Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/Vj26lr7hbbX_fCXK7w3hESEooM0.roa
File: Vj26lr7hbbX_fCXK7w3hESEooM0.roa (raw, json)
Hash identifier: gGIWp8lV6uKwDTfCg2XsPsepLLQekr1mHTq2CjmnAag=
Subject key identifier: 56:3D:BA:96:BE:E1:6D:B5:FF:7C:25:CA:EF:0D:E1:11:21:28:A0:CD
Certificate issuer: /CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Certificate serial: 019424453B6BCC4F09AE43427E220ECEF267
Authority key identifier: 0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/Vj26lr7hbbX_fCXK7w3hESEooM0.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198641
IP address blocks: 37.205.40.0/21 maxlen: 21
37.205.40.0/22 maxlen: 22
37.205.40.0/24 maxlen: 24
37.205.42.0/24 maxlen: 24
37.205.44.0/24 maxlen: 24
37.205.45.0/24 maxlen: 24
37.205.46.0/24 maxlen: 24
185.58.228.0/24 maxlen: 24
185.58.229.0/24 maxlen: 24
185.58.230.0/24 maxlen: 24
185.58.231.0/24 maxlen: 24
2a02:4220::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3b:6b:cc:4f:09:ae:43:42:7e:22:0e:ce:f2:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=563dba96bee16db5ff7c25caef0de1112128a0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2a:0e:dd:36:78:a5:dc:ca:1b:a6:0a:46:14:
9b:fb:90:ca:2d:b6:67:51:09:dd:2e:a5:0f:75:8a:
7d:76:c8:ec:53:04:54:4b:a7:e1:e7:54:72:c2:2a:
56:bc:1e:dd:4d:51:e7:59:74:b2:6e:f0:db:7d:3b:
c3:5c:48:fd:4c:13:9e:91:17:df:c1:70:02:f9:e0:
cb:50:a5:63:93:84:b0:26:3b:58:d0:8b:88:e7:af:
c2:cf:b1:6d:63:24:2f:3e:09:6c:f5:13:9f:a9:89:
ab:19:fe:78:36:4b:50:55:43:68:5b:e2:b9:36:eb:
42:a4:d2:61:79:4d:55:fd:bb:ae:b9:30:8a:d7:5f:
ba:ae:a6:04:57:e2:e4:a6:71:7c:5d:f3:79:36:ac:
32:ba:b3:94:29:d9:c4:91:fc:ab:ca:ad:9a:b7:6d:
cf:c9:58:45:ca:df:1d:fb:fd:24:19:19:86:23:de:
97:3f:ac:70:ee:f6:88:9e:cd:ab:06:2e:7b:a2:47:
ec:b1:97:81:01:63:26:67:fe:27:14:2b:0a:01:c2:
62:4e:29:f6:2b:e1:2b:8d:52:ba:ea:75:6c:76:fd:
60:47:1c:31:91:f0:c8:39:fe:74:0a:fc:c9:4f:d1:
d2:04:ee:1e:ad:9d:82:35:d5:2f:29:0c:8a:04:43:
40:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3D:BA:96:BE:E1:6D:B5:FF:7C:25:CA:EF:0D:E1:11:21:28:A0:CD
X509v3 Authority Key Identifier:
keyid:0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/Vj26lr7hbbX_fCXK7w3hESEooM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/DM6IMtApSYAfEZjp0TuxjtWDLQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.40.0/21
185.58.228.0/22
IPv6:
2a02:4220::/32
Signature Algorithm: sha256WithRSAEncryption
83:40:f6:59:b0:6f:ab:83:bc:12:fc:41:3b:99:e3:65:c9:b4:
65:4a:3a:c7:35:28:12:f4:38:b5:a6:60:74:1b:e2:61:ef:8d:
ed:53:cb:79:24:3d:06:36:b3:d0:4e:6b:47:7a:64:5d:68:40:
60:9f:dd:d4:a4:a7:d5:2d:a5:8d:b6:3f:3e:8c:12:2a:66:b6:
0e:d3:61:0e:5e:df:43:11:d8:bd:0f:d1:e8:84:67:28:90:d1:
2b:2b:4d:f4:2b:79:b3:fc:ef:2f:87:4a:11:60:81:47:ae:f3:
1a:96:f4:46:4b:e1:3c:6c:42:05:cd:4a:31:e7:19:cd:e4:97:
5a:c8:f1:41:17:78:f8:86:dc:ef:5f:bc:50:98:d6:6c:b4:3c:
a1:58:74:63:3c:50:d2:d9:b8:ad:38:49:7d:17:56:05:4a:7c:
fd:1d:44:95:d0:19:09:3e:bc:e6:57:4d:66:75:00:8b:f6:8b:
59:40:6c:7a:77:57:f7:9a:8c:a0:b3:98:d0:a2:ea:2e:1d:05:
2c:af:47:d3:93:30:30:d5:f1:32:b0:16:70:ee:52:de:4a:8b:
1b:27:63:1a:b6:42:56:55:e1:02:8d:a9:2c:cb:e1:35:b9:27:
4c:0f:8a:bb:b1:88:18:0a:c9:2f:25:4a:68:ad:65:ce:7b:77:
b4:10:d2:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRTtrzE8JrkNCfiIOzvJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjY2U4ODMyZDAyOTQ5ODAxZjExOThlOWQxM2JiMThlZDU4
MzJkMGMwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjNkYmE5NmJlZTE2ZGI1ZmY3YzI1Y2FlZjBkZTExMTIxMjhhMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsioO3TZ4pdzKG6YKRhSb+5DKLbZn
UQndLqUPdYp9dsjsUwRUS6fh51RywipWvB7dTVHnWXSybvDbfTvDXEj9TBOekRff
wXAC+eDLUKVjk4SwJjtY0IuI56/Cz7FtYyQvPgls9ROfqYmrGf54NktQVUNoW+K5
NutCpNJheU1V/buuuTCK11+6rqYEV+LkpnF8XfN5NqwyurOUKdnEkfyryq2at23P
yVhFyt8d+/0kGRmGI96XP6xw7vaIns2rBi57okfssZeBAWMmZ/4nFCsKAcJiTin2
K+ErjVK66nVsdv1gRxwxkfDIOf50CvzJT9HSBO4erZ2CNdUvKQyKBENAEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFY9upa+4W21/3wlyu8N4REhKKDNMB8GA1UdIwQY
MBaAFAzOiDLQKUmAHxGY6dE7sY7Vgy0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzkt
NWUwYWZlYzEzNmIxLzEvVmoyNmxyN2hiYlhfZkNYSzd3M2hFU0Vvb00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzktNWUwYWZlYzEzNmIx
LzEvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJc0oAwQC
uTrkMA0EAgACMAcDBQAqAkIgMA0GCSqGSIb3DQEBCwUAA4IBAQCDQPZZsG+rg7wS
/EE7meNlybRlSjrHNSgS9Di1pmB0G+Jh743tU8t5JD0GNrPQTmtHemRdaEBgn93U
pKfVLaWNtj8+jBIqZrYO02EOXt9DEdi9D9HohGcokNErK030K3mz/O8vh0oRYIFH
rvMalvRGS+E8bEIFzUox5xnN5JdayPFBF3j4htzvX7xQmNZstDyhWHRjPFDS2bit
OEl9F1YFSnz9HUSV0BkJPrzmV01mdQCL9otZQGx6d1f3moygs5jQououHQUsr0fT
kzAw1fEysBZw7lLeSosbJ2MatkJWVeECjaksy+E1uSdMD4q7sYgYCskvJUporWXO
e3e0ENJF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:40 2025 by rpki-client