Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/flTVx8-F7E37FHcVoN5708sXexM.roa
File: flTVx8-F7E37FHcVoN5708sXexM.roa (raw, json)
Hash identifier: snTHoXZxUjfO9kURa3StUkh2LzhC8cP2m56/uoBtpVA=
Subject key identifier: 7E:54:D5:C7:CF:85:EC:4D:FB:14:77:15:A0:DE:7B:D3:CB:17:7B:13
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 019420683FAC61123EAEC41B49980E4D88A7
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/flTVx8-F7E37FHcVoN5708sXexM.roa
Signing time: Wed 01 Jan 2025 05:48:10 +0000
ROA not before: Wed 01 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60558
IP address blocks: 37.140.238.0/24 maxlen: 24
37.140.239.0/24 maxlen: 24
185.28.188.0/24 maxlen: 24
185.28.189.0/24 maxlen: 24
185.28.190.0/24 maxlen: 24
185.28.191.0/24 maxlen: 24
2a00:8860:100::/40 maxlen: 64
2a00:8861:100::/40 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3f:ac:61:12:3e:ae:c4:1b:49:98:0e:4d:88:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e54d5c7cf85ec4dfb147715a0de7bd3cb177b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fe:7a:04:0f:72:54:f2:88:ed:ca:d8:6c:7e:
a4:3a:97:93:80:b6:3a:e7:c7:2c:b8:ca:d8:3b:11:
67:ab:1a:08:63:2a:92:8f:64:3d:79:1a:61:0b:42:
dd:96:d7:55:b0:21:92:a2:82:30:90:dc:e7:26:74:
c4:04:e5:19:89:21:10:b7:81:8a:68:ac:5b:89:a9:
99:cd:84:fb:c9:73:33:62:11:98:7f:af:96:77:6b:
4e:be:e8:a2:7b:7a:31:e4:81:c8:7d:7e:72:13:f3:
56:a9:94:90:1b:46:7d:52:f8:5a:ee:89:6b:9c:3a:
39:8c:ff:c2:27:59:84:76:c5:ab:c3:17:3a:ec:fc:
98:87:a5:41:d7:8d:16:fb:b5:75:34:6a:f0:d6:53:
f6:72:c7:67:66:4d:ea:c9:e4:14:96:c8:9e:a6:d9:
c7:12:dc:e8:97:82:45:3e:98:9f:fa:ec:ab:f9:33:
37:5f:2f:17:63:31:cc:03:a5:89:24:2a:1d:88:14:
f4:9d:33:b2:b1:c8:ee:4c:34:84:48:f6:88:36:72:
34:89:ee:b5:49:cf:3e:76:01:3c:fc:a2:33:e6:75:
ca:30:f9:cd:e7:e4:fb:9c:8d:fa:44:db:10:b6:2a:
85:b6:34:70:d8:8b:34:56:fd:9d:64:39:b9:93:0b:
c8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:54:D5:C7:CF:85:EC:4D:FB:14:77:15:A0:DE:7B:D3:CB:17:7B:13
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/flTVx8-F7E37FHcVoN5708sXexM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.238.0/23
185.28.188.0/22
IPv6:
2a00:8860:100::/40
2a00:8861:100::/40
Signature Algorithm: sha256WithRSAEncryption
9b:18:c1:70:9a:85:3c:14:03:b5:47:2d:cf:1c:e0:30:f3:fe:
aa:53:15:61:21:4d:5b:cf:ea:45:0f:8e:f1:5f:25:f2:8d:00:
21:2e:fb:29:f2:fb:ec:42:d8:43:b9:b3:37:cd:04:64:5d:c1:
48:31:82:6c:e8:b9:c5:f0:1d:47:40:8b:f7:97:16:b5:37:99:
bc:c3:aa:12:d2:11:e1:cc:11:f8:ea:94:c7:65:fe:5e:53:f8:
f3:72:14:20:c9:42:b7:3c:bb:86:ef:99:36:8a:48:25:16:13:
4f:a5:cf:49:26:f3:aa:98:1a:d4:80:52:ef:69:11:4e:1e:10:
8b:cd:09:5e:48:f6:e6:42:21:91:a9:45:cf:c4:1d:b5:68:7f:
61:a6:15:24:93:19:3d:bc:f4:d3:0b:39:2f:d6:74:a3:02:42:
b6:69:7b:96:4d:bc:ee:c8:5b:57:c4:b4:5f:97:c8:09:56:a9:
b5:47:e2:cf:22:02:0b:14:8f:1f:34:10:4d:eb:7e:25:bb:98:
da:cb:14:33:34:04:e4:73:25:4d:cc:57:01:cb:8a:cc:fa:1f:
27:7a:3a:08:06:07:fd:47:ee:35:1b:a0:f2:40:34:90:b2:3a:
d6:83:e2:be:10:a6:d1:f7:bb:53:73:3c:bb:ec:ce:f8:9a:55:
f6:6a:78:13
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQgaD+sYRI+rsQbSZgOTYinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU0ZDVjN2NmODVlYzRkZmIxNDc3MTVhMGRlN2JkM2NiMTc3YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP56BA9yVPKI7crYbH6kOpeTgLY6
58csuMrYOxFnqxoIYyqSj2Q9eRphC0LdltdVsCGSooIwkNznJnTEBOUZiSEQt4GK
aKxbiamZzYT7yXMzYhGYf6+Wd2tOvuiie3ox5IHIfX5yE/NWqZSQG0Z9Uvha7olr
nDo5jP/CJ1mEdsWrwxc67PyYh6VB140W+7V1NGrw1lP2csdnZk3qyeQUlsieptnH
Etzol4JFPpif+uyr+TM3Xy8XYzHMA6WJJCodiBT0nTOyscjuTDSESPaINnI0ie61
Sc8+dgE8/KIz5nXKMPnN5+T7nI36RNsQtiqFtjRw2Is0Vv2dZDm5kwvIywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH5U1cfPhexN+xR3FaDee9PLF3sTMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvZmxUVng4LUY3RTM3RkhjVm9ONTcwOHNYZXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBJYzuAwQC
uRy8MBYEAgACMBADBgAqAIhgAQMGACoAiGEBMA0GCSqGSIb3DQEBCwUAA4IBAQCb
GMFwmoU8FAO1Ry3PHOAw8/6qUxVhIU1bz+pFD47xXyXyjQAhLvsp8vvsQthDubM3
zQRkXcFIMYJs6LnF8B1HQIv3lxa1N5m8w6oS0hHhzBH46pTHZf5eU/jzchQgyUK3
PLuG75k2ikglFhNPpc9JJvOqmBrUgFLvaRFOHhCLzQleSPbmQiGRqUXPxB21aH9h
phUkkxk9vPTTCzkv1nSjAkK2aXuWTbzuyFtXxLRfl8gJVqm1R+LPIgILFI8fNBBN
634lu5jayxQzNATkcyVNzFcBy4rM+h8nejoIBgf9R+41G6DyQDSQsjrWg+K+EKbR
97tTczy77M74mlX2angT
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:20:20 2025 by rpki-client