Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/VifVBKjqmDhUgid5BLElJTuQJo4.roa
File: VifVBKjqmDhUgid5BLElJTuQJo4.roa (raw, json)
Hash identifier: WI5+mxqhucetVt6cCUvKQ5QuoJnG/kLcpHeXlC1Yb5Y=
Subject key identifier: 56:27:D5:04:A8:EA:98:38:54:82:27:79:04:B1:25:25:3B:90:26:8E
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 01957E9E52FE5CC8B55F403FE7CBD53FA246
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/VifVBKjqmDhUgid5BLElJTuQJo4.roa
Signing time: Mon 10 Mar 2025 05:54:19 +0000
ROA not before: Mon 10 Mar 2025 05:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200590
IP address blocks: 37.32.73.0/24 maxlen: 24
185.129.93.0/24 maxlen: 24
185.129.94.0/24 maxlen: 24
185.129.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7e:9e:52:fe:5c:c8:b5:5f:40:3f:e7:cb:d5:3f:a2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Mar 10 05:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5627d504a8ea98385482277904b125253b90268e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:86:76:6f:d7:8b:96:a9:29:95:5f:e5:c1:
9d:ad:19:38:b8:59:9f:a9:97:b3:9e:66:f7:b6:a5:
b9:17:c6:5d:d5:e0:26:ad:f4:de:11:24:c0:a6:25:
b2:df:92:e9:b6:01:bf:b5:85:20:63:64:41:88:15:
6e:3b:ce:0b:1b:9f:bb:dd:f3:54:92:3b:a9:ca:58:
a4:0d:2d:4a:5b:b3:bb:76:0c:7e:50:08:31:73:3b:
c4:f4:63:6d:8a:16:96:b7:20:34:cb:92:88:cf:47:
99:05:c9:cd:dc:32:3a:44:38:80:12:11:81:e3:83:
68:5b:e4:90:6c:f7:5b:38:bf:67:a6:2a:f7:76:0d:
97:f8:3f:54:1c:2a:15:e5:06:ee:98:8f:64:26:b9:
45:d4:f9:85:b8:4b:1c:31:9d:ae:02:f3:86:7c:07:
99:fc:aa:91:1d:75:20:5d:fb:99:a9:44:0f:ab:2d:
e8:b4:91:21:de:d9:84:af:c5:00:95:ff:64:81:5a:
0d:36:41:e4:a5:22:09:13:55:cb:a4:cc:e3:fc:f2:
a4:e9:3e:f9:7f:de:e7:3d:f6:1b:db:56:ee:1b:a9:
66:80:a1:76:0c:89:5c:3d:72:b3:39:a6:bd:43:15:
49:53:64:83:78:9c:78:b9:9d:4d:69:23:8f:fb:fc:
18:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:27:D5:04:A8:EA:98:38:54:82:27:79:04:B1:25:25:3B:90:26:8E
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/VifVBKjqmDhUgid5BLElJTuQJo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.73.0/24
185.129.93.0-185.129.95.255
Signature Algorithm: sha256WithRSAEncryption
3b:3e:eb:26:b9:ad:01:1b:54:b7:b8:c4:5d:b5:41:49:1f:dc:
e8:7b:44:73:0f:c0:ba:6f:4c:d3:fa:3f:3b:9d:ef:33:7f:6f:
95:db:71:57:e5:8c:66:84:63:94:46:53:18:1b:f0:2e:02:bd:
d4:d7:e4:ba:3c:05:5a:7d:f3:5b:38:20:ad:83:13:82:a0:e2:
16:8d:e9:2c:5d:ef:b9:5f:89:2a:c2:87:07:e0:33:51:48:e4:
75:8b:ec:95:21:3b:b7:b7:36:bf:1e:81:2b:9d:59:dd:e4:d4:
d8:7f:c9:b8:8a:6b:5a:6d:f4:1f:e1:78:22:75:d4:f3:32:f6:
8a:e2:80:5a:23:cf:d7:dd:13:cb:06:e3:40:17:63:21:7b:cc:
a2:cd:05:2f:59:5f:40:2f:b6:27:26:28:67:b5:2c:13:1f:b6:
2a:d8:67:a1:82:80:3a:98:16:1c:08:ae:6d:0e:96:d7:d7:7f:
d7:5b:b4:df:9b:68:c6:38:aa:36:69:bb:76:18:ba:33:3f:80:
33:ff:84:46:00:dd:66:14:36:3e:29:62:c0:42:ed:5d:06:3a:
0c:4a:a9:19:4a:15:78:a7:9f:f1:99:4c:56:a9:62:f3:67:8d:
64:02:8a:22:e4:24:6d:59:39:b5:56:2e:9d:ff:a4:e5:22:0e:
97:62:3a:86
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZV+nlL+XMi1X0A/58vVP6JGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwMzEwMDU1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjI3ZDUwNGE4ZWE5ODM4NTQ4MjI3NzkwNGIxMjUyNTNiOTAyNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwyGdm/Xi5apKZVf5cGdrRk4uFmf
qZeznmb3tqW5F8Zd1eAmrfTeESTApiWy35LptgG/tYUgY2RBiBVuO84LG5+73fNU
kjupylikDS1KW7O7dgx+UAgxczvE9GNtihaWtyA0y5KIz0eZBcnN3DI6RDiAEhGB
44NoW+SQbPdbOL9npir3dg2X+D9UHCoV5QbumI9kJrlF1PmFuEscMZ2uAvOGfAeZ
/KqRHXUgXfuZqUQPqy3otJEh3tmEr8UAlf9kgVoNNkHkpSIJE1XLpMzj/PKk6T75
f97nPfYb21buG6lmgKF2DIlcPXKzOaa9QxVJU2SDeJx4uZ1NaSOP+/wYLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFYn1QSo6pg4VIIneQSxJSU7kCaOMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvVmlmVkJLanFtRGhVZ2lkNUJMRWxKVHVRSm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJSBJMAwD
BAC5gV0DBAW5gUAwDQYJKoZIhvcNAQELBQADggEBADs+6ya5rQEbVLe4xF21QUkf
3Oh7RHMPwLpvTNP6Pzud7zN/b5XbcVfljGaEY5RGUxgb8C4CvdTX5Lo8BVp981s4
IK2DE4Kg4haN6Sxd77lfiSrChwfgM1FI5HWL7JUhO7e3Nr8egSudWd3k1Nh/ybiK
a1pt9B/heCJ11PMy9origFojz9fdE8sG40AXYyF7zKLNBS9ZX0AvticmKGe1LBMf
tirYZ6GCgDqYFhwIrm0OltfXf9dbtN+baMY4qjZpu3YYujM/gDP/hEYA3WYUNj4p
YsBC7V0GOgxKqRlKFXinn/GZTFapYvNnjWQCiiLkJG1ZObVWLp3/pOUiDpdiOoY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:29:25 2025 by rpki-client