Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gB2fXfbdfy252BikZLLxdk3XYu8.roa
File: gB2fXfbdfy252BikZLLxdk3XYu8.roa (raw, json)
Hash identifier: zpfl3CbVSJoDpmaR3S/VdLjMMfe03npRgK6TWeTWNqw=
Subject key identifier: 80:1D:9F:5D:F6:DD:7F:2D:B9:D8:18:A4:64:B2:F1:76:4D:D7:62:EF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01962646DB40ADA8B2892DAD8CB932C9EE51
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gB2fXfbdfy252BikZLLxdk3XYu8.roa
Signing time: Fri 11 Apr 2025 19:14:59 +0000
ROA not before: Fri 11 Apr 2025 19:14:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.220.0/24 maxlen: 24
151.242.254.0/24 maxlen: 24
151.243.150.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:26:46:db:40:ad:a8:b2:89:2d:ad:8c:b9:32:c9:ee:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 11 19:14:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=801d9f5df6dd7f2db9d818a464b2f1764dd762ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:70:25:1a:65:77:06:c9:b9:42:f5:3c:19:48:
b0:13:9f:8e:7b:ef:02:51:b6:41:41:3f:a1:56:66:
89:ca:08:49:8c:97:58:9a:bc:3b:35:8d:93:54:45:
13:be:35:c9:59:dd:23:31:b3:83:f1:c5:0a:4d:7c:
c7:48:d3:e9:81:65:52:e2:da:fd:4a:c7:0e:52:dd:
b1:09:9e:f4:90:b7:c4:49:45:60:9c:81:91:7b:a8:
63:b3:8e:45:5a:cd:87:20:38:f5:e6:a8:4c:ad:cd:
a8:b1:8b:f9:53:2b:96:1a:78:b7:d8:27:be:a2:d3:
61:76:53:36:55:24:b2:27:b1:8a:ba:aa:b3:7d:08:
34:d3:43:07:97:7e:74:c3:5c:29:1f:c8:d4:a6:43:
0b:79:13:99:c7:f7:17:41:18:e5:a5:5c:d1:c8:8c:
bc:8a:04:7a:4a:bc:68:9d:68:7b:c7:2d:11:45:3c:
e9:c0:f4:fe:54:d2:ae:cd:e6:cd:dd:27:f6:d3:a9:
ab:e9:5f:fb:01:30:27:a3:20:c3:ce:2b:45:fe:3d:
30:50:8c:d6:4d:36:22:9b:77:ed:97:b9:b4:95:38:
d5:19:1e:d9:37:a5:2c:1e:98:24:e6:0e:19:e1:88:
0c:05:80:ea:d6:23:d3:81:a2:46:9a:a8:68:d7:48:
8d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1D:9F:5D:F6:DD:7F:2D:B9:D8:18:A4:64:B2:F1:76:4D:D7:62:EF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gB2fXfbdfy252BikZLLxdk3XYu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.220.0/24
151.242.254.0/24
151.243.150.0/24
151.243.228.0/24
151.243.243.0/24
Signature Algorithm: sha256WithRSAEncryption
98:76:a9:2c:f8:b3:27:d1:a4:8b:9d:a9:3e:b9:99:a9:53:e3:
f1:db:41:47:b6:2d:f7:d0:8b:42:c0:f1:1c:9b:91:e6:ba:91:
61:59:77:40:a4:fb:89:bd:a9:1b:14:de:e0:04:2b:c4:30:6b:
79:bc:dc:09:f6:83:03:96:9b:bd:30:cc:69:df:f6:20:80:3a:
fb:18:6f:c7:7f:fe:82:9f:dd:cc:ed:ef:63:17:b8:d8:c3:8a:
6c:71:02:c0:ee:df:5d:53:9c:ad:ed:a2:69:40:88:a5:96:e6:
21:c9:0e:dd:3d:c4:67:56:1e:8b:83:1d:2d:76:4b:49:d4:3e:
83:37:f9:6d:7a:f7:8e:fd:c4:88:17:95:1b:eb:4f:be:63:67:
b4:52:e3:c2:7b:cb:84:05:cf:ca:68:86:a5:34:44:58:c4:fd:
a3:d6:28:23:83:f5:88:ef:c5:d5:2e:b9:5d:c3:fc:54:e1:9c:
de:43:35:70:56:dc:d8:e9:41:d1:2e:84:2d:cc:c0:fc:e0:cf:
80:ca:74:d3:33:3c:43:4d:b4:f8:e0:5e:15:1e:83:a1:c1:bf:
91:e2:f8:44:be:06:15:b2:a4:b8:1a:71:6a:f3:d3:0e:ea:a0:
aa:12:54:6f:55:8c:bd:a7:d4:48:e0:11:25:3a:50:57:db:9a:
26:8a:84:8c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZYmRttAraiyiS2tjLkyye5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDExMTkxNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDFkOWY1ZGY2ZGQ3ZjJkYjlkODE4YTQ2NGIyZjE3NjRkZDc2MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnAlGmV3Bsm5QvU8GUiwE5+Oe+8C
UbZBQT+hVmaJyghJjJdYmrw7NY2TVEUTvjXJWd0jMbOD8cUKTXzHSNPpgWVS4tr9
SscOUt2xCZ70kLfESUVgnIGRe6hjs45FWs2HIDj15qhMrc2osYv5UyuWGni32Ce+
otNhdlM2VSSyJ7GKuqqzfQg000MHl350w1wpH8jUpkMLeROZx/cXQRjlpVzRyIy8
igR6SrxonWh7xy0RRTzpwPT+VNKuzebN3Sf206mr6V/7ATAnoyDDzitF/j0wUIzW
TTYim3ftl7m0lTjVGR7ZN6UsHpgk5g4Z4YgMBYDq1iPTgaJGmqho10iNpwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIAdn1323X8tudgYpGSy8XZN12LvMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZ0IyZlhmYmRmeTI1MkJpa1pMTHhkazNYWXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJcrCAwQA
JcrcAwQAl/L+AwQAl/OWAwQAl/PkAwQAl/PzMA0GCSqGSIb3DQEBCwUAA4IBAQCY
dqks+LMn0aSLnak+uZmpU+Px20FHti330ItCwPEcm5HmupFhWXdApPuJvakbFN7g
BCvEMGt5vNwJ9oMDlpu9MMxp3/YggDr7GG/Hf/6Cn93M7e9jF7jYw4pscQLA7t9d
U5yt7aJpQIilluYhyQ7dPcRnVh6Lgx0tdktJ1D6DN/lteveO/cSIF5Ub60++Y2e0
UuPCe8uEBc/KaIalNERYxP2j1igjg/WI78XVLrldw/xU4ZzeQzVwVtzY6UHRLoQt
zMD84M+AynTTMzxDTbT44F4VHoOhwb+R4vhEvgYVsqS4GnFq89MO6qCqElRvVYy9
p9RI4BElOlBX25omioSM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:23 2025 by rpki-client on console.sobornost.net