Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/036434-e95e-4426-8d1c-67280c8bbab8/1/dUHtzdOigEdCMJb0gXsKu7_CR9E.roa
File: dUHtzdOigEdCMJb0gXsKu7_CR9E.roa (raw, json)
Hash identifier: qHPvPZRfGsBNL2Al0WMsavpV3isIJ/xgOqxOV/q3Zgg=
Subject key identifier: 75:41:ED:CD:D3:A2:80:47:42:30:96:F4:81:7B:0A:BB:BF:C2:47:D1
Certificate issuer: /CN=0239ae11188088547eb3e523483cca98556c115b
Certificate serial: 0194252184B2FAA47B4C47DA8BB2892F6B5D
Authority key identifier: 02:39:AE:11:18:80:88:54:7E:B3:E5:23:48:3C:CA:98:55:6C:11:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjmuERiAiFR-s-UjSDzKmFVsEVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/036434-e95e-4426-8d1c-67280c8bbab8/1/dUHtzdOigEdCMJb0gXsKu7_CR9E.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52126
IP address blocks: 37.26.240.0/21 maxlen: 21
77.83.208.0/22 maxlen: 22
95.130.8.0/21 maxlen: 21
147.78.36.0/22 maxlen: 22
152.89.112.0/22 maxlen: 22
185.12.34.0/23 maxlen: 23
185.32.216.0/22 maxlen: 22
2a02:a80::/29 maxlen: 32
2a02:ebc0::/29 maxlen: 29
2a10:7340::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:84:b2:fa:a4:7b:4c:47:da:8b:b2:89:2f:6b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0239ae11188088547eb3e523483cca98556c115b
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7541edcdd3a28047423096f4817b0abbbfc247d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:da:30:94:9c:75:fe:b5:90:4c:30:fa:38:88:
eb:50:4c:1b:fc:51:ee:8e:08:50:bc:e4:ea:71:6f:
f3:5b:82:9e:09:d9:a2:e6:1f:ec:c9:ca:cb:8c:d1:
b0:95:2b:6c:af:93:fe:75:00:3a:20:78:ae:cc:fe:
e9:ad:75:c3:d1:23:13:d4:8a:a7:5d:a1:db:c1:b1:
49:17:86:88:4d:29:42:af:bb:a2:fa:af:af:21:5c:
1e:c1:8b:43:06:57:8a:f8:3a:52:d3:b7:f6:c9:02:
bc:8b:2a:08:a4:01:ea:5f:5c:26:7c:70:23:0a:d2:
cd:b7:ac:e5:28:8e:d7:ce:55:d6:f0:8e:ab:34:29:
a2:f5:46:45:de:9a:df:6b:57:97:19:f0:f8:c6:a4:
c4:8c:e0:e8:90:6a:b5:5e:f7:e5:75:f3:8c:2b:86:
40:cd:2e:8c:c9:7b:ac:63:0a:78:97:8b:da:51:ab:
6a:7f:3d:e6:6e:5c:9c:3b:02:1d:7b:6e:74:cf:f9:
f1:7a:02:d8:9c:15:09:cd:e7:26:a4:b5:4a:8b:05:
9f:25:8a:9c:e6:33:f3:8d:fc:25:50:38:a5:02:b5:
03:a8:1d:95:0e:90:97:3e:21:a9:15:2e:ca:f3:ef:
b8:72:ee:7e:ff:f2:4e:55:0e:d7:88:6b:a4:52:a2:
5c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:41:ED:CD:D3:A2:80:47:42:30:96:F4:81:7B:0A:BB:BF:C2:47:D1
X509v3 Authority Key Identifier:
keyid:02:39:AE:11:18:80:88:54:7E:B3:E5:23:48:3C:CA:98:55:6C:11:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjmuERiAiFR-s-UjSDzKmFVsEVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/036434-e95e-4426-8d1c-67280c8bbab8/1/dUHtzdOigEdCMJb0gXsKu7_CR9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/036434-e95e-4426-8d1c-67280c8bbab8/1/AjmuERiAiFR-s-UjSDzKmFVsEVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.240.0/21
