Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/xJetAjXRbPTX957PRc-ZRikOCag.roa
File: xJetAjXRbPTX957PRc-ZRikOCag.roa (raw, json)
Hash identifier: zIdEISxA+75bDRZATAE0MJ7G/Gr2I74NP3sEuTFZFW8=
Subject key identifier: C4:97:AD:02:35:D1:6C:F4:D7:F7:9E:CF:45:CF:99:46:29:0E:09:A8
Certificate issuer: /CN=f563da6eb3b7a07fdc4525883004970d640b036b
Certificate serial: 01942143FB6F0FDF6AD707625AEAAB9AC3AE
Authority key identifier: F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/xJetAjXRbPTX957PRc-ZRikOCag.roa
Signing time: Wed 01 Jan 2025 09:48:10 +0000
ROA not before: Wed 01 Jan 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6661
IP address blocks: 37.157.152.0/21 maxlen: 24
78.141.128.0/18 maxlen: 24
83.99.0.0/17 maxlen: 24
87.240.192.0/18 maxlen: 24
88.207.128.0/17 maxlen: 24
107.183.0.0/17 maxlen: 24
146.0.128.0/18 maxlen: 24
146.0.212.0/22 maxlen: 24
146.0.216.0/21 maxlen: 24
178.254.64.0/18 maxlen: 24
185.32.236.0/22 maxlen: 24
188.115.0.0/18 maxlen: 24
194.154.192.0/19 maxlen: 24
195.46.224.0/19 maxlen: 24
213.135.224.0/19 maxlen: 24
213.166.32.0/19 maxlen: 24
2001:7e8::/32 maxlen: 48
2a00:ca60::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:fb:6f:0f:df:6a:d7:07:62:5a:ea:ab:9a:c3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f563da6eb3b7a07fdc4525883004970d640b036b
Validity
Not Before: Jan 1 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c497ad0235d16cf4d7f79ecf45cf9946290e09a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e1:a5:7e:2a:78:e8:5a:6f:8d:e8:b4:21:6a:
4b:6f:f7:b7:79:11:f1:5e:50:02:b1:a2:7c:c8:da:
8b:47:86:50:39:e9:6f:f4:a7:a6:1b:da:95:b0:b0:
39:7e:59:c3:93:b4:34:46:35:bd:a0:93:24:3e:1e:
4b:14:01:fa:6a:f3:ca:c2:74:9c:b3:c2:35:f9:13:
a9:fc:dd:5e:e9:f0:ea:19:aa:1b:23:c8:1a:1b:37:
f9:69:82:7c:d9:94:a0:3a:ee:1a:f6:b7:8f:cb:88:
c8:90:4e:b0:b4:f4:b0:f2:4e:6c:69:f0:91:ed:ac:
c5:87:45:62:28:f2:94:8e:23:37:f9:e5:03:5e:b6:
c1:4f:f9:cc:f4:5a:c3:28:48:6e:22:7d:c1:bd:21:
e8:ed:63:5c:4f:f0:00:c7:3e:ac:e7:22:18:08:86:
2a:82:4c:be:1f:82:c7:1f:30:e4:55:c9:96:69:ef:
5b:a5:df:ed:2f:53:5c:46:ef:d6:8b:ab:37:74:ac:
73:7f:2b:8e:d5:33:99:1a:13:93:fc:02:8a:f1:04:
97:f5:20:e5:5c:ea:7b:8a:b6:b7:bc:64:c8:44:b5:
2d:07:0b:34:8e:f8:42:10:95:5d:66:66:bb:13:91:
d8:14:3c:71:d4:88:14:f1:0a:ae:db:9f:ec:3e:33:
71:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:97:AD:02:35:D1:6C:F4:D7:F7:9E:CF:45:CF:99:46:29:0E:09:A8
X509v3 Authority Key Identifier:
keyid:F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/xJetAjXRbPTX957PRc-ZRikOCag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.152.0/21
78.141.128.0/18
83.99.0.0/17
87.240.192.0/18
88.207.128.0/17
107.183.0.0/17
146.0.128.0/18
