Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3hKgU-7Mh-C6duTeApAHHYHyYQA.roa
File: 3hKgU-7Mh-C6duTeApAHHYHyYQA.roa (raw, json)
Hash identifier: 7P48EaA1T0afrKvLtD3xDVuUUEiq3v6UNaW7urenxuA=
Subject key identifier: DE:12:A0:53:EE:CC:87:E0:BA:76:E4:DE:02:90:07:1D:81:F2:61:00
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0193DF6A44F066F1A8402613EEF229CBB5FF
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3hKgU-7Mh-C6duTeApAHHYHyYQA.roa
Signing time: Thu 19 Dec 2024 14:55:03 +0000
ROA not before: Thu 19 Dec 2024 14:55:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198584
IP address blocks: 37.202.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:df:6a:44:f0:66:f1:a8:40:26:13:ee:f2:29:cb:b5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Dec 19 14:55:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de12a053eecc87e0ba76e4de0290071d81f26100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:49:db:04:d9:9a:ab:d0:f8:9c:6c:d0:0d:bf:
c2:2c:7d:17:fe:f2:54:51:8b:7f:c5:9f:b9:92:21:
0f:90:9d:e6:a3:a7:6e:4f:5b:d6:ce:a0:e6:4a:3e:
91:01:3f:97:8e:1d:c4:71:cc:5a:7e:3e:bf:6d:d4:
11:17:21:b2:af:b5:9b:30:40:6b:03:e3:b1:b3:90:
bc:c9:22:26:2f:31:fc:6c:6c:6a:ff:67:d1:61:a5:
a7:57:99:98:80:49:25:eb:07:a5:3e:1c:5d:0e:ed:
ac:39:0d:9a:e7:a3:b3:07:1f:6d:38:a0:44:5b:95:
40:61:c6:66:cc:de:95:5d:6c:13:27:c4:60:dc:ea:
a1:d6:17:2a:14:cf:5c:6c:21:c6:1f:a3:2b:f3:1f:
e5:a6:b8:4a:2b:fd:59:df:b6:10:33:2c:08:23:6c:
7b:7d:27:7c:32:6e:b3:16:84:bc:d1:aa:cc:0e:66:
90:d4:bb:71:70:b4:1f:a2:87:9d:53:b8:7a:f2:ce:
0c:e3:91:ca:7e:c1:c3:a9:9c:cb:07:95:bb:6b:bd:
62:34:d3:59:af:86:c6:2c:1c:73:f0:28:65:eb:c3:
f7:3c:cf:8a:d6:01:d2:4d:1e:9f:48:18:c6:24:87:
54:c8:1c:97:4c:4b:97:92:71:d0:4f:43:a3:6e:52:
6e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:A0:53:EE:CC:87:E0:BA:76:E4:DE:02:90:07:1D:81:F2:61:00
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3hKgU-7Mh-C6duTeApAHHYHyYQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.204.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:a2:06:c5:4e:fb:9c:ed:b3:aa:15:dc:20:9a:7b:34:ff:9f:
81:c5:97:e5:d3:9c:4b:86:95:7c:4c:0f:1d:c2:7d:68:63:c9:
68:ab:7f:3a:a3:01:4d:e5:a7:05:8e:28:68:22:b2:40:aa:fe:
53:3b:ad:12:54:ef:d9:8a:4f:ec:e7:21:58:36:ec:80:45:f6:
0b:02:cd:0a:f4:1b:74:a3:5e:db:dd:78:a5:c5:34:2a:f6:81:
a2:7e:c4:50:6a:1a:ba:a2:9e:87:d0:d4:42:68:73:99:90:d1:
e0:fd:92:86:1d:8e:5e:0d:dc:8c:7b:8e:f3:fa:db:33:ad:65:
d2:94:f7:11:8b:fa:ad:25:b1:5a:3e:bd:8b:83:ea:60:ea:37:
9c:34:2a:a7:b4:87:e6:84:12:16:31:78:57:88:d9:a9:7f:89:
66:80:19:8b:f3:30:f6:b1:09:50:75:31:56:6b:af:95:fb:6b:
94:f9:85:27:5d:48:fe:43:85:c3:3a:a4:30:fa:fa:ab:a7:b0:
3c:0f:f5:c0:52:63:ee:3b:2f:fb:09:7c:41:fa:4b:36:57:07:
ae:b1:c8:d7:5a:03:31:cd:17:e9:b4:18:bd:e7:65:82:a7:da:
00:21:9b:8c:8b:4d:07:45:1c:c4:c1:9d:25:99:d0:c7:4a:ec:
c8:cf:41:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPfakTwZvGoQCYT7vIpy7X/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMjE5MTQ1NTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyYTA1M2VlY2M4N2UwYmE3NmU0ZGUwMjkwMDcxZDgxZjI2MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsknbBNmaq9D4nGzQDb/CLH0X/vJU
UYt/xZ+5kiEPkJ3mo6duT1vWzqDmSj6RAT+Xjh3Eccxafj6/bdQRFyGyr7WbMEBr
A+Oxs5C8ySImLzH8bGxq/2fRYaWnV5mYgEkl6welPhxdDu2sOQ2a56OzBx9tOKBE
W5VAYcZmzN6VXWwTJ8Rg3Oqh1hcqFM9cbCHGH6Mr8x/lprhKK/1Z37YQMywII2x7
fSd8Mm6zFoS80arMDmaQ1LtxcLQfooedU7h68s4M45HKfsHDqZzLB5W7a71iNNNZ
r4bGLBxz8Chl68P3PM+K1gHSTR6fSBjGJIdUyByXTEuXknHQT0OjblJuxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4SoFPuzIfgunbk3gKQBx2B8mEAMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM2hLZ1UtN01oLUM2ZHVUZUFwQUhIWUh5WVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcrMMA0G
CSqGSIb3DQEBCwUAA4IBAQCaogbFTvuc7bOqFdwgmns0/5+BxZfl05xLhpV8TA8d
wn1oY8loq386owFN5acFjihoIrJAqv5TO60SVO/Zik/s5yFYNuyARfYLAs0K9Bt0
o17b3XilxTQq9oGifsRQahq6op6H0NRCaHOZkNHg/ZKGHY5eDdyMe47z+tszrWXS
lPcRi/qtJbFaPr2Lg+pg6jecNCqntIfmhBIWMXhXiNmpf4lmgBmL8zD2sQlQdTFW
a6+V+2uU+YUnXUj+Q4XDOqQw+vqrp7A8D/XAUmPuOy/7CXxB+ks2VweuscjXWgMx
zRfptBi952WCp9oAIZuMi00HRRzEwZ0lmdDHSuzIz0Hd
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:14:53 2025 by rpki-client