Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/7H-pvtOEzrFvrmXmbPLCW5ardb4.roa
File: 7H-pvtOEzrFvrmXmbPLCW5ardb4.roa (raw, json)
Hash identifier: embGRxikC2SrZHMie7zj/b5dOC5wc3RQ2WIUIVTyEJw=
Subject key identifier: EC:7F:A9:BE:D3:84:CE:B1:6F:AE:65:E6:6C:F2:C2:5B:96:AB:75:BE
Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial: 019424B28F2B7A35A0B0A7BAB260B90F8B18
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/7H-pvtOEzrFvrmXmbPLCW5ardb4.roa
Signing time: Thu 02 Jan 2025 01:47:49 +0000
ROA not before: Thu 02 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.72.168.0/21 maxlen: 32
37.72.170.0/23 maxlen: 23
37.72.170.0/24 maxlen: 24
37.72.171.0/24 maxlen: 24
37.72.172.0/23 maxlen: 23
37.72.174.0/23 maxlen: 23
45.158.36.0/23 maxlen: 32
45.158.38.0/24 maxlen: 24
45.158.39.0/24 maxlen: 24
46.21.144.0/20 maxlen: 32
46.21.144.0/24 maxlen: 24
46.21.145.0/24 maxlen: 24
46.21.146.0/24 maxlen: 24
46.21.147.0/24 maxlen: 24
46.21.148.0/24 maxlen: 24
46.21.150.0/24 maxlen: 24
46.21.151.0/24 maxlen: 24
46.21.152.0/24 maxlen: 24
46.21.153.0/24 maxlen: 24
46.21.156.0/24 maxlen: 24
46.21.157.0/24 maxlen: 24
46.21.158.0/23 maxlen: 23
89.233.104.0/21 maxlen: 24
89.233.104.0/24 maxlen: 24
89.233.105.0/24 maxlen: 24
89.233.106.0/24 maxlen: 24
89.233.107.0/24 maxlen: 24
94.100.16.0/20 maxlen: 32
94.100.16.0/24 maxlen: 24
94.100.17.0/24 maxlen: 24
94.100.18.0/24 maxlen: 24
94.100.19.0/24 maxlen: 24
94.100.20.0/24 maxlen: 24
94.100.21.0/24 maxlen: 24
94.100.22.0/24 maxlen: 24
94.100.23.0/24 maxlen: 24
94.100.24.0/24 maxlen: 24
94.100.25.0/24 maxlen: 24
94.100.26.0/24 maxlen: 24
94.100.27.0/24 maxlen: 24
94.100.28.0/24 maxlen: 24
94.100.29.0/24 maxlen: 24
94.100.30.0/24 maxlen: 24
94.100.31.0/24 maxlen: 24
149.255.32.0/21 maxlen: 32
149.255.35.0/24 maxlen: 24
149.255.36.0/24 maxlen: 32
149.255.37.0/24 maxlen: 24
149.255.38.0/24 maxlen: 24
149.255.39.0/24 maxlen: 24
178.236.176.0/21 maxlen: 24
194.126.172.0/22 maxlen: 24
194.126.172.0/24 maxlen: 24
194.126.173.0/24 maxlen: 24
194.126.175.0/24 maxlen: 24
195.242.152.0/23 maxlen: 24
195.242.153.0/24 maxlen: 24
217.79.240.0/20 maxlen: 24
217.79.240.0/24 maxlen: 24
217.79.242.0/23 maxlen: 24
2a02:748::/32 maxlen: 48
2a02:748::/35 maxlen: 35
2a02:748:6000::/48 maxlen: 48
2a02:748:c000::/35 maxlen: 35
2a02:748:e000::/35 maxlen: 35
2a02:748:f000::/36 maxlen: 36
2a0f:5180::/29 maxlen: 48
2a0f:5180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:8f:2b:7a:35:a0:b0:a7:ba:b2:60:b9:0f:8b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Validity
Not Before: Jan 2 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec7fa9bed384ceb16fae65e66cf2c25b96ab75be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3f:c7:4f:b6:69:6f:57:72:69:59:3c:09:73:
63:cf:62:63:1a:74:16:7a:5e:a5:6e:d8:1b:5d:6f:
86:85:e0:3d:94:5b:cd:69:02:9f:84:2b:ad:fb:8f:
05:b0:28:2c:d9:30:cc:63:89:31:8f:83:a3:50:2b:
f4:a3:90:92:b4:be:e8:e9:33:8e:60:c1:14:a3:13:
2b:8a:43:70:72:c5:3f:b8:da:7f:7e:e5:3d:70:6e:
c2:ed:11:64:19:33:f6:e3:78:45:c3:29:df:e5:92:
32:16:2c:23:3d:b7:ae:f6:6f:48:12:37:ce:57:3a:
94:ae:4a:10:7b:5d:e4:7a:f4:e8:37:70:11:b8:03:
