Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/79fBoxetqM8W78-kGmHTvjPW7Uw.roa
File: 79fBoxetqM8W78-kGmHTvjPW7Uw.roa (raw, json)
Hash identifier: pMW1Mp2B+qXHZp51RoJRa8NJEQ1rG2VsgYraYBKPRXE=
Subject key identifier: EF:D7:C1:A3:17:AD:A8:CF:16:EF:CF:A4:1A:61:D3:BE:33:D6:ED:4C
Certificate issuer: /CN=949ff40831ca66f996c76ea466af49476fecd1ff
Certificate serial: 01942368E3D68F8048D29E2A31CA584D0B22
Authority key identifier: 94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/79fBoxetqM8W78-kGmHTvjPW7Uw.roa
Signing time: Wed 01 Jan 2025 19:47:44 +0000
ROA not before: Wed 01 Jan 2025 19:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48131
IP address blocks: 37.221.116.0/24 maxlen: 24
193.33.140.0/24 maxlen: 24
2a09:500::/32 maxlen: 32
2a0f:ae80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:e3:d6:8f:80:48:d2:9e:2a:31:ca:58:4d:0b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=949ff40831ca66f996c76ea466af49476fecd1ff
Validity
Not Before: Jan 1 19:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=efd7c1a317ada8cf16efcfa41a61d3be33d6ed4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9b:07:22:4c:65:2e:05:aa:6a:13:a8:9e:3d:
65:87:7e:58:a1:96:53:55:1d:e6:e6:db:06:79:79:
fa:d3:59:f0:f6:92:e1:a4:00:53:d4:df:a3:35:7d:
b4:8f:da:59:39:59:5e:21:30:08:d3:9c:d6:75:12:
c8:e4:4e:d1:8b:83:b0:ee:f3:1a:49:2f:3c:34:fa:
a2:5e:0c:ae:f4:99:98:66:63:20:64:12:3e:53:e9:
41:4f:07:8a:0a:39:2b:52:32:7e:eb:1d:bf:0f:64:
0f:4f:6f:cb:6c:97:91:15:f7:dd:30:17:a3:77:71:
1e:fd:2e:69:07:d5:c1:ae:7e:88:26:9e:6a:1e:99:
54:33:83:95:34:21:5e:6e:29:65:82:0c:8d:06:d9:
62:97:a3:44:58:38:56:ae:d5:c5:c0:16:b4:e2:10:
10:10:81:53:d5:5f:17:94:90:49:f6:f7:02:af:53:
2f:ef:de:55:58:3e:6d:f0:0f:49:7f:f0:86:49:32:
75:fb:37:68:21:2f:a0:a2:b0:35:f1:f4:6f:63:2f:
18:1f:68:e6:35:e5:aa:70:24:fb:f6:9c:2c:f1:c7:
fc:32:dd:0b:49:a5:58:5e:81:af:b5:3a:04:1c:9b:
e5:b5:1b:b0:47:f1:87:9b:52:ce:8e:87:4c:f3:ae:
01:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D7:C1:A3:17:AD:A8:CF:16:EF:CF:A4:1A:61:D3:BE:33:D6:ED:4C
X509v3 Authority Key Identifier:
keyid:94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/79fBoxetqM8W78-kGmHTvjPW7Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/lJ_0CDHKZvmWx26kZq9JR2_s0f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.116.0/24
193.33.140.0/24
IPv6:
2a09:500::/32
2a0f:ae80::/32
Signature Algorithm: sha256WithRSAEncryption
9f:be:45:aa:dd:24:76:b4:d1:1a:33:79:f2:ac:9b:f2:c9:b0:
