Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/UMngkvwaRjIoN5eBBlFi84sCo3g.roa
File: UMngkvwaRjIoN5eBBlFi84sCo3g.roa (raw, json)
Hash identifier: a8obNUaAoXy5QpQYwb8sCwj2NbkRTv7ZWZ/OkpJ4CGg=
Subject key identifier: 50:C9:E0:92:FC:1A:46:32:28:37:97:81:06:51:62:F3:8B:02:A3:78
Certificate issuer: /CN=3de4598e21736501a73944c107114c850c7d8b09
Certificate serial: 01942369084E50C8C8811ECA9DD2CBF4EF4F
Authority key identifier: 3D:E4:59:8E:21:73:65:01:A7:39:44:C1:07:11:4C:85:0C:7D:8B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeRZjiFzZQGnOUTBBxFMhQx9iwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/UMngkvwaRjIoN5eBBlFi84sCo3g.roa
Signing time: Wed 01 Jan 2025 19:47:53 +0000
ROA not before: Wed 01 Jan 2025 19:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196750
IP address blocks: 37.153.0.0/18 maxlen: 18
37.153.64.0/21 maxlen: 21
2a0e:ba00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:08:4e:50:c8:c8:81:1e:ca:9d:d2:cb:f4:ef:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de4598e21736501a73944c107114c850c7d8b09
Validity
Not Before: Jan 1 19:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50c9e092fc1a463228379781065162f38b02a378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9f:b9:27:6d:37:1b:88:82:f9:19:c3:ea:3a:
c1:24:dc:0e:1b:74:5d:98:94:14:f9:1b:d9:67:2f:
2a:7a:86:bb:ad:40:7d:3e:c2:3d:8d:b1:e9:82:b5:
2e:c3:21:8b:cb:c6:d5:30:b8:e0:20:a3:48:4a:da:
7e:53:a8:b7:f3:22:04:5d:d9:ea:25:5c:3e:ea:4a:
32:bb:a0:67:ce:1f:a1:0c:61:9f:b1:84:82:be:f0:
33:68:c6:0c:56:6b:ec:ba:41:5c:af:28:3d:f1:8c:
8e:b1:cd:56:f1:fe:22:fd:45:57:73:35:5f:06:24:
72:7a:d2:a3:2e:36:33:5a:4c:dd:15:f7:0c:eb:46:
c1:ee:37:ef:3a:26:a9:bb:ff:8f:e5:cf:d3:71:7b:
bc:05:c5:3f:3e:46:f0:38:67:a6:a7:c9:ac:3d:2a:
5f:3c:0b:71:2a:c6:b9:c5:b3:97:9b:fb:31:07:2f:
65:85:7a:49:6e:fa:1b:f6:dd:63:32:6f:3a:b5:8a:
c2:4b:9c:cc:45:00:c5:ee:f3:98:0f:ce:68:28:bf:
fb:cd:65:2f:bd:67:13:74:8e:0c:ad:e5:34:3d:ff:
04:b3:ca:67:e4:98:91:cb:72:bb:28:47:d0:e9:f9:
f7:14:50:0a:16:25:e9:af:bf:5c:50:ba:37:2d:6f:
78:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C9:E0:92:FC:1A:46:32:28:37:97:81:06:51:62:F3:8B:02:A3:78
X509v3 Authority Key Identifier:
keyid:3D:E4:59:8E:21:73:65:01:A7:39:44:C1:07:11:4C:85:0C:7D:8B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeRZjiFzZQGnOUTBBxFMhQx9iwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/UMngkvwaRjIoN5eBBlFi84sCo3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/4d3b8c-7239-483c-a48c-7d608bee3167/1/PeRZjiFzZQGnOUTBBxFMhQx9iwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.0.0-37.153.71.255
