Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/xWSwZmKZMXs8e_GDLIRa8-opXK8.roa
File: xWSwZmKZMXs8e_GDLIRa8-opXK8.roa (raw, json)
Hash identifier: 2AZq1eXe7kQO99LmFv7okxwAGvQwGOGubxxQuVTNHbU=
Subject key identifier: C5:64:B0:66:62:99:31:7B:3C:7B:F1:83:2C:84:5A:F3:EA:29:5C:AF
Certificate issuer: /CN=0a8bca1a0e86448b73da54c42cb0d75765373f27
Certificate serial: 0194214430D2D5BC94ADCDEDBAD8FC13C8F6
Authority key identifier: 0A:8B:CA:1A:0E:86:44:8B:73:DA:54:C4:2C:B0:D7:57:65:37:3F:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CovKGg6GRItz2lTELLDXV2U3Pyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/xWSwZmKZMXs8e_GDLIRa8-opXK8.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15600
IP address blocks: 37.35.112.0/21 maxlen: 24
46.255.168.0/21 maxlen: 24
77.239.32.0/19 maxlen: 24
185.74.112.0/22 maxlen: 22
2a00:d420::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:30:d2:d5:bc:94:ad:cd:ed:ba:d8:fc:13:c8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a8bca1a0e86448b73da54c42cb0d75765373f27
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c564b0666299317b3c7bf1832c845af3ea295caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e8:e2:0a:cb:b7:11:4f:58:96:60:12:99:17:
bf:04:11:5f:05:a8:d3:47:65:b4:38:b2:c6:2f:0c:
48:e0:82:85:16:4e:5a:5b:4f:44:ec:42:b2:e1:26:
8f:69:08:d2:e7:84:41:e7:e3:c2:c2:15:02:87:9c:
30:16:e9:9e:42:50:a4:c0:9f:00:b2:4e:53:bf:f7:
0e:97:dc:25:51:bd:0f:72:13:3d:5e:f2:25:5c:b5:
0d:69:45:42:64:cf:e4:b9:c7:da:87:5b:c3:75:bd:
3c:ee:ad:6c:62:e6:70:f7:7a:94:38:6e:c2:90:92:
98:01:a6:7e:48:76:aa:e6:f4:11:52:c9:b4:3f:f9:
5d:18:0b:e2:df:23:be:2b:8d:7c:51:a2:72:4d:58:
f8:82:55:ea:68:34:10:eb:1f:91:1f:c6:2f:f1:0d:
e1:93:7f:f1:e3:ff:74:4e:d6:bb:d3:9c:05:ec:a8:
32:2b:4c:b8:a7:5e:23:c9:53:b0:be:03:df:84:20:
44:82:f6:f9:8f:4e:dd:c4:3a:d1:43:0f:60:b7:c7:
d5:a1:8b:ea:fe:00:3c:29:3f:7f:84:03:5f:f4:c4:
a8:22:a1:19:69:cc:3e:6c:3e:bd:a3:64:9a:20:3b:
41:ab:3c:b7:d1:1f:21:b6:ec:49:e4:e3:ab:5f:6a:
9d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:64:B0:66:62:99:31:7B:3C:7B:F1:83:2C:84:5A:F3:EA:29:5C:AF
X509v3 Authority Key Identifier:
keyid:0A:8B:CA:1A:0E:86:44:8B:73:DA:54:C4:2C:B0:D7:57:65:37:3F:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CovKGg6GRItz2lTELLDXV2U3Pyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/xWSwZmKZMXs8e_GDLIRa8-opXK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/CovKGg6GRItz2lTELLDXV2U3Pyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.112.0/21
46.255.168.0/21
77.239.32.0/19
185.74.112.0/22
IPv6:
2a00:d420::/29