3a:46:b0:d2:90:c0:f3:ae:d9:f6:03:e9:54:89:40:f6:1d:1e:
7d:f5:e9:57:00:0f:b0:ec:b4:35:74:a1:f3:e1:f7:61:fd:0e:
c2:6f:de:03:9d:43:85:39:8f:cd:9c:55:26:50:e3:c9:e5:c0:
96:26:e7:22:41:4f:4c:5f:0a:cb:0a:dc:09:b5:08:96:e2:bb:
67:de:18:f9:3d:7c:1f:d5:cf:90:2e:f9:28:99:69:25:dd:60:
68:77:31:59:1b:6e:a1:4a:c1:3e:b6:fd:33:b6:06:28:ec:e0:
f9:52:44:f9:f1:70:cc:50:fa:da:9b:6f:b6:d9:c9:3a:6a:23:
74:13:28:19:a8:76:ea:57:49:a0:0b:0a:ed:24:07:93:45:7c:
f0:c5:d4:45:99:c7:27:c4:7a:05:aa:ab:96:13:3b:42:15:78:
c2:36:11:c2:30:13:65:78:9c:a2:38:54:39:20:a7:f4:8e:ee:
6f:84:3f:3d:37:e9:cc:b7:b0:4f:e4:2d:36:35:9e:fc:9a:db:
c1:aa:6e:a9:19:a2:d4:72:16:28:5c:74:2e:56:b2:71:3d:be:
18:46:38:07:80:f0:34:2c:f5:76:74:ef:f0:32:c1:60:92:57:
3b:d9:ca:5f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQjaOPWj4BI0p4qMcpYTQsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OWZmNDA4MzFjYTY2Zjk5NmM3NmVhNDY2YWY0OTQ3NmZl
Y2QxZmYwHhcNMjUwMTAxMTk0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmQ3YzFhMzE3YWRhOGNmMTZlZmNmYTQxYTYxZDNiZTMzZDZlZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZsHIkxlLgWqahOonj1lh35YoZZT
VR3m5tsGeXn601nw9pLhpABT1N+jNX20j9pZOVleITAI05zWdRLI5E7Ri4Ow7vMa
SS88NPqiXgyu9JmYZmMgZBI+U+lBTweKCjkrUjJ+6x2/D2QPT2/LbJeRFffdMBej
d3Ee/S5pB9XBrn6IJp5qHplUM4OVNCFebillggyNBtlil6NEWDhWrtXFwBa04hAQ
EIFT1V8XlJBJ9vcCr1Mv795VWD5t8A9Jf/CGSTJ1+zdoIS+gorA18fRvYy8YH2jm
NeWqcCT79pws8cf8Mt0LSaVYXoGvtToEHJvltRuwR/GHm1LOjodM864BvQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFO/XwaMXrajPFu/PpBph074z1u1MMB8GA1UdIwQY
MBaAFJSf9Agxymb5lsdupGavSUdv7NH/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpfMENESEtadm1XeDI2a1pxOUpSMl9zMGY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81NWQxMGQtYjQ0OC00YjQ3LWJhNTgt
MTQ3YWRjOTBjYTBmLzEvNzlmQm94ZXRxTThXNzgta0dtSFR2alBXN1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81NWQxMGQtYjQ0OC00YjQ3LWJhNTgtMTQ3YWRjOTBjYTBm
LzEvbEpfMENESEtadm1XeDI2a1pxOUpSMl9zMGY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAJd10AwQA
wSGMMBQEAgACMA4DBQAqCQUAAwUAKg+ugDANBgkqhkiG9w0BAQsFAAOCAQEAn75F
qt0kdrTRGjN58qyb8smwOkaw0pDA867Z9gPpVIlA9h0effXpVwAPsOy0NXSh8+H3
Yf0Owm/eA51DhTmPzZxVJlDjyeXAlibnIkFPTF8KywrcCbUIluK7Z94Y+T18H9XP
kC75KJlpJd1gaHcxWRtuoUrBPrb9M7YGKOzg+VJE+fFwzFD62ptvttnJOmojdBMo
Gah26ldJoAsK7SQHk0V88MXURZnHJ8R6BaqrlhM7QhV4wjYRwjATZXicojhUOSCn
9I7ub4Q/PTfpzLewT+QtNjWe/JrbwapuqRmi1HIWKFx0LlaycT2+GEY4B4DwNCz1
dnTv8DLBYJJXO9nKXw==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:26:58 2025 by rpki-client