Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/wtvWqQ83Z8viC8HujIFlaW94qzA.roa
File: wtvWqQ83Z8viC8HujIFlaW94qzA.roa (raw, json)
Hash identifier: VRgdy/dQRtIj79oCA101wOc6cM5MVJQHJUw47Ux2YB0=
Subject key identifier: C2:DB:D6:A9:0F:37:67:CB:E2:0B:C1:EE:8C:81:65:69:6F:78:AB:30
Certificate issuer: /CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Certificate serial: 0194228E41499633D1C955C1FC78828F0714
Authority key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/wtvWqQ83Z8viC8HujIFlaW94qzA.roa
Signing time: Wed 01 Jan 2025 15:48:55 +0000
ROA not before: Wed 01 Jan 2025 15:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25291
IP address blocks: 37.44.0.0/21 maxlen: 24
37.49.152.0/21 maxlen: 24
37.123.104.0/21 maxlen: 24
45.153.82.0/23 maxlen: 24
77.247.80.0/21 maxlen: 24
109.68.224.0/21 maxlen: 24
151.252.40.0/21 maxlen: 24
176.74.56.0/21 maxlen: 24
185.46.136.0/22 maxlen: 24
185.54.232.0/22 maxlen: 24
185.56.104.0/23 maxlen: 24
185.56.128.0/21 maxlen: 24
195.192.128.0/18 maxlen: 24
2a00:13c8::/32 maxlen: 48
2a00:7fc0::/32 maxlen: 48
2a00:7fc0::/33 maxlen: 48
2a04:d480::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:41:49:96:33:d1:c9:55:c1:fc:78:82:8f:07:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Validity
Not Before: Jan 1 15:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2dbd6a90f3767cbe20bc1ee8c8165696f78ab30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4f:3c:20:25:a2:d4:23:d4:b1:40:b5:45:7a:
d3:c8:12:3e:f1:68:46:70:03:86:ab:f4:ff:9a:cd:
8a:b8:1d:1e:f4:cf:3d:cf:4a:8f:a8:d0:58:6a:db:
ea:6c:f4:fd:3b:22:d2:ab:ef:a9:be:5c:9c:fe:14:
24:ae:b9:00:63:67:7d:0c:18:3b:7b:db:39:9e:37:
ce:32:c5:b1:28:54:21:d9:db:54:b5:39:09:04:17:
7a:9d:dc:f9:56:94:39:5f:36:1b:df:6a:d6:f6:b8:
32:16:de:73:e6:23:42:e5:26:80:26:ac:8b:b7:88:
43:20:03:6d:e7:38:99:26:d7:ba:cb:63:af:a0:ea:
32:2e:d2:1b:58:d6:06:5d:a9:15:3a:22:be:97:c0:
28:99:5f:c5:c4:b1:fc:ae:ca:4f:ca:ed:16:3a:ed:
5d:54:30:bb:7a:4c:fd:28:c7:38:ac:e6:ef:74:e2:
5f:56:9c:a3:3b:62:e9:92:36:52:5d:ec:32:60:b7:
8d:ff:e0:99:34:a4:b1:c7:66:4f:e5:8f:ca:22:72:
86:a7:c7:f3:63:48:6d:13:13:7d:06:7e:23:14:2a:
e5:e9:2d:24:02:6c:25:d8:88:62:a8:bb:65:6e:b4:
9e:0c:d6:21:69:c0:40:9c:54:0d:0a:a4:04:a7:18:
b3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DB:D6:A9:0F:37:67:CB:E2:0B:C1:EE:8C:81:65:69:6F:78:AB:30
X509v3 Authority Key Identifier:
keyid:72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/wtvWqQ83Z8viC8HujIFlaW94qzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.0.0/21
37.49.152.0/21
37.123.104.0/21
45.153.82.0/23
77.247.80.0/21
109.68.224.0/21
151.252.40.0/21
176.74.56.0/21