Signature Algorithm: sha256WithRSAEncryption
15:fb:36:a6:8a:1a:72:a7:a5:1f:23:8c:ad:39:6f:0b:bc:ca:
ce:48:e3:8a:35:95:a1:28:b1:9b:39:07:2a:7b:d2:68:96:f6:
29:2d:fc:68:58:25:79:34:6e:3b:5a:4d:5f:7e:12:25:7d:cf:
0b:c3:60:c2:06:0c:a7:89:92:08:3c:d8:fc:9c:59:49:4a:b4:
3f:0e:2f:c3:62:69:41:db:34:5c:86:60:5a:76:28:2b:32:64:
b4:03:9a:50:46:92:ed:1c:3c:53:cd:80:33:ea:ce:84:fd:9d:
17:af:af:90:ed:bf:6e:30:3b:5b:b5:13:ba:9c:9e:58:d9:13:
28:bd:4c:35:a8:e5:76:84:43:78:a8:1e:62:59:1a:b9:64:32:
93:b4:6c:5f:84:c4:87:af:3c:a7:20:76:7b:cc:2e:ac:89:09:
e8:f1:12:39:ab:7b:2e:f3:8f:6c:d5:2d:44:9f:86:eb:17:84:
3c:24:f1:0e:8e:b7:6a:84:b9:c1:23:80:79:e8:71:25:b1:b1:
30:17:61:43:1d:f3:1d:97:b3:40:3d:06:d8:6e:44:6d:44:f9:
0f:c0:7c:99:99:0c:eb:7a:3b:38:a6:99:b4:8e:9e:c7:b4:10:
cb:b4:21:40:33:17:c9:3f:a7:36:1b:a3:86:f4:f0:41:17:59:
0f:2d:28:d9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQhRDDS1byUrc3tutj8E8j2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOGJjYTFhMGU4NjQ0OGI3M2RhNTRjNDJjYjBkNzU3NjUz
NzNmMjcwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTY0YjA2NjYyOTkzMTdiM2M3YmYxODMyYzg0NWFmM2VhMjk1Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoujiCsu3EU9YlmASmRe/BBFfBajT
R2W0OLLGLwxI4IKFFk5aW09E7EKy4SaPaQjS54RB5+PCwhUCh5wwFumeQlCkwJ8A
sk5Tv/cOl9wlUb0PchM9XvIlXLUNaUVCZM/kucfah1vDdb087q1sYuZw93qUOG7C
kJKYAaZ+SHaq5vQRUsm0P/ldGAvi3yO+K418UaJyTVj4glXqaDQQ6x+RH8Yv8Q3h
k3/x4/90Tta705wF7KgyK0y4p14jyVOwvgPfhCBEgvb5j07dxDrRQw9gt8fVoYvq
/gA8KT9/hANf9MSoIqEZacw+bD69o2SaIDtBqzy30R8htuxJ5OOrX2qdswIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMVksGZimTF7PHvxgyyEWvPqKVyvMB8GA1UdIwQY
MBaAFAqLyhoOhkSLc9pUxCyw11dlNz8nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ292S0dnNkdSSXR6MmxURUxMRFhWMlUzUHljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xODZmZDQtM2M2NC00ZGJmLWE5MDAt
YTc5OTA2MjU4OWEzLzEveFdTd1ptS1pNWHM4ZV9HRExJUmE4LW9wWEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xODZmZDQtM2M2NC00ZGJmLWE5MDAtYTc5OTA2MjU4OWEz
LzEvQ292S0dnNkdSSXR6MmxURUxMRFhWMlUzUHljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJSNwAwQD
Lv+oAwQFTe8gAwQCuUpwMA0EAgACMAcDBQMqANQgMA0GCSqGSIb3DQEBCwUAA4IB
AQAV+zamihpyp6UfI4ytOW8LvMrOSOOKNZWhKLGbOQcqe9JolvYpLfxoWCV5NG47
Wk1ffhIlfc8Lw2DCBgyniZIIPNj8nFlJSrQ/Di/DYmlB2zRchmBadigrMmS0A5pQ
RpLtHDxTzYAz6s6E/Z0Xr6+Q7b9uMDtbtRO6nJ5Y2RMovUw1qOV2hEN4qB5iWRq5
ZDKTtGxfhMSHrzynIHZ7zC6siQno8RI5q3su849s1S1En4brF4Q8JPEOjrdqhLnB
I4B56HElsbEwF2FDHfMdl7NAPQbYbkRtRPkPwHyZmQzrejs4ppm0jp7HtBDLtCFA
MxfJP6c2G6OG9PBBF1kPLSjZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:54 2025 by rpki-client