Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/UhGXOql3wvVtfQg-iG_tYsMPrC8.roa
File: UhGXOql3wvVtfQg-iG_tYsMPrC8.roa (raw, json)
Hash identifier: zVNnDPzpl1Hm8vFVO+l7FSeRp6foXOjFqdd+lKbebf0=
Subject key identifier: 52:11:97:3A:A9:77:C2:F5:6D:7D:08:3E:88:6F:ED:62:C3:0F:AC:2F
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 01953BD83FE845E9FFDA0DE33728C70A9AD2
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/UhGXOql3wvVtfQg-iG_tYsMPrC8.roa
Signing time: Tue 25 Feb 2025 06:43:02 +0000
ROA not before: Tue 25 Feb 2025 06:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57675
IP address blocks: 37.32.64.0/24 maxlen: 24
37.32.65.0/24 maxlen: 24
37.32.66.0/24 maxlen: 24
37.32.67.0/24 maxlen: 24
37.32.68.0/24 maxlen: 24
37.32.69.0/24 maxlen: 24
37.32.70.0/24 maxlen: 24
37.32.71.0/24 maxlen: 24
37.32.73.0/24 maxlen: 24
37.32.76.0/24 maxlen: 24
2a0f:1300::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3b:d8:3f:e8:45:e9:ff:da:0d:e3:37:28:c7:0a:9a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Feb 25 06:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5211973aa977c2f56d7d083e886fed62c30fac2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1c:41:33:25:b5:92:db:2b:c9:45:26:46:e7:
96:90:b5:50:13:af:3f:6d:55:ea:d4:09:51:82:3d:
9f:92:b7:57:bb:10:0d:ba:6e:7d:c6:d8:5d:db:d5:
52:f3:fd:55:0a:6d:ae:2c:6f:33:f1:4f:11:8f:c1:
d3:54:4c:90:b8:7f:ae:36:74:09:d9:9a:bc:8f:ec:
04:79:48:ca:87:75:72:5a:50:04:86:98:06:9b:64:
18:6b:ef:62:3f:22:a8:cc:ba:21:79:29:36:de:a0:
2b:c1:2f:d4:24:fb:e5:e4:05:91:db:ae:5d:d1:72:
74:a9:b1:e0:0a:5e:86:3f:da:d7:52:f8:76:e8:dd:
a5:fb:a8:e1:fa:c7:de:53:69:06:17:c9:fd:39:d8:
48:40:df:fd:96:6f:0f:4d:14:0d:09:ab:dc:cd:d6:
4d:03:94:74:91:14:55:ba:5c:64:ae:8f:ef:5c:31:
96:a4:63:b8:f5:69:a1:48:4b:9f:0e:e0:ed:95:62:
9c:9b:91:f8:e7:e8:37:02:89:d9:4d:87:93:ad:a2:
33:79:02:9c:56:60:ae:d9:ca:49:ac:f7:d3:4d:9f:
ce:d5:c8:47:a6:31:35:bd:b1:18:17:97:bb:4c:94:
a2:17:19:af:8c:93:a5:0b:09:75:5e:7e:8a:9c:5e:
a4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:11:97:3A:A9:77:C2:F5:6D:7D:08:3E:88:6F:ED:62:C3:0F:AC:2F
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/UhGXOql3wvVtfQg-iG_tYsMPrC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/21
37.32.73.0/24
37.32.76.0/24
IPv6:
2a0f:1300::/29
Signature Algorithm: sha256WithRSAEncryption
90:7d:a4:d8:1e:bc:cd:27:36:bb:ce:f1:41:a9:f7:8a:ec:a2:
3c:61:8d:eb:0b:e6:6a:29:97:c2:92:ba:1e:13:30:98:cb:32:
fd:5c:d6:f2:29:3c:82:f1:7b:5e:9d:24:d9:52:4f:04:9c:d9:
e4:ad:c4:61:b2:61:9c:9d:71:60:52:31:8c:2a:ce:2f:5e:5c:
19:93:c6:ab:72:7f:16:f6:1b:7f:3b:44:57:1a:d4:fa:c1:a4:
4b:36:1f:e2:66:55:dc:0e:93:a2:0b:01:b6:38:09:35:ff:ca:
64:26:29:89:8f:fe:d7:56:12:36:50:dc:54:c1:12:d0:50:88:
26:ae:9d:15:72:be:5d:6e:89:a3:61:18:ac:f2:63:5f:20:0a:
46:99:0e:1c:a5:f1:9e:d8:3d:e7:c6:60:ec:4c:66:a4:b5:ef:
e6:b3:0b:bd:25:76:6f:6b:50:66:cb:75:1e:28:68:e5:5f:bc:
1d:7b:ce:5b:49:61:cb:b8:7e:47:8a:fc:aa:9a:11:05:2d:8b:
57:4a:6b:d5:98:59:c0:fa:1e:34:77:2b:19:6f:70:0f:b0:62:
d1:d0:75:5d:85:c7:e6:ea:61:e4:b0:bd:a7:d3:50:a9:64:04:
44:e9:19:6d:4c:ab:d5:d9:db:5a:31:02:53:3f:b7:19:c3:7b:
81:72:d8:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZU72D/oRen/2g3jNyjHCprSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwMjI1MDY0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjExOTczYWE5NzdjMmY1NmQ3ZDA4M2U4ODZmZWQ2MmMzMGZhYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxxBMyW1ktsryUUmRueWkLVQE68/
bVXq1AlRgj2fkrdXuxANum59xthd29VS8/1VCm2uLG8z8U8Rj8HTVEyQuH+uNnQJ
2Zq8j+wEeUjKh3VyWlAEhpgGm2QYa+9iPyKozLoheSk23qArwS/UJPvl5AWR265d
0XJ0qbHgCl6GP9rXUvh26N2l+6jh+sfeU2kGF8n9OdhIQN/9lm8PTRQNCavczdZN
A5R0kRRVulxkro/vXDGWpGO49WmhSEufDuDtlWKcm5H45+g3AonZTYeTraIzeQKc
VmCu2cpJrPfTTZ/O1chHpjE1vbEYF5e7TJSiFxmvjJOlCwl1Xn6KnF6k1wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFIRlzqpd8L1bX0IPohv7WLDD6wvMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvVWhHWE9xbDN3dlZ0ZlFnLWlHX3RZc01QckM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJSBAAwQA
JSBJAwQAJSBMMA0EAgACMAcDBQMqDxMAMA0GCSqGSIb3DQEBCwUAA4IBAQCQfaTY
HrzNJza7zvFBqfeK7KI8YY3rC+ZqKZfCkroeEzCYyzL9XNbyKTyC8XtenSTZUk8E
nNnkrcRhsmGcnXFgUjGMKs4vXlwZk8arcn8W9ht/O0RXGtT6waRLNh/iZlXcDpOi
CwG2OAk1/8pkJimJj/7XVhI2UNxUwRLQUIgmrp0Vcr5dbomjYRis8mNfIApGmQ4c
pfGe2D3nxmDsTGakte/mswu9JXZva1Bmy3UeKGjlX7wde85bSWHLuH5HivyqmhEF
LYtXSmvVmFnA+h40dysZb3APsGLR0HVdhcfm6mHksL2n01CpZARE6RltTKvV2dta
MQJTP7cZw3uBctiv
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:54:00 2025 by rpki-client on console.sobornost.net