Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/v-JLVzUeQuUcO68Dar1EDxEbp-Q.roa
File: v-JLVzUeQuUcO68Dar1EDxEbp-Q.roa (raw, json)
Hash identifier: NLn149L4DdRbaEbvCsRst5D4kAzWBmCeuY2VmKeK9O4=
Subject key identifier: BF:E2:4B:57:35:1E:42:E5:1C:3B:AF:03:6A:BD:44:0F:11:1B:A7:E4
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 0194222034ED18276E8AD8482AA54715A787
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/v-JLVzUeQuUcO68Dar1EDxEbp-Q.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 24
37.98.232.0/22 maxlen: 24
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 24
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 24
148.139.8.0/22 maxlen: 24
148.139.12.0/22 maxlen: 24
148.139.16.0/22 maxlen: 24
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 24
148.139.48.0/20 maxlen: 24
148.139.64.0/20 maxlen: 24
148.139.80.0/20 maxlen: 24
148.139.96.0/22 maxlen: 24
148.139.100.0/22 maxlen: 24
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 24
148.139.112.0/22 maxlen: 24
148.139.116.0/22 maxlen: 24
148.139.120.0/22 maxlen: 24
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.136.0/22 maxlen: 24
148.139.140.0/24 maxlen: 24
148.139.142.0/24 maxlen: 24
148.139.143.0/24 maxlen: 24
148.139.144.0/22 maxlen: 24
148.139.144.0/24 maxlen: 24
148.139.148.0/22 maxlen: 24
148.139.152.0/22 maxlen: 24
148.139.156.0/22 maxlen: 24
148.139.160.0/20 maxlen: 24
148.139.176.0/20 maxlen: 24
148.139.192.0/24 maxlen: 24
148.139.193.0/24 maxlen: 24
157.5.128.0/17 maxlen: 17
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
2a04:37c0::/29 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:3910::/48 maxlen: 48
2a04:37c0:3920::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:34:ed:18:27:6e:8a:d8:48:2a:a5:47:15:a7:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfe24b57351e42e51c3baf036abd440f111ba7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:43:8c:9c:ff:bf:ec:09:53:3f:20:3b:10:d1:
f4:1b:84:69:b7:2c:b2:75:86:89:a1:e8:22:72:9e:
57:b4:3b:0f:55:d8:3d:92:78:df:cf:46:4a:03:73:
d5:e2:c5:09:c1:d0:c5:69:17:e2:84:ec:f6:bf:44:
fc:46:17:d4:86:bd:09:eb:02:0c:bc:cf:41:ff:34:
38:d7:8b:0d:19:8d:4b:1a:8b:29:d5:db:d3:0b:d5:
fc:e7:03:43:15:1c:37:d9:30:9c:f9:3f:32:fd:98:
68:fa:b8:22:37:7c:23:cc:c1:99:43:4e:28:b7:96:
1a:96:2e:f8:81:ff:88:47:c7:9f:d1:69:3d:2e:88:
08:77:ac:0e:1d:07:d0:f0:6f:85:59:bc:a1:b3:70:
7a:58:8c:20:91:fe:1d:ee:2c:23:7b:d8:a5:2e:48:
1b:dd:8e:49:88:e9:69:b6:44:1a:b8:3b:8d:5b:4f:
90:6e:48:fb:96:33:6c:39:d5:42:94:ad:1e:95:1f:
6d:7a:32:fd:60:62:39:87:16:9a:16:6c:ea:af:16:
78:16:e3:cb:e9:ed:90:b4:40:61:8e:97:c2:24:5c:
9b:a0:d3:82:03:bf:f9:26:72:34:15:81:af:ba:cc:
63:1e:a5:26:67:36:66:3b:ec:c3:04:77:48:21:8f:
c5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E2:4B:57:35:1E:42:E5:1C:3B:AF:03:6A:BD:44:0F:11:1B:A7:E4
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/v-JLVzUeQuUcO68Dar1EDxEbp-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:6b:ed:f6:59:ed:50:34:17:45:8a:cd:0d:c3:c5:c1:f3:27:
bd:16:a1:79:f1:a5:f2:34:3a:18:98:05:8e:62:a5:6b:b6:c9:
65:19:39:7b:5b:af:42:5e:4e:24:aa:d9:cf:63:13:87:f3:07:
b7:ef:e6:7e:80:fb:6d:a6:41:f3:cc:38:25:fb:4d:68:02:03:
a7:17:d6:88:67:03:16:ba:be:e5:0c:34:db:ff:38:7c:36:08:
7f:38:62:ce:29:0c:80:e5:04:e9:67:11:77:7a:0c:72:33:90:
83:07:68:e9:e1:16:fb:2c:27:55:9f:49:ec:ff:65:8d:c4:62:
18:64:cf:dd:cf:c7:bb:10:77:df:31:30:be:2b:6d:c1:4b:db:
4a:98:ad:a9:62:3d:f5:b3:e4:7b:56:35:65:70:15:f3:25:c8:
1a:3a:f8:e0:49:d0:cf:c6:af:52:e7:9c:bb:23:9b:7b:c0:65:
07:c4:80:9a:74:43:03:66:f9:c5:a2:46:03:d0:32:0c:de:24:
f7:7d:cf:54:9a:52:79:18:e6:ad:6e:19:32:f5:a0:2d:c0:2b:
92:41:f0:f1:73:1e:0c:94:f0:dd:c3:e0:2d:27:67:6b:da:5b:
be:28:4e:88:d3:f4:77:66:9e:a5:20:3a:9b:91:aa:8c:a9:ae:
cc:e4:7a:ac
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZQiIDTtGCduithIKqVHFaeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUyNGI1NzM1MWU0MmU1MWMzYmFmMDM2YWJkNDQwZjExMWJhN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUOMnP+/7AlTPyA7ENH0G4Rptyyy
dYaJoegicp5XtDsPVdg9knjfz0ZKA3PV4sUJwdDFaRfihOz2v0T8RhfUhr0J6wIM
vM9B/zQ414sNGY1LGosp1dvTC9X85wNDFRw32TCc+T8y/Zho+rgiN3wjzMGZQ04o
t5Yali74gf+IR8ef0Wk9LogId6wOHQfQ8G+FWbyhs3B6WIwgkf4d7iwje9ilLkgb
3Y5JiOlptkQauDuNW0+Qbkj7ljNsOdVClK0elR9tejL9YGI5hxaaFmzqrxZ4FuPL
6e2QtEBhjpfCJFyboNOCA7/5JnI0FYGvusxjHqUmZzZmO+zDBHdIIY/FXQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFL/iS1c1HkLlHDuvA2q9RA8RG6fkMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvdi1KTFZ6VWVRdVVjTzY4RGFyMUVEeEVicC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBAFhr7fZZ7VA0F0WKzQ3DxcHzJ70WoXnx
pfI0OhiYBY5ipWu2yWUZOXtbr0JeTiSq2c9jE4fzB7fv5n6A+22mQfPMOCX7TWgC
A6cX1ohnAxa6vuUMNNv/OHw2CH84Ys4pDIDlBOlnEXd6DHIzkIMHaOnhFvssJ1Wf
Sez/ZY3EYhhkz93Px7sQd98xML4rbcFL20qYraliPfWz5HtWNWVwFfMlyBo6+OBJ
0M/Gr1LnnLsjm3vAZQfEgJp0QwNm+cWiRgPQMgzeJPd9z1SaUnkY5q1uGTL1oC3A
K5JB8PFzHgyU8N3D4C0nZ2vaW74oTojT9HdmnqUgOpuRqoyprszkeqw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:58 2025 by rpki-client