Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/9qVu3h0L17x5W3FCyPFQ8v-CSdY.roa
File: 9qVu3h0L17x5W3FCyPFQ8v-CSdY.roa (raw, json)
Hash identifier: ZCmvxTmxyAFotbu2mSYP5f/ChSYDUwcQR3LT0+S5N+Y=
Subject key identifier: F6:A5:6E:DE:1D:0B:D7:BC:79:5B:71:42:C8:F1:50:F2:FF:82:49:D6
Certificate issuer: /CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Certificate serial: 018B801EAD7606963B7711104717C7E77092
Authority key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/9qVu3h0L17x5W3FCyPFQ8v-CSdY.roa
Signing time: Mon 30 Oct 2023 10:26:15 +0000
ROA not before: Mon 30 Oct 2023 10:26:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 37.221.73.0/24 maxlen: 24
37.221.75.0/24 maxlen: 24
37.221.72.0/24 maxlen: 24
37.221.74.0/24 maxlen: 24
2a09:ea00::/40 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:1e:ad:76:06:96:3b:77:11:10:47:17:c7:e7:70:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c
Validity
Not Before: Oct 30 10:26:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6a56ede1d0bd7bc795b7142c8f150f2ff8249d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d8:a9:89:24:fd:84:b5:e9:ba:df:38:54:20:
af:c9:62:7e:96:54:c6:3e:a0:06:6c:f0:f9:c6:05:
57:6d:e6:b9:23:cd:d7:c1:3c:70:09:82:0b:76:bc:
be:a1:9c:80:54:bb:01:67:ef:53:c9:16:a6:69:4c:
d5:4b:e4:07:67:1f:db:3d:82:12:7e:1d:a0:40:b5:
90:7d:21:34:8c:6c:37:77:85:d6:f3:2d:31:c6:74:
24:71:b4:0a:64:0e:80:8f:17:08:31:a5:05:d6:f3:
75:59:a1:28:9a:22:66:5c:88:6c:18:26:f3:d6:51:
20:f0:d9:5a:2b:2d:b2:96:76:9c:8b:16:cd:25:a6:
2c:cf:35:1f:45:12:27:40:7d:16:dc:12:3d:97:2a:
aa:53:9d:a1:33:fb:39:b9:c3:f3:d3:24:8c:9f:f3:
44:b4:45:23:15:35:92:26:ac:0d:0e:59:eb:48:fc:
6e:12:a3:d0:8f:d6:38:d8:b2:df:82:30:0f:00:5d:
6d:49:e8:e5:62:8b:ed:1a:2b:c6:94:2f:99:d3:70:
3c:b7:fc:94:a4:ab:6d:3b:0d:da:d0:74:46:c0:7c:
7d:a4:42:92:b7:de:66:45:fa:6d:bb:69:f7:a4:fb:
3d:a1:00:c7:b9:49:64:4f:d0:19:e4:a4:a1:e6:5d:
04:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A5:6E:DE:1D:0B:D7:BC:79:5B:71:42:C8:F1:50:F2:FF:82:49:D6
X509v3 Authority Key Identifier:
keyid:4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/9qVu3h0L17x5W3FCyPFQ8v-CSdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.72.0/22
IPv6:
2a09:ea00::/40
Signature Algorithm: sha256WithRSAEncryption
c8:7b:3d:34:ad:20:4d:c2:56:25:75:67:ee:d6:68:ce:31:ae:
b3:45:45:4c:ce:06:88:ec:24:9f:92:b8:7e:2a:e4:06:6a:0a:
aa:44:e0:8c:4d:e8:51:b4:9d:8b:37:f4:59:0c:71:c6:5d:c3:
71:26:e8:7f:36:f2:28:93:29:1e:46:73:72:0c:c8:25:e7:2d:
7f:29:97:25:3c:6e:eb:ab:10:21:32:21:b0:d2:fb:8c:71:0c:
74:db:57:0c:63:9c:c9:72:ff:1f:40:4e:78:e0:84:1c:29:d1:
94:58:ec:c3:18:3c:69:78:8c:2b:41:2b:94:39:e9:43:73:f5:
62:1a:2a:7c:26:d3:71:8c:d5:72:ba:ce:21:4f:89:d6:fc:91:
37:01:34:99:28:07:b5:c5:74:58:6a:39:d6:ab:8d:29:e1:2a:
98:b5:cf:fa:05:40:4e:84:72:19:d3:7d:93:6b:9f:fb:c3:cf:
33:35:b8:f3:d7:91:fd:3c:af:f8:f9:31:11:37:9c:08:cc:14:
5a:ba:dc:b1:6d:98:93:3b:60:01:e8:9b:43:b2:38:d9:13:42:
02:b3:9a:f3:44:e8:61:46:1d:3c:27:8d:48:3d:e1:4a:7a:5a:
b5:08:29:fd:b2:cc:d3:9a:85:d2:2c:dc:00:86:3a:65:60:f0:
d9:a5:09:f9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYuAHq12BpY7dxEQRxfH53CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmN2Q4ODUzOTNiMzJiNWVlZTNhMGJmNDMzOGUwZmFhZWYz
Yzc1M2MwHhcNMjMxMDMwMTAyNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmE1NmVkZTFkMGJkN2JjNzk1YjcxNDJjOGYxNTBmMmZmODI0OWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNipiST9hLXput84VCCvyWJ+llTG
PqAGbPD5xgVXbea5I83XwTxwCYILdry+oZyAVLsBZ+9TyRamaUzVS+QHZx/bPYIS
fh2gQLWQfSE0jGw3d4XW8y0xxnQkcbQKZA6AjxcIMaUF1vN1WaEomiJmXIhsGCbz
1lEg8NlaKy2ylnacixbNJaYszzUfRRInQH0W3BI9lyqqU52hM/s5ucPz0ySMn/NE
tEUjFTWSJqwNDlnrSPxuEqPQj9Y42LLfgjAPAF1tSejlYovtGivGlC+Z03A8t/yU
pKttOw3a0HRGwHx9pEKSt95mRfptu2n3pPs9oQDHuUlkT9AZ5KSh5l0ELQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPalbt4dC9e8eVtxQsjxUPL/gknWMB8GA1UdIwQY
MBaAFE99iFOTsyte7joL9DOOD6rvPHU8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEt
YjE4ZGFjMmQyNTliLzEvOXFWdTNoMEwxN3g1VzNGQ3lQRlE4di1DU2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mMmEzN2MtYTEyOS00YzBiLTllZDEtYjE4ZGFjMmQyNTli
LzEvVDMySVU1T3pLMTd1T2d2ME00NFBxdTg4ZFR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCJd1IMA4E
AgACMAgDBgAqCeoAADANBgkqhkiG9w0BAQsFAAOCAQEAyHs9NK0gTcJWJXVn7tZo
zjGus0VFTM4GiOwkn5K4firkBmoKqkTgjE3oUbSdizf0WQxxxl3DcSbofzbyKJMp
HkZzcgzIJectfymXJTxu66sQITIhsNL7jHEMdNtXDGOcyXL/H0BOeOCEHCnRlFjs
wxg8aXiMK0ErlDnpQ3P1YhoqfCbTcYzVcrrOIU+J1vyRNwE0mSgHtcV0WGo51quN
KeEqmLXP+gVAToRyGdN9k2uf+8PPMzW489eR/Tyv+PkxETecCMwUWrrcsW2Ykztg
AeibQ7I42RNCArOa80ToYUYdPCeNSD3hSnpatQgp/bLM05qF0izcAIY6ZWDw2aUJ
+Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:53:37 2025 by rpki-client