Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/4fhMcxqZft6BZ9fRgxnz8D-3Rjg.roa
File: 4fhMcxqZft6BZ9fRgxnz8D-3Rjg.roa (raw, json)
Hash identifier: x/UT9iVMrFXYt0bA6ZGg+tJGv54SMCnK8XbBkWjAHsk=
Subject key identifier: E1:F8:4C:73:1A:99:7E:DE:81:67:D7:D1:83:19:F3:F0:3F:B7:46:38
Certificate issuer: /CN=4b25df8620374243e3c5eab25550af24e0eff48c
Certificate serial: 019422FB77FE59A88D64ECAD2BE22306D5E1
Authority key identifier: 4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/4fhMcxqZft6BZ9fRgxnz8D-3Rjg.roa
Signing time: Wed 01 Jan 2025 17:48:12 +0000
ROA not before: Wed 01 Jan 2025 17:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49284
IP address blocks: 37.209.200.0/21 maxlen: 21
46.29.104.0/21 maxlen: 21
185.208.232.0/22 maxlen: 22
185.208.232.0/23 maxlen: 23
185.208.233.0/24 maxlen: 24
185.208.234.0/23 maxlen: 23
185.208.234.0/24 maxlen: 24
185.208.235.0/24 maxlen: 24
188.92.184.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:77:fe:59:a8:8d:64:ec:ad:2b:e2:23:06:d5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b25df8620374243e3c5eab25550af24e0eff48c
Validity
Not Before: Jan 1 17:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1f84c731a997ede8167d7d18319f3f03fb74638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:08:75:d8:53:93:70:4d:ca:ae:55:b0:ed:7e:
ef:87:c5:4e:a6:6c:ab:49:2f:09:1f:a7:8e:bc:8f:
18:62:88:e5:74:05:6c:55:81:38:86:b4:e5:57:19:
a8:ca:f5:bb:42:65:2f:1c:ec:11:ba:ca:0c:8f:a1:
01:50:78:4f:30:ac:e1:e8:b1:f6:b5:ac:e5:5e:68:
7e:e3:0b:b0:10:cb:d4:44:64:df:40:de:fe:ce:17:
6b:86:ee:ff:49:2b:36:d1:58:6f:06:c4:86:46:5c:
b6:20:fa:eb:c7:86:db:e8:67:be:57:0e:d6:c7:10:
1e:3d:96:27:b1:c5:b7:49:7d:bb:34:5e:a8:ad:34:
75:50:a2:77:96:c9:ce:71:67:ce:57:24:98:1a:ef:
92:20:66:c1:ba:14:b4:b4:48:85:de:30:75:5e:80:
d7:1f:0a:c6:d3:d5:7f:f9:56:3b:09:71:1f:41:95:
63:dc:96:83:10:ee:b6:dc:d6:66:f1:99:55:b3:c4:
18:d5:65:0e:e6:54:e4:6f:51:9b:54:40:ee:36:67:
52:3f:66:8a:b9:86:66:8a:dd:a9:4e:e7:98:f8:b6:
83:96:fe:62:2f:e1:75:03:eb:cd:71:f7:db:72:29:
d4:97:24:ae:a8:19:54:e1:65:96:fc:a1:19:52:8a:
c2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F8:4C:73:1A:99:7E:DE:81:67:D7:D1:83:19:F3:F0:3F:B7:46:38
X509v3 Authority Key Identifier:
keyid:4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/4fhMcxqZft6BZ9fRgxnz8D-3Rjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/SyXfhiA3QkPjxeqyVVCvJODv9Iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.200.0/21