77.83.208.0/22
95.130.8.0/21
147.78.36.0/22
152.89.112.0/22
185.12.34.0/23
185.32.216.0/22
IPv6:
2a02:a80::/29
2a02:ebc0::/29
2a10:7340::/29
Signature Algorithm: sha256WithRSAEncryption
44:40:1d:03:34:d1:02:87:04:14:90:77:8f:ce:24:97:65:7b:
51:55:eb:cd:ba:92:22:8b:0a:38:d3:5b:3e:f5:e4:d8:b7:87:
39:85:9f:78:d5:db:1a:98:53:72:30:48:4c:b1:f6:d7:21:8f:
c3:98:bf:0e:18:5e:7d:78:ab:ed:d3:a8:1a:bc:d3:26:7d:83:
43:be:fb:ef:9e:1e:09:e3:b4:6f:ea:30:23:06:8c:01:90:32:
7b:2d:80:f7:41:70:12:23:4f:10:b4:fe:9b:0e:50:e5:ff:9a:
b3:d8:08:21:84:4e:70:97:f0:f0:3a:5f:51:8d:e7:0a:32:9d:
a1:d8:98:fa:da:88:30:5e:95:ab:40:a2:50:58:d9:b0:59:fb:
23:78:c1:2a:37:3c:cb:f9:ab:1d:c5:f4:e5:40:91:7a:2e:c4:
78:4e:97:3b:90:78:ad:be:16:db:81:6c:1d:5b:2a:17:67:0e:
54:2d:84:0c:33:18:10:5d:98:35:53:fa:6a:33:64:0b:fe:0b:
f9:49:fd:9e:2b:e8:47:53:79:07:c5:e8:09:df:65:7d:d6:3a:
3f:4c:d6:e9:81:ce:cf:06:1f:74:03:74:07:50:74:64:02:08:
fc:07:89:43:3f:e9:82:9a:60:ce:e5:60:03:f6:70:17:93:61:
a4:91:f3:b5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQlIYSy+qR7TEfai7KJL2tdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzlhZTExMTg4MDg4NTQ3ZWIzZTUyMzQ4M2NjYTk4NTU2
YzExNWIwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQxZWRjZGQzYTI4MDQ3NDIzMDk2ZjQ4MTdiMGFiYmJmYzI0N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9owlJx1/rWQTDD6OIjrUEwb/FHu
jghQvOTqcW/zW4KeCdmi5h/sycrLjNGwlStsr5P+dQA6IHiuzP7prXXD0SMT1Iqn
XaHbwbFJF4aITSlCr7ui+q+vIVwewYtDBleK+DpS07f2yQK8iyoIpAHqX1wmfHAj
CtLNt6zlKI7XzlXW8I6rNCmi9UZF3prfa1eXGfD4xqTEjODokGq1XvfldfOMK4ZA
zS6MyXusYwp4l4vaUatqfz3mblycOwIde250z/nxegLYnBUJzecmpLVKiwWfJYqc
5jPzjfwlUDilArUDqB2VDpCXPiGpFS7K8++4cu5+//JOVQ7XiGukUqJcfQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHVB7c3TooBHQjCW9IF7Cru/wkfRMB8GA1UdIwQY
MBaAFAI5rhEYgIhUfrPlI0g8yphVbBFbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWptdUVSaUFpRlItcy1ValNEekttRlZzRVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wMzY0MzQtZTk1ZS00NDI2LThkMWMt
NjcyODBjOGJiYWI4LzEvZFVIdHpkT2lnRWRDTUpiMGdYc0t1N19DUjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wMzY0MzQtZTk1ZS00NDI2LThkMWMtNjcyODBjOGJiYWI4
LzEvQWptdUVSaUFpRlItcy1ValNEekttRlZzRVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQDJRrwAwQC
TVPQAwQDX4IIAwQCk04kAwQCmFlwAwQBuQwiAwQCuSDYMBsEAgACMBUDBQMqAgqA
AwUDKgLrwAMFAyoQc0AwDQYJKoZIhvcNAQELBQADggEBAERAHQM00QKHBBSQd4/O
JJdle1FV6826kiKLCjjTWz715Ni3hzmFn3jV2xqYU3IwSEyx9tchj8OYvw4YXn14
q+3TqBq80yZ9g0O++++eHgnjtG/qMCMGjAGQMnstgPdBcBIjTxC0/psOUOX/mrPY
CCGETnCX8PA6X1GN5woynaHYmPraiDBelatAolBY2bBZ+yN4wSo3PMv5qx3F9OVA
kXouxHhOlzuQeK2+FtuBbB1bKhdnDlQthAwzGBBdmDVT+mozZAv+C/lJ/Z4r6EdT
eQfF6AnfZX3WOj9M1umBzs8GH3QDdAdQdGQCCPwHiUM/6YKaYM7lYAP2cBeTYaSR
87U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:27 2025 by rpki-client