Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1l2ArbgF3qVBDh248pT8ghQwr8g.roa
File: 1l2ArbgF3qVBDh248pT8ghQwr8g.roa (raw, json)
Hash identifier: YA33bykfjW3z3Yekpa5KV5s6fAvShyo0RB0/5uqiA+w=
Subject key identifier: D6:5D:80:AD:B8:05:DE:A5:41:0E:1D:B8:F2:94:FC:82:14:30:AF:C8
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01941FFA32B12158B7690C06A4FC1CD5B729
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1l2ArbgF3qVBDh248pT8ghQwr8g.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47637
IP address blocks: 37.114.37.0/24 maxlen: 24
37.114.41.0/24 maxlen: 24
94.154.49.0/24 maxlen: 24
176.100.32.0/21 maxlen: 32
176.100.33.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
2a00:ccc4::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:32:b1:21:58:b7:69:0c:06:a4:fc:1c:d5:b7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d65d80adb805dea5410e1db8f294fc821430afc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:e4:8a:2b:4d:1b:27:f3:0e:4e:dd:0b:c8:
fd:d4:29:12:ae:fd:f6:e9:b0:5b:8f:0f:d2:94:d6:
e6:88:15:6d:f9:11:44:30:68:01:e6:bc:45:85:0e:
70:1b:d5:fd:95:2b:29:ec:bc:e7:3c:db:be:72:d4:
0d:ec:fc:6d:63:13:fe:02:da:b9:64:cf:bc:4b:ba:
30:3b:3a:28:e2:87:5e:72:7c:28:06:ac:7f:a7:16:
6d:c5:89:d9:79:49:83:30:38:11:c4:26:49:3e:1a:
56:cd:9d:65:90:ba:f5:0f:b9:df:bf:92:0c:a2:02:
74:1c:55:8a:ef:ea:f9:32:af:bc:40:07:e2:c0:82:
85:8c:c7:a9:bc:5d:13:02:ae:86:3f:a9:c0:ab:92:
18:6f:4f:3b:a2:e4:24:a8:70:cf:e8:f7:d5:11:cf:
de:0b:b3:17:c9:01:57:5f:b7:cd:7a:3c:69:01:6a:
07:c7:6f:c4:12:f8:06:28:a9:04:40:bc:7a:99:f3:
83:46:5c:a6:26:3d:4e:2a:53:f2:62:80:d5:72:f2:
93:19:e0:47:30:51:44:a7:5c:83:96:58:e2:78:6a:
cc:97:fa:51:48:56:53:49:4e:b2:65:5b:3d:44:74:
33:0d:a2:9c:fa:e7:9d:17:87:1a:fc:6f:ed:0a:ee:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5D:80:AD:B8:05:DE:A5:41:0E:1D:B8:F2:94:FC:82:14:30:AF:C8
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1l2ArbgF3qVBDh248pT8ghQwr8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.37.0/24
37.114.41.0/24
94.154.49.0/24
176.100.32.0/21
IPv6:
2a00:ccc4::/32
Signature Algorithm: sha256WithRSAEncryption
71:81:2c:4a:30:b5:98:4d:f5:8d:df:d8:66:d4:ed:68:09:b9:
94:4d:55:de:cc:a4:66:39:a1:38:36:a3:a7:f0:a3:be:c6:f0:
59:2a:7a:ca:9b:76:84:23:bc:93:b4:4b:f4:78:57:b0:7f:31:
58:65:d8:bc:74:05:7b:a9:a5:37:91:31:22:04:9b:b6:ad:f1:
dd:77:c5:28:2f:b3:47:44:ff:ac:dd:bb:55:a5:47:6e:b2:3e:
1d:bb:5a:c3:f5:2f:1d:e1:36:90:bb:3f:ef:7f:c1:24:4f:f7:
59:5b:ce:22:a6:47:33:01:18:43:a1:e5:42:7e:2a:83:8e:35:
27:2d:73:12:bd:d0:d6:f5:ef:f4:d8:b0:65:64:e5:90:e0:17:
df:43:e3:a3:8f:cd:c1:e6:4e:4a:ea:88:a5:d4:84:c9:f2:96:
85:6b:74:d1:f8:41:69:12:d3:d6:24:50:75:6b:2b:71:32:83:
2f:c3:03:0a:dd:a2:aa:82:73:75:e3:d7:04:bc:ae:1f:4f:9d:
7e:ec:13:0f:c5:63:6a:f6:ed:17:20:dc:1e:58:33:4f:68:eb:
2b:9a:7f:de:1a:74:73:bc:9a:34:26:86:cd:84:3f:b0:be:e6:
25:d3:5e:f8:26:1d:97:73:e9:1e:d0:99:47:ad:fe:e6:33:03:
06:da:ba:16
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQf+jKxIVi3aQwGpPwc1bcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjVkODBhZGI4MDVkZWE1NDEwZTFkYjhmMjk0ZmM4MjE0MzBhZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlbkiitNGyfzDk7dC8j91CkSrv32
6bBbjw/SlNbmiBVt+RFEMGgB5rxFhQ5wG9X9lSsp7LznPNu+ctQN7PxtYxP+Atq5
ZM+8S7owOzoo4odecnwoBqx/pxZtxYnZeUmDMDgRxCZJPhpWzZ1lkLr1D7nfv5IM
ogJ0HFWK7+r5Mq+8QAfiwIKFjMepvF0TAq6GP6nAq5IYb087ouQkqHDP6PfVEc/e
C7MXyQFXX7fNejxpAWoHx2/EEvgGKKkEQLx6mfODRlymJj1OKlPyYoDVcvKTGeBH
MFFEp1yDlljieGrMl/pRSFZTSU6yZVs9RHQzDaKc+uedF4ca/G/tCu5tfQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNZdgK24Bd6lQQ4duPKU/IIUMK/IMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvMWwyQXJiZ0YzcVZCRGgyNDhwVDhnaFF3cjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJXIlAwQA
JXIpAwQAXpoxAwQDsGQgMA0EAgACMAcDBQAqAMzEMA0GCSqGSIb3DQEBCwUAA4IB
AQBxgSxKMLWYTfWN39hm1O1oCbmUTVXezKRmOaE4NqOn8KO+xvBZKnrKm3aEI7yT
tEv0eFewfzFYZdi8dAV7qaU3kTEiBJu2rfHdd8UoL7NHRP+s3btVpUdusj4du1rD
9S8d4TaQuz/vf8EkT/dZW84ipkczARhDoeVCfiqDjjUnLXMSvdDW9e/02LBlZOWQ
4BffQ+Ojj83B5k5K6oil1ITJ8paFa3TR+EFpEtPWJFB1aytxMoMvwwMK3aKqgnN1
49cEvK4fT51+7BMPxWNq9u0XINweWDNPaOsrmn/eGnRzvJo0JobNhD+wvuYl0174
Jh2Xc+ke0JlHrf7mMwMG2roW
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:39:13 2025 by rpki-client