Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/OvXbjQjs-7T-NX3-QRXtqzrRX0c.roa
File: OvXbjQjs-7T-NX3-QRXtqzrRX0c.roa (raw, json)
Hash identifier: EzNvr3FWmzNkIfhs03+mA8L5+CpvaHCv88LHri7+tEA=
Subject key identifier: 3A:F5:DB:8D:08:EC:FB:B4:FE:35:7D:FE:41:15:ED:AB:3A:D1:5F:47
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 019408E120194FEB92D6087E7579D6549EBD
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/OvXbjQjs-7T-NX3-QRXtqzrRX0c.roa
Signing time: Fri 27 Dec 2024 16:09:19 +0000
ROA not before: Fri 27 Dec 2024 16:09:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58087
IP address blocks: 37.114.37.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
185.14.92.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:e1:20:19:4f:eb:92:d6:08:7e:75:79:d6:54:9e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Dec 27 16:09:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3af5db8d08ecfbb4fe357dfe4115edab3ad15f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:47:0d:00:74:b0:ba:b7:45:8d:54:5b:2d:da:
26:e4:28:cb:53:8c:e4:5b:e4:af:08:bd:97:be:62:
b3:3a:7d:58:9c:5e:eb:e9:57:cc:bc:2b:5f:a4:21:
8f:37:3e:47:c1:98:e1:e1:18:fd:46:32:83:cf:68:
e1:f6:07:f0:6f:59:8c:68:ef:85:b3:4f:2e:f1:fe:
95:a7:b7:73:57:f1:7d:9d:81:77:67:2f:a2:dd:dc:
e3:33:a4:8e:a3:52:81:2a:3b:8f:33:e3:1e:64:6e:
8e:6b:52:e1:1a:85:1b:49:97:00:9e:fe:a6:e5:e9:
d8:bb:e8:b7:0a:a8:09:92:bc:70:06:aa:5c:45:7e:
1e:f9:92:c5:3f:e4:c0:5c:42:c8:09:65:d0:6f:86:
ad:f6:47:f8:76:b0:c2:de:72:7e:04:13:a9:f6:0a:
41:8f:05:56:45:56:ac:8a:11:e0:96:ef:71:c7:db:
ec:f8:14:1c:67:a1:12:c0:35:20:1c:6b:4c:81:9d:
68:cc:e6:41:ea:3c:9e:b5:38:c0:9f:1c:67:86:dc:
e3:82:68:54:bc:15:1e:aa:42:ab:be:a2:4b:4a:74:
74:90:6f:f4:73:d2:8d:a1:46:97:01:d2:e9:bd:28:
98:d2:2c:cf:de:94:c0:66:ef:1b:59:df:19:fc:14:
85:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F5:DB:8D:08:EC:FB:B4:FE:35:7D:FE:41:15:ED:AB:3A:D1:5F:47
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/OvXbjQjs-7T-NX3-QRXtqzrRX0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.37.0/24
37.114.46.0/24
37.114.50.0/24
37.114.63.0/24
176.100.36.0/23
176.100.39.0/24
185.14.92.0/24
Signature Algorithm: sha256WithRSAEncryption
30:18:0a:2b:37:21:09:05:7e:20:dd:b6:61:e6:21:d2:56:a6:
57:36:e3:40:c3:a9:8b:4e:ed:ea:b6:97:cc:b3:e7:75:5c:d4:
e9:00:38:33:88:a0:05:46:f5:1f:fe:56:48:07:a8:1a:d1:40:
c6:9f:4a:3d:de:c3:d7:04:e6:40:08:ce:d7:bd:ba:a8:65:22:
39:0a:b9:ab:d2:b4:ff:0e:c6:1b:8c:38:ad:bd:7a:52:a3:8b:
0a:0b:2a:af:03:03:33:45:53:ac:dd:5b:76:d7:96:5c:e8:9c:
bc:d4:fb:88:8b:a7:ce:ef:9c:18:bf:11:2c:72:c9:de:3f:c6:
21:4f:73:b9:20:95:c3:52:63:f3:4c:5f:cc:1b:30:5d:70:46:
ce:b3:96:c1:26:45:cc:fb:e0:5c:bf:74:f8:1b:9b:9f:ec:66:
1f:91:35:26:0c:b7:85:a2:59:d0:f4:9e:d5:f4:0a:f9:b1:ee:
a7:bc:c5:ee:63:11:ab:33:37:90:d8:aa:47:94:c5:c4:09:d8:
2a:e0:45:73:7f:0f:53:f0:a1:5a:5d:d9:28:69:98:5e:5f:4a:
ac:5b:22:dc:e4:d8:a8:be:1a:51:f2:4d:98:1d:bc:ec:9f:49:
2a:7f:a9:72:97:61:e8:6d:6f:1a:c8:50:75:ee:1e:56:72:cd:
d8:10:47:6e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQI4SAZT+uS1gh+dXnWVJ69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQxMjI3MTYwOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY1ZGI4ZDA4ZWNmYmI0ZmUzNTdkZmU0MTE1ZWRhYjNhZDE1ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEcNAHSwurdFjVRbLdom5CjLU4zk
W+SvCL2XvmKzOn1YnF7r6VfMvCtfpCGPNz5HwZjh4Rj9RjKDz2jh9gfwb1mMaO+F
s08u8f6Vp7dzV/F9nYF3Zy+i3dzjM6SOo1KBKjuPM+MeZG6Oa1LhGoUbSZcAnv6m
5enYu+i3CqgJkrxwBqpcRX4e+ZLFP+TAXELICWXQb4at9kf4drDC3nJ+BBOp9gpB
jwVWRVasihHglu9xx9vs+BQcZ6ESwDUgHGtMgZ1ozOZB6jyetTjAnxxnhtzjgmhU
vBUeqkKrvqJLSnR0kG/0c9KNoUaXAdLpvSiY0izP3pTAZu8bWd8Z/BSF6QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDr1240I7Pu0/jV9/kEV7as60V9HMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvT3ZYYmpRanMtN1QtTlgzLVFSWHRxenJSWDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJXIlAwQA
JXIuAwQAJXIyAwQAJXI/AwQBsGQkAwQAsGQnAwQAuQ5cMA0GCSqGSIb3DQEBCwUA
A4IBAQAwGAorNyEJBX4g3bZh5iHSVqZXNuNAw6mLTu3qtpfMs+d1XNTpADgziKAF
RvUf/lZIB6ga0UDGn0o93sPXBOZACM7XvbqoZSI5Crmr0rT/DsYbjDitvXpSo4sK
CyqvAwMzRVOs3Vt215Zc6Jy81PuIi6fO75wYvxEscsneP8YhT3O5IJXDUmPzTF/M
GzBdcEbOs5bBJkXM++Bcv3T4G5uf7GYfkTUmDLeFolnQ9J7V9Ar5se6nvMXuYxGr
MzeQ2KpHlMXECdgq4EVzfw9T8KFaXdkoaZheX0qsWyLc5NiovhpR8k2YHbzsn0kq
f6lyl2HobW8ayFB17h5Wcs3YEEdu
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:29:51 2025 by rpki-client