Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f8cf57-571f-49ee-a76d-13a8cb2587d4/1/kX62bL3xBVpkyK0FphmC5iQUK74.roa
File: kX62bL3xBVpkyK0FphmC5iQUK74.roa (raw, json)
Hash identifier: GEBZd8qkO5malJhFWg729yyTB3o+issIVlA3FLkcy9o=
Subject key identifier: 91:7E:B6:6C:BD:F1:05:5A:64:C8:AD:05:A6:19:82:E6:24:14:2B:BE
Certificate issuer: /CN=ad44be18ee3e0d2747670555e86b000965e8139b
Certificate serial: 01941F8C39B76C16E73841CBC8D15BA73614
Authority key identifier: AD:44:BE:18:EE:3E:0D:27:47:67:05:55:E8:6B:00:09:65:E8:13:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUS-GO4-DSdHZwVV6GsACWXoE5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f8cf57-571f-49ee-a76d-13a8cb2587d4/1/kX62bL3xBVpkyK0FphmC5iQUK74.roa
Signing time: Wed 01 Jan 2025 01:47:51 +0000
ROA not before: Wed 01 Jan 2025 01:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43356
IP address blocks: 37.218.196.0/24 maxlen: 24
37.218.197.0/24 maxlen: 24
37.218.198.0/24 maxlen: 24
37.218.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:39:b7:6c:16:e7:38:41:cb:c8:d1:5b:a7:36:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad44be18ee3e0d2747670555e86b000965e8139b
Validity
Not Before: Jan 1 01:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=917eb66cbdf1055a64c8ad05a61982e624142bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b0:57:d3:03:fc:5d:ef:c6:ad:dc:57:8e:be:
29:7d:7a:03:b9:a5:72:b4:b7:84:b5:16:60:6d:6d:
c7:22:62:57:e5:df:74:cf:33:19:7c:2e:95:da:2d:
3f:08:b9:13:00:3d:91:bd:fc:22:46:33:e0:21:a9:
c9:62:bf:06:dc:1d:39:84:fe:26:72:56:49:1c:07:
ae:5d:81:a0:39:f2:55:3e:04:d1:8c:46:0c:d6:5f:
dd:9a:eb:c5:56:84:57:49:98:2c:00:f7:4a:fc:d3:
c1:4f:5d:b0:96:7b:6b:1b:5e:a2:c7:16:0f:ef:81:
36:c0:e9:8f:da:b5:8c:7c:11:1b:d3:43:9b:a5:d5:
d0:54:5c:df:ea:c6:2c:0b:ab:4a:cd:14:99:84:30:
f7:ee:e8:e8:9c:aa:6a:05:bc:d9:a1:fa:8f:76:3e:
f5:34:c4:56:23:4f:de:b7:b4:d1:e4:f8:95:04:61:
18:15:50:46:0c:4b:37:7b:00:6f:dc:01:8f:87:88:
ee:36:ec:7d:dc:33:5e:4c:5a:7b:4e:fe:6b:d4:da:
ec:ca:d2:9b:6a:f5:f0:63:6d:7e:53:b4:3c:11:c4:
bc:f9:09:0f:5e:79:16:95:b6:df:99:26:44:ba:d7:
18:40:2c:be:f7:6c:9a:c2:ef:21:95:02:c7:95:4b:
5a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7E:B6:6C:BD:F1:05:5A:64:C8:AD:05:A6:19:82:E6:24:14:2B:BE
X509v3 Authority Key Identifier:
keyid:AD:44:BE:18:EE:3E:0D:27:47:67:05:55:E8:6B:00:09:65:E8:13:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUS-GO4-DSdHZwVV6GsACWXoE5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f8cf57-571f-49ee-a76d-13a8cb2587d4/1/kX62bL3xBVpkyK0FphmC5iQUK74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f8cf57-571f-49ee-a76d-13a8cb2587d4/1/rUS-GO4-DSdHZwVV6GsACWXoE5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.196.0/22
