Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/SPOdZUKsCzIXgJOCF_UL7n1RilU.roa
File: SPOdZUKsCzIXgJOCF_UL7n1RilU.roa (raw, json)
Hash identifier: AvcsY0IcsdeApRna15WxWc9F7nJGA8l55JTs96Qf9tg=
Subject key identifier: 48:F3:9D:65:42:AC:0B:32:17:80:93:82:17:F5:0B:EE:7D:51:8A:55
Certificate issuer: /CN=be9b5458c237db65848cb2acbec6db9423fcb3a6
Certificate serial: 0194258FBC0835445C93E94191D01A9FCF8C
Authority key identifier: BE:9B:54:58:C2:37:DB:65:84:8C:B2:AC:BE:C6:DB:94:23:FC:B3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vptUWMI322WEjLKsvsbblCP8s6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/SPOdZUKsCzIXgJOCF_UL7n1RilU.roa
Signing time: Thu 02 Jan 2025 05:49:24 +0000
ROA not before: Thu 02 Jan 2025 05:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200865
IP address blocks: 37.17.128.0/19 maxlen: 19
37.17.128.0/20 maxlen: 20
37.17.144.0/20 maxlen: 20
37.17.144.0/24 maxlen: 24
37.17.145.0/24 maxlen: 24
37.17.146.0/24 maxlen: 24
37.17.147.0/24 maxlen: 24
37.17.148.0/24 maxlen: 24
37.17.149.0/24 maxlen: 24
37.17.150.0/24 maxlen: 24
37.17.151.0/24 maxlen: 24
185.91.16.0/22 maxlen: 22
185.91.16.0/24 maxlen: 24
185.91.17.0/24 maxlen: 24
185.91.18.0/24 maxlen: 24
185.91.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:bc:08:35:44:5c:93:e9:41:91:d0:1a:9f:cf:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9b5458c237db65848cb2acbec6db9423fcb3a6
Validity
Not Before: Jan 2 05:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48f39d6542ac0b321780938217f50bee7d518a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:15:43:65:16:9b:eb:b3:75:d2:a6:79:be:50:
13:03:9b:21:e0:65:59:06:04:bb:89:6f:9f:7f:e2:
28:d5:b1:87:37:e1:ea:3d:22:4f:94:20:3e:2d:56:
99:3f:f0:fb:e9:fd:db:c8:a3:95:69:3e:f1:4e:5a:
4c:f4:13:87:c3:68:e9:48:e8:d3:2b:d7:48:e8:e4:
63:31:41:45:95:22:09:af:7e:86:1d:63:39:1a:74:
79:4a:f8:73:c5:3c:d4:24:a7:39:89:8b:0e:33:0e:
09:19:65:bc:49:61:d0:a1:02:27:b7:20:4e:fb:75:
49:eb:ad:d4:1b:52:e7:75:4c:1c:b0:0e:7d:8c:60:
be:35:15:86:70:53:10:72:dc:26:39:76:bf:0e:e0:
e1:d6:84:07:7d:7d:d7:5f:bd:f8:97:62:41:d1:43:
e5:1d:00:bd:54:0b:1b:bd:4d:43:4c:a9:4e:2a:85:
ac:e4:42:17:c0:91:f5:f0:5b:8b:40:ed:2b:50:22:
98:88:92:7f:83:9b:26:b1:56:46:3c:eb:db:fd:c7:
9f:b4:f9:17:c6:70:8c:86:2e:b8:c3:28:1c:e6:c9:
22:cd:d6:53:b0:8c:cb:4f:47:a5:99:6e:5e:b1:f0:
f3:07:fe:1f:5e:21:db:83:c7:36:44:cf:e7:ac:c8:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F3:9D:65:42:AC:0B:32:17:80:93:82:17:F5:0B:EE:7D:51:8A:55
X509v3 Authority Key Identifier:
keyid:BE:9B:54:58:C2:37:DB:65:84:8C:B2:AC:BE:C6:DB:94:23:FC:B3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vptUWMI322WEjLKsvsbblCP8s6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/SPOdZUKsCzIXgJOCF_UL7n1RilU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cd1db3-2877-4f32-83c5-370b82e9f90b/1/vptUWMI322WEjLKsvsbblCP8s6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.128.0/19
