Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/grw1j9-8samWWiChPkyufP-sl-E.roa
File: grw1j9-8samWWiChPkyufP-sl-E.roa (raw, json)
Hash identifier: NBZBfXg3sE94wmS64tQlSrQjbH2DFUT/GlOy2NVgQiI=
Subject key identifier: 82:BC:35:8F:DF:BC:B1:A9:96:5A:20:A1:3E:4C:AE:7C:FF:AC:97:E1
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 019519C345E160692FAB28A47690B599B568
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/grw1j9-8samWWiChPkyufP-sl-E.roa
Signing time: Tue 18 Feb 2025 15:53:02 +0000
ROA not before: Tue 18 Feb 2025 15:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49690
IP address blocks: 159.151.0.0/18 maxlen: 18
192.109.140.0/24 maxlen: 24
192.109.141.0/24 maxlen: 24
2a07:8140::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:c3:45:e1:60:69:2f:ab:28:a4:76:90:b5:99:b5:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Feb 18 15:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82bc358fdfbcb1a9965a20a13e4cae7cffac97e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:31:c6:77:12:e2:43:96:a4:46:e0:07:a5:7d:
ab:ef:31:fa:f5:24:be:f4:38:06:6e:a7:02:9f:56:
3d:21:17:29:9d:96:bb:ac:ec:71:1c:e7:8d:0e:2c:
71:68:ba:75:c4:b3:e1:48:a2:31:5e:76:ba:df:27:
be:b0:fe:36:5f:df:cd:6d:75:23:16:d4:d9:34:96:
6f:08:a4:6a:68:10:a3:81:bc:09:ef:0a:6c:9d:f9:
83:d2:30:df:6b:74:72:65:5e:9c:9c:47:04:34:69:
e7:f7:90:d4:75:1a:2b:51:31:23:39:70:15:ec:d6:
24:d8:c0:33:3a:e4:1b:bd:d0:0b:36:f1:a4:e1:af:
f0:4d:56:dd:09:f7:d0:f0:0b:d1:9c:52:d3:1b:87:
68:20:19:ea:74:7a:73:bf:aa:63:70:18:d8:d7:f8:
9e:82:f9:f5:4f:2a:3a:4f:8e:ea:a3:7a:4e:d0:50:
5f:62:8b:f3:81:24:69:77:1f:4b:b5:bd:54:e4:b8:
e7:aa:aa:49:f1:d3:37:51:34:41:18:d4:7a:06:5c:
e1:0f:c2:bf:00:1c:36:2f:2d:5e:81:cf:ba:91:1f:
89:5b:d4:15:ff:8e:0d:68:c4:c0:df:60:67:f8:f9:
47:e9:0c:9b:96:1a:4e:df:5d:29:6a:1b:b9:a1:22:
24:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BC:35:8F:DF:BC:B1:A9:96:5A:20:A1:3E:4C:AE:7C:FF:AC:97:E1
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/grw1j9-8samWWiChPkyufP-sl-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.0.0/18
192.109.140.0/23
IPv6:
2a07:8140::/36
Signature Algorithm: sha256WithRSAEncryption
63:c5:d3:77:1b:14:13:47:bd:f6:89:9f:58:60:b2:41:cb:b0:
f0:6f:be:46:35:ee:1c:1c:2c:c8:5e:9e:49:d0:aa:f8:fa:22:
c9:c3:38:37:67:e2:8f:94:56:0d:03:06:15:cb:56:d5:ba:ff:
a0:a6:d3:45:28:1f:86:27:6a:8f:a1:15:81:d8:4f:09:ba:9f:
b6:c6:3a:a9:9c:86:70:f5:45:40:1f:b2:44:fc:9a:4b:5d:4b:
3e:f2:8a:ec:2f:3c:0d:8a:57:59:ec:52:8e:46:f2:c2:fc:cf:
ae:09:4f:29:4f:39:47:46:d7:99:8a:02:50:12:93:a3:43:7d:
76:33:7e:a7:de:99:28:1c:71:02:b6:d2:77:72:5f:5f:94:59:
1e:82:47:97:0a:e7:e4:8e:3e:df:1b:8c:00:a8:3e:28:74:36:
ba:c4:0c:5f:74:df:dd:68:d7:ef:2c:fb:92:d8:dd:da:c9:df:
c7:b8:29:bf:94:f2:81:06:2c:a0:4c:dc:32:68:18:27:27:53:
e4:5c:d5:c5:03:47:8a:c6:7f:99:75:97:31:26:76:fc:3d:5d:
c3:09:95:25:25:f8:64:ce:88:d5:8f:6a:b1:31:2d:ef:77:50:
fd:2e:83:b1:6b:28:50:81:a4:c2:67:d5:be:4e:f1:fc:45:dc:
9c:18:8d:5c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZUZw0XhYGkvqyikdpC1mbVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjUwMjE4MTU1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmJjMzU4ZmRmYmNiMWE5OTY1YTIwYTEzZTRjYWU3Y2ZmYWM5N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozHGdxLiQ5akRuAHpX2r7zH69SS+
9DgGbqcCn1Y9IRcpnZa7rOxxHOeNDixxaLp1xLPhSKIxXna63ye+sP42X9/NbXUj
FtTZNJZvCKRqaBCjgbwJ7wpsnfmD0jDfa3RyZV6cnEcENGnn95DUdRorUTEjOXAV
7NYk2MAzOuQbvdALNvGk4a/wTVbdCffQ8AvRnFLTG4doIBnqdHpzv6pjcBjY1/ie
gvn1Tyo6T47qo3pO0FBfYovzgSRpdx9Ltb1U5LjnqqpJ8dM3UTRBGNR6BlzhD8K/
ABw2Ly1egc+6kR+JW9QV/44NaMTA32Bn+PlH6QyblhpO310pahu5oSIkmwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIK8NY/fvLGpllogoT5Mrnz/rJfhMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvZ3J3MWo5LThzYW1XV2lDaFBreXVmUC1zbC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQGn5cAAwQB
wG2MMA4EAgACMAgDBgQqB4FAADANBgkqhkiG9w0BAQsFAAOCAQEAY8XTdxsUE0e9
9omfWGCyQcuw8G++RjXuHBwsyF6eSdCq+PoiycM4N2fij5RWDQMGFctW1br/oKbT
RSgfhidqj6EVgdhPCbqftsY6qZyGcPVFQB+yRPyaS11LPvKK7C88DYpXWexSjkby
wvzPrglPKU85R0bXmYoCUBKTo0N9djN+p96ZKBxxArbSd3JfX5RZHoJHlwrn5I4+
3xuMAKg+KHQ2usQMX3Tf3WjX7yz7ktjd2snfx7gpv5TygQYsoEzcMmgYJydT5FzV
xQNHisZ/mXWXMSZ2/D1dwwmVJSX4ZM6I1Y9qsTEt73dQ/S6DsWsoUIGkwmfVvk7x
/EXcnBiNXA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:50:30 2025 by rpki-client