Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CbXfp2LTCPVWQP1cxkD4vrBMX64.roa
File: CbXfp2LTCPVWQP1cxkD4vrBMX64.roa (raw, json)
Hash identifier: i3UFFa3TTkOCTJl5Qs+1elZ1ijW21YAqgD3tZoWyY6U=
Subject key identifier: 09:B5:DF:A7:62:D3:08:F5:56:40:FD:5C:C6:40:F8:BE:B0:4C:5F:AE
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA4F20C0213AA2A030A4DEA31945B
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CbXfp2LTCPVWQP1cxkD4vrBMX64.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201411
IP address blocks: 37.18.62.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
37.18.96.0/22 maxlen: 24
178.170.156.0/22 maxlen: 24
178.170.182.0/23 maxlen: 24
178.170.184.0/23 maxlen: 24
188.120.36.0/22 maxlen: 24
188.120.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a4:f2:0c:02:13:aa:2a:03:0a:4d:ea:31:94:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09b5dfa762d308f55640fd5cc640f8beb04c5fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2e:f5:95:57:7f:d2:ba:a9:aa:91:9d:20:23:
a4:a6:e3:e9:28:32:61:d3:7a:40:e2:73:e2:82:d4:
da:b5:3d:cb:f9:50:e7:3c:9f:33:e4:c9:7f:df:31:
da:ea:00:c1:78:22:26:6a:f9:d3:97:51:25:17:8e:
91:44:57:9c:d4:84:80:f4:2d:8b:48:ab:18:18:8c:
a4:77:7d:57:7a:f6:62:0c:ef:97:87:b1:22:f8:74:
69:8b:7a:fc:8c:fc:ca:18:58:19:c6:20:8e:d3:62:
06:6a:da:dd:ed:aa:06:32:8c:aa:b1:ee:b6:de:08:
ef:38:ff:a0:a6:e8:27:f0:c5:d8:1e:73:f1:5a:d0:
a4:fc:be:4e:ad:b7:18:74:25:43:8e:72:6a:5d:60:
a8:42:84:5d:43:a4:47:f8:74:c3:dd:e9:8d:eb:6d:
ac:46:d3:42:d7:94:d1:85:33:27:18:9e:e5:04:ce:
a4:3a:d1:da:1d:f7:3a:3c:5e:91:5a:f9:a7:3b:4e:
55:5b:2d:83:5e:92:73:d9:91:b3:32:4b:ec:a8:b3:
72:71:88:70:74:6b:c0:1e:f0:7d:8c:67:21:ca:15:
69:ae:83:a6:a7:4d:ff:31:bb:7e:f5:f9:af:d1:98:
61:fc:69:25:7a:ff:9f:8f:44:f0:3a:12:cf:71:02:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B5:DF:A7:62:D3:08:F5:56:40:FD:5C:C6:40:F8:BE:B0:4C:5F:AE
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CbXfp2LTCPVWQP1cxkD4vrBMX64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.62.0/23
37.18.96.0/22
178.170.156.0/22
178.170.182.0-178.170.185.255
188.120.36.0-188.120.43.255
Signature Algorithm: sha256WithRSAEncryption
bf:47:e2:15:9b:fa:36:93:5c:7d:4e:e9:19:3e:2a:92:ca:45:
a5:f0:ae:77:5e:7c:64:91:79:4f:44:39:70:28:63:4d:f5:05:
de:ed:a2:2f:1c:89:9b:97:6a:cf:8a:05:d4:89:28:66:12:0e:
f7:f8:f9:37:72:7b:41:dc:e1:82:76:51:ee:92:ab:96:13:f3:
84:49:30:9d:d6:e8:b5:4e:66:c9:74:66:fd:17:00:67:07:cd:
dc:40:ed:29:e9:34:89:d9:e0:a5:f9:2b:a3:12:3d:ff:72:5f:
fe:64:ad:47:df:3c:a7:79:a7:20:dc:71:90:62:30:ec:89:18:
b8:d9:53:69:e8:eb:6b:e6:d9:1c:1b:b2:e5:40:67:96:7c:dc:
03:f1:64:4e:e6:e9:b3:b7:23:60:9f:28:6b:25:f8:69:a3:3f:
53:1c:29:51:a3:36:44:15:3e:74:1e:d7:94:6d:c9:66:43:3c:
57:7a:09:48:3f:4e:00:1c:2f:1a:28:b5:90:e7:b3:2e:ff:36:
0c:61:07:1f:93:51:be:9d:39:75:0f:5e:a9:2d:d7:66:0d:0d:
1a:2b:a7:2f:77:7b:a2:a3:e8:7f:d9:c7:c4:d9:ab:d9:ae:ac:
23:95:93:d1:e3:62:42:2a:82:31:0e:ea:13:29:95:8c:9f:64:
8b:2c:b5:29
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQf+qTyDAITqioDCk3qMZRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI1ZGZhNzYyZDMwOGY1NTY0MGZkNWNjNjQwZjhiZWIwNGM1ZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi71lVd/0rqpqpGdICOkpuPpKDJh
03pA4nPigtTatT3L+VDnPJ8z5Ml/3zHa6gDBeCImavnTl1ElF46RRFec1ISA9C2L
SKsYGIykd31XevZiDO+Xh7Ei+HRpi3r8jPzKGFgZxiCO02IGatrd7aoGMoyqse62
3gjvOP+gpugn8MXYHnPxWtCk/L5OrbcYdCVDjnJqXWCoQoRdQ6RH+HTD3emN622s
RtNC15TRhTMnGJ7lBM6kOtHaHfc6PF6RWvmnO05VWy2DXpJz2ZGzMkvsqLNycYhw
dGvAHvB9jGchyhVproOmp03/Mbt+9fmv0Zhh/Gklev+fj0TwOhLPcQLEJQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAm136di0wj1VkD9XMZA+L6wTF+uMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvQ2JYZnAyTFRDUFZXUVAxY3hrRDR2ckJNWDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBJRI+AwQC
JRJgAwQCsqqcMAwDBAGyqrYDBAGyqrgwDAMEArx4JAMEArx4KDANBgkqhkiG9w0B
AQsFAAOCAQEAv0fiFZv6NpNcfU7pGT4qkspFpfCud158ZJF5T0Q5cChjTfUF3u2i
LxyJm5dqz4oF1IkoZhIO9/j5N3J7QdzhgnZR7pKrlhPzhEkwndbotU5myXRm/RcA
ZwfN3EDtKek0idngpfkroxI9/3Jf/mStR988p3mnINxxkGIw7IkYuNlTaejra+bZ
HBuy5UBnlnzcA/FkTubps7cjYJ8oayX4aaM/UxwpUaM2RBU+dB7XlG3JZkM8V3oJ
SD9OABwvGii1kOezLv82DGEHH5NRvp05dQ9eqS3XZg0NGiunL3d7oqPof9nHxNmr
2a6sI5WT0eNiQiqCMQ7qEymVjJ9kiyy1KQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:39:42 2025 by rpki-client