Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/PUwPw3KSFyLWJo9myIwEPSrQKhU.roa
File: PUwPw3KSFyLWJo9myIwEPSrQKhU.roa (raw, json)
Hash identifier: FPQLMUuNob4U6IXg55ZIZ+BGxwV8Xx8teIuQaPIFvtU=
Subject key identifier: 3D:4C:0F:C3:72:92:17:22:D6:26:8F:66:C8:8C:04:3D:2A:D0:2A:15
Certificate issuer: /CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Certificate serial: 018570153C0A744B51C178C1FF55A1E25D2B
Authority key identifier: 02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/PUwPw3KSFyLWJo9myIwEPSrQKhU.roa
Signing time: Mon 02 Jan 2023 01:25:17 +0000
ROA not before: Mon 02 Jan 2023 01:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 37.203.198.0/23 maxlen: 24
37.19.96.0/24 maxlen: 24
37.19.101.0/24 maxlen: 24
37.19.102.0/23 maxlen: 24
185.4.192.0/24 maxlen: 24
185.4.192.0/22 maxlen: 22
185.4.195.0/24 maxlen: 24
185.4.194.0/24 maxlen: 24
185.4.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:3c:0a:74:4b:51:c1:78:c1:ff:55:a1:e2:5d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Validity
Not Before: Jan 2 01:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d4c0fc372921722d6268f66c88c043d2ad02a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:52:bf:f3:e3:a3:d6:01:19:d4:54:5d:63:0c:
10:d8:23:84:a2:16:3f:2b:59:f5:7a:b6:a0:34:5e:
06:41:6d:29:53:98:4e:e5:34:c0:9c:1f:36:bb:fc:
33:ce:c0:16:0a:39:18:49:cd:30:58:70:5c:41:d5:
ee:ba:eb:83:14:ce:6f:84:6b:f1:52:5b:98:c7:56:
39:50:00:21:3f:2e:c4:3a:04:0b:57:09:3b:51:69:
75:b5:cf:d9:f8:e9:43:76:85:e6:06:11:f0:f1:82:
40:18:1a:82:3f:6e:fb:bb:10:c0:3e:82:e7:4f:ed:
7f:d4:d6:11:1a:63:22:cc:26:df:8c:d7:b6:5a:0c:
78:66:c7:16:01:e4:6e:c9:67:9d:9a:25:d9:45:b4:
53:75:72:9c:a1:61:0d:fb:92:e7:94:46:c7:79:1c:
34:52:c6:e1:78:c6:30:8b:c6:eb:59:9c:39:1e:2f:
6e:3f:b9:dd:93:2e:1f:e0:af:48:04:f2:59:29:a3:
b9:6a:80:ea:3f:07:4c:74:a1:32:81:cb:1b:31:c9:
7a:7e:7d:59:66:03:9b:e1:10:ab:76:70:94:b5:c2:
e1:cd:b3:51:c4:68:50:58:fb:67:1e:85:7b:69:1d:
d9:12:3d:eb:50:e5:ed:f8:60:5e:cc:e2:1b:44:72:
3d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4C:0F:C3:72:92:17:22:D6:26:8F:66:C8:8C:04:3D:2A:D0:2A:15
X509v3 Authority Key Identifier:
keyid:02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/PUwPw3KSFyLWJo9myIwEPSrQKhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/AvgcN-ntJNCyDpTBhpDoiuSzEco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.96.0/24
37.19.101.0-37.19.103.255
37.203.198.0/23
185.4.192.0/22
Signature Algorithm: sha256WithRSAEncryption