185.91.16.0/22
Signature Algorithm: sha256WithRSAEncryption
47:87:04:95:75:1a:86:04:cb:07:6a:11:81:d5:20:fa:92:4b:
fe:d3:80:99:e0:eb:1f:60:01:05:b0:49:de:b1:2f:8f:7b:b9:
c0:6b:fc:56:65:82:60:7f:c4:97:20:e2:e5:7c:35:6e:a8:67:
0d:9e:64:78:d3:bb:41:1d:a5:6d:84:ff:99:ad:ec:67:d2:2b:
d2:fc:9d:3d:f1:03:fa:90:d4:b8:92:b4:00:7e:e3:d9:f8:26:
d5:c4:61:80:73:ac:41:1d:62:85:ab:04:f5:d7:50:a4:ea:ca:
96:ff:e2:ef:9f:62:1d:fc:b2:de:b8:c3:6d:cc:ad:80:5c:66:
ba:d6:72:b7:87:37:7b:11:ca:71:aa:ac:a6:f2:81:5b:5e:3c:
e0:08:d2:0b:f9:38:05:03:27:4d:bb:f4:bc:77:11:e9:91:d4:
cf:54:0c:df:05:f8:31:dc:19:37:41:f7:e6:29:d0:69:de:4a:
ae:3b:4f:e1:e1:df:36:fd:3d:09:eb:06:64:1b:ae:c1:08:f1:
5f:7f:95:c1:6e:e5:b9:e0:f4:c0:76:e5:22:58:32:e5:b1:e7:
cb:d5:32:de:e5:ef:b0:80:49:00:4c:50:5b:92:74:78:ac:ae:
e5:12:85:f1:05:30:2e:15:f9:1c:87:c5:c0:ff:fe:88:c5:4f:
3e:e1:9f:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj7wINURck+lBkdAan8+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOWI1NDU4YzIzN2RiNjU4NDhjYjJhY2JlYzZkYjk0MjNm
Y2IzYTYwHhcNMjUwMTAyMDU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGYzOWQ2NTQyYWMwYjMyMTc4MDkzODIxN2Y1MGJlZTdkNTE4YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRVDZRab67N10qZ5vlATA5sh4GVZ
BgS7iW+ff+Io1bGHN+HqPSJPlCA+LVaZP/D76f3byKOVaT7xTlpM9BOHw2jpSOjT
K9dI6ORjMUFFlSIJr36GHWM5GnR5SvhzxTzUJKc5iYsOMw4JGWW8SWHQoQIntyBO
+3VJ663UG1LndUwcsA59jGC+NRWGcFMQctwmOXa/DuDh1oQHfX3XX734l2JB0UPl
HQC9VAsbvU1DTKlOKoWs5EIXwJH18FuLQO0rUCKYiJJ/g5smsVZGPOvb/ceftPkX
xnCMhi64wygc5skizdZTsIzLT0elmW5esfDzB/4fXiHbg8c2RM/nrMgG9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEjznWVCrAsyF4CTghf1C+59UYpVMB8GA1UdIwQY
MBaAFL6bVFjCN9tlhIyyrL7G25Qj/LOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnB0VVdNSTMyMldFakxLc3ZzYmJsQ1A4czZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jZDFkYjMtMjg3Ny00ZjMyLTgzYzUt
MzcwYjgyZTlmOTBiLzEvU1BPZFpVS3NDeklYZ0pPQ0ZfVUw3bjFSaWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jZDFkYjMtMjg3Ny00ZjMyLTgzYzUtMzcwYjgyZTlmOTBi
LzEvdnB0VVdNSTMyMldFakxLc3ZzYmJsQ1A4czZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFJRGAAwQC
uVsQMA0GCSqGSIb3DQEBCwUAA4IBAQBHhwSVdRqGBMsHahGB1SD6kkv+04CZ4Osf
YAEFsEnesS+Pe7nAa/xWZYJgf8SXIOLlfDVuqGcNnmR407tBHaVthP+Zrexn0ivS
/J098QP6kNS4krQAfuPZ+CbVxGGAc6xBHWKFqwT111Ck6sqW/+Lvn2Id/LLeuMNt
zK2AXGa61nK3hzd7Ecpxqqym8oFbXjzgCNIL+TgFAydNu/S8dxHpkdTPVAzfBfgx
3Bk3QffmKdBp3kquO0/h4d82/T0J6wZkG67BCPFff5XBbuW54PTAduUiWDLlsefL
1TLe5e+wgEkATFBbknR4rK7lEoXxBTAuFfkch8XA//6IxU8+4Z+l
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:25:09 2025 by rpki-client