11:f6:52:35:22:f1:ea:1a:48:b2:e0:17:a0:05:61:
c5:2f:6a:6e:05:fe:40:9e:f8:b6:2f:b8:70:e6:d2:
72:cf:4a:f5:69:ba:f9:2a:ee:91:52:02:e5:91:ae:
c6:9f:e7:6d:3e:16:f3:ef:22:6e:94:2f:58:21:fe:
10:64:09:26:df:16:a7:75:4f:c2:b6:c1:9e:92:3d:
89:7b:c8:3e:9b:a3:36:4e:8f:ed:d4:4e:44:c9:b5:
d1:c8:2f:84:6f:6d:75:60:ec:e9:6a:89:be:ff:aa:
b4:a8:5a:49:f3:47:36:51:12:55:ed:ee:9b:72:7a:
04:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7F:A9:BE:D3:84:CE:B1:6F:AE:65:E6:6C:F2:C2:5B:96:AB:75:BE
X509v3 Authority Key Identifier:
keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/7H-pvtOEzrFvrmXmbPLCW5ardb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.168.0/21
45.158.36.0/22
46.21.144.0/20
89.233.104.0/21
94.100.16.0/20
149.255.32.0/21
178.236.176.0/21
194.126.172.0/22
195.242.152.0/23
217.79.240.0/20
IPv6:
2a02:748::/32
2a0f:5180::/29
Signature Algorithm: sha256WithRSAEncryption
a5:a1:f4:5e:17:42:1b:6b:4f:8e:9a:d2:d3:2c:1e:25:53:a9:
aa:41:4a:b5:c3:10:eb:2c:34:da:50:a0:b3:65:a0:11:a7:ae:
d6:83:ea:86:c1:8b:47:8d:2e:1c:0a:34:6f:7b:1d:f0:6c:90:
26:76:f7:de:7b:cc:00:55:81:82:d2:75:f9:17:6a:e5:a2:a1:
02:c9:86:7e:7c:de:7b:08:73:39:be:15:13:d8:9c:49:f2:e4:
25:0c:05:8d:b0:6b:58:de:d7:49:4a:3d:2f:2b:b5:80:24:2c:
7a:c1:46:ac:f5:b5:9f:db:9e:86:b8:82:7e:b1:1a:11:88:5c:
f4:4a:64:e9:33:32:8f:da:21:83:34:ab:58:5c:c7:91:c7:5b:
74:4a:1c:cb:d3:c8:4d:93:59:80:03:ed:d2:df:69:fc:b0:28:
de:a7:99:89:ac:cc:6a:49:37:0c:ba:14:b7:7a:e6:2a:36:c4:
b1:53:b4:35:9b:44:7b:45:83:03:ab:df:ea:e9:24:a8:41:6e:
03:bd:e3:d5:5e:0c:36:24:a5:1f:07:3c:7b:ef:d8:49:da:11:
6f:56:ed:bf:4c:eb:5d:74:d8:b9:ba:7c:aa:65:ba:a0:85:9c:
5e:62:b3:d5:69:28:eb:45:4b:89:e8:cf:dc:5c:dc:5c:9a:39:
3a:bc:6c:4c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQkso8rejWgsKe6smC5D4sYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjUwMTAyMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzdmYTliZWQzODRjZWIxNmZhZTY1ZTY2Y2YyYzI1Yjk2YWI3NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT/HT7Zpb1dyaVk8CXNjz2JjGnQW
el6lbtgbXW+GheA9lFvNaQKfhCut+48FsCgs2TDMY4kxj4OjUCv0o5CStL7o6TOO
YMEUoxMrikNwcsU/uNp/fuU9cG7C7RFkGTP243hFwynf5ZIyFiwjPbeu9m9IEjfO
VzqUrkoQe13kevToN3ARuAMR9lI1IvHqGkiy4BegBWHFL2puBf5Anvi2L7hw5tJy
z0r1abr5Ku6RUgLlka7Gn+dtPhbz7yJulC9YIf4QZAkm3xandU/CtsGekj2Je8g+
m6M2To/t1E5EybXRyC+Eb211YOzpaom+/6q0qFpJ80c2URJV7e6bcnoELwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFOx/qb7ThM6xb65l5mzywluWq3W+MB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvN0gtcHZ0T0V6ckZ2cm1YbWJQTENXNWFyZGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDJUioAwQC
LZ4kAwQELhWQAwQDWeloAwQEXmQQAwQDlf8gAwQDsuywAwQCwn6sAwQBw/KYAwQE
2U/wMBQEAgACMA4DBQAqAgdIAwUDKg9RgDANBgkqhkiG9w0BAQsFAAOCAQEApaH0
XhdCG2tPjprS0yweJVOpqkFKtcMQ6yw02lCgs2WgEaeu1oPqhsGLR40uHAo0b3sd
8GyQJnb33nvMAFWBgtJ1+Rdq5aKhAsmGfnzeewhzOb4VE9icSfLkJQwFjbBrWN7X
SUo9Lyu1gCQsesFGrPW1n9uehriCfrEaEYhc9Epk6TMyj9ohgzSrWFzHkcdbdEoc
y9PITZNZgAPt0t9p/LAo3qeZiazMakk3DLoUt3rmKjbEsVO0NZtEe0WDA6vf6ukk
qEFuA73j1V4MNiSlHwc8e+/YSdoRb1btv0zrXXTYubp8qmW6oIWcXmKz1Wko60VL
iejP3FzcXJo5OrxsTA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:20 2025 by rpki-client