46.29.104.0/21
185.208.232.0/22
188.92.184.0/21
Signature Algorithm: sha256WithRSAEncryption
b2:6f:17:9b:31:59:e5:41:98:1e:91:77:8a:4d:79:47:cb:83:
2a:a3:2e:21:cb:99:9d:4e:e3:cb:d7:dc:7a:0c:a1:47:59:27:
be:53:ca:e2:78:63:ed:cd:37:6b:7b:85:3e:45:88:00:d5:12:
ca:0f:18:d2:73:67:a3:62:a4:25:00:6c:cc:f2:be:2e:83:34:
64:e1:84:7a:d6:80:c8:cc:a6:10:96:7a:92:9a:a8:d8:e1:87:
2c:3b:31:a8:be:62:6c:18:b4:4c:3a:4d:d2:94:f6:02:b5:96:
49:f3:52:d7:0d:18:67:9e:0c:02:22:80:a1:75:3f:37:cf:d1:
5f:a9:92:4f:e7:c5:f7:80:b6:bf:ec:06:b6:a0:32:5e:f9:9f:
06:8b:8f:b7:0a:7d:fa:38:b6:0c:c2:23:56:b2:55:f6:d8:37:
e6:0f:96:38:3b:93:09:cc:33:f3:b7:0e:2e:76:3f:a9:4e:17:
e1:ac:ae:f4:cc:ed:43:81:2a:e1:da:42:7d:cb:6a:57:b9:ea:
d4:ec:d8:bd:f9:a4:30:f9:6a:10:f0:44:f6:dd:84:cc:d3:d9:
72:c2:fd:ce:13:7a:b4:fd:42:5a:5d:a3:01:25:53:99:56:87:
94:e3:7e:47:57:c9:46:34:54:80:a8:4c:72:7f:e2:8a:d5:fc:
c3:af:cc:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+3f+WaiNZOytK+IjBtXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMjVkZjg2MjAzNzQyNDNlM2M1ZWFiMjU1NTBhZjI0ZTBl
ZmY0OGMwHhcNMjUwMTAxMTc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY4NGM3MzFhOTk3ZWRlODE2N2Q3ZDE4MzE5ZjNmMDNmYjc0NjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAh12FOTcE3KrlWw7X7vh8VOpmyr
SS8JH6eOvI8YYojldAVsVYE4hrTlVxmoyvW7QmUvHOwRusoMj6EBUHhPMKzh6LH2
tazlXmh+4wuwEMvURGTfQN7+zhdrhu7/SSs20VhvBsSGRly2IPrrx4bb6Ge+Vw7W
xxAePZYnscW3SX27NF6orTR1UKJ3lsnOcWfOVySYGu+SIGbBuhS0tEiF3jB1XoDX
HwrG09V/+VY7CXEfQZVj3JaDEO623NZm8ZlVs8QY1WUO5lTkb1GbVEDuNmdSP2aK
uYZmit2pTueY+LaDlv5iL+F1A+vNcffbcinUlySuqBlU4WWW/KEZUorCDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOH4THMamX7egWfX0YMZ8/A/t0Y4MB8GA1UdIwQY
MBaAFEsl34YgN0JD48XqslVQryTg7/SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2Yt
YTQxYjUwYWEyNzJkLzEvNGZoTWN4cVpmdDZCWjlmUmd4bno4RC0zUmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2YtYTQxYjUwYWEyNzJk
LzEvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJdHIAwQD
Lh1oAwQCudDoAwQDvFy4MA0GCSqGSIb3DQEBCwUAA4IBAQCybxebMVnlQZgekXeK
TXlHy4Mqoy4hy5mdTuPL19x6DKFHWSe+U8rieGPtzTdre4U+RYgA1RLKDxjSc2ej
YqQlAGzM8r4ugzRk4YR61oDIzKYQlnqSmqjY4YcsOzGovmJsGLRMOk3SlPYCtZZJ
81LXDRhnngwCIoChdT83z9FfqZJP58X3gLa/7Aa2oDJe+Z8Gi4+3Cn36OLYMwiNW
slX22DfmD5Y4O5MJzDPztw4udj+pThfhrK70zO1DgSrh2kJ9y2pXuerU7Ni9+aQw
+WoQ8ET23YTM09lywv3OE3q0/UJaXaMBJVOZVoeU435HV8lGNFSAqExyf+KK1fzD
r8wB
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:10:35 2025 by rpki-client