Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/s0n0nYu0NFOR7dPUCU7pEE3i9us.roa
File: s0n0nYu0NFOR7dPUCU7pEE3i9us.roa (raw, json)
Hash identifier: ljcKz24WN/R72QGD8KYnZ5Vd3hVV7DCVfn4eDdOXbTY=
Subject key identifier: B3:49:F4:9D:8B:B4:34:53:91:ED:D3:D4:09:4E:E9:10:4D:E2:F6:EB
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 019425FDC5BD41DAE7317490B1B4334053EE
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/s0n0nYu0NFOR7dPUCU7pEE3i9us.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2.37.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c5:bd:41:da:e7:31:74:90:b1:b4:33:40:53:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b349f49d8bb4345391edd3d4094ee9104de2f6eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:18:64:11:4c:22:26:a2:c2:91:16:ad:c1:41:
4f:73:b3:10:09:96:3e:ed:aa:dc:8b:00:13:bd:4f:
bc:e5:58:14:0e:d8:e7:3f:aa:8f:b3:bd:67:7c:f7:
43:4f:eb:63:57:6d:cc:a6:81:6f:c1:fd:35:64:ea:
c8:cf:55:ca:17:46:ac:7f:30:3d:9e:9d:42:a0:fd:
c8:86:5d:aa:f5:db:ea:72:98:25:a9:ae:97:fa:e6:
c3:8f:e8:4c:b6:d9:1c:c5:10:a4:25:6d:d9:a4:3c:
d9:62:9d:4e:54:ae:47:d8:11:b6:ac:d3:07:69:6f:
dd:d2:de:47:c4:d0:14:ea:02:ce:59:24:a4:31:c3:
65:7f:34:70:da:df:2e:e1:a6:2f:d1:df:8d:2b:4b:
61:c7:b7:ae:45:fd:98:56:0f:fb:d0:34:db:62:79:
52:b6:d0:1d:3b:fb:66:ab:31:64:8a:eb:9a:02:0d:
59:d6:67:ef:d8:84:41:3c:71:fc:37:3b:f3:26:87:
b7:98:bb:74:e0:cb:ea:b2:59:23:8b:85:8a:8b:9f:
92:8f:56:0d:38:35:ee:e9:b1:94:4f:e2:5a:33:9a:
7b:da:b1:bd:30:a6:0d:c9:e0:ef:65:3d:81:cc:bd:
34:e0:cc:19:1a:5a:58:f0:f6:9e:72:90:e2:e3:cd:
30:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:49:F4:9D:8B:B4:34:53:91:ED:D3:D4:09:4E:E9:10:4D:E2:F6:EB
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/s0n0nYu0NFOR7dPUCU7pEE3i9us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.37.111.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ca:7c:bd:43:a6:55:86:65:9f:f5:74:bb:c3:fd:3b:98:16:
37:f9:b9:10:83:dc:73:af:31:ec:50:7f:00:19:8f:6d:69:7f:
18:3d:64:b4:cb:18:9a:39:36:fc:e8:17:72:0e:1e:85:4b:11:
04:e3:6a:82:9d:22:8b:d4:46:96:cc:ea:e4:7a:8a:27:56:72:
29:25:95:61:16:80:d6:eb:2a:22:62:bd:d9:f1:80:9f:6a:31:
72:5e:ef:3b:f0:16:d4:ca:b7:47:c8:45:d9:5e:2b:d1:d6:b0:
e1:93:87:14:d9:f3:b1:7f:f2:1a:47:48:0b:84:35:19:53:7f:
5a:a6:37:07:d4:ea:49:79:54:1a:ee:f4:35:d9:f4:ea:52:9f:
54:59:5d:bf:d3:c5:cf:1e:b7:44:fd:24:03:f3:5b:79:b6:20:
8c:fd:a5:40:01:4a:98:9b:3b:c3:b2:3d:03:ce:43:d5:a1:0d:
85:21:c4:10:f2:ca:60:50:a3:d1:24:b6:bc:8a:8d:24:fb:4d:
5e:ce:e5:39:a0:38:69:71:fa:7f:cf:07:fa:a7:19:51:34:cf:
50:d8:72:b0:dc:da:a7:18:95:43:ec:d5:f9:ef:19:4a:28:d5:
dc:fa:d9:b0:57:72:bf:1c:ff:83:35:87:31:9d:92:5d:4d:79:
ea:cd:7c:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/cW9QdrnMXSQsbQzQFPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQ5ZjQ5ZDhiYjQzNDUzOTFlZGQzZDQwOTRlZTkxMDRkZTJmNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxhkEUwiJqLCkRatwUFPc7MQCZY+
7arciwATvU+85VgUDtjnP6qPs71nfPdDT+tjV23MpoFvwf01ZOrIz1XKF0asfzA9
np1CoP3Ihl2q9dvqcpglqa6X+ubDj+hMttkcxRCkJW3ZpDzZYp1OVK5H2BG2rNMH
aW/d0t5HxNAU6gLOWSSkMcNlfzRw2t8u4aYv0d+NK0thx7euRf2YVg/70DTbYnlS
ttAdO/tmqzFkiuuaAg1Z1mfv2IRBPHH8NzvzJoe3mLt04Mvqslkji4WKi5+Sj1YN
ODXu6bGUT+JaM5p72rG9MKYNyeDvZT2BzL004MwZGlpY8PaecpDi480w4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNJ9J2LtDRTke3T1AlO6RBN4vbrMB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvczBuMG5ZdTBORk9SN2RQVUNVN3BFRTNpOXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAiVvMA0G
CSqGSIb3DQEBCwUAA4IBAQAkyny9Q6ZVhmWf9XS7w/07mBY3+bkQg9xzrzHsUH8A
GY9taX8YPWS0yxiaOTb86BdyDh6FSxEE42qCnSKL1EaWzOrkeoonVnIpJZVhFoDW
6yoiYr3Z8YCfajFyXu878BbUyrdHyEXZXivR1rDhk4cU2fOxf/IaR0gLhDUZU39a
pjcH1OpJeVQa7vQ12fTqUp9UWV2/08XPHrdE/SQD81t5tiCM/aVAAUqYmzvDsj0D
zkPVoQ2FIcQQ8spgUKPRJLa8io0k+01ezuU5oDhpcfp/zwf6pxlRNM9Q2HKw3Nqn
GJVD7NX57xlKKNXc+tmwV3K/HP+DNYcxnZJdTXnqzXyw
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:30:18 2025 by rpki-client