MMp+m
c7T3RJ6T/0EHYaIhfp0KHtTtGgAkH3I8gmbhBx3XCim0cZX7dlA2as/FD6T2Oo9q
4veKedQV7Y1roQ6t046f9W201JD0Sq6+kT+rYcgihZq4xSGt6LN71CdVSQOOITzr
Cd40oEVxafP/GduixhvJaJPEiEB+a36jl+s/erxGScGtRf2TnFHw2+8FhuVCuq+/
b2fX4Iko/4dp1p2rqZKUj7DkTTg8h4QHrX5/S2P6OODl5zUyz/dUak2dbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOP9uVdV7bSdasObxbUQSBjkNvHuMB8GA1UdIwQY
MBaAFOyjPJbwKp8L7yXNOAaiRnyhZWN7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0tNOGx2QXFud3Z2SmMwNEJxSkdmS0ZsWTNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80OWFlNDItMGU5YS00ZTI0LWJhMTUt
MjVlZjI5OTBmMTY2LzEvNF8yNVYxWHR0SjFxdzV2RnRSQklHT1EyOGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80OWFlNDItMGU5YS00ZTI0LWJhMTUtMjVlZjI5OTBmMTY2
LzEvN0tNOGx2QXFud3Z2SmMwNEJxSkdmS0ZsWTNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJQmIAwQC
udvkMA0EAgACMAcDBQMqAuZAMA0GCSqGSIb3DQEBCwUAA4IBAQByb4DKN1Yjghox
DcdznTMNrpVJYQgCSUaq+37Dq+ubylgG4ETmrdZlyG1hQOcFCe4odIL/Vb9WHbyq
d5ykmRDAcOdn3imjhddZPLpHjAOYfnA1vZDFgREBdbfhFFbpLss3IwvU0AeZcLmO
C77AC3ffwaDrnKsWLjdWkqGkrV5cD5r+PE1rf42kjP+0O2Dw9NIAOmw7DxKoDdDq
kGXd45S7++gq63eLuNqPVlV/9RNyvlZ6YUxXyvlnal4K6ozpXcS1nhqpPoI68k01
4/xOdYA+y/rfPwsk7c9OCw6YT8hqwH+EXJ6UgCQ8f6mAvS/rL5fDKzZ3Wq2XXlPH
CheMUtjA
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:06:18 2025 by rpki-client