Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/dEZ5raqBPXnkqzr9_S0vwZwMrcc.roa
File: dEZ5raqBPXnkqzr9_S0vwZwMrcc.roa (raw, json)
Hash identifier: A8CtSs9BqkWswlRrqESpgq4uIozS5L7wmlKnC6IFKQ8=
Subject key identifier: 74:46:79:AD:AA:81:3D:79:E4:AB:3A:FD:FD:2D:2F:C1:9C:0C:AD:C7
Certificate issuer: /CN=336f6ac82f6f28e3d3e5b66475594d8318e75ab3
Certificate serial: 019423D7F68FE35EEAD382673B39DACBC375
Authority key identifier: 33:6F:6A:C8:2F:6F:28:E3:D3:E5:B6:64:75:59:4D:83:18:E7:5A:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M29qyC9vKOPT5bZkdVlNgxjnWrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/dEZ5raqBPXnkqzr9_S0vwZwMrcc.roa
Signing time: Wed 01 Jan 2025 21:49:03 +0000
ROA not before: Wed 01 Jan 2025 21:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7155
IP address blocks: 37.19.96.0/21 maxlen: 21
37.19.97.0/24 maxlen: 24
37.19.98.0/24 maxlen: 24
37.19.99.0/24 maxlen: 24
37.19.100.0/24 maxlen: 24
37.203.192.0/21 maxlen: 21
37.203.192.0/22 maxlen: 22
37.203.192.0/24 maxlen: 24
37.203.193.0/24 maxlen: 24
37.203.194.0/24 maxlen: 24
37.203.195.0/24 maxlen: 24
37.203.196.0/24 maxlen: 24
37.203.197.0/24 maxlen: 24
185.109.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f6:8f:e3:5e:ea:d3:82:67:3b:39:da:cb:c3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=336f6ac82f6f28e3d3e5b66475594d8318e75ab3
Validity
Not Before: Jan 1 21:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=744679adaa813d79e4ab3afdfd2d2fc19c0cadc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bd:d2:5e:3c:8c:f2:3b:3a:a8:a6:18:e6:2c:
2a:fd:d0:1f:5a:3d:db:2b:de:63:28:4c:3f:9d:75:
a5:1a:e9:96:cb:2a:9f:9e:a8:7d:ce:62:cb:5c:f4:
15:2a:7f:18:4f:da:96:37:90:ee:6e:31:9c:af:c3:
1f:90:09:72:7c:66:9e:dd:ed:00:40:97:b4:20:dc:
51:85:06:dc:5b:59:77:8c:eb:17:ac:0f:02:74:cf:
f7:58:23:eb:56:36:bc:68:88:07:e3:b1:85:d0:57:
f0:eb:8d:a4:c3:ba:21:cf:aa:c4:ba:b2:75:a3:14:
d5:45:ab:96:3d:98:72:65:3d:b4:e3:a2:7c:8f:f0:
35:14:e5:30:30:60:09:50:77:8f:ed:5f:09:b7:9a:
0b:5a:1b:a5:5a:89:a4:e8:7d:8a:28:82:6f:67:e6:
cf:05:03:6d:ad:ea:62:a5:3b:58:15:bc:ef:2d:3b:
96:c8:d4:b9:52:c5:d0:70:e1:6b:9b:e1:58:03:c9:
69:94:f6:ff:a1:1e:ce:c8:65:76:f3:7e:a9:36:09:
75:12:8b:f6:49:90:9a:e9:47:72:41:da:fc:3e:23:
57:62:74:b9:3d:3a:d1:91:76:3d:5b:ad:be:3d:54:
b6:96:05:b9:44:4b:12:e7:84:4e:a3:7d:c5:99:2d:
83:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:46:79:AD:AA:81:3D:79:E4:AB:3A:FD:FD:2D:2F:C1:9C:0C:AD:C7
X509v3 Authority Key Identifier:
keyid:33:6F:6A:C8:2F:6F:28:E3:D3:E5:B6:64:75:59:4D:83:18:E7:5A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M29qyC9vKOPT5bZkdVlNgxjnWrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/dEZ5raqBPXnkqzr9_S0vwZwMrcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/915cbb-568a-4f42-8b80-ccb016ae1513/1/M29qyC9vKOPT5bZkdVlNgxjnWrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.96.0/21
