Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aiESDwbbPg07xJk-A7yecjNfzvk.roa
File: aiESDwbbPg07xJk-A7yecjNfzvk.roa (raw, json)
Hash identifier: vVn6xMV6XHTPzTAgTIENRTbeJoEimL8LTLBO6M2XeQo=
Subject key identifier: 6A:21:12:0F:06:DB:3E:0D:3B:C4:99:3E:03:BC:9E:72:33:5F:CE:F9
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01957FA341D049D4F57F55A8E04C85BC1679
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aiESDwbbPg07xJk-A7yecjNfzvk.roa
Signing time: Mon 10 Mar 2025 10:39:20 +0000
ROA not before: Mon 10 Mar 2025 10:39:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.222.0/24 maxlen: 24
151.242.63.0/24 maxlen: 24
151.243.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:a3:41:d0:49:d4:f5:7f:55:a8:e0:4c:85:bc:16:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 10 10:39:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a21120f06db3e0d3bc4993e03bc9e72335fcef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b7:85:64:62:3b:55:99:d9:6a:9a:a5:21:99:
a8:a1:ca:d0:1c:03:88:d5:dd:7d:cb:f8:d2:f6:aa:
1d:70:c1:87:d8:83:74:35:f6:96:b8:f1:96:58:2e:
41:cb:18:1a:39:3d:a4:95:ad:c9:a9:0b:e8:de:0b:
ba:5c:a9:31:8e:66:a9:66:df:54:cc:c9:39:43:30:
f4:d3:d5:0d:e8:b7:09:af:46:7e:c5:85:f4:fb:65:
29:e6:31:7d:6a:74:b8:e0:1a:0a:d0:b1:fe:dd:24:
e1:19:50:14:cf:72:16:96:5f:16:5f:9c:66:2a:33:
b6:d1:21:80:70:23:9a:8c:3f:32:6c:f9:8a:9c:c4:
7b:5f:d3:36:b2:30:7d:9f:ed:58:31:d5:30:eb:ea:
7c:6d:04:85:3c:68:bd:a3:b4:d6:74:1c:03:78:1b:
7c:0f:9f:c2:5e:8a:5b:c2:82:22:9b:f9:26:e3:d1:
5c:73:1b:d5:de:98:f5:ce:0f:05:b0:cc:56:7b:d0:
1f:70:0e:69:df:8d:8d:ad:bf:e0:e3:e3:ef:b3:8e:
29:60:38:85:cb:0b:44:c9:26:89:1e:fe:04:04:32:
f0:fe:d1:77:e2:02:5f:dd:c2:25:55:e7:79:ce:7e:
8e:cd:48:27:2d:19:56:68:73:57:d3:97:85:04:da:
f2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:21:12:0F:06:DB:3E:0D:3B:C4:99:3E:03:BC:9E:72:33:5F:CE:F9
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aiESDwbbPg07xJk-A7yecjNfzvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.222.0/24
151.242.63.0/24
151.243.13.0/24
Signature Algorithm: sha256WithRSAEncryption
63:1b:8f:2f:86:46:e3:68:7d:78:58:7b:fb:eb:aa:1e:5a:e8:
d5:68:43:80:d5:40:fd:b1:e1:e2:d7:b4:12:19:3f:07:0c:6f:
e7:8d:b8:9a:b4:f9:3d:7e:27:08:d5:89:d6:14:c2:73:0f:75:
74:06:44:eb:d5:81:2e:81:39:17:9a:2c:29:34:58:2b:58:e2:
cd:eb:6a:25:f1:4c:e5:9e:53:7c:94:9d:b2:aa:b3:8b:98:5f:
b6:53:84:40:b1:c0:89:75:fb:26:5a:31:8d:8f:48:d0:c9:19:
71:9a:54:89:90:c0:4a:55:85:22:bc:44:11:40:26:68:4a:b7:
6b:42:07:01:1b:b4:26:24:1c:9c:61:84:26:bd:3c:d6:33:2c:
10:4d:a7:1b:7d:4e:13:73:90:df:07:a1:71:3e:84:08:16:19:
a2:4b:ad:c1:58:e3:27:c0:23:23:55:fa:d8:07:e8:ec:08:03:
68:91:c4:ae:59:b5:98:02:e6:3f:ff:33:89:11:16:5c:d9:49:
cc:a1:b1:b7:12:a4:90:8e:2e:4e:43:9f:5b:38:bf:81:f9:58:
99:58:fa:16:94:01:0f:32:f8:d7:fe:fe:f4:b0:42:35:26:b7:
ce:ad:76:46:3a:e3:59:8f:c4:87:57:81:c8:c4:82:79:8d:08:
41:a9:51:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZV/o0HQSdT1f1Wo4EyFvBZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzEwMTAzOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTIxMTIwZjA2ZGIzZTBkM2JjNDk5M2UwM2JjOWU3MjMzNWZjZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0beFZGI7VZnZapqlIZmoocrQHAOI
1d19y/jS9qodcMGH2IN0NfaWuPGWWC5ByxgaOT2kla3JqQvo3gu6XKkxjmapZt9U
zMk5QzD009UN6LcJr0Z+xYX0+2Up5jF9anS44BoK0LH+3SThGVAUz3IWll8WX5xm
KjO20SGAcCOajD8ybPmKnMR7X9M2sjB9n+1YMdUw6+p8bQSFPGi9o7TWdBwDeBt8
D5/CXopbwoIim/km49FccxvV3pj1zg8FsMxWe9AfcA5p342Nrb/g4+Pvs44pYDiF
ywtEySaJHv4EBDLw/tF34gJf3cIlVed5zn6OzUgnLRlWaHNX05eFBNryawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGohEg8G2z4NO8SZPgO8nnIzX875MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYWlFU0R3YmJQZzA3eEprLUE3eWVjak5menZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJcreAwQA
l/I/AwQAl/MNMA0GCSqGSIb3DQEBCwUAA4IBAQBjG48vhkbjaH14WHv766oeWujV
aEOA1UD9seHi17QSGT8HDG/njbiatPk9ficI1YnWFMJzD3V0BkTr1YEugTkXmiwp
NFgrWOLN62ol8UzlnlN8lJ2yqrOLmF+2U4RAscCJdfsmWjGNj0jQyRlxmlSJkMBK
VYUivEQRQCZoSrdrQgcBG7QmJBycYYQmvTzWMywQTacbfU4Tc5DfB6FxPoQIFhmi
S63BWOMnwCMjVfrYB+jsCANokcSuWbWYAuY//zOJERZc2UnMobG3EqSQji5OQ59b
OL+B+ViZWPoWlAEPMvjX/v70sEI1JrfOrXZGOuNZj8SHV4HIxIJ5jQhBqVFY
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:28:19 2025 by rpki-client