Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kOnf6jx2t-h3ZowX7XYamk2cre0.roa
File: kOnf6jx2t-h3ZowX7XYamk2cre0.roa (raw, json)
Hash identifier: hWkDFWTNiDjlSjQQMwgEf3Ap7GC6noQArCYXdaXqv9c=
Subject key identifier: 90:E9:DF:EA:3C:76:B7:E8:77:66:8C:17:ED:76:1A:9A:4D:9C:AD:ED
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01940CC8E1A0B81E97E7502FBC920A727324
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kOnf6jx2t-h3ZowX7XYamk2cre0.roa
Signing time: Sat 28 Dec 2024 10:21:18 +0000
ROA not before: Sat 28 Dec 2024 10:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.202.205.0/24 maxlen: 24
37.202.208.0/23 maxlen: 24
37.202.210.0/24 maxlen: 24
37.202.212.0/23 maxlen: 24
151.243.137.0/24 maxlen: 24
151.243.162.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0c:c8:e1:a0:b8:1e:97:e7:50:2f:bc:92:0a:72:73:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Dec 28 10:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90e9dfea3c76b7e877668c17ed761a9a4d9caded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:64:e2:fc:7b:4e:50:5b:4e:1e:8a:9b:e5:
e8:58:b7:3e:ac:48:54:e3:99:ac:ba:b5:e0:4e:8f:
c8:30:bc:26:18:52:ea:ca:5b:65:4b:1a:4c:70:00:
eb:55:b9:e8:3f:a1:28:cc:fc:bc:39:a7:6f:0f:c7:
d7:e8:de:5f:f8:5c:1c:d1:06:28:94:a3:46:09:b2:
21:96:08:bf:8f:a4:ce:6e:46:8d:f8:5b:f6:da:79:
f4:1c:3a:c6:f4:4f:c0:52:29:58:cf:81:c9:91:ce:
e5:02:73:fd:49:d6:fb:00:a6:f9:2c:1b:0c:90:9e:
36:e7:50:56:37:e3:0b:4b:1f:ad:a8:54:f8:ef:5f:
51:dd:9b:ab:8a:be:b5:d7:1f:fd:52:54:5b:2e:79:
5c:fb:e1:e2:96:8a:c5:1a:95:83:ae:32:b8:52:dc:
a1:b5:59:e0:3f:b7:b1:56:c5:d6:3c:b1:94:10:48:
c6:2d:d5:2f:db:43:d8:68:3c:66:cb:4b:32:e1:ed:
9b:ae:50:ed:da:95:2a:0c:7e:17:f1:5e:08:77:ee:
c2:3f:45:6b:29:62:0a:78:d3:ec:58:2a:97:d9:a3:
39:fe:f6:72:51:67:97:24:94:b9:6e:49:05:4c:61:
78:e1:17:57:bc:7f:ed:23:c3:17:e5:57:da:8a:29:
12:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E9:DF:EA:3C:76:B7:E8:77:66:8C:17:ED:76:1A:9A:4D:9C:AD:ED
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kOnf6jx2t-h3ZowX7XYamk2cre0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.205.0/24
37.202.208.0-37.202.210.255
37.202.212.0/23
151.243.137.0/24
151.243.162.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:10:3b:aa:89:7c:b7:dc:f4:73:fb:e0:e0:f5:9e:a6:4a:39:
8e:5a:a9:71:0e:46:bb:a7:59:60:c6:3d:40:59:da:b2:c6:fa:
ce:8f:a0:49:d0:38:c1:ec:09:a4:4c:42:49:b2:c6:59:67:34:
12:cf:59:be:e9:82:02:81:53:92:f0:c6:df:26:50:e0:ac:9c:
d8:a4:0c:17:b5:07:e0:1e:06:e3:a1:ca:eb:14:f0:aa:ae:64:
ee:ce:3e:ef:2d:6e:ca:87:08:92:5f:fa:31:3d:23:7e:5b:cd:
4d:fe:99:9e:91:19:83:d6:90:29:f8:72:03:30:d8:4c:17:e4:
5f:bb:8e:85:8f:b2:04:bb:0c:8e:3a:27:fe:52:34:51:b6:e4:
9c:2c:b0:4e:03:f3:19:67:15:08:49:ad:c3:27:c3:97:1a:65:
ec:bb:22:58:7e:e2:38:8e:d2:02:81:e2:5b:29:95:bc:1d:51:
62:09:c2:b0:63:c6:05:33:aa:bc:18:5a:30:80:bf:26:82:f1:
8d:9e:63:11:a4:06:27:bd:c8:a8:d8:ef:79:5f:71:7e:ef:6e:
ee:8c:10:b3:48:95:e1:ea:fc:0f:8e:8d:b1:8c:d5:5a:49:56:
79:5d:2d:6f:dd:61:75:9f:0c:b1:de:be:a0:e0:56:5b:80:90:
f3:95:fb:8e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQMyOGguB6X51AvvJIKcnMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMjI4MTAyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGU5ZGZlYTNjNzZiN2U4Nzc2NjhjMTdlZDc2MWE5YTRkOWNhZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyJk4vx7TlBbTh6Km+XoWLc+rEhU
45msurXgTo/IMLwmGFLqyltlSxpMcADrVbnoP6EozPy8OadvD8fX6N5f+Fwc0QYo
lKNGCbIhlgi/j6TObkaN+Fv22nn0HDrG9E/AUilYz4HJkc7lAnP9Sdb7AKb5LBsM
kJ4251BWN+MLSx+tqFT4719R3Zurir611x/9UlRbLnlc++HilorFGpWDrjK4Utyh
tVngP7exVsXWPLGUEEjGLdUv20PYaDxmy0sy4e2brlDt2pUqDH4X8V4Id+7CP0Vr
KWIKeNPsWCqX2aM5/vZyUWeXJJS5bkkFTGF44RdXvH/tI8MX5VfaiikS/QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJDp3+o8drfod2aMF+12GppNnK3tMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva09uZjZqeDJ0LWgzWm93WDdYWWFtazJjcmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAJcrNMAwD
BAQlytADBAAlytIDBAElytQDBACX84kDBACX86IwDQYJKoZIhvcNAQELBQADggEB
AJ4QO6qJfLfc9HP74OD1nqZKOY5aqXEORrunWWDGPUBZ2rLG+s6PoEnQOMHsCaRM
QkmyxllnNBLPWb7pggKBU5Lwxt8mUOCsnNikDBe1B+AeBuOhyusU8KquZO7OPu8t
bsqHCJJf+jE9I35bzU3+mZ6RGYPWkCn4cgMw2EwX5F+7joWPsgS7DI46J/5SNFG2
5JwssE4D8xlnFQhJrcMnw5caZey7Ilh+4jiO0gKB4lsplbwdUWIJwrBjxgUzqrwY
WjCAvyaC8Y2eYxGkBie9yKjY73lfcX7vbu6MELNIleHq/A+OjbGM1VpJVnldLW/d
YXWfDLHevqDgVluAkPOV+44=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:44:12 2025 by rpki-client