Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/0c03a7-4bc5-4a46-8f02-d3dd0938f927/1/AeTFu5TnMK3r-u4JVl68-YS3g-E.roa
File: AeTFu5TnMK3r-u4JVl68-YS3g-E.roa (raw, json)
Hash identifier: ooucI8fJ6asit/VsqnyqkbQn+jBXcjyCnRCA9YYpzAM=
Subject key identifier: 01:E4:C5:BB:94:E7:30:AD:EB:FA:EE:09:56:5E:BC:F9:84:B7:83:E1
Certificate issuer: /CN=a19a39c349f9b85a7d25505f5a4103715c5aa5ac
Certificate serial: 0187ED15DB83F0A492393246ED12D491E1B3
Authority key identifier: A1:9A:39:C3:49:F9:B8:5A:7D:25:50:5F:5A:41:03:71:5C:5A:A5:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oZo5w0n5uFp9JVBfWkEDcVxapaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/0c03a7-4bc5-4a46-8f02-d3dd0938f927/1/AeTFu5TnMK3r-u4JVl68-YS3g-E.roa
Signing time: Fri 05 May 2023 18:04:05 +0000
ROA not before: Fri 05 May 2023 18:04:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 37.140.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ed:15:db:83:f0:a4:92:39:32:46:ed:12:d4:91:e1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a19a39c349f9b85a7d25505f5a4103715c5aa5ac
Validity
Not Before: May 5 18:04:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01e4c5bb94e730adebfaee09565ebcf984b783e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:3a:59:c7:4f:24:ad:ab:37:4f:9e:c2:0d:
b3:76:50:5c:aa:02:ef:3a:f7:1a:f5:2c:88:a2:12:
52:9c:51:c5:84:2b:2d:ba:fa:5d:31:fc:9c:85:19:
ee:e8:29:f8:b2:be:0f:2e:57:55:8b:e2:d6:d3:ce:
f2:66:aa:c1:fc:6a:23:2f:fa:8b:24:06:ba:21:26:
1d:b1:a1:a8:75:92:f3:82:ca:2d:9f:61:a2:9c:9c:
59:bf:e8:32:6a:d9:bc:a5:76:37:72:d1:81:ff:6e:
fe:84:a2:26:46:34:ce:88:ac:9f:89:91:d2:4f:9e:
64:5b:45:ab:d3:d1:12:94:ca:77:f8:68:26:84:3a:
af:58:e9:97:bf:51:8e:1b:16:18:aa:d3:3c:5a:99:
8d:18:0c:c9:1c:e1:5d:01:3d:90:d8:0a:e6:a9:69:
92:c1:76:ce:a3:04:86:ea:72:e4:d1:da:b5:10:e9:
86:11:34:09:a9:11:c2:de:e0:6e:e2:f6:35:e8:94:
59:8a:16:00:d7:25:bb:e9:a9:21:b0:9f:b7:e7:63:
04:a1:11:3b:7f:f2:ec:4d:5a:63:65:a8:b5:5c:da:
c0:11:9f:8b:46:07:11:22:57:54:88:ab:3f:5f:8e:
0d:b4:48:c1:ad:8f:aa:6b:de:92:bd:b2:c1:91:94:
fb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E4:C5:BB:94:E7:30:AD:EB:FA:EE:09:56:5E:BC:F9:84:B7:83:E1
X509v3 Authority Key Identifier:
keyid:A1:9A:39:C3:49:F9:B8:5A:7D:25:50:5F:5A:41:03:71:5C:5A:A5:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oZo5w0n5uFp9JVBfWkEDcVxapaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0c03a7-4bc5-4a46-8f02-d3dd0938f927/1/AeTFu5TnMK3r-u4JVl68-YS3g-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/0c03a7-4bc5-4a46-8f02-d3dd0938f927/1/oZo5w0n5uFp9JVBfWkEDcVxapaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.221.0/24
