Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/g3nTkjVHfCtnRgD2iYnxWWRZOIk.roa
File: g3nTkjVHfCtnRgD2iYnxWWRZOIk.roa (raw, json)
Hash identifier: 8O+KUIsUB5NmSou/PBbO/5fJhmgcsiY9mA8eGOd3AB0=
Subject key identifier: 83:79:D3:92:35:47:7C:2B:67:46:00:F6:89:89:F1:59:64:59:38:89
Certificate issuer: /CN=2182cd3ac5c4db67ea731a6b7198b7d6e4ff115c
Certificate serial: 0194258FB64A4CC8436E398E69FEDDEE6386
Authority key identifier: 21:82:CD:3A:C5:C4:DB:67:EA:73:1A:6B:71:98:B7:D6:E4:FF:11:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYLNOsXE22fqcxprcZi31uT_EVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/g3nTkjVHfCtnRgD2iYnxWWRZOIk.roa
Signing time: Thu 02 Jan 2025 05:49:22 +0000
ROA not before: Thu 02 Jan 2025 05:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211262
IP address blocks: 37.252.220.0/24 maxlen: 24
2a05:5180::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b6:4a:4c:c8:43:6e:39:8e:69:fe:dd:ee:63:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2182cd3ac5c4db67ea731a6b7198b7d6e4ff115c
Validity
Not Before: Jan 2 05:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8379d39235477c2b674600f68989f15964593889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c9:a6:52:c7:fc:86:dc:3f:58:3a:32:5d:71:
3e:b3:c3:40:1c:10:1c:23:66:04:be:3c:06:96:6b:
28:14:5a:08:d0:23:80:c8:90:3c:d2:a5:e4:a2:cd:
ad:09:0c:67:fc:79:7c:f8:c7:98:ff:d9:43:73:64:
69:34:3b:dc:18:91:d7:7b:37:97:08:12:44:43:e8:
f6:7f:52:29:ee:cd:92:cd:29:60:36:09:3c:00:b5:
0e:ab:71:9b:a8:65:2b:ac:98:0b:f7:77:9d:88:1f:
94:ff:82:b4:b5:bc:7e:05:b4:7d:4a:71:8d:c8:1c:
af:76:46:23:96:4b:a5:b4:30:01:55:f4:5c:1e:46:
4e:e8:5c:bd:02:7e:d4:d6:ed:f1:7d:58:b6:a8:a3:
db:9c:96:5b:25:f0:05:5c:3c:04:90:26:81:cb:a5:
42:7e:ef:07:d8:fc:dc:bc:fa:ab:e5:fe:ee:27:3c:
b2:f5:b7:93:e5:76:c0:27:61:07:75:88:61:c6:09:
ae:58:cb:ae:3e:6b:70:16:6b:fb:1e:08:9a:75:a1:
22:4a:23:34:d6:67:ae:4f:77:6f:99:c0:03:62:84:
e7:8f:db:bc:37:ef:4b:52:d1:b6:0a:60:2d:2c:27:
6f:e2:49:9b:76:3a:69:a6:96:1c:bf:04:86:ba:9a:
23:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:79:D3:92:35:47:7C:2B:67:46:00:F6:89:89:F1:59:64:59:38:89
X509v3 Authority Key Identifier:
keyid:21:82:CD:3A:C5:C4:DB:67:EA:73:1A:6B:71:98:B7:D6:E4:FF:11:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYLNOsXE22fqcxprcZi31uT_EVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/g3nTkjVHfCtnRgD2iYnxWWRZOIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/IYLNOsXE22fqcxprcZi31uT_EVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.220.0/24
IPv6:
2a05:5180::/29
