Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/emA9Xadji3K-X_KHuEruC-d4kQQ.roa
File: emA9Xadji3K-X_KHuEruC-d4kQQ.roa (raw, json)
Hash identifier: drs8K6kgGiIK98BONiQbGnYlE0Bfb7l7nzUoWDmQ600=
Subject key identifier: 7A:60:3D:5D:A7:63:8B:72:BE:5F:F2:87:B8:4A:EE:0B:E7:78:91:04
Certificate issuer: /CN=37431f1be9fdc2419098479cde457bbf79571759
Certificate serial: 0195B25D8C369DBAA981C03A808ED3673DF8
Authority key identifier: 37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0MfG-n9wkGQmEec3kV7v3lXF1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/emA9Xadji3K-X_KHuEruC-d4kQQ.roa
Signing time: Thu 20 Mar 2025 07:03:49 +0000
ROA not before: Thu 20 Mar 2025 07:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41717
IP address blocks: 185.211.133.0/24 maxlen: 24
185.211.134.0/24 maxlen: 24
185.211.135.0/24 maxlen: 24
2a0b:65c0:1::/48 maxlen: 48
2a0b:65c0:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b2:5d:8c:36:9d:ba:a9:81:c0:3a:80:8e:d3:67:3d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37431f1be9fdc2419098479cde457bbf79571759
Validity
Not Before: Mar 20 07:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a603d5da7638b72be5ff287b84aee0be7789104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:27:9d:50:26:c2:b6:e6:ff:32:20:bf:0c:ba:
4c:5e:55:4b:af:6e:6c:45:07:20:2e:5b:83:5d:b0:
08:32:2d:36:bb:69:56:fd:9d:d6:1a:46:a1:35:9b:
5f:f3:dc:31:60:5f:8d:b7:b8:28:95:8d:3f:88:79:
d7:77:ae:28:ed:de:0a:98:19:48:2e:8b:c8:ec:51:
c9:01:fe:41:8f:23:01:92:a0:de:5c:10:56:ae:c3:
e1:33:05:ce:3a:a9:69:8f:de:5f:f5:92:1b:8e:5f:
53:b1:f5:a8:f7:fb:0e:db:1b:af:db:f9:2f:b5:3a:
5f:fc:69:7a:c8:72:6b:02:59:88:7a:58:0f:d8:e2:
2d:cc:58:6f:5b:12:47:65:38:20:9f:95:c5:2c:ad:
9d:aa:6d:4a:84:15:ac:fb:b2:5c:d7:44:87:b4:fa:
d8:0a:a6:a9:c1:e7:ad:c8:27:39:ba:27:27:9f:f9:
4c:4b:59:80:c5:89:13:9d:89:44:78:61:87:f4:6e:
9f:9e:c5:03:2e:9f:24:2b:aa:25:6c:78:b4:5b:01:
3f:80:d9:0f:0f:e0:d3:9f:83:4e:16:d9:4b:e7:46:
3d:56:f6:ca:6e:af:69:49:83:73:7f:b8:f2:ff:08:
26:2b:34:28:7b:82:7b:ee:a2:86:2b:b8:43:a5:1a:
96:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:60:3D:5D:A7:63:8B:72:BE:5F:F2:87:B8:4A:EE:0B:E7:78:91:04
X509v3 Authority Key Identifier:
keyid:37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0MfG-n9wkGQmEec3kV7v3lXF1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/emA9Xadji3K-X_KHuEruC-d4kQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.133.0-185.211.135.255
IPv6:
2a0b:65c0:1::/48
2a0b:65c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
72:48:b1:a3:07:77:3b:03:82:44:dd:49:6a:c2:59:85:e5:14:
64:95:76:06:0d:76:c1:ea:6a:4e:70:ad:ca:09:34:75:f9:39:
f9:17:87:bf:37:b7:a0:78:a0:9b:c5:b3:45:f5:d4:69:b4:2a:
ed:11:a6:0f:6c:8f:80:df:1a:69:14:a7:ae:2c:04:ac:f3:9f:
6d:6e:a7:1c:2d:bb:3a:ab:18:ca:34:b0:61:9d:3b:68:de:9e:
82:ec:f9:a5:d8:53:02:57:d6:b3:1f:6a:2c:40:16:8c:4f:bc:
4f:01:69:d9:f3:d7:a7:fb:ab:33:28:d6:e7:81:33:13:14:f9:
8e:92:97:b0:fd:4b:05:85:e1:69:3b:5f:e9:6b:42:e7:80:a2:
8f:bf:75:11:d6:73:ea:c2:58:00:87:0d:9a:b0:f8:4a:1a:66:
cb:69:75:51:48:b8:4a:be:7d:91:ce:ad:b8:f8:d1:59:bb:d1:
f6:5e:5c:a2:45:b0:8b:16:90:95:30:4f:1f:67:0c:cd:20:f3:
5a:39:35:df:11:25:02:56:4b:56:00:3d:c6:61:83:d0:1c:4e:
6d:71:56:f8:02:ec:8b:c9:1c:be:90:e8:8e:05:02:1e:7a:dc:
ad:f5:9e:49:23:58:07:bc:d1:be:fc:a6:9f:c3:ac:a5:3f:4e:
cb:11:29:a6
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZWyXYw2nbqpgcA6gI7TZz34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NDMxZjFiZTlmZGMyNDE5MDk4NDc5Y2RlNDU3YmJmNzk1
NzE3NTkwHhcNMjUwMzIwMDcwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYwM2Q1ZGE3NjM4YjcyYmU1ZmYyODdiODRhZWUwYmU3Nzg5MTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CedUCbCtub/MiC/DLpMXlVLr25s
RQcgLluDXbAIMi02u2lW/Z3WGkahNZtf89wxYF+Nt7golY0/iHnXd64o7d4KmBlI
LovI7FHJAf5BjyMBkqDeXBBWrsPhMwXOOqlpj95f9ZIbjl9TsfWo9/sO2xuv2/kv
tTpf/Gl6yHJrAlmIelgP2OItzFhvWxJHZTggn5XFLK2dqm1KhBWs+7Jc10SHtPrY
CqapweetyCc5uicnn/lMS1mAxYkTnYlEeGGH9G6fnsUDLp8kK6olbHi0WwE/gNkP
D+DTn4NOFtlL50Y9VvbKbq9pSYNzf7jy/wgmKzQoe4J77qKGK7hDpRqW7wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHpgPV2nY4tyvl/yh7hK7gvneJEEMB8GA1UdIwQY
MBaAFDdDHxvp/cJBkJhHnN5Fe795VxdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjBNZkctbjl3a0dRbUVlYzNrVjd2M2xYRjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iNTM1NDctZDM0MC00MzkyLWFmNDYt
NjE1OTYxMzEyYjUyLzEvZW1BOVhhZGppM0stWF9LSHVFcnVDLWQ0a1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iNTM1NDctZDM0MC00MzkyLWFmNDYtNjE1OTYxMzEyYjUy
LzEvTjBNZkctbjl3a0dRbUVlYzNrVjd2M2xYRjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAC504UD
BAO504AwGAQCAAIwEgMHACoLZcAAAQMHACoLZcAABDANBgkqhkiG9w0BAQsFAAOC
AQEAckixowd3OwOCRN1JasJZheUUZJV2Bg12wepqTnCtygk0dfk5+ReHvze3oHig
m8WzRfXUabQq7RGmD2yPgN8aaRSnriwErPOfbW6nHC27OqsYyjSwYZ07aN6eguz5
pdhTAlfWsx9qLEAWjE+8TwFp2fPXp/urMyjW54EzExT5jpKXsP1LBYXhaTtf6WtC
54Cij791EdZz6sJYAIcNmrD4Shpmy2l1UUi4Sr59kc6tuPjRWbvR9l5cokWwixaQ
lTBPH2cMzSDzWjk13xElAlZLVgA9xmGD0BxObXFW+ALsi8kcvpDojgUCHnrcrfWe
SSNYB7zRvvymn8OspT9OyxEppg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 21:26:50 2025 by rpki-client