185.46.136.0/22
185.54.232.0/22
185.56.104.0/23
185.56.128.0/21
195.192.128.0/18
IPv6:
2a00:13c8::/32
2a00:7fc0::/32
2a04:d480::/29
Signature Algorithm: sha256WithRSAEncryption
af:ea:57:75:09:4b:21:bd:bb:5e:cb:c5:c7:73:e1:4c:24:5d:
fd:83:42:10:1b:71:8e:f3:0c:6d:58:4b:8b:c5:16:fb:58:22:
d5:ff:d7:a5:67:1d:66:97:37:7f:16:a0:b2:99:6d:3a:53:e2:
7b:88:b7:2b:96:33:9d:13:1a:d3:f2:7d:e1:a3:65:30:c6:46:
3d:63:c7:d4:66:a0:46:b7:80:85:f3:89:f6:00:b9:9f:3c:49:
fd:92:f1:87:11:0c:6d:cb:95:33:b7:d1:1d:7a:7e:30:12:15:
20:5b:36:11:0d:bc:07:dc:8f:5b:dd:24:c9:86:50:42:cd:41:
e4:4a:d2:e7:86:a0:e2:d1:ce:7a:77:4c:df:4d:73:d2:a2:68:
c4:49:a3:a5:a6:c4:f2:ed:38:40:45:c3:4a:ca:3f:a9:f5:07:
3c:bd:80:29:24:f2:b4:b0:8f:ba:87:36:ec:aa:b9:16:0c:ca:
87:62:68:64:49:92:54:33:8f:d4:ea:2b:6d:40:82:db:81:0d:
8f:64:cc:29:8b:3f:8d:d8:54:52:f9:c2:41:7c:c0:91:d2:e5:
40:bb:d9:2f:7b:35:68:a7:a1:8f:d1:04:e8:09:ff:7a:d4:76:
5c:39:ff:c3:19:d8:50:f9:69:13:a1:c0:e0:b6:07:62:f0:18:
ce:b8:64:70
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZQijkFJljPRyVXB/HiCjwcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI2YWJjOWUwNmMxYWZlZjliNWZkMmRhNDA0MTJlN2Fl
ZTZiNDcwHhcNMjUwMTAxMTU0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRiZDZhOTBmMzc2N2NiZTIwYmMxZWU4YzgxNjU2OTZmNzhhYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2U88ICWi1CPUsUC1RXrTyBI+8WhG
cAOGq/T/ms2KuB0e9M89z0qPqNBYatvqbPT9OyLSq++pvlyc/hQkrrkAY2d9DBg7
e9s5njfOMsWxKFQh2dtUtTkJBBd6ndz5VpQ5XzYb32rW9rgyFt5z5iNC5SaAJqyL
t4hDIANt5ziZJte6y2OvoOoyLtIbWNYGXakVOiK+l8AomV/FxLH8rspPyu0WOu1d
VDC7ekz9KMc4rObvdOJfVpyjO2LpkjZSXewyYLeN/+CZNKSxx2ZP5Y/KInKGp8fz
Y0htExN9Bn4jFCrl6S0kAmwl2IhiqLtlbrSeDNYhacBAnFQNCqQEpxizYwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFMLb1qkPN2fL4gvB7oyBZWlveKswMB8GA1UdIwQY
MBaAFHLCaryeBsGv75tf0tpAQS567mtHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMt
Y2Q3ZDYxOTEzMjg4LzEvd3R2V3FRODNaOHZpQzhIdWpJRmxhVzk0cXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMtY2Q3ZDYxOTEzMjg4
LzEvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAyUsAAME
AyUxmAMEAyV7aAMEAS2ZUgMEA033UAMEA21E4AMEA5f8KAMEA7BKOAMEArkuiAME
Ark26AMEAbk4aAMEA7k4gAMEBsPAgDAbBAIAAjAVAwUAKgATyAMFACoAf8ADBQMq
BNSAMA0GCSqGSIb3DQEBCwUAA4IBAQCv6ld1CUshvbtey8XHc+FMJF39g0IQG3GO
8wxtWEuLxRb7WCLV/9elZx1mlzd/FqCymW06U+J7iLcrljOdExrT8n3ho2UwxkY9
Y8fUZqBGt4CF84n2ALmfPEn9kvGHEQxty5Uzt9Eden4wEhUgWzYRDbwH3I9b3STJ
hlBCzUHkStLnhqDi0c56d0zfTXPSomjESaOlpsTy7ThARcNKyj+p9Qc8vYApJPK0
sI+6hzbsqrkWDMqHYmhkSZJUM4/U6ittQILbgQ2PZMwpiz+N2FRS+cJBfMCR0uVA
u9kvezVop6GP0QToCf961HZcOf/DGdhQ+WkTocDgtgdi8BjOuGRw
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:39:35 2025 by rpki-client