Signature Algorithm: sha256WithRSAEncryption
50:75:dd:d3:26:49:ea:ac:3a:46:9f:41:9f:99:ae:0f:dd:f2:
cf:43:03:0b:e9:94:21:56:9f:3a:09:6c:20:40:41:62:4f:96:
bb:ae:f2:e5:c1:7e:3d:2f:02:b5:77:69:f3:2c:2b:80:06:de:
3f:ec:e7:0c:37:55:39:2c:38:ad:17:4a:1f:c1:02:cb:2a:89:
07:51:25:f4:37:b4:ad:b4:d2:86:db:08:92:bc:b2:9d:36:13:
a1:55:a2:e8:41:a1:52:27:74:0d:c0:29:3c:cd:98:cd:0b:62:
83:3b:34:3d:3e:8d:d8:1d:bb:f2:09:11:5a:c3:67:0c:88:68:
f9:ae:df:54:fb:26:ea:6b:44:22:41:f4:75:df:42:05:76:c2:
61:da:3e:d4:16:04:dd:62:6f:20:79:38:a2:7b:b5:11:da:be:
b6:c6:87:0b:1d:5f:fe:f4:5e:1d:af:92:a4:fc:81:bd:4d:75:
82:f8:1d:d4:7c:86:61:e6:5c:24:17:9c:2e:f1:81:46:9f:c5:
9a:a9:10:6c:9a:5a:f4:aa:fb:60:b8:5c:d3:b4:94:79:ad:b7:
fd:90:ea:40:7c:e5:83:11:c5:35:c3:24:df:1b:f3:91:4e:88:
cf:bc:db:8d:56:56:ca:7f:b3:09:a0:3a:43:84:b6:cf:6d:06:
bd:86:47:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYftFduD8KSSOTJG7RLUkeGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExOWEzOWMzNDlmOWI4NWE3ZDI1NTA1ZjVhNDEwMzcxNWM1
YWE1YWMwHhcNMjMwNTA1MTgwNDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWU0YzViYjk0ZTczMGFkZWJmYWVlMDk1NjVlYmNmOTg0Yjc4M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqso6WcdPJK2rN0+ewg2zdlBcqgLv
Ovca9SyIohJSnFHFhCstuvpdMfychRnu6Cn4sr4PLldVi+LW087yZqrB/GojL/qL
JAa6ISYdsaGodZLzgsotn2GinJxZv+gyatm8pXY3ctGB/27+hKImRjTOiKyfiZHS
T55kW0Wr09ESlMp3+GgmhDqvWOmXv1GOGxYYqtM8WpmNGAzJHOFdAT2Q2ArmqWmS
wXbOowSG6nLk0dq1EOmGETQJqRHC3uBu4vY16JRZihYA1yW76akhsJ+352MEoRE7
f/LsTVpjZai1XNrAEZ+LRgcRIldUiKs/X44NtEjBrY+qa96SvbLBkZT7mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHkxbuU5zCt6/ruCVZevPmEt4PhMB8GA1UdIwQY
MBaAFKGaOcNJ+bhafSVQX1pBA3FcWqWsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1pvNXcwbjV1RnA5SlZCZldrRURjVnhhcGF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wYzAzYTctNGJjNS00YTQ2LThmMDIt
ZDNkZDA5MzhmOTI3LzEvQWVURnU1VG5NSzNyLXU0SlZsNjgtWVMzZy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wYzAzYTctNGJjNS00YTQ2LThmMDItZDNkZDA5MzhmOTI3
LzEvb1pvNXcwbjV1RnA5SlZCZldrRURjVnhhcGF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYzdMA0G
CSqGSIb3DQEBCwUAA4IBAQBQdd3TJknqrDpGn0Gfma4P3fLPQwML6ZQhVp86CWwg
QEFiT5a7rvLlwX49LwK1d2nzLCuABt4/7OcMN1U5LDitF0ofwQLLKokHUSX0N7St
tNKG2wiSvLKdNhOhVaLoQaFSJ3QNwCk8zZjNC2KDOzQ9Po3YHbvyCRFaw2cMiGj5
rt9U+ybqa0QiQfR130IFdsJh2j7UFgTdYm8geTiie7UR2r62xocLHV/+9F4dr5Kk
/IG9TXWC+B3UfIZh5lwkF5wu8YFGn8WaqRBsmlr0qvtguFzTtJR5rbf9kOpAfOWD
EcU1wyTfG/ORTojPvNuNVlbKf7MJoDpDhLbPbQa9hkf4
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:36 2025 by rpki-client