Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/flXkvhrZJ0ZeBKtpmmtVGzFsQKI.roa
File: flXkvhrZJ0ZeBKtpmmtVGzFsQKI.roa (raw, json)
Hash identifier: Y9UGCFlpeU/Vq7d3cJo997/pq2lWNIQ3AFJn/rIco44=
Subject key identifier: 7E:55:E4:BE:1A:D9:27:46:5E:04:AB:69:9A:6B:55:1B:31:6C:40:A2
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 019427485CF260DA23D8B7EF9B706373E608
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/flXkvhrZJ0ZeBKtpmmtVGzFsQKI.roa
Signing time: Thu 02 Jan 2025 13:50:41 +0000
ROA not before: Thu 02 Jan 2025 13:50:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16376
IP address blocks: 37.35.88.0/21 maxlen: 24
94.199.184.0/21 maxlen: 24
185.68.0.0/22 maxlen: 24
185.71.24.0/22 maxlen: 24
185.122.216.0/22 maxlen: 24
2a01:b280::/29 maxlen: 36
2a03:25e0::/32 maxlen: 40
2a0a:fd80::/29 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:5c:f2:60:da:23:d8:b7:ef:9b:70:63:73:e6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 2 13:50:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e55e4be1ad927465e04ab699a6b551b316c40a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:71:f5:93:7c:52:e4:f2:4b:b9:11:b1:68:a3:
04:46:17:8b:7b:60:71:cd:d8:aa:8d:3e:bc:e5:fe:
4c:3d:36:13:22:c9:c6:d4:01:e0:3e:da:1a:6f:b8:
70:77:56:63:fa:f6:8e:bf:89:ba:c2:50:e9:18:61:
f7:11:23:65:35:57:18:9c:09:4c:3d:c3:3b:67:9e:
64:25:ba:05:bc:e7:ad:53:09:fd:38:80:bf:eb:20:
a0:cf:45:47:5b:09:11:2d:16:6c:b6:29:82:3c:74:
07:9b:d1:20:4c:5f:b5:47:55:dd:58:79:e8:10:23:
79:5c:4a:1f:39:b2:2c:5e:69:62:4e:65:16:54:e9:
05:c5:09:4a:36:dc:12:40:6e:61:03:e1:f2:02:34:
5c:2f:f6:e6:c6:fe:51:3a:52:6f:d0:e5:2c:0a:eb:
a8:63:2b:a2:41:87:e6:69:70:0c:3f:8c:d9:c7:d0:
49:42:36:c7:30:6f:81:50:5d:76:a1:22:97:0c:30:
1a:1c:f2:d3:47:96:b6:12:91:fb:a6:4d:31:1e:08:
cd:49:44:d2:9f:b4:84:27:ba:be:ac:28:32:ea:8a:
d4:2c:b3:e1:36:91:3a:8a:38:11:88:0c:51:a2:91:
7d:30:d5:60:54:8f:51:09:a5:1d:0d:1a:99:24:5e:
54:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:55:E4:BE:1A:D9:27:46:5E:04:AB:69:9A:6B:55:1B:31:6C:40:A2
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/flXkvhrZJ0ZeBKtpmmtVGzFsQKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.88.0/21
94.199.184.0/21
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
IPv6:
2a01:b280::/29
2a03:25e0::/32
2a0a:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:ca:84:18:86:1d:8c:38:b1:ad:c3:84:d7:d5:71:c0:f3:6b:
0b:0b:b0:7b:0b:e5:90:a4:df:62:02:84:9e:c9:db:f7:b7:ef:
05:04:a8:fe:19:d4:53:9c:e9:bd:77:77:ce:38:a2:ff:77:c7:
6b:65:d5:56:f7:bf:f5:4f:35:2d:26:13:7c:18:c7:f1:0b:f1:
b8:73:ed:34:62:fa:cd:86:6d:46:50:b1:8f:5a:5d:16:b9:38:
bb:3d:3a:27:b9:f0:51:3b:6d:7a:1b:4e:96:f1:3d:40:44:ac:
eb:3d:82:15:a5:32:52:e7:4f:cb:17:5f:4c:94:6a:a5:46:12:
59:f8:84:61:32:d1:13:4b:49:68:c3:47:0f:6c:0c:40:c5:a6:
a1:26:71:46:df:09:cc:6b:3f:cb:2d:1c:fe:e8:c6:d0:fc:ee:
0c:9e:66:27:21:8c:9e:a0:73:38:35:3e:33:dd:26:81:75:bb:
47:e8:1a:eb:b7:9c:6e:f2:65:5e:a6:15:8e:1b:47:6b:4a:c2:
22:2a:79:52:2b:e2:c5:c7:f8:b1:ed:20:f4:16:0d:08:44:02:
2f:d5:97:f9:af:45:24:22:6d:cd:b4:69:05:25:1f:44:c5:af:
85:e9:bd:14:e3:3b:ca:77:86:d1:7c:dd:e7:b5:65:a9:e4:12:
c1:aa:47:ad
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQnSFzyYNoj2Lfvm3Bjc+YIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjUwMTAyMTM1MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU1ZTRiZTFhZDkyNzQ2NWUwNGFiNjk5YTZiNTUxYjMxNmM0MGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53H1k3xS5PJLuRGxaKMERheLe2Bx
zdiqjT685f5MPTYTIsnG1AHgPtoab7hwd1Zj+vaOv4m6wlDpGGH3ESNlNVcYnAlM
PcM7Z55kJboFvOetUwn9OIC/6yCgz0VHWwkRLRZstimCPHQHm9EgTF+1R1XdWHno
ECN5XEofObIsXmliTmUWVOkFxQlKNtwSQG5hA+HyAjRcL/bmxv5ROlJv0OUsCuuo
YyuiQYfmaXAMP4zZx9BJQjbHMG+BUF12oSKXDDAaHPLTR5a2EpH7pk0xHgjNSUTS
n7SEJ7q+rCgy6orULLPhNpE6ijgRiAxRopF9MNVgVI9RCaUdDRqZJF5UJQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFH5V5L4a2SdGXgSraZprVRsxbECiMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvZmxYa3ZoclpKMFplQkt0cG1tdFZHekZzUUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQDJSNYAwQD
Xse4AwQCuUQAAwQCuUcYAwQCuXrYMBsEAgACMBUDBQMqAbKAAwUAKgMl4AMFAyoK
/YAwDQYJKoZIhvcNAQELBQADggEBAFvKhBiGHYw4sa3DhNfVccDzawsLsHsL5ZCk
32IChJ7J2/e37wUEqP4Z1FOc6b13d844ov93x2tl1Vb3v/VPNS0mE3wYx/EL8bhz
7TRi+s2GbUZQsY9aXRa5OLs9Oie58FE7bXobTpbxPUBErOs9ghWlMlLnT8sXX0yU
aqVGEln4hGEy0RNLSWjDRw9sDEDFpqEmcUbfCcxrP8stHP7oxtD87gyeZichjJ6g
czg1PjPdJoF1u0foGuu3nG7yZV6mFY4bR2tKwiIqeVIr4sXH+LHtIPQWDQhEAi/V
l/mvRSQibc20aQUlH0TFr4XpvRTjO8p3htF83ee1ZankEsGqR60=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:17:09 2025 by rpki-client