Signature Algorithm: sha256WithRSAEncryption
4e:d0:3a:b9:7d:bc:84:fc:07:75:a7:de:ca:0a:85:d3:21:e7:
60:c6:be:12:37:96:d1:73:a0:60:ed:c6:56:67:9b:1a:71:0d:
46:bd:49:43:0c:de:83:88:e4:7a:e9:97:21:97:b9:89:87:17:
1d:2b:db:48:46:16:27:1c:2f:57:8a:ce:0d:30:d0:52:97:e2:
8d:66:9d:a4:00:9e:aa:2b:37:13:ea:19:55:a2:53:3c:d2:6a:
8e:a9:87:d2:dc:35:a7:3e:e5:cf:7b:ff:fc:0c:b8:3a:56:13:
61:e5:05:9a:62:23:23:52:60:a6:a0:5a:7f:c0:81:c5:7f:e8:
26:8e:1e:15:45:07:c2:5e:86:b0:6f:9d:83:c6:97:e1:90:32:
26:9a:5a:5e:37:d5:1a:16:12:60:04:24:2f:a8:7b:48:ee:21:
94:aa:88:44:13:db:c0:74:a0:f2:8b:50:9c:bb:c6:48:8a:61:
84:7e:42:3f:4d:ce:d3:eb:26:29:ce:91:62:44:66:6a:e9:d5:
d4:45:66:02:b4:75:9e:89:6f:5b:b7:cd:74:d6:6b:42:40:ff:
c8:da:2c:61:bc:7e:d4:cf:75:e4:4a:f9:61:6b:a5:2e:c4:90:
e3:20:88:87:0d:4c:be:6e:38:f0:62:63:98:7c:4b:57:e4:f5:
d3:ef:62:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj7ZKTMhDbjmOaf7d7mOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODJjZDNhYzVjNGRiNjdlYTczMWE2YjcxOThiN2Q2ZTRm
ZjExNWMwHhcNMjUwMTAyMDU0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc5ZDM5MjM1NDc3YzJiNjc0NjAwZjY4OTg5ZjE1OTY0NTkzODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7smmUsf8htw/WDoyXXE+s8NAHBAc
I2YEvjwGlmsoFFoI0COAyJA80qXkos2tCQxn/Hl8+MeY/9lDc2RpNDvcGJHXezeX
CBJEQ+j2f1Ip7s2SzSlgNgk8ALUOq3GbqGUrrJgL93ediB+U/4K0tbx+BbR9SnGN
yByvdkYjlkultDABVfRcHkZO6Fy9An7U1u3xfVi2qKPbnJZbJfAFXDwEkCaBy6VC
fu8H2PzcvPqr5f7uJzyy9beT5XbAJ2EHdYhhxgmuWMuuPmtwFmv7HgiadaEiSiM0
1meuT3dvmcADYoTnj9u8N+9LUtG2CmAtLCdv4kmbdjppppYcvwSGupojUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIN505I1R3wrZ0YA9omJ8VlkWTiJMB8GA1UdIwQY
MBaAFCGCzTrFxNtn6nMaa3GYt9bk/xFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlMTk9zWEUyMmZxY3hwcmNaaTMxdVRfRVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yZmFlYjUtNmExZC00YTEzLWJhMWYt
NDY2M2JjOWRhOTY0LzEvZzNuVGtqVkhmQ3RuUmdEMmlZbnhXV1JaT0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yZmFlYjUtNmExZC00YTEzLWJhMWYtNDY2M2JjOWRhOTY0
LzEvSVlMTk9zWEUyMmZxY3hwcmNaaTMxdVRfRVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJfzcMA0E
AgACMAcDBQMqBVGAMA0GCSqGSIb3DQEBCwUAA4IBAQBO0Dq5fbyE/Ad1p97KCoXT
Iedgxr4SN5bRc6Bg7cZWZ5sacQ1GvUlDDN6DiOR66Zchl7mJhxcdK9tIRhYnHC9X
is4NMNBSl+KNZp2kAJ6qKzcT6hlVolM80mqOqYfS3DWnPuXPe//8DLg6VhNh5QWa
YiMjUmCmoFp/wIHFf+gmjh4VRQfCXoawb52DxpfhkDImmlpeN9UaFhJgBCQvqHtI
7iGUqohEE9vAdKDyi1Ccu8ZIimGEfkI/Tc7T6yYpzpFiRGZq6dXURWYCtHWeiW9b
t8101mtCQP/I2ixhvH7Uz3XkSvlha6UuxJDjIIiHDUy+bjjwYmOYfEtX5PXT72JJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:25 2025 by rpki-client on console.sobornost.net