Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/A33VgYNU9pG7LNVwjpvZA-ej7NI.roa
File: A33VgYNU9pG7LNVwjpvZA-ej7NI.roa (raw, json)
Hash identifier: m+uYAGW4ZRT1gz0ybf+uanbobcnko9YyjutwYvkqGW8=
Subject key identifier: 03:7D:D5:81:83:54:F6:91:BB:2C:D5:70:8E:9B:D9:03:E7:A3:EC:D2
Certificate issuer: /CN=f8035ec9de2570c1e7a7db40e272e45548c9202b
Certificate serial: 019420685B8831515ADD064BBD7F00438B5D
Authority key identifier: F8:03:5E:C9:DE:25:70:C1:E7:A7:DB:40:E2:72:E4:55:48:C9:20:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ANeyd4lcMHnp9tA4nLkVUjJICs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/A33VgYNU9pG7LNVwjpvZA-ej7NI.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210806
IP address blocks: 185.37.11.0/24 maxlen: 24
2a11:da80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5b:88:31:51:5a:dd:06:4b:bd:7f:00:43:8b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8035ec9de2570c1e7a7db40e272e45548c9202b
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=037dd5818354f691bb2cd5708e9bd903e7a3ecd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8e:28:96:41:35:d5:00:ae:76:48:23:36:75:
f1:dd:b3:2b:5b:38:e8:07:42:a5:56:99:da:34:f6:
d1:af:f0:e4:0a:b5:f9:3a:e2:aa:1a:95:4b:d6:d8:
65:5f:69:d6:b2:1e:03:d4:91:0d:4b:c1:49:4a:4d:
12:40:45:4b:9d:93:1f:94:f0:eb:48:c9:d6:7b:da:
8a:26:15:96:42:b8:d2:38:b8:7b:b7:86:3e:22:e7:
13:c4:c8:9b:ea:00:3e:c8:d0:26:d5:e5:4e:d0:c4:
33:d1:67:1b:7a:ca:bf:a5:02:57:37:ae:d8:f7:73:
01:3b:11:cb:f7:23:90:81:7a:28:44:41:37:ba:74:
f2:22:42:6d:91:52:2f:65:4e:e3:ab:91:96:c8:93:
23:1d:ea:3b:54:3f:ad:60:aa:52:23:ee:05:c2:bd:
4f:29:b4:b8:2a:bd:af:e7:bb:93:ff:7c:78:79:19:
f3:54:69:59:77:44:82:15:2a:bc:40:bf:95:3a:9b:
49:8f:e8:b8:41:2f:5b:a6:39:f2:36:83:8a:e1:f8:
70:04:51:20:1c:c1:33:92:7c:57:64:70:3c:34:4a:
26:16:3c:ff:2b:3a:0e:23:0d:de:72:22:e9:29:bf:
00:07:30:76:d8:91:aa:62:e5:b6:5a:09:30:20:9d:
e5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7D:D5:81:83:54:F6:91:BB:2C:D5:70:8E:9B:D9:03:E7:A3:EC:D2
X509v3 Authority Key Identifier:
keyid:F8:03:5E:C9:DE:25:70:C1:E7:A7:DB:40:E2:72:E4:55:48:C9:20:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ANeyd4lcMHnp9tA4nLkVUjJICs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/A33VgYNU9pG7LNVwjpvZA-ej7NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/1-ANeyd4lcMHnp9tA4nLkVUjJICs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.11.0/24
IPv6:
2a11:da80::/29
Signature Algorithm: sha256WithRSAEncryption
4a:ea:00:a0:c3:2a:5a:e8:f4:5d:bd:40:7d:12:6e:86:28:0c:
9b:7b:05:db:c2:52:71:9d:18:f3:d6:62:11:85:0e:1d:69:67:
40:4c:a2:37:98:49:c5:2b:0b:84:c4:9a:3f:31:56:ae:25:ec:
07:c2:41:88:fb:d8:81:dc:c4:1d:55:e0:8d:b6:06:4e:69:04:
0f:ca:11:e6:f4:f4:aa:ce:0f:40:08:46:50:e7:08:b2:34:51:
66:30:99:c5:2f:7d:81:70:83:c5:30:a0:c0:0b:49:11:61:2f:
26:be:63:aa:3b:ef:aa:58:bc:47:07:5f:fb:59:e1:a3:1a:83:
53:f8:1c:8a:3f:78:de:9c:89:a4:71:d1:be:5e:75:cb:46:59:
d0:f0:87:43:b8:84:20:d9:75:b9:39:d7:f9:7b:f0:eb:a8:85:
2f:9b:ad:6e:57:16:84:94:26:69:26:1b:00:fc:52:6c:e1:28:
72:b7:45:79:b7:2d:ed:6c:1a:a8:17:90:7f:96:cc:de:40:ee:
20:dd:a9:5e:0b:cf:03:26:3f:da:64:6d:c6:0d:c0:db:73:93:
00:a6:b1:88:f2:74:f9:1d:95:90:a0:c3:02:94:69:61:90:71:
90:d4:bd:ac:33:17:12:d1:8b:c3:cb:5a:6a:ce:bd:ad:69:a9:
55:5a:d7:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgaFuIMVFa3QZLvX8AQ4tdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MDM1ZWM5ZGUyNTcwYzFlN2E3ZGI0MGUyNzJlNDU1NDhj
OTIwMmIwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdkZDU4MTgzNTRmNjkxYmIyY2Q1NzA4ZTliZDkwM2U3YTNlY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA044olkE11QCudkgjNnXx3bMrWzjo
B0KlVpnaNPbRr/DkCrX5OuKqGpVL1thlX2nWsh4D1JENS8FJSk0SQEVLnZMflPDr
SMnWe9qKJhWWQrjSOLh7t4Y+IucTxMib6gA+yNAm1eVO0MQz0Wcbesq/pQJXN67Y
93MBOxHL9yOQgXooREE3unTyIkJtkVIvZU7jq5GWyJMjHeo7VD+tYKpSI+4Fwr1P
KbS4Kr2v57uT/3x4eRnzVGlZd0SCFSq8QL+VOptJj+i4QS9bpjnyNoOK4fhwBFEg
HMEzknxXZHA8NEomFjz/KzoOIw3eciLpKb8ABzB22JGqYuW2WgkwIJ3lpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAN91YGDVPaRuyzVcI6b2QPno+zSMB8GA1UdIwQY
MBaAFPgDXsneJXDB56fbQOJy5FVIySArMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BTmV5ZDRsY01IbnA5dEE0bkxrVlVqSklDcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvMTAxMTI2LTFkMzItNDJhNi04N2Zl
LTkyMjM4NDZmZjMwYi8xL0EzM1ZnWU5VOXBHN0xOVndqcHZaQS1lajdOSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvMTAxMTI2LTFkMzItNDJhNi04N2ZlLTkyMjM4NDZmZjMw
Yi8xLzEtQU5leWQ0bGNNSG5wOXRBNG5Ma1ZVakpJQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC5JQsw
DQQCAAIwBwMFAyoR2oAwDQYJKoZIhvcNAQELBQADggEBAErqAKDDKlro9F29QH0S
boYoDJt7BdvCUnGdGPPWYhGFDh1pZ0BMojeYScUrC4TEmj8xVq4l7AfCQYj72IHc
xB1V4I22Bk5pBA/KEeb09KrOD0AIRlDnCLI0UWYwmcUvfYFwg8UwoMALSRFhLya+
Y6o776pYvEcHX/tZ4aMag1P4HIo/eN6ciaRx0b5edctGWdDwh0O4hCDZdbk51/l7
8OuohS+brW5XFoSUJmkmGwD8UmzhKHK3RXm3Le1sGqgXkH+WzN5A7iDdqV4LzwMm
P9pkbcYNwNtzkwCmsYjydPkdlZCgwwKUaWGQcZDUvawzFxLRi8PLWmrOva1pqVVa
16A=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:33 2025 by rpki-client on console.sobornost.net