37.203.192.0/21
185.109.163.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e2:9d:5d:50:e5:19:00:62:4d:f3:5b:a0:42:bf:8b:ef:1a:
a6:e1:87:66:dc:73:82:71:f3:3b:c1:43:92:ac:30:02:5a:13:
26:61:7e:69:c4:bd:21:2e:8a:e2:6d:46:ef:30:e1:90:63:1b:
e3:8a:f4:00:dc:41:d9:78:99:eb:71:ff:65:47:1f:f6:2c:e3:
d6:c3:d5:2b:28:7d:aa:37:b7:48:f3:8b:59:fd:65:57:9d:2f:
e6:09:2e:e5:63:59:b4:21:06:54:84:a4:9a:84:7a:e1:70:0c:
f9:e7:6b:92:35:57:33:41:a0:9b:78:32:82:c9:9a:5c:c4:45:
b6:d4:3c:49:36:ca:14:29:74:cf:0b:99:b3:65:ad:12:2b:e0:
12:a8:05:8e:90:6f:4d:bf:31:e7:2d:08:e2:1d:13:c8:aa:9d:
2d:1b:a3:df:1a:55:a9:32:67:4e:b8:b0:31:95:34:58:b5:e0:
ad:b6:41:30:b5:b6:59:6d:26:ad:39:26:f3:93:9a:b5:05:2f:
a5:f6:d7:82:f9:ca:5e:9b:4f:db:b2:7a:e2:fe:fe:e8:41:a2:
47:61:22:30:d2:29:42:2c:a5:b7:df:27:9b:f4:15:69:e5:87:
d9:e7:2c:6f:aa:54:4e:37:5a:65:c8:1f:ba:51:5e:fa:1a:59:
dc:94:92:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj1/aP417q04JnOznay8N1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNmY2YWM4MmY2ZjI4ZTNkM2U1YjY2NDc1NTk0ZDgzMThl
NzVhYjMwHhcNMjUwMTAxMjE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ2NzlhZGFhODEzZDc5ZTRhYjNhZmRmZDJkMmZjMTljMGNhZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxL3SXjyM8js6qKYY5iwq/dAfWj3b
K95jKEw/nXWlGumWyyqfnqh9zmLLXPQVKn8YT9qWN5DubjGcr8MfkAlyfGae3e0A
QJe0INxRhQbcW1l3jOsXrA8CdM/3WCPrVja8aIgH47GF0Ffw642kw7ohz6rEurJ1
oxTVRauWPZhyZT2046J8j/A1FOUwMGAJUHeP7V8Jt5oLWhulWomk6H2KKIJvZ+bP
BQNtrepipTtYFbzvLTuWyNS5UsXQcOFrm+FYA8lplPb/oR7OyGV2836pNgl1Eov2
SZCa6UdyQdr8PiNXYnS5PTrRkXY9W62+PVS2lgW5REsS54ROo33FmS2DSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHRGea2qgT155Ks6/f0tL8GcDK3HMB8GA1UdIwQY
MBaAFDNvasgvbyjj0+W2ZHVZTYMY51qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTI5cXlDOXZLT1BUNWJaa2RWbE5neGpuV3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85MTVjYmItNTY4YS00ZjQyLThiODAt
Y2NiMDE2YWUxNTEzLzEvZEVaNXJhcUJQWG5rcXpyOV9TMHZ3WndNcmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85MTVjYmItNTY4YS00ZjQyLThiODAtY2NiMDE2YWUxNTEz
LzEvTTI5cXlDOXZLT1BUNWJaa2RWbE5neGpuV3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJRNgAwQD
JcvAAwQAuW2jMA0GCSqGSIb3DQEBCwUAA4IBAQAu4p1dUOUZAGJN81ugQr+L7xqm
4Ydm3HOCcfM7wUOSrDACWhMmYX5pxL0hLoribUbvMOGQYxvjivQA3EHZeJnrcf9l
Rx/2LOPWw9UrKH2qN7dI84tZ/WVXnS/mCS7lY1m0IQZUhKSahHrhcAz552uSNVcz
QaCbeDKCyZpcxEW21DxJNsoUKXTPC5mzZa0SK+ASqAWOkG9NvzHnLQjiHRPIqp0t
G6PfGlWpMmdOuLAxlTRYteCttkEwtbZZbSatOSbzk5q1BS+l9teC+cpem0/bsnri
/v7oQaJHYSIw0ilCLKW33yeb9BVp5YfZ5yxvqlRON1plyB+6UV76GlnclJJ+
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:10:12 2025 by rpki-client