Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/CWFbRwGlCCihdMJ4Lef9cHFghhk.roa
File: CWFbRwGlCCihdMJ4Lef9cHFghhk.roa (raw, json)
Hash identifier: T/CLLttxSFBFI/kZ82Y7XP8MqLnmm3CtKJI4SzWdyV0=
Subject key identifier: 09:61:5B:47:01:A5:08:28:A1:74:C2:78:2D:E7:FD:70:71:60:86:19
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 01950FB6A4115FF98B655D6B4E482A3B5ADE
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/CWFbRwGlCCihdMJ4Lef9cHFghhk.roa
Signing time: Sun 16 Feb 2025 17:03:02 +0000
ROA not before: Sun 16 Feb 2025 17:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
93.93.96.0/22 maxlen: 22
93.93.100.0/22 maxlen: 22
109.205.8.0/21 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0f:b6:a4:11:5f:f9:8b:65:5d:6b:4e:48:2a:3b:5a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Feb 16 17:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09615b4701a50828a174c2782de7fd7071608619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2b:a3:a2:bb:9e:c4:7c:49:9e:9b:d5:f2:d2:
45:ad:ec:26:70:5a:ff:09:e7:fb:53:0d:7a:33:4c:
07:57:73:c0:47:89:fc:cc:9c:b3:a6:e3:cb:91:94:
59:8f:88:91:ec:0e:ba:2e:93:de:5c:4a:64:3e:35:
99:68:b7:b6:10:94:2d:c8:f2:f0:ea:48:89:5d:07:
07:54:9a:14:48:5a:5a:a3:1e:92:af:a2:e5:20:b8:
96:9a:23:d8:27:2a:ee:f9:41:84:d7:cc:bb:1c:85:
49:bb:c1:e9:fc:02:42:f5:99:b0:34:35:c3:b5:d8:
89:6c:c8:bf:26:1f:ea:4a:5f:74:98:3e:a6:f8:bd:
f1:2e:af:63:ca:d3:0a:af:04:93:1e:78:c7:b9:ed:
a1:b9:ac:65:c5:74:02:e3:05:84:17:68:18:49:48:
ae:8f:72:26:2e:44:6d:be:a3:98:03:82:0c:67:9e:
c3:c6:6c:ec:3e:17:2b:87:a9:af:23:0c:98:8b:14:
c1:d5:b1:fc:2e:47:07:21:1a:35:da:48:bf:32:72:
e1:6c:31:48:4c:bd:44:ce:5f:69:c7:94:3a:e4:28:
e0:bc:28:cc:9b:20:d7:b1:b9:64:17:b4:7c:17:f9:
42:e0:b3:92:3c:59:a8:cf:65:24:b7:79:07:53:32:
9a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:61:5B:47:01:A5:08:28:A1:74:C2:78:2D:E7:FD:70:71:60:86:19
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/CWFbRwGlCCihdMJ4Lef9cHFghhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
93.93.96.0/21
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
99:b5:70:41:0d:8f:56:ef:00:7f:80:74:5f:39:25:db:5d:4a:
5a:8a:7c:d1:00:ed:69:f2:80:16:06:b3:5e:cc:b0:c5:5f:e3:
e0:74:e3:e6:0c:7f:73:ad:fd:a3:68:1a:f6:82:7c:1a:59:30:
e2:93:67:4f:ca:ff:d5:e3:30:28:77:02:da:29:22:95:ef:09:
93:b8:d3:9e:13:a4:c2:d0:bb:a0:89:6b:d8:19:f3:48:91:2e:
de:76:a2:bd:ee:74:dc:e2:68:b0:ea:04:01:59:80:ea:92:0a:
19:86:0c:75:57:86:7c:e3:1f:52:8d:72:f1:d2:f9:49:3f:ad:
d3:2b:27:6b:ec:8c:df:62:13:1b:2e:32:d1:e1:c1:8c:b0:77:
c6:0e:34:00:c5:d8:70:5c:f4:66:96:3f:6b:c3:eb:bd:73:63:
ed:b6:56:6e:7f:f1:45:34:b0:b1:22:fb:b8:d3:05:f6:34:a2:
bf:ba:04:af:38:a0:26:4e:00:de:a1:9f:66:37:36:12:23:f5:
cc:a8:bd:62:73:9c:5c:1e:6e:d8:a3:d4:75:71:66:54:8e:fc:
a1:16:a5:f2:76:31:05:d1:b5:bd:ce:ac:46:74:b8:2a:4b:26:
9d:a0:4d:5b:5a:6f:79:38:7f:1a:fc:9e:09:c9:68:94:3d:09:
e3:93:91:84
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZUPtqQRX/mLZV1rTkgqO1reMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjUwMjE2MTcwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTYxNWI0NzAxYTUwODI4YTE3NGMyNzgyZGU3ZmQ3MDcxNjA4NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyujoruexHxJnpvV8tJFrewmcFr/
Cef7Uw16M0wHV3PAR4n8zJyzpuPLkZRZj4iR7A66LpPeXEpkPjWZaLe2EJQtyPLw
6kiJXQcHVJoUSFpaox6Sr6LlILiWmiPYJyru+UGE18y7HIVJu8Hp/AJC9ZmwNDXD
tdiJbMi/Jh/qSl90mD6m+L3xLq9jytMKrwSTHnjHue2huaxlxXQC4wWEF2gYSUiu
j3ImLkRtvqOYA4IMZ57DxmzsPhcrh6mvIwyYixTB1bH8LkcHIRo12ki/MnLhbDFI
TL1Ezl9px5Q65CjgvCjMmyDXsblkF7R8F/lC4LOSPFmoz2Ukt3kHUzKaGQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFAlhW0cBpQgooXTCeC3n/XBxYIYZMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvQ1dGYlJ3R2xDQ2loZE1KNExlZjljSEZnaGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANdXWADBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJ
KoZIhvcNAQELBQADggEBAJm1cEENj1bvAH+AdF85JdtdSlqKfNEA7WnygBYGs17M
sMVf4+B04+YMf3Ot/aNoGvaCfBpZMOKTZ0/K/9XjMCh3AtopIpXvCZO4054TpMLQ
u6CJa9gZ80iRLt52or3udNziaLDqBAFZgOqSChmGDHVXhnzjH1KNcvHS+Uk/rdMr
J2vsjN9iExsuMtHhwYywd8YONADF2HBc9GaWP2vD671zY+22Vm5/8UU0sLEi+7jT
BfY0or+6BK84oCZOAN6hn2Y3NhIj9cyovWJznFwebtij1HVxZlSO/KEWpfJ2MQXR
tb3OrEZ0uCpLJp2gTVtab3k4fxr8ngnJaJQ9CeOTkYQ=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:48:23 2025 by rpki-client on console.sobornost.net