Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/i9yAnMnyEMrg7T7aDDH8JArB3TQ.roa
File: i9yAnMnyEMrg7T7aDDH8JArB3TQ.roa (raw, json)
Hash identifier: 8JBTALXlJ9+s/yyV7yW3YQfr+neZyem6qUbRvZ5oDAQ=
Subject key identifier: 8B:DC:80:9C:C9:F2:10:CA:E0:ED:3E:DA:0C:31:FC:24:0A:C1:DD:34
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195C1CECC43288688F18803E18E819A1D82
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/i9yAnMnyEMrg7T7aDDH8JArB3TQ.roa
Signing time: Sun 23 Mar 2025 07:01:49 +0000
ROA not before: Sun 23 Mar 2025 07:01:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211750
IP address blocks: 37.202.223.0/24 maxlen: 24
151.243.126.0/24 maxlen: 24
151.243.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c1:ce:cc:43:28:86:88:f1:88:03:e1:8e:81:9a:1d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 23 07:01:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bdc809cc9f210cae0ed3eda0c31fc240ac1dd34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:47:a8:97:65:c9:d2:ea:8f:8b:82:fc:d3:77:
ee:72:44:98:09:eb:ca:7c:2b:a4:2b:68:b7:8e:a3:
36:92:52:8a:73:37:e9:ea:3a:06:7f:96:f5:53:22:
fc:66:e2:72:5b:5f:9a:0c:db:05:38:18:1e:04:a2:
2f:71:6c:d7:bb:bd:49:7e:04:7c:26:b1:62:fc:15:
7e:5f:a8:79:32:d4:73:99:50:5f:7f:59:75:bd:b3:
ce:06:0c:a2:67:23:1b:03:ee:74:ee:b9:2b:4b:db:
c2:ea:77:3d:65:d2:a7:58:37:ef:bf:80:2e:ad:21:
e0:41:1a:57:22:d1:69:6e:53:05:55:97:3b:ca:ac:
89:44:f5:7d:9b:bc:de:08:6d:cb:b1:8e:fa:ae:70:
33:c0:ad:e4:d8:85:36:fb:3d:c8:7c:81:17:5e:16:
3e:82:d9:70:e9:59:1a:87:ea:49:c6:25:ae:91:ed:
6a:fb:c3:c3:62:0d:0e:a7:84:01:a2:48:28:a0:d5:
f5:15:61:39:14:c5:a0:ff:0f:22:01:63:4c:5b:27:
31:31:cd:4b:9b:ca:6e:61:ed:86:cb:65:43:6e:f9:
60:fd:f1:42:3b:0c:4f:17:bb:60:c0:b9:7b:90:af:
67:72:0a:dd:d8:d2:00:a0:cd:8b:68:4f:6b:5d:6d:
e1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DC:80:9C:C9:F2:10:CA:E0:ED:3E:DA:0C:31:FC:24:0A:C1:DD:34
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/i9yAnMnyEMrg7T7aDDH8JArB3TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.223.0/24
151.243.126.0/23
Signature Algorithm: sha256WithRSAEncryption
22:35:7a:ee:33:ca:d1:8b:e8:a9:1b:31:44:f7:59:e4:49:61:
99:1d:02:df:d4:9d:71:60:3a:83:70:93:e2:5f:a8:7c:3c:a7:
01:2b:51:55:db:32:b6:8f:29:9f:ce:4e:cb:a2:6a:5b:e6:03:
69:64:d1:93:2c:ba:08:4e:0a:77:a3:f3:62:f3:35:c0:7c:74:
24:b3:ad:27:95:01:2a:50:83:3c:b8:e3:b0:e2:da:86:12:23:
c3:01:72:c5:b9:5d:e7:d0:b7:e0:b2:a7:31:5f:dc:5c:9e:2c:
d5:0f:de:e0:c6:4b:f8:3d:a0:1b:9d:d8:9e:66:3c:13:8d:d0:
f7:5e:fd:22:42:0e:f3:93:b6:68:09:46:b6:1a:b6:30:94:5d:
f4:9c:7a:17:7c:f8:56:bc:f0:5a:86:53:18:7b:80:d8:87:b8:
ee:c4:b1:2d:fa:9d:13:80:71:90:6f:e8:d2:6e:df:6b:87:0f:
75:e6:ad:f2:1e:60:72:cf:39:a1:14:a1:99:6b:de:41:9c:b1:
47:6c:ac:54:90:c1:80:5d:df:9f:3f:02:ea:86:bc:c3:01:45:
7e:a5:eb:97:fa:8a:02:d6:d7:dc:e2:7c:0a:06:c2:ca:c1:a4:
fb:48:a8:ad:5a:78:30:43:a4:b1:ab:ac:c7:36:11:4c:9a:3f:
4d:e1:80:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXBzsxDKIaI8YgD4Y6Bmh2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzIzMDcwMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRjODA5Y2M5ZjIxMGNhZTBlZDNlZGEwYzMxZmMyNDBhYzFkZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEeol2XJ0uqPi4L803fuckSYCevK
fCukK2i3jqM2klKKczfp6joGf5b1UyL8ZuJyW1+aDNsFOBgeBKIvcWzXu71JfgR8
JrFi/BV+X6h5MtRzmVBff1l1vbPOBgyiZyMbA+507rkrS9vC6nc9ZdKnWDfvv4Au
rSHgQRpXItFpblMFVZc7yqyJRPV9m7zeCG3LsY76rnAzwK3k2IU2+z3IfIEXXhY+
gtlw6Vkah+pJxiWuke1q+8PDYg0Op4QBokgooNX1FWE5FMWg/w8iAWNMWycxMc1L
m8puYe2Gy2VDbvlg/fFCOwxPF7tgwLl7kK9ncgrd2NIAoM2LaE9rXW3h+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIvcgJzJ8hDK4O0+2gwx/CQKwd00MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaTl5QW5NbnlFTXJnN1Q3YURESDhKQXJCM1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJcrfAwQB
l/N+MA0GCSqGSIb3DQEBCwUAA4IBAQAiNXruM8rRi+ipGzFE91nkSWGZHQLf1J1x
YDqDcJPiX6h8PKcBK1FV2zK2jymfzk7Lompb5gNpZNGTLLoITgp3o/Ni8zXAfHQk
s60nlQEqUIM8uOOw4tqGEiPDAXLFuV3n0LfgsqcxX9xcnizVD97gxkv4PaAbndie
ZjwTjdD3Xv0iQg7zk7ZoCUa2GrYwlF30nHoXfPhWvPBahlMYe4DYh7juxLEt+p0T
gHGQb+jSbt9rhw915q3yHmByzzmhFKGZa95BnLFHbKxUkMGAXd+fPwLqhrzDAUV+
peuX+ooC1tfc4nwKBsLKwaT7SKitWngwQ6Sxq6zHNhFMmj9N4YD6
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:48 2025 by rpki-client