IPv6:
2a0e:ba00::/29
Signature Algorithm: sha256WithRSAEncryption
08:80:54:73:10:5a:3b:6f:21:2e:1e:1b:69:dd:97:21:05:c2:
4f:e4:51:1e:a7:52:28:63:92:31:f5:43:1f:b1:60:2f:8e:13:
23:db:b7:fe:67:5f:0e:1b:1f:54:2a:47:a4:09:2c:48:47:1b:
1e:3c:3c:f2:65:1b:9a:6f:27:07:03:b6:79:30:fd:84:2d:ce:
b6:80:6d:b3:65:a2:15:f6:3a:cd:82:18:e4:f0:9f:c6:df:da:
88:4e:b8:91:89:ec:0f:4b:05:cc:d9:72:cb:38:e2:59:47:38:
76:7e:be:55:f2:92:7b:84:3b:f8:e8:07:39:af:6c:6f:54:25:
dd:87:6e:81:ca:4f:c5:dc:55:57:7d:5f:53:18:8c:85:69:8e:
26:b1:d8:55:2d:5f:6e:d0:5f:ae:0a:c2:46:9e:f7:67:d1:26:
a7:7e:30:c2:81:78:b7:5e:bb:d4:7a:23:f7:b1:9a:61:4e:0c:
3c:26:cd:5c:da:15:0a:85:83:9b:fb:5e:14:91:5c:ac:f4:d7:
91:90:64:a1:6c:2c:34:d3:9e:68:f2:18:12:b2:62:1e:66:d1:
e3:8f:39:fe:d9:49:8a:0c:59:65:4d:58:1a:98:76:cf:13:5f:
c1:69:67:a1:81:4b:43:0e:24:04:78:cd:fe:f3:88:19:1e:5c:
fa:bf:67:e0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQjaQhOUMjIgR7KndLL9O9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTQ1OThlMjE3MzY1MDFhNzM5NDRjMTA3MTE0Yzg1MGM3
ZDhiMDkwHhcNMjUwMTAxMTk0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGM5ZTA5MmZjMWE0NjMyMjgzNzk3ODEwNjUxNjJmMzhiMDJhMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5+5J203G4iC+RnD6jrBJNwOG3Rd
mJQU+RvZZy8qeoa7rUB9PsI9jbHpgrUuwyGLy8bVMLjgIKNIStp+U6i38yIEXdnq
JVw+6koyu6Bnzh+hDGGfsYSCvvAzaMYMVmvsukFcryg98YyOsc1W8f4i/UVXczVf
BiRyetKjLjYzWkzdFfcM60bB7jfvOiapu/+P5c/TcXu8BcU/PkbwOGemp8msPSpf
PAtxKsa5xbOXm/sxBy9lhXpJbvob9t1jMm86tYrCS5zMRQDF7vOYD85oKL/7zWUv
vWcTdI4MreU0Pf8Es8pn5JiRy3K7KEfQ6fn3FFAKFiXpr79cULo3LW947QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFDJ4JL8GkYyKDeXgQZRYvOLAqN4MB8GA1UdIwQY
MBaAFD3kWY4hc2UBpzlEwQcRTIUMfYsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVSWmppRnpaUUduT1VUQkJ4Rk1oUXg5aXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi80ZDNiOGMtNzIzOS00ODNjLWE0OGMt
N2Q2MDhiZWUzMTY3LzEvVU1uZ2t2d2FSaklvTjVlQkJsRmk4NHNDbzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi80ZDNiOGMtNzIzOS00ODNjLWE0OGMtN2Q2MDhiZWUzMTY3
LzEvUGVSWmppRnpaUUduT1VUQkJ4Rk1oUXg5aXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwAlmQME
AyWZQDANBAIAAjAHAwUDKg66ADANBgkqhkiG9w0BAQsFAAOCAQEACIBUcxBaO28h
Lh4bad2XIQXCT+RRHqdSKGOSMfVDH7FgL44TI9u3/mdfDhsfVCpHpAksSEcbHjw8
8mUbmm8nBwO2eTD9hC3OtoBts2WiFfY6zYIY5PCfxt/aiE64kYnsD0sFzNlyyzji
WUc4dn6+VfKSe4Q7+OgHOa9sb1Ql3YdugcpPxdxVV31fUxiMhWmOJrHYVS1fbtBf
rgrCRp73Z9Emp34wwoF4t1671Hoj97GaYU4MPCbNXNoVCoWDm/teFJFcrPTXkZBk
oWwsNNOeaPIYErJiHmbR4485/tlJigxZZU1YGph2zxNfwWlnoYFLQw4kBHjN/vOI
GR5c+r9n4A==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:44 2025 by rpki-client