Signature Algorithm: sha256WithRSAEncryption
42:c3:49:74:01:22:93:de:f3:50:05:13:24:69:92:04:b5:32:
4b:e7:2c:57:7d:63:88:b1:33:b6:3c:36:25:28:a6:12:24:23:
07:5a:e4:a1:19:5b:6e:f0:53:2f:89:7d:f5:96:cb:99:7d:74:
8f:28:b3:ee:21:09:b5:e7:ef:41:7e:2b:ff:ff:72:03:8e:e3:
12:ef:96:6f:c2:f2:19:ef:34:eb:a7:51:8c:02:aa:c7:05:99:
fc:70:e0:c9:bb:c0:17:36:c5:ec:7f:6e:b9:a5:75:77:77:72:
65:d5:63:07:e7:35:da:b8:f2:55:73:c2:95:fb:5a:4d:0f:da:
dd:d4:87:3d:72:85:18:7d:dd:5e:bb:94:a7:c2:e8:71:1b:1f:
0a:ad:e8:f7:ab:ef:29:a2:07:63:8e:42:ae:ef:1d:9d:16:79:
46:7a:96:c1:82:25:77:5f:da:4e:e2:8d:77:a5:fd:24:95:f7:
ab:6c:36:08:32:52:de:5a:87:bc:1a:be:c3:1f:b4:98:fa:51:
c1:86:e8:bc:d9:ec:c1:04:86:88:33:cc:ae:8a:53:56:46:c3:
98:19:d9:e2:b0:67:76:52:2a:65:7c:57:b5:0c:4b:e2:fb:14:
06:f9:f6:56:92:40:e8:29:f4:00:02:a1:b5:ae:15:e0:32:83:
37:8d:97:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjDm3bBbnOEHLyNFbpzYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNDRiZTE4ZWUzZTBkMjc0NzY3MDU1NWU4NmIwMDA5NjVl
ODEzOWIwHhcNMjUwMTAxMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdlYjY2Y2JkZjEwNTVhNjRjOGFkMDVhNjE5ODJlNjI0MTQyYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7BX0wP8Xe/GrdxXjr4pfXoDuaVy
tLeEtRZgbW3HImJX5d90zzMZfC6V2i0/CLkTAD2RvfwiRjPgIanJYr8G3B05hP4m
clZJHAeuXYGgOfJVPgTRjEYM1l/dmuvFVoRXSZgsAPdK/NPBT12wlntrG16ixxYP
74E2wOmP2rWMfBEb00ObpdXQVFzf6sYsC6tKzRSZhDD37ujonKpqBbzZofqPdj71
NMRWI0/et7TR5PiVBGEYFVBGDEs3ewBv3AGPh4juNux93DNeTFp7Tv5r1NrsytKb
avXwY21+U7Q8EcS8+QkPXnkWlbbfmSZEutcYQCy+92yawu8hlQLHlUtavQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJF+tmy98QVaZMitBaYZguYkFCu+MB8GA1UdIwQY
MBaAFK1EvhjuPg0nR2cFVehrAAll6BObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclVTLUdPNC1EU2RIWndWVjZHc0FDV1hvRTVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mOGNmNTctNTcxZi00OWVlLWE3NmQt
MTNhOGNiMjU4N2Q0LzEva1g2MmJMM3hCVnBreUswRnBobUM1aVFVSzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mOGNmNTctNTcxZi00OWVlLWE3NmQtMTNhOGNiMjU4N2Q0
LzEvclVTLUdPNC1EU2RIWndWVjZHc0FDV1hvRTVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJdrEMA0G
CSqGSIb3DQEBCwUAA4IBAQBCw0l0ASKT3vNQBRMkaZIEtTJL5yxXfWOIsTO2PDYl
KKYSJCMHWuShGVtu8FMviX31lsuZfXSPKLPuIQm15+9Bfiv//3IDjuMS75ZvwvIZ
7zTrp1GMAqrHBZn8cODJu8AXNsXsf265pXV3d3Jl1WMH5zXauPJVc8KV+1pND9rd
1Ic9coUYfd1eu5SnwuhxGx8Krej3q+8pogdjjkKu7x2dFnlGepbBgiV3X9pO4o13
pf0klferbDYIMlLeWoe8Gr7DH7SY+lHBhui82ezBBIaIM8yuilNWRsOYGdnisGd2
UiplfFe1DEvi+xQG+fZWkkDoKfQAAqG1rhXgMoM3jZdE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net