Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/w2O9eOlQqLH114BgDYJVsNvoJRs.roa
File: w2O9eOlQqLH114BgDYJVsNvoJRs.roa (raw, json)
Hash identifier: L8s7HCwSb2WD1XxmTWYYwY7RKx9RtykcWg4cYYaa1bA=
Subject key identifier: C3:63:BD:78:E9:50:A8:B1:F5:D7:80:60:0D:82:55:B0:DB:E8:25:1B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7B45197FD951996661D902113B0B2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/w2O9eOlQqLH114BgDYJVsNvoJRs.roa
Signing time: Wed 01 Jan 2025 21:48:46 +0000
ROA not before: Wed 01 Jan 2025 21:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 267507
IP address blocks: 37.202.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:b4:51:97:fd:95:19:96:66:1d:90:21:13:b0:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c363bd78e950a8b1f5d780600d8255b0dbe8251b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:79:e6:a5:4f:07:47:1f:7d:19:87:9e:27:a8:
c4:15:dd:62:0c:fd:15:03:33:90:62:ed:14:c4:ae:
3d:00:ff:7b:4e:db:cf:80:97:db:1c:75:09:ff:d7:
9b:a8:f5:87:0a:e0:5e:4d:2c:57:3c:47:c5:4b:ac:
f8:0a:47:47:16:0d:3f:3d:4c:fe:a7:8d:5b:85:12:
d5:7e:37:d1:a3:95:41:7a:59:24:13:15:06:18:03:
fd:f3:d4:dd:04:b7:62:3c:9e:09:83:03:a7:70:a7:
3b:26:75:72:cc:08:41:a1:6a:40:f4:76:14:99:23:
4c:3c:2e:a0:9b:e2:c8:9d:a0:32:83:19:17:11:c5:
61:63:3f:b1:b3:ed:b3:2b:eb:bb:0f:81:09:bd:12:
a3:9e:0e:42:db:e9:18:67:68:06:c0:29:64:57:d3:
e1:82:c2:8d:d1:67:d5:2a:ae:f5:19:30:3f:74:92:
1f:2e:f8:39:a2:7f:50:38:9a:da:84:86:4c:f0:a2:
33:58:92:10:1b:59:8c:b0:f1:1c:5e:45:f4:bf:83:
75:ef:e4:95:53:ab:db:d4:6b:67:31:4d:45:9d:ef:
7b:84:86:03:82:3a:1b:a1:1d:f0:df:1e:ad:b5:6b:
fb:fd:14:2d:d8:40:13:cf:42:ca:0c:d7:70:b5:cb:
76:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:63:BD:78:E9:50:A8:B1:F5:D7:80:60:0D:82:55:B0:DB:E8:25:1B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/w2O9eOlQqLH114BgDYJVsNvoJRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.218.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0d:8d:d0:d4:1f:ba:c5:0c:ce:e5:66:58:b6:ab:23:26:d5:
db:a2:c3:8c:2a:2c:3d:ea:24:53:26:c2:3d:d9:78:da:f4:b1:
b8:4b:09:ca:20:e5:6a:52:71:ed:ab:57:12:4a:c0:08:75:b1:
13:7c:dd:f6:72:3f:23:5b:f6:17:48:d1:e9:77:33:92:f7:f0:
d6:56:b7:19:de:3a:70:7a:b8:6b:93:27:0a:a0:23:06:6f:e5:
08:f5:ba:14:b6:e9:97:9b:c1:d6:46:68:55:03:d3:b0:41:16:
ff:2e:ac:32:a2:84:46:82:78:b9:5c:09:eb:6f:d7:22:e3:d3:
25:54:db:d6:a9:2f:aa:aa:02:e1:5e:5f:bf:cc:06:e6:51:24:
0a:4d:4a:1a:2f:24:c9:3b:c3:85:32:f7:ab:46:58:0b:df:fa:
fc:b6:a7:a4:38:fb:1a:66:98:1b:cb:2a:23:42:55:09:18:6c:
40:84:08:29:28:be:be:85:d9:9d:7a:6c:9f:0f:35:d0:8d:4c:
08:27:29:9d:25:0d:bf:89:b5:26:6b:57:d7:cd:d7:27:13:ba:
42:46:ea:c0:20:54:6a:7c:b5:4f:30:e2:03:dd:ea:2a:06:97:
c5:af:1f:ee:74:b1:93:31:7e:bf:e8:e7:d1:d1:08:87:25:a4:
2d:fc:47:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj17RRl/2VGZZmHZAhE7CyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzYzYmQ3OGU5NTBhOGIxZjVkNzgwNjAwZDgyNTViMGRiZTgyNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3nmpU8HRx99GYeeJ6jEFd1iDP0V
AzOQYu0UxK49AP97TtvPgJfbHHUJ/9ebqPWHCuBeTSxXPEfFS6z4CkdHFg0/PUz+
p41bhRLVfjfRo5VBelkkExUGGAP989TdBLdiPJ4JgwOncKc7JnVyzAhBoWpA9HYU
mSNMPC6gm+LInaAygxkXEcVhYz+xs+2zK+u7D4EJvRKjng5C2+kYZ2gGwClkV9Ph
gsKN0WfVKq71GTA/dJIfLvg5on9QOJrahIZM8KIzWJIQG1mMsPEcXkX0v4N17+SV
U6vb1GtnMU1Fne97hIYDgjoboR3w3x6ttWv7/RQt2EATz0LKDNdwtct2PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNjvXjpUKix9deAYA2CVbDb6CUbMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdzJPOWVPbFFxTEgxMTRCZ0RZSlZzTnZvSlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcraMA0G
CSqGSIb3DQEBCwUAA4IBAQCJDY3Q1B+6xQzO5WZYtqsjJtXbosOMKiw96iRTJsI9
2Xja9LG4SwnKIOVqUnHtq1cSSsAIdbETfN32cj8jW/YXSNHpdzOS9/DWVrcZ3jpw
erhrkycKoCMGb+UI9boUtumXm8HWRmhVA9OwQRb/LqwyooRGgni5XAnrb9ci49Ml
VNvWqS+qqgLhXl+/zAbmUSQKTUoaLyTJO8OFMverRlgL3/r8tqekOPsaZpgbyyoj
QlUJGGxAhAgpKL6+hdmdemyfDzXQjUwIJymdJQ2/ibUma1fXzdcnE7pCRurAIFRq
fLVPMOID3eoqBpfFrx/udLGTMX6/6OfR0QiHJaQt/Eeq
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:41 2025 by rpki-client