Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XtQc8EXP8poGzV9tfL-ODdCuQjY.roa
File: XtQc8EXP8poGzV9tfL-ODdCuQjY.roa (raw, json)
Hash identifier: 986zK1+ccmLYWDnm+XiyvLtu00BuLh/Wnp92fs1W2/0=
Subject key identifier: 5E:D4:1C:F0:45:CF:F2:9A:06:CD:5F:6D:7C:BF:8E:0D:D0:AE:42:36
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019507F5C7B804CD9D32303B1E32A7BDFEA9
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XtQc8EXP8poGzV9tfL-ODdCuQjY.roa
Signing time: Sat 15 Feb 2025 04:55:02 +0000
ROA not before: Sat 15 Feb 2025 04:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.209.0/24 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.240.105.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.241.110.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.20.0/24 maxlen: 24
151.242.110.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.243.104.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
151.243.212.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:07:f5:c7:b8:04:cd:9d:32:30:3b:1e:32:a7:bd:fe:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 15 04:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ed41cf045cff29a06cd5f6d7cbf8e0dd0ae4236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7e:87:b9:85:5f:bb:8c:a6:26:b7:35:d6:b8:
eb:56:a5:51:49:33:cd:1a:c2:96:88:73:af:17:09:
e7:69:67:b5:b6:f9:a9:b7:4f:be:e4:39:3c:2b:23:
6f:21:de:a0:ed:4a:5e:5a:54:63:cb:ff:1b:c2:98:
b7:86:48:77:86:91:9d:73:a8:29:06:3c:69:25:4d:
c0:ef:c5:0a:03:86:35:76:eb:94:97:a2:86:13:4f:
97:18:c8:f6:f4:f8:d1:6d:93:0e:89:c6:0a:5f:47:
e8:6b:26:ac:92:c4:7f:44:28:85:8a:97:01:c0:06:
44:cb:3c:7b:11:34:f4:08:56:b0:42:b4:49:e2:8e:
89:ae:08:cc:61:aa:1d:92:17:03:31:dd:ef:79:2d:
85:a0:a8:11:e4:67:08:38:75:db:8d:37:b3:f1:f0:
5b:70:9e:25:40:f9:f1:36:8b:2a:5d:60:99:4c:e7:
de:a8:8d:d1:19:a7:85:e4:2e:74:a3:28:07:0e:70:
de:52:15:61:44:4f:7f:f2:45:57:6c:b5:e4:93:b3:
c9:16:18:46:24:af:a0:f0:aa:0b:0a:eb:02:c9:eb:
b0:f7:8f:ce:72:f3:8b:c3:72:af:ca:d7:71:6f:41:
05:03:83:71:c1:67:64:a8:d8:12:53:e6:98:93:b5:
45:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D4:1C:F0:45:CF:F2:9A:06:CD:5F:6D:7C:BF:8E:0D:D0:AE:42:36
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XtQc8EXP8poGzV9tfL-ODdCuQjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.240.105.0/24
151.240.140.0/24
151.241.110.0/24
151.242.14.0/24
151.242.20.0/24
151.242.110.0/24
151.242.117.0/24
151.243.104.0/24
151.243.162.0/24
151.243.212.0/23
Signature Algorithm: sha256WithRSAEncryption
17:34:5f:31:40:93:df:05:81:53:f7:89:c8:d0:82:76:da:e8:
64:4a:7c:6f:b7:c3:2e:e4:2e:0a:2f:c0:9e:aa:4a:da:05:8e:
f6:a5:2e:ab:79:21:b1:4c:1a:16:c2:fe:e9:57:91:15:51:ca:
ed:94:4f:f4:44:66:23:c4:e2:ed:f0:7b:25:c1:69:87:25:da:
54:1d:16:78:e5:37:92:89:f5:9c:c9:2c:6e:e6:93:c8:9c:cb:
c0:8d:0c:38:59:a4:67:72:db:b0:5a:86:37:65:73:98:e2:e4:
42:21:2c:16:1a:76:ca:cb:96:51:20:83:ab:30:3a:5f:57:a4:
30:79:57:dd:7f:8c:23:a6:6c:cd:a7:e8:df:75:87:61:e4:3f:
2d:b5:55:60:67:b3:7b:7f:44:f6:1d:61:e8:80:f0:0b:55:c6:
65:3b:d6:51:1d:39:ae:5d:1b:fe:64:af:af:21:fe:aa:df:d1:
2d:29:08:fe:e8:5b:11:c2:58:a2:a7:8f:98:27:e5:63:13:7c:
a9:2b:df:9c:c0:a2:c5:c1:37:25:fd:b6:6e:7e:fd:0a:67:73:
3a:f5:d4:b4:9d:5d:19:ea:fb:2f:70:88:bb:74:a0:e2:f5:00:
99:aa:03:f4:71:c7:97:0d:c2:d3:ba:51:fd:40:88:0c:f6:eb:
3a:74:4f:35
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZUH9ce4BM2dMjA7HjKnvf6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjE1MDQ1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQ0MWNmMDQ1Y2ZmMjlhMDZjZDVmNmQ3Y2JmOGUwZGQwYWU0MjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X6HuYVfu4ymJrc11rjrVqVRSTPN
GsKWiHOvFwnnaWe1tvmpt0++5Dk8KyNvId6g7UpeWlRjy/8bwpi3hkh3hpGdc6gp
BjxpJU3A78UKA4Y1duuUl6KGE0+XGMj29PjRbZMOicYKX0foayasksR/RCiFipcB
wAZEyzx7ETT0CFawQrRJ4o6JrgjMYaodkhcDMd3veS2FoKgR5GcIOHXbjTez8fBb
cJ4lQPnxNosqXWCZTOfeqI3RGaeF5C50oygHDnDeUhVhRE9/8kVXbLXkk7PJFhhG
JK+g8KoLCusCyeuw94/OcvOLw3Kvytdxb0EFA4NxwWdkqNgSU+aYk7VFpwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFF7UHPBFz/KaBs1fbXy/jg3QrkI2MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWHRRYzhFWFA4cG9HelY5dGZMLU9EZEN1UWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAJcrNMAwD
BAQlytADBAAlytIDBAElytQDBACX8GkDBACX8IwDBACX8W4DBACX8g4DBACX8hQD
BACX8m4DBACX8nUDBACX82gDBACX86IDBAGX89QwDQYJKoZIhvcNAQELBQADggEB
ABc0XzFAk98FgVP3icjQgnba6GRKfG+3wy7kLgovwJ6qStoFjvalLqt5IbFMGhbC
/ulXkRVRyu2UT/REZiPE4u3weyXBaYcl2lQdFnjlN5KJ9ZzJLG7mk8icy8CNDDhZ
pGdy27Bahjdlc5ji5EIhLBYadsrLllEgg6swOl9XpDB5V91/jCOmbM2n6N91h2Hk
Py21VWBns3t/RPYdYeiA8AtVxmU71lEdOa5dG/5kr68h/qrf0S0pCP7oWxHCWKKn
j5gn5WMTfKkr35zAosXBNyX9tm5+/Qpnczr11LSdXRnq+y9wiLt0oOL1AJmqA/Rx
x5cNwtO6Uf1AiAz26zp0TzU=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:04:27 2025 by rpki-client