Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/5ZXhnjW9kmttlUXf2RDTyr9aXfs.roa
File: 5ZXhnjW9kmttlUXf2RDTyr9aXfs.roa (raw, json)
Hash identifier: vPUm/BYZ8ccBTBvwoMgmMnzKo9RChAfgHExaHYb8jn4=
Subject key identifier: E5:95:E1:9E:35:BD:92:6B:6D:95:45:DF:D9:10:D3:CA:BF:5A:5D:FB
Certificate issuer: /CN=dad7a0b00102a28416e3093b5765a0b27755ccf3
Certificate serial: 019426D944819F1D2B1A7583EC67A60B7047
Authority key identifier: DA:D7:A0:B0:01:02:A2:84:16:E3:09:3B:57:65:A0:B2:77:55:CC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2tegsAECooQW4wk7V2WgsndVzPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/5ZXhnjW9kmttlUXf2RDTyr9aXfs.roa
Signing time: Thu 02 Jan 2025 11:49:20 +0000
ROA not before: Thu 02 Jan 2025 11:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198477
IP address blocks: 37.99.192.0/21 maxlen: 21
37.99.192.0/24 maxlen: 24
37.99.193.0/24 maxlen: 24
37.99.194.0/24 maxlen: 24
37.99.195.0/24 maxlen: 24
37.99.196.0/24 maxlen: 24
37.99.197.0/24 maxlen: 24
37.99.198.0/24 maxlen: 24
37.99.199.0/24 maxlen: 24
185.55.28.0/22 maxlen: 22
185.55.28.0/24 maxlen: 24
185.55.29.0/24 maxlen: 24
185.55.30.0/24 maxlen: 24
185.55.31.0/24 maxlen: 24
2a02:5440::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:44:81:9f:1d:2b:1a:75:83:ec:67:a6:0b:70:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dad7a0b00102a28416e3093b5765a0b27755ccf3
Validity
Not Before: Jan 2 11:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e595e19e35bd926b6d9545dfd910d3cabf5a5dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f0:c1:83:52:74:c9:46:54:19:fd:92:1f:66:
90:7f:6a:0f:3e:6c:ee:7b:cd:17:9f:ee:38:5f:2e:
26:46:43:db:4a:be:c8:07:d4:cd:a8:5c:33:3f:3a:
2b:89:78:dd:55:48:8f:64:20:f8:b9:99:ea:e6:d8:
b3:35:9b:33:88:73:28:aa:aa:be:dd:a7:f3:06:98:
18:81:89:b7:93:e7:a9:04:c9:04:cf:7c:27:7d:40:
af:0a:c2:fa:a2:99:99:aa:23:82:82:a7:12:6e:cf:
72:7d:c0:c2:54:2e:71:8f:2b:a7:11:c3:5f:6b:8b:
39:54:bc:10:2e:a8:c2:15:39:70:f2:b4:6e:05:9a:
82:a9:61:9e:a3:0a:bf:67:62:bc:b5:a9:e6:3d:00:
c3:d6:24:ea:6c:a0:14:18:06:2f:72:8b:41:c5:05:
1a:33:a7:6a:b4:eb:6f:aa:82:a1:a1:e7:9c:3e:ff:
89:f5:cb:1d:17:01:8e:6b:06:af:1f:21:8a:e5:36:
67:99:4f:dc:74:72:e2:98:4c:bb:c3:6e:97:07:b6:
60:a4:29:06:c1:02:2e:77:9f:a6:bf:65:0d:8c:16:
8b:fc:cb:35:ad:47:85:61:bd:5d:bc:0b:c7:11:2a:
03:f4:c7:6a:b0:23:6c:6e:a9:c7:49:58:31:06:23:
18:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:95:E1:9E:35:BD:92:6B:6D:95:45:DF:D9:10:D3:CA:BF:5A:5D:FB
X509v3 Authority Key Identifier:
keyid:DA:D7:A0:B0:01:02:A2:84:16:E3:09:3B:57:65:A0:B2:77:55:CC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2tegsAECooQW4wk7V2WgsndVzPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/5ZXhnjW9kmttlUXf2RDTyr9aXfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/2tegsAECooQW4wk7V2WgsndVzPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.192.0/21
185.55.28.0/22
IPv6:
2a02:5440::/32
Signature Algorithm: sha256WithRSAEncryption
79:60:f3:03:53:82:59:58:53:bf:ce:30:5f:10:ea:01:bc:89:
1d:5a:90:e2:11:99:f8:19:47:b3:a6:2d:27:f2:ab:2c:6f:a2:
fd:43:f4:d1:d6:6a:b2:52:84:77:8a:a3:83:6a:50:4e:4b:a7:
80:a7:4a:32:07:85:9d:c3:10:c2:b2:20:00:ef:ed:4a:75:97:
bc:b0:67:7f:d6:40:6f:d3:4e:5b:09:27:ae:04:c4:53:e7:c4:
31:47:74:0e:aa:ce:3a:0f:51:88:1f:d2:f7:0c:5d:f0:2a:1c:
73:2f:65:0a:b4:73:fc:0b:57:e1:1b:9c:eb:9b:b9:3a:7c:f9:
5a:b5:4a:6b:d7:4e:92:a0:d1:57:fc:ac:1f:78:f1:b3:e0:c8:
37:c9:23:08:c4:eb:ed:72:f2:d2:1f:a8:d5:7f:d7:90:a6:1c:
e3:a4:b7:92:42:44:96:c1:62:30:e4:14:9d:84:75:ca:59:e4:
1d:04:4b:d3:b0:94:65:62:33:af:b1:d2:c1:6e:61:a3:af:16:
c4:41:6d:e9:13:6a:f7:bb:4f:6a:eb:e4:53:6c:b9:c2:70:fe:
66:03:f3:97:80:a1:83:fc:e6:e1:7e:9b:0e:07:c9:29:4e:03:
e7:02:9a:8f:db:a5:78:3e:7d:ee:24:6a:a8:35:71:ed:ab:fc:
04:ef:0d:ea
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2USBnx0rGnWD7GemC3BHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZDdhMGIwMDEwMmEyODQxNmUzMDkzYjU3NjVhMGIyNzc1
NWNjZjMwHhcNMjUwMTAyMTE0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk1ZTE