Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/M0UFmj8utuihy8ywzKYVtKAlOpA.roa
File: M0UFmj8utuihy8ywzKYVtKAlOpA.roa (raw, json)
Hash identifier: GB4oTrIEAnIhwubWgjQhf6VSBwPU6R7tbEiE074YX9M=
Subject key identifier: 33:45:05:9A:3F:2E:B6:E8:A1:CB:CC:B0:CC:A6:15:B4:A0:25:3A:90
Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Certificate serial: 019424B29BF2156E06CDF8724920FC81FFAE
Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/M0UFmj8utuihy8ywzKYVtKAlOpA.roa
Signing time: Thu 02 Jan 2025 01:47:52 +0000
ROA not before: Thu 02 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397232
IP address blocks: 37.209.192.0/24 maxlen: 24
37.209.194.0/24 maxlen: 24
37.209.196.0/24 maxlen: 24
37.209.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9b:f2:15:6e:06:cd:f8:72:49:20:fc:81:ff:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c
Validity
Not Before: Jan 2 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3345059a3f2eb6e8a1cbccb0cca615b4a0253a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:63:e0:25:f3:7f:52:fc:f3:b1:00:04:7d:f9:
86:d1:e9:8c:d6:68:45:2a:a1:43:13:ad:76:07:c6:
33:5e:fc:2d:db:38:96:03:53:bd:d6:63:dd:24:f6:
54:21:6c:d2:88:31:73:f6:88:00:96:0a:5e:70:83:
be:33:b1:e2:19:6e:37:6c:92:38:b1:c9:ed:7e:99:
d0:f0:fe:33:ea:05:94:b0:5d:32:53:06:72:3f:0e:
0a:0b:b3:33:24:33:c2:6e:a6:8a:41:f5:ba:89:cc:
85:38:cc:5e:d3:50:ed:62:6d:27:93:04:49:3f:f3:
e3:77:1c:e0:b7:4a:99:e2:cb:38:76:52:6b:aa:50:
5c:4a:22:98:0c:df:7c:4a:8a:9a:3f:0a:cc:be:39:
1d:7e:60:d2:b1:5b:91:f8:9c:6d:52:31:49:8c:d9:
e4:01:0e:3e:7d:95:b7:ce:61:92:4a:7e:ce:48:a3:
38:91:b5:d1:55:2a:a3:fb:3b:77:0f:54:93:cf:23:
f2:18:be:c0:15:75:f4:e4:2f:ef:af:d5:df:6d:16:
f2:1d:95:c9:75:a7:7f:dc:56:51:f7:64:28:19:93:
91:e9:a9:2e:c3:5c:fc:84:3e:66:69:ea:8c:4b:e1:
63:67:25:e0:da:0b:5b:85:10:30:73:ba:74:bd:bd:
2b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:45:05:9A:3F:2E:B6:E8:A1:CB:CC:B0:CC:A6:15:B4:A0:25:3A:90
X509v3 Authority Key Identifier:
keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/M0UFmj8utuihy8ywzKYVtKAlOpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.192.0/24
37.209.194.0/24
37.209.196.0/24
37.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
78:7b:4e:f9:8a:5a:78:29:7a:0a:6a:73:ee:6c:d6:1a:8d:bc:
91:a2:36:89:1a:8b:cb:e0:fa:52:87:2a:b1:d8:64:12:cb:e1:
21:d4:7e:51:43:a7:93:87:4e:b1:cb:c4:64:b7:2b:80:30:76:
e9:6e:be:6c:a0:6b:6c:04:ef:8f:d1:be:da:7f:7b:fc:65:6b:
40:22:9e:79:82:96:1a:a6:83:d6:09:d2:3a:7e:13:3d:31:3d:
d0:35:0f:d6:c9:1e:33:5d:d4:4c:41:f4:f4:e5:2c:23:66:83:
05:da:c6:2b:0a:fe:94:c9:4f:62:72:5a:81:2d:fb:8b:c5:d9:
3c:9b:0e:82:e6:c5:d1:06:ea:e0:a5:8d:66:e6:cd:41:ca:d9:
70:fe:0f:1b:26:36:4c:63:57:a8:fb:f9:0d:ee:1b:e2:5d:16:
5a:69:28:2e:13:88:e7:65:7e:40:6e:6c:b3:ac:cd:91:b7:9e:
f9:6c:0f:b4:bc:bd:29:92:60:3e:45:20:c2:6f:05:56:80:d7:
f1:27:d2:10:af:61:37:60:98:a6:74:41:25:4b:8f:76:8d:3b:
5d:d6:6a:fa:ae:16:b7:05:80:39:a9:b1:78:36:bb:5d:15:95:
37:83:a0:18:cd:43:04:df:02:1e:37:c9:f3:8c:32:12:1f:82:
7a:3e:0d:0e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkspvyFW4GzfhySSD8gf+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj
OGJmMmMwHhcNMjUwMTAyMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQ1MDU5YTNmMmViNmU4YTFjYmNjYjBjY2E2MTViNGEwMjUzYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WPgJfN/UvzzsQAEffmG0emM1mhF
KqFDE612B8YzXvwt2ziWA1O91mPdJPZUIWzSiDFz9ogAlgpecIO+M7HiGW43bJI4
scntfpnQ8P4z6gWUsF0yUwZyPw4KC7MzJDPCbqaKQfW6icyFOMxe01DtYm0nkwRJ
P/Pjdxzgt0qZ4ss4dlJrqlBcSiKYDN98SoqaPwrMvjkdfmDSsVuR+JxtUjFJjNnk
AQ4+fZW3zmGSSn7OSKM4kbXRVSqj+zt3D1STzyPyGL7AFXX05C/vr9XfbRbyHZXJ
dad/3FZR92QoGZOR6akuw1z8hD5maeqMS+FjZyXg2gtbhRAwc7p0vb0r8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDNFBZo/LrboocvMsMymFbSgJTqQMB8GA1UdIwQY
MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt
NDE2Zjg1ZWUyMzdiLzEvTTBVRm1qOHV0dWloeTh5d3pLWVZ0S0FsT3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi
LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA
JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQB4e075ilp4KXoKanPu
bNYajbyRojaJGovL4PpShyqx2GQSy+Eh1H5RQ6eTh06xy8RktyuAMHbpbr5soGts
BO+P0b7af3v8ZWtAIp55gpYapoPWCdI6fhM9MT3QNQ/WyR4zXdRMQfT05SwjZoMF
2sYrCv6UyU9iclqBLfuLxdk8mw6C5sXRBurgpY1m5s1Bytlw/g8bJjZMY1eo+/kN
7hviXRZaaSguE4jnZX5AbmyzrM2Rt575bA+0vL0pkmA+RSDCbwVWgNfxJ9IQr2E3
YJimdEElS492jTtd1mr6rha3BYA5qbF4NrtdFZU3g6AYzUME3wIeN8nzjDISH4J6
Pg0O
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:22:57 2025 by rpki-client