Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/4vlmdPXJEIj9BD5XrGcncgmk5j4.roa
File: 4vlmdPXJEIj9BD5XrGcncgmk5j4.roa (raw, json)
Hash identifier: riPKiYt/L7BDSbhqPzWMVJUAIze+SOZFasERkJ2mKqY=
Subject key identifier: E2:F9:66:74:F5:C9:10:88:FD:04:3E:57:AC:67:27:72:09:A4:E6:3E
Certificate issuer: /CN=c8d335041718b18830b1f58c15d3518510fe6118
Certificate serial: 019420D667CEF9BF70BA79862000FFBA6ABC
Authority key identifier: C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/4vlmdPXJEIj9BD5XrGcncgmk5j4.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7155
IP address blocks: 37.1.168.0/21 maxlen: 24
37.252.200.0/21 maxlen: 24
185.15.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:67:ce:f9:bf:70:ba:79:86:20:00:ff:ba:6a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d335041718b18830b1f58c15d3518510fe6118
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2f96674f5c91088fd043e57ac67277209a4e63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5e:80:ce:bf:11:78:5f:47:99:33:35:74:16:
08:eb:26:48:c3:92:1d:47:2c:b5:e9:46:cb:04:a4:
27:fd:ec:f1:88:6c:e9:8a:ab:c5:25:20:c9:91:1d:
d9:8d:2c:db:e1:4d:b6:ff:6b:bf:59:56:fc:0f:3a:
b2:83:97:2d:aa:23:2e:b5:48:09:49:99:64:24:0d:
63:ea:39:5a:cc:1d:67:33:a7:b7:88:94:f3:70:61:
27:4f:2b:10:7a:3c:71:09:ad:71:9e:2d:a5:24:9b:
21:8c:12:a4:9d:31:17:75:fc:18:bd:49:97:fd:5b:
3c:a2:45:cf:52:08:92:83:f0:65:a2:3c:c1:30:c0:
61:aa:e7:68:66:62:a8:70:ab:5b:47:32:25:f0:cb:
af:9b:09:85:e8:5a:fe:b8:54:10:43:88:b4:a9:e8:
55:62:d3:14:ae:9a:56:e3:00:42:ee:71:4e:11:bc:
f7:40:14:20:30:19:dc:e7:92:42:4f:eb:99:e0:6f:
00:15:69:53:ab:aa:20:e1:bb:32:44:3d:6e:c4:ae:
2d:f5:68:c2:06:cb:f2:35:5e:96:0d:2a:a7:be:b7:
41:60:81:0a:87:e7:f3:60:02:8b:c8:d5:7f:15:ae:
62:ca:1d:2e:18:83:f5:24:11:de:f5:98:3e:32:57:
66:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F9:66:74:F5:C9:10:88:FD:04:3E:57:AC:67:27:72:09:A4:E6:3E
X509v3 Authority Key Identifier:
keyid:C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/4vlmdPXJEIj9BD5XrGcncgmk5j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/yNM1BBcYsYgwsfWMFdNRhRD-YRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.168.0/21
37.252.200.0/21
185.15.32.0/22
Signature Algorithm: sha256WithRSAEncryption
50:50:51:d5:af:f1:33:ab:21:56:14:4e:51:6c:ac:d6:94:8b:
7f:d8:1c:3e:09:8f:ee:7b:6b:12:0f:57:29:2d:c3:8c:2a:25:
83:1e:44:cd:09:ab:6a:e8:50:2b:d4:67:85:27:11:5f:3c:2d:
e9:c3:58:f4:3d:7e:31:4e:d3:46:02:fe:3c:9b:e5:af:2f:bc:
e1:13:a9:a4:24:0f:60:da:d7:03:d5:c7:0c:94:54:13:32:a5:
29:50:79:32:42:20:2e:ef:3a:76:46:34:19:4b:01:ef:21:c5:
2d:fa:cf:09:62:6a:45:c5:7c:36:79:79:8a:3c:67:c6:81:2d:
f8:53:3b:78:23:e3:17:de:e8:e1:1f:6c:b3:9e:83:5a:46:be:
0c:9e:09:70:9a:12:a4:8b:2d:fd:fe:6d:4d:1e:f0:f3:97:cd:
a5:2f:2b:15:3d:f4:c8:eb:42:fd:3d:d0:1d:16:fd:89:88:dd:
39:80:e4:d5:79:15:8e:0d:8e:59:2f:2f:18:24:cb:53:01:f8:
d4:9e:64:81:e3:71:41:70:c0:c2:72:e6:05:1f:95:5f:75:f7:
5d:50:96:d1:e8:27:c5:da:ab:c5:fb:e4:9d:61:de:84:bb:30:
5e:57:25:07:85:dd:9a:ad:d5:26:39:de:3e:b9:a9:8a:e4:24:
a5:47:07:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1mfO+b9wunmGIAD/umq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDMzNTA0MTcxOGIxODgzMGIxZjU4YzE1ZDM1MTg1MTBm
ZTYxMTgwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmY5NjY3NGY1YzkxMDg4ZmQwNDNlNTdhYzY3Mjc3MjA5YTRlNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V6Azr8ReF9HmTM1dBYI6yZIw5Id
Ryy16UbLBKQn/ezxiGzpiqvFJSDJkR3ZjSzb4U22/2u/WVb8Dzqyg5ctqiMutUgJ
SZlkJA1j6jlazB1nM6e3iJTzcGEnTysQejxxCa1xni2lJJshjBKknTEXdfwYvUmX
/Vs8okXPUgiSg/BlojzBMMBhqudoZmKocKtbRzIl8MuvmwmF6Fr+uFQQQ4i0qehV
YtMUrppW4wBC7nFOEbz3QBQgMBnc55JCT+uZ4G8AFWlTq6og4bsyRD1uxK4t9WjC
BsvyNV6WDSqnvrdBYIEKh+fzYAKLyNV/Fa5iyh0uGIP1JBHe9Zg+Mldm7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOL5ZnT1yRCI/QQ+V6xnJ3IJpOY+MB8GA1UdIwQY
MBaAFMjTNQQXGLGIMLH1jBXTUYUQ/mEYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5NMUJCY1lzWWd3c2ZXTUZkTlJoUkQtWVJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YTM0NGUtMGVkOC00MmIyLWE3NDQt
YTllODQ2ODcxMGEzLzEvNHZsbWRQWEpFSWo5QkQ1WHJHY25jZ21rNWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YTM0NGUtMGVkOC00MmIyLWE3NDQtYTllODQ2ODcxMGEz
LzEveU5NMUJCY1lzWWd3c2ZXTUZkTlJoUkQtWVJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJQGoAwQD
JfzIAwQCuQ8gMA0GCSqGSIb3DQEBCwUAA4IBAQBQUFHVr/EzqyFWFE5RbKzWlIt/
2Bw+CY/ue2sSD1cpLcOMKiWDHkTNCatq6FAr1GeFJxFfPC3pw1j0PX4xTtNGAv48
m+WvL7zhE6mkJA9g2tcD1ccMlFQTMqUpUHkyQiAu7zp2RjQZSwHvIcUt+s8JYmpF
xXw2eXmKPGfGgS34Uzt4I+MX3ujhH2yznoNaRr4MnglwmhKkiy39/m1NHvDzl82l
LysVPfTI60L9PdAdFv2JiN05gOTVeRWODY5ZLy8YJMtTAfjUnmSB43FBcMDCcuYF
H5VfdfddUJbR6CfF2qvF++SdYd6EuzBeVyUHhd2ardUmOd4+uamK5CSlRwcc
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:00:34 2025 by rpki-client