Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/cId8Oh2ku7xx6TmW6OIZ4A9R3SI.roa
File: cId8Oh2ku7xx6TmW6OIZ4A9R3SI.roa (raw, json)
Hash identifier: DosNmul2GOxycmJ7sNN3zGw9XmJX9NxE7he1ScFFL4k=
Subject key identifier: 70:87:7C:3A:1D:A4:BB:BC:71:E9:39:96:E8:E2:19:E0:0F:51:DD:22
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01941FFA308EBB4BE657014AC19D5D1A4022
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/cId8Oh2ku7xx6TmW6OIZ4A9R3SI.roa
Signing time: Wed 01 Jan 2025 03:47:57 +0000
ROA not before: Wed 01 Jan 2025 03:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41944
IP address blocks: 37.114.33.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:30:8e:bb:4b:e6:57:01:4a:c1:9d:5d:1a:40:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 03:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70877c3a1da4bbbc71e93996e8e219e00f51dd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7d:7f:88:e2:18:4a:d0:7e:74:0d:dd:80:59:
a1:fa:80:3f:ba:6e:c5:8a:31:64:ae:94:74:bd:3b:
db:a5:23:36:af:a5:65:6a:d9:6f:7a:b3:0b:cb:c9:
2c:ea:96:57:7b:1c:fa:f0:38:b4:b9:63:49:9a:ac:
5e:da:49:5e:61:8c:a4:93:82:3e:4b:e2:7e:10:22:
f4:30:88:c5:66:8d:3a:5d:5d:dc:d5:67:a8:b6:bf:
c7:97:88:66:d5:a8:57:95:b0:96:57:4d:60:4c:57:
2e:f2:6d:c8:0b:c7:52:3f:7b:67:93:55:48:16:77:
86:86:c3:37:79:7f:c0:f0:78:11:69:87:f9:32:45:
bc:35:14:46:74:b5:21:e6:76:1e:69:d6:b7:53:10:
74:cb:2b:a6:be:92:59:52:77:4b:16:36:5e:be:d8:
76:74:0e:35:d9:19:b5:e5:e9:ce:c1:4f:28:01:dd:
93:c9:64:06:a1:fe:0c:e2:c5:26:b6:07:c1:72:f8:
17:c2:12:c3:15:26:fb:22:7f:c6:2f:7e:fc:cd:09:
88:53:f9:21:cf:fa:5a:18:3f:9d:07:29:86:ca:a2:
5d:56:fa:6c:8f:77:21:d1:f0:00:0b:e2:d2:18:9b:
c4:24:b3:0c:61:3c:37:c2:b8:79:f1:c4:dd:a9:aa:
0a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:87:7C:3A:1D:A4:BB:BC:71:E9:39:96:E8:E2:19:E0:0F:51:DD:22
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/cId8Oh2ku7xx6TmW6OIZ4A9R3SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.33.0/24
37.114.43.0/24
37.114.48.0/23
37.114.51.0/24
37.114.55.0/24
37.114.63.0/24
176.100.37.0/24
Signature Algorithm: sha256WithRSAEncryption
81:18:93:af:72:45:12:52:b5:34:a1:a9:f1:85:e2:10:4e:fb:
83:9b:91:14:3c:39:86:e4:84:69:f8:ef:89:e0:54:34:63:bb:
38:57:b3:ea:3b:6a:d2:90:c4:ec:8c:ed:67:45:25:95:84:96:
bd:7a:d1:62:c5:cc:43:ba:ff:c2:09:a2:9e:1e:bd:5f:6c:ad:
db:d2:37:14:d6:b5:15:50:80:7b:7a:92:ba:04:b0:1b:b3:2b:
ee:ce:83:d5:ea:fa:61:a5:32:39:da:5e:99:b4:b8:be:4a:1d:
5f:c3:4e:24:6c:b7:09:28:e0:d7:e0:5f:11:8c:3a:ba:61:8b:
db:df:10:e6:31:a7:87:2d:ca:2a:18:69:c5:77:ae:f3:e9:d4:
1f:aa:f9:39:30:5e:d0:0d:79:1c:76:73:ac:df:a8:11:cc:dd:
61:93:5a:41:21:f8:26:3b:70:7e:ba:40:bf:e3:8d:5e:25:4a:
df:4b:1b:53:d0:05:1d:2f:6e:b9:ad:49:22:15:7f:9c:66:7a:
9d:f0:0b:1b:a6:8e:66:49:a6:b0:dc:f0:46:5b:3c:96:20:c0:
1a:72:8b:55:75:4d:9e:42:d8:52:56:c0:d6:63:6f:8b:44:aa:
e1:68:98:7d:12:84:1a:46:b9:c8:0a:ad:2d:57:2a:18:c6:0d:
e5:8c:c1:e0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQf+jCOu0vmVwFKwZ1dGkAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwMTAxMDM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg3N2MzYTFkYTRiYmJjNzFlOTM5OTZlOGUyMTllMDBmNTFkZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr31/iOIYStB+dA3dgFmh+oA/um7F
ijFkrpR0vTvbpSM2r6VlatlverMLy8ks6pZXexz68Di0uWNJmqxe2kleYYykk4I+
S+J+ECL0MIjFZo06XV3c1Weotr/Hl4hm1ahXlbCWV01gTFcu8m3IC8dSP3tnk1VI
FneGhsM3eX/A8HgRaYf5MkW8NRRGdLUh5nYeada3UxB0yyumvpJZUndLFjZevth2
dA412Rm15enOwU8oAd2TyWQGof4M4sUmtgfBcvgXwhLDFSb7In/GL378zQmIU/kh
z/paGD+dBymGyqJdVvpsj3ch0fAAC+LSGJvEJLMMYTw3wrh58cTdqaoK/QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHCHfDodpLu8cek5lujiGeAPUd0iMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvY0lkOE9oMmt1N3h4NlRtVzZPSVo0QTlSM1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJXIhAwQA
JXIrAwQBJXIwAwQAJXIzAwQAJXI3AwQAJXI/AwQAsGQlMA0GCSqGSIb3DQEBCwUA
A4IBAQCBGJOvckUSUrU0oanxheIQTvuDm5EUPDmG5IRp+O+J4FQ0Y7s4V7PqO2rS
kMTsjO1nRSWVhJa9etFixcxDuv/CCaKeHr1fbK3b0jcU1rUVUIB7epK6BLAbsyvu
zoPV6vphpTI52l6ZtLi+Sh1fw04kbLcJKODX4F8RjDq6YYvb3xDmMaeHLcoqGGnF
d67z6dQfqvk5MF7QDXkcdnOs36gRzN1hk1pBIfgmO3B+ukC/441eJUrfSxtT0AUd
L265rUkiFX+cZnqd8Asbpo5mSaaw3PBGWzyWIMAacotVdU2eQthSVsDWY2+LRKrh
aJh9EoQaRrnICq0tVyoYxg3ljMHg
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:15:38 2025 by rpki-client