146.0.212.0-146.0.223.255
178.254.64.0/18
185.32.236.0/22
188.115.0.0/18
194.154.192.0/19
195.46.224.0/19
213.135.224.0/19
213.166.32.0/19
IPv6:
2001:7e8::/32
2a00:ca60::/32
Signature Algorithm: sha256WithRSAEncryption
6b:cb:17:b8:b0:7c:97:85:98:69:d8:76:69:e4:21:ac:92:72:
ab:2e:93:89:4f:c1:ee:ea:4b:95:d5:56:9f:13:fe:c8:cb:96:
52:d6:ec:a2:86:37:8d:eb:7c:d7:a5:33:a1:d1:10:19:db:64:
23:b8:47:8c:fb:75:58:ff:d0:6d:95:6c:13:76:b0:33:6a:2c:
ff:b2:82:0d:e6:6a:80:b3:15:4f:ad:d7:a5:50:64:41:4a:59:
ab:89:8e:44:b8:6c:5c:90:12:4d:79:20:0f:6d:03:04:4f:d1:
56:35:d0:33:1b:cf:02:b4:5e:8a:6b:8a:6a:61:2f:35:1c:e6:
c8:44:3e:ce:16:6f:4f:07:48:8b:fc:b8:ca:cb:72:8e:ff:2e:
38:6d:fe:2e:2d:b4:af:fa:b0:08:10:59:cf:ff:98:92:b5:df:
02:bc:89:c3:3a:1c:a4:4b:f3:c5:62:07:d5:76:02:18:d7:0c:
b0:74:3b:9a:ca:98:01:81:d1:01:de:f2:80:96:84:32:f8:35:
cb:1e:75:e9:17:39:cf:12:ce:c9:da:4b:74:ba:22:5e:f4:80:
7d:7a:14:fb:78:0f:69:cc:eb:88:99:46:84:b3:60:8b:4e:3e:
21:3f:9f:a0:16:b0:73:a4:4c:ae:69:ef:e3:00:8d:3c:e2:e9:
9f:b6:bc:b7
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZQhQ/tvD99q1wdiWuqrmsOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NjNkYTZlYjNiN2EwN2ZkYzQ1MjU4ODMwMDQ5NzBkNjQw
YjAzNmIwHhcNMjUwMTAxMDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk3YWQwMjM1ZDE2Y2Y0ZDdmNzllY2Y0NWNmOTk0NjI5MGUwOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eGlfip46Fpvjei0IWpLb/e3eRHx
XlACsaJ8yNqLR4ZQOelv9KemG9qVsLA5flnDk7Q0RjW9oJMkPh5LFAH6avPKwnSc
s8I1+ROp/N1e6fDqGaobI8gaGzf5aYJ82ZSgOu4a9rePy4jIkE6wtPSw8k5safCR
7azFh0ViKPKUjiM3+eUDXrbBT/nM9FrDKEhuIn3BvSHo7WNcT/AAxz6s5yIYCIYq
gky+H4LHHzDkVcmWae9bpd/tL1NcRu/Wi6s3dKxzfyuO1TOZGhOT/AKK8QSX9SDl
XOp7ira3vGTIRLUtBws0jvhCEJVdZma7E5HYFDxx1IgU8Qqu25/sPjNxyQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFMSXrQI10Wz01/eez0XPmUYpDgmoMB8GA1UdIwQY
MBaAFPVj2m6zt6B/3EUliDAElw1kCwNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUt
ZTU1MjBhYTdiYTM3LzEveEpldEFqWFJiUFRYOTU3UFJjLVpSaWtPQ2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUtZTU1MjBhYTdiYTM3
LzEvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiAwQDJZ2Y
AwQGTo2AAwQHU2MAAwQGV/DAAwQHWM+AAwQHa7cAAwQGkgCAMAwDBAKSANQDBAWS
AMADBAay/kADBAK5IOwDBAa8cwADBAXCmsADBAXDLuADBAXVh+ADBAXVpiAwFAQC
AAIwDgMFACABB+gDBQAqAMpgMA0GCSqGSIb3DQEBCwUAA4IBAQBryxe4sHyXhZhp
2HZp5CGsknKrLpOJT8Hu6kuV1VafE/7Iy5ZS1uyihjeN63zXpTOh0RAZ22QjuEeM
+3VY/9BtlWwTdrAzaiz/soIN5mqAsxVPrdelUGRBSlmriY5EuGxckBJNeSAPbQME
T9FWNdAzG88CtF6Ka4pqYS81HObIRD7OFm9PB0iL/LjKy3KO/y44bf4uLbSv+rAI
EFnP/5iStd8CvInDOhykS/PFYgfVdgIY1wywdDuaypgBgdEB3vKAloQy+DXLHnXp
FznPEs7J2kt0uiJe9IB9ehT7eA9pzOuImUaEs2CLTj4hP5+gFrBzpEyuae/jAI08
4umftry3
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:13 2025 by rpki-client