Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/xB5Y6r0G0Bo3ioOxFYptyjkscV0.roa
File: xB5Y6r0G0Bo3ioOxFYptyjkscV0.roa (raw, json)
Hash identifier: bmf+OenGwUttHuvanRgMPU+sLprQTDUpbGxKMWlsHfA=
Subject key identifier: C4:1E:58:EA:BD:06:D0:1A:37:8A:83:B1:15:8A:6D:CA:39:2C:71:5D
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0185C6515E27117AD17F364C7EE6101C06FB
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/xB5Y6r0G0Bo3ioOxFYptyjkscV0.roa
Signing time: Wed 18 Jan 2023 19:18:19 +0000
ROA not before: Wed 18 Jan 2023 19:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 37.153.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c6:51:5e:27:11:7a:d1:7f:36:4c:7e:e6:10:1c:06:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 18 19:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c41e58eabd06d01a378a83b1158a6dca392c715d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:25:af:4f:e7:92:e6:dc:26:60:c4:52:3f:
1b:b3:e4:c6:ef:70:65:8d:37:32:18:80:a3:ae:06:
b9:5a:d0:11:2a:81:9e:eb:94:d6:d5:79:47:e1:7e:
f9:e0:7f:43:1f:a8:2b:d8:05:a4:2e:4d:e0:92:a9:
db:62:59:9a:f8:40:ad:7c:36:0c:18:c3:6b:d4:67:
88:af:43:1b:14:38:a4:9b:4f:19:38:59:3d:e4:93:
21:2e:c2:d7:c8:6c:b8:4a:e4:c4:91:b7:3c:66:e9:
92:1b:62:26:e2:45:e7:94:13:15:05:5a:1e:25:58:
fd:ce:29:9b:d2:24:cc:e2:f8:90:93:d7:c2:fb:4d:
16:1f:e1:ce:d5:48:64:da:9a:b5:ab:a8:70:54:8f:
ea:cb:9d:6c:1a:21:75:d4:4c:a4:1b:c1:22:86:46:
ec:e3:50:c0:55:56:65:fa:86:e8:81:4c:16:75:63:
98:93:fe:a7:fb:88:70:75:47:17:06:2e:f9:b1:fe:
f8:a3:ef:49:a1:16:f4:a5:80:81:22:69:33:c0:08:
bf:f5:4b:93:12:6a:24:ac:98:17:6a:66:a3:69:24:
42:74:bf:72:79:7b:87:20:1e:9e:18:61:cb:81:2a:
1f:b3:02:39:ea:ae:9b:ab:57:ce:a4:ed:50:51:77:
b6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1E:58:EA:BD:06:D0:1A:37:8A:83:B1:15:8A:6D:CA:39:2C:71:5D
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/xB5Y6r0G0Bo3ioOxFYptyjkscV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:67:d8:21:ce:50:09:51:69:c3:65:98:bb:c4:7e:57:6f:fc:
8a:6e:82:4d:72:e4:50:ce:07:71:1d:2e:50:30:73:e8:6a:d0:
a6:ce:d6:6b:49:53:fb:a9:a8:5e:4d:a3:2d:cb:39:f5:f9:28:
0b:e6:ab:5e:38:b0:cb:0e:c1:75:7f:97:8f:55:13:4c:c0:29:
31:c7:10:5a:72:39:d4:06:77:0f:ea:ac:24:14:22:34:4f:ce:
90:9a:e1:46:45:46:cf:de:ac:c4:8f:96:d7:09:c2:35:d3:63:
21:83:a4:a1:87:8f:d5:b6:d2:53:d8:0e:17:6b:5c:c1:db:d4:
b6:3a:e2:7b:3c:9b:6f:3d:77:81:15:8f:5c:af:bc:a5:82:28:
48:01:89:7b:02:d1:72:03:44:59:b8:b9:e4:b8:e3:02:11:26:
14:f5:75:94:c7:7e:e8:21:a7:59:54:f3:3f:71:2c:b9:86:01:
0f:c0:5b:72:b5:ae:88:1f:50:e0:e4:5d:10:57:0f:2c:19:fb:
28:97:d8:b5:e9:e5:b3:43:92:29:e0:8e:8e:13:6b:99:20:89:
13:ab:70:37:15:62:f5:17:8f:a2:7b:16:1f:b3:d0:c5:db:a6:
6b:51:6e:cd:05:54:16:2b:0c:f6:85:3b:05:61:9a:7b:dc:e0:
c5:4d:63:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXGUV4nEXrRfzZMfuYQHAb7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTE4MTkxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDFlNThlYWJkMDZkMDFhMzc4YTgzYjExNThhNmRjYTM5MmM3MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Alr0/nkubcJmDEUj8bs+TG73Bl
jTcyGICjrga5WtARKoGe65TW1XlH4X754H9DH6gr2AWkLk3gkqnbYlma+ECtfDYM
GMNr1GeIr0MbFDikm08ZOFk95JMhLsLXyGy4SuTEkbc8ZumSG2Im4kXnlBMVBVoe
JVj9zimb0iTM4viQk9fC+00WH+HO1Uhk2pq1q6hwVI/qy51sGiF11EykG8Eihkbs
41DAVVZl+obogUwWdWOYk/6n+4hwdUcXBi75sf74o+9JoRb0pYCBImkzwAi/9UuT
EmokrJgXamajaSRCdL9yeXuHIB6eGGHLgSofswI56q6bq1fOpO1QUXe2owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQeWOq9BtAaN4qDsRWKbco5LHFdMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEveEI1WTZyMEcwQm8zaW9PeEZZcHR5amtzY1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmEMA0G
CSqGSIb3DQEBCwUAA4IBAQCMZ9ghzlAJUWnDZZi7xH5Xb/yKboJNcuRQzgdxHS5Q
MHPoatCmztZrSVP7qaheTaMtyzn1+SgL5qteOLDLDsF1f5ePVRNMwCkxxxBacjnU
BncP6qwkFCI0T86QmuFGRUbP3qzEj5bXCcI102Mhg6Shh4/VttJT2A4Xa1zB29S2
OuJ7PJtvPXeBFY9cr7ylgihIAYl7AtFyA0RZuLnkuOMCESYU9XWUx37oIadZVPM/
cSy5hgEPwFtyta6IH1Dg5F0QVw8sGfsol9i16eWzQ5Ip4I6OE2uZIIkTq3A3FWL1
F4+iexYfs9DF26ZrUW7NBVQWKwz2hTsFYZp73ODFTWPL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:15 2025 by rpki-client