41:db:0f:ab:95:d4:00:27:c7:99:6d:15:31:a5:ae:7b:5c:73:
41:03:fb:e1:2e:7c:ad:5a:82:66:50:d5:26:9d:ec:aa:0b:90:
d8:8e:a5:7f:d7:f8:ec:a6:42:9b:13:23:11:60:19:a8:05:2f:
88:99:58:92:38:af:cd:42:ee:e9:f2:b5:0c:1f:03:22:cd:ed:
e8:1b:b9:ba:0a:83:e2:9a:74:0b:0c:02:b0:db:5b:be:d8:2a:
3c:2a:ca:ba:61:d7:b3:3a:0d:6e:c5:6e:1e:dc:8b:6f:51:aa:
d3:90:fa:d1:d1:1c:d3:ef:83:f6:e6:e4:11:42:49:13:06:85:
22:64:e2:0c:34:0c:a1:69:7d:9f:75:9d:d4:b2:8f:04:ba:c7:
b2:04:a1:10:38:5a:6f:51:07:46:2a:f5:00:aa:bf:d2:70:9a:
3e:76:2f:e9:76:a0:0e:c7:c5:ac:98:13:6b:c5:a8:be:e1:b9:
11:71:e7:f4:8a:bc:58:21:7b:6f:32:64:2c:e4:be:c0:e4:f5:
e2:d3:06:f9:9f:52:f3:5f:e6:7f:cc:e8:b8:f2:b7:1b:d0:dc:
cc:7b:b2:a9:33:f2:9d:d3:b2:54:65:19:27:5b:2e:88:25:f1:
58:97:08:c3:24:26:23:22:8b:15:9c:20:7c:1e:de:21:4e:ce:
e1:12:81:97
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwFTwKdEtRwXjB/1Wh4l0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZjgxYzM3ZTllZDI0ZDBiMjBlOTRjMTg2OTBlODhhZTRi
MzExY2EwHhcNMjMwMTAyMDEyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRjMGZjMzcyOTIxNzIyZDYyNjhmNjZjODhjMDQzZDJhZDAyYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFK/8+Oj1gEZ1FRdYwwQ2COEohY/
K1n1eragNF4GQW0pU5hO5TTAnB82u/wzzsAWCjkYSc0wWHBcQdXuuuuDFM5vhGvx
UluYx1Y5UAAhPy7EOgQLVwk7UWl1tc/Z+OlDdoXmBhHw8YJAGBqCP277uxDAPoLn
T+1/1NYRGmMizCbfjNe2Wgx4ZscWAeRuyWedmiXZRbRTdXKcoWEN+5LnlEbHeRw0
UsbheMYwi8brWZw5Hi9uP7ndky4f4K9IBPJZKaO5aoDqPwdMdKEygcsbMcl6fn1Z
ZgOb4RCrdnCUtcLhzbNRxGhQWPtnHoV7aR3ZEj3rUOXt+GBezOIbRHI99wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFD1MD8Nykhci1iaPZsiMBD0q0CoVMB8GA1UdIwQY
MBaAFAL4HDfp7STQsg6UwYaQ6IrksxHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZnY04tbnRKTkN5RHBUQmhwRG9pdVN6RWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMWZhMTgtYWI2YS00ODk5LWI0NzUt
OTJhMzY2MWVjMjZkLzEvUFV3UHczS1NGeUxXSm85bXlJd0VQU3JRS2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMWZhMTgtYWI2YS00ODk5LWI0NzUtOTJhMzY2MWVjMjZk
LzEvQXZnY04tbnRKTkN5RHBUQmhwRG9pdVN6RWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAJRNgMAwD
BAAlE2UDBAMlE2ADBAEly8YDBAK5BMAwDQYJKoZIhvcNAQELBQADggEBAEHbD6uV
1AAnx5ltFTGlrntcc0ED++EufK1agmZQ1Sad7KoLkNiOpX/X+OymQpsTIxFgGagF
L4iZWJI4r81C7unytQwfAyLN7egbuboKg+KadAsMArDbW77YKjwqyrph17M6DW7F
bh7ci29RqtOQ+tHRHNPvg/bm5BFCSRMGhSJk4gw0DKFpfZ91ndSyjwS6x7IEoRA4
Wm9RB0Yq9QCqv9Jwmj52L+l2oA7HxayYE2vFqL7huRFx5/SKvFghe28yZCzkvsDk
9eLTBvmfUvNf5n/M6LjytxvQ3Mx7sqkz8p3TslRlGSdbLogl8ViXCMMkJiMiixWc
IHwe3iFOzuESgZc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:05 2025 by rpki-client