Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/eiMLI2dh0653C-exQQO-o2bZ2eQ.roa
File: eiMLI2dh0653C-exQQO-o2bZ2eQ.roa (raw, json)
Hash identifier: IkhvxHI6cJnLtKgglasp3yMcL7l7unzpx1bcMF9QrRQ=
Subject key identifier: 7A:23:0B:23:67:61:D3:AE:77:0B:E7:B1:41:03:BE:A3:66:D9:D9:E4
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 0194221F9ACAC3CAD76953CE12BF2928A91A
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/eiMLI2dh0653C-exQQO-o2bZ2eQ.roa
Signing time: Wed 01 Jan 2025 13:48:04 +0000
ROA not before: Wed 01 Jan 2025 13:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34432
IP address blocks: 37.228.157.0/24 maxlen: 24
91.151.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9a:ca:c3:ca:d7:69:53:ce:12:bf:29:28:a9:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a230b236761d3ae770be7b14103bea366d9d9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:5e:8c:d5:c7:b4:f0:cd:a3:d5:1e:78:bc:
f6:24:7e:da:22:60:67:a7:25:08:bf:ac:5b:d3:f9:
a5:4f:5d:8a:98:e3:56:63:70:ec:61:cf:fa:a3:fc:
02:69:1c:a9:43:d5:0d:21:dd:2d:16:6b:59:11:23:
7a:7d:8d:e3:bd:85:82:dd:9a:a9:00:33:17:6f:a8:
50:3f:02:cb:13:fc:63:7b:d3:3f:07:ce:90:72:e0:
b4:ba:54:b6:be:4c:cf:72:38:9e:6c:01:a1:e4:b8:
74:0d:eb:05:a8:de:10:c4:fa:11:0f:e1:8d:59:83:
b5:7d:83:f9:30:7a:08:60:df:69:81:43:66:d0:b1:
f0:0e:b8:cc:1e:45:c7:24:b0:8b:f0:6a:f5:2b:ed:
18:29:08:26:85:4c:74:a2:d4:90:fa:47:0f:3d:13:
41:77:d0:28:15:5e:5d:23:84:98:ec:7c:58:8e:0d:
d4:ad:12:29:fc:17:3f:87:ff:18:5a:0f:e6:9f:0c:
3c:d0:09:9d:8f:89:49:b0:6a:e1:5f:9d:ed:28:7a:
0a:be:21:fd:84:81:9e:df:00:ad:c7:32:fb:a4:53:
b7:0e:3b:f9:9c:16:aa:a0:81:21:df:bb:05:fc:28:
df:72:e1:5c:ec:84:b1:a7:b9:14:cd:07:5e:c2:00:
bf:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:23:0B:23:67:61:D3:AE:77:0B:E7:B1:41:03:BE:A3:66:D9:D9:E4
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/eiMLI2dh0653C-exQQO-o2bZ2eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.157.0/24
91.151.23.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f4:be:64:11:45:ad:e2:d5:76:ee:25:37:50:1f:c3:ba:6d:
cf:24:ef:fe:e7:b3:ad:dc:65:bf:8c:31:d8:e5:49:c7:3b:ff:
f3:2a:75:33:8b:bd:45:57:74:33:70:f4:f4:44:90:70:5f:79:
43:66:f7:7a:0f:28:ab:00:93:c1:78:b8:c1:f4:c8:72:c5:21:
af:35:c2:b6:8d:70:75:e5:cb:8c:b2:19:61:76:00:ed:8c:ca:
47:c5:3a:98:1f:79:cf:61:9b:a9:99:0e:ab:60:8b:e8:01:d3:
63:d2:ad:df:a7:ee:33:16:e7:12:1c:ad:b2:45:20:0a:04:ee:
7b:dc:79:29:8a:ae:39:18:ea:2e:fd:ea:e0:5f:78:36:46:44:
7e:cf:07:83:8b:ed:84:57:f3:75:0b:0b:11:39:2b:97:4b:78:
a4:c6:e8:91:8c:77:b4:76:b2:9c:4a:e2:7f:be:d9:ac:86:fb:
fa:b7:93:35:84:dc:61:72:e1:ca:39:d4:4a:cf:5a:ca:7c:58:
44:6c:69:55:8e:c5:31:a2:91:fd:39:78:23:f2:5d:86:45:2d:
18:26:e9:c9:87:b8:ee:1b:9a:20:47:95:4f:8d:03:3e:06:99:
35:29:04:a2:77:f6:fa:40:39:6a:d4:d5:57:c0:8e:3a:50:e5:
ea:fc:73:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH5rKw8rXaVPOEr8pKKkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTIzMGIyMzY3NjFkM2FlNzcwYmU3YjE0MTAzYmVhMzY2ZDlkOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9RejNXHtPDNo9UeeLz2JH7aImBn
pyUIv6xb0/mlT12KmONWY3DsYc/6o/wCaRypQ9UNId0tFmtZESN6fY3jvYWC3Zqp
ADMXb6hQPwLLE/xje9M/B86QcuC0ulS2vkzPcjiebAGh5Lh0DesFqN4QxPoRD+GN
WYO1fYP5MHoIYN9pgUNm0LHwDrjMHkXHJLCL8Gr1K+0YKQgmhUx0otSQ+kcPPRNB
d9AoFV5dI4SY7HxYjg3UrRIp/Bc/h/8YWg/mnww80Amdj4lJsGrhX53tKHoKviH9
hIGe3wCtxzL7pFO3Djv5nBaqoIEh37sF/CjfcuFc7ISxp7kUzQdewgC/EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHojCyNnYdOudwvnsUEDvqNm2dnkMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvZWlNTEkyZGgwNjUzQy1leFFRTy1vMmJaMmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJeSdAwQA
W5cXMA0GCSqGSIb3DQEBCwUAA4IBAQA39L5kEUWt4tV27iU3UB/Dum3PJO/+57Ot
3GW/jDHY5UnHO//zKnUzi71FV3QzcPT0RJBwX3lDZvd6DyirAJPBeLjB9MhyxSGv
NcK2jXB15cuMshlhdgDtjMpHxTqYH3nPYZupmQ6rYIvoAdNj0q3fp+4zFucSHK2y
RSAKBO573Hkpiq45GOou/ergX3g2RkR+zweDi+2EV/N1CwsROSuXS3ikxuiRjHe0
drKcSuJ/vtmshvv6t5M1hNxhcuHKOdRKz1rKfFhEbGlVjsUxopH9OXgj8l2GRS0Y
JunJh7juG5ogR5VPjQM+Bpk1KQSid/b6QDlq1NVXwI46UOXq/HNz
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:29:46 2025 by rpki-client