Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/iGYh56kuxBsLOoG8BB1Z3iInsvE.roa
File: iGYh56kuxBsLOoG8BB1Z3iInsvE.roa (raw, json)
Hash identifier: MmzpGsOm2A5BUXCEKHzzZuOrSr7M4LoWHDsZkU4rkyo=
Subject key identifier: 88:66:21:E7:A9:2E:C4:1B:0B:3A:81:BC:04:1D:59:DE:22:27:B2:F1
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01941FFA3AA29974ED53FD4CA1495F2765E1
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/iGYh56kuxBsLOoG8BB1Z3iInsvE.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200482
IP address blocks: 37.114.35.0/24 maxlen: 32
37.114.60.0/24 maxlen: 24
37.114.61.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3a:a2:99:74:ed:53:fd:4c:a1:49:5f:27:65:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=886621e7a92ec41b0b3a81bc041d59de2227b2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:62:ec:d0:0e:20:a3:75:08:32:e3:a6:33:b9:
76:1f:a6:b3:6a:8c:8c:e1:42:09:34:5c:a1:b3:f0:
c6:51:f5:ea:be:4f:34:ce:fc:67:fd:8c:f2:1a:16:
95:e1:36:68:36:9a:1b:24:82:0c:33:26:0d:81:0f:
4c:e3:10:b0:19:18:51:9e:68:9a:11:30:af:75:d9:
93:a3:09:71:9f:bc:80:32:1c:d5:6e:89:42:2f:71:
7f:f2:a6:13:05:a7:a1:f0:8c:5e:69:93:4e:f6:bf:
1f:0a:5e:86:46:65:11:d2:c3:a2:54:77:96:b1:75:
7f:08:68:50:7d:77:99:31:94:14:00:48:cc:07:c5:
86:f2:0f:96:60:ba:c9:e3:9e:58:ff:df:86:c5:4b:
bc:d6:f1:2e:1f:a5:7d:6c:8a:dc:9e:c4:c7:7e:fc:
53:b3:37:0e:41:97:78:42:9e:bd:8e:3a:f7:18:d7:
0f:8a:13:ba:37:e2:bd:71:7d:7e:f1:55:1f:19:66:
f7:cb:85:b2:e1:53:c2:01:74:17:ad:8f:1d:1b:3a:
33:f0:a4:48:c4:b8:18:dc:65:41:0f:9a:a8:87:a7:
74:2f:7c:d9:83:d9:cf:31:e0:83:79:28:b3:63:f2:
93:f2:64:47:f6:da:e4:22:4f:b4:3b:7a:20:d1:95:
5a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:66:21:E7:A9:2E:C4:1B:0B:3A:81:BC:04:1D:59:DE:22:27:B2:F1
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/iGYh56kuxBsLOoG8BB1Z3iInsvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.35.0/24
37.114.60.0/23
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:0d:57:0a:79:a3:e2:07:91:83:7e:e6:35:49:0b:ff:8f:f9:
14:9d:f2:a9:17:e9:e5:c7:fa:4d:02:01:f5:b1:fc:29:e4:5d:
bc:b0:53:eb:e9:60:29:43:60:79:8a:d0:4d:cd:18:d5:af:30:
c3:ff:f0:74:9c:61:08:3e:bf:d6:4f:34:b2:ef:7b:70:5a:2b:
5d:71:40:b7:76:d7:55:d0:d9:9d:aa:e1:fe:b3:bb:88:ee:5e:
e4:56:30:8f:6a:86:9f:a5:3d:36:e2:3a:7d:e3:71:61:0e:3f:
1f:0b:56:30:1e:9f:79:de:f9:f4:f1:5c:89:b2:1a:5d:e9:2d:
cf:74:dd:1a:02:2d:23:b6:9b:5a:33:12:1d:a7:d5:22:1b:fc:
3a:dd:7f:4a:bf:03:73:bb:bc:f8:cb:eb:39:c2:3b:79:7f:9d:
ae:fa:4c:b4:fb:d3:40:c7:13:25:08:9a:37:92:9b:b7:18:3e:
00:84:56:d3:76:53:aa:68:99:1c:89:ac:ab:9a:61:69:ce:37:
b8:0e:b7:c3:eb:e6:bf:c6:a3:f8:eb:c6:32:42:e1:9a:7e:c1:
73:b2:64:04:0e:43:a8:ad:54:22:0f:f7:54:f9:59:85:33:77:
ce:2f:c0:0f:e8:0d:b9:33:5c:ad:74:46:6e:33:d4:7d:48:2d:
c3:7c:37:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+jqimXTtU/1MoUlfJ2XhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODY2MjFlN2E5MmVjNDFiMGIzYTgxYmMwNDFkNTlkZTIyMjdiMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmLs0A4go3UIMuOmM7l2H6azaoyM
4UIJNFyhs/DGUfXqvk80zvxn/YzyGhaV4TZoNpobJIIMMyYNgQ9M4xCwGRhRnmia
ETCvddmTowlxn7yAMhzVbolCL3F/8qYTBaeh8IxeaZNO9r8fCl6GRmUR0sOiVHeW
sXV/CGhQfXeZMZQUAEjMB8WG8g+WYLrJ455Y/9+GxUu81vEuH6V9bIrcnsTHfvxT
szcOQZd4Qp69jjr3GNcPihO6N+K9cX1+8VUfGWb3y4Wy4VPCAXQXrY8dGzoz8KRI
xLgY3GVBD5qoh6d0L3zZg9nPMeCDeSizY/KT8mRH9trkIk+0O3og0ZVaCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIhmIeepLsQbCzqBvAQdWd4iJ7LxMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvaUdZaDU2a3V4QnNMT29HOEJCMVozaUluc3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJXIjAwQB
JXI8AwQBK/uiMA0GCSqGSIb3DQEBCwUAA4IBAQCKDVcKeaPiB5GDfuY1SQv/j/kU
nfKpF+nlx/pNAgH1sfwp5F28sFPr6WApQ2B5itBNzRjVrzDD//B0nGEIPr/WTzSy
73twWitdcUC3dtdV0NmdquH+s7uI7l7kVjCPaoafpT024jp943FhDj8fC1YwHp95
3vn08VyJshpd6S3PdN0aAi0jtptaMxIdp9UiG/w63X9KvwNzu7z4y+s5wjt5f52u
+ky0+9NAxxMlCJo3kpu3GD4AhFbTdlOqaJkciayrmmFpzje4DrfD6+a/xqP468Yy
QuGafsFzsmQEDkOorVQiD/dU+VmFM3fOL8AP6A25M1ytdEZuM9R9SC3DfDck
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:31:35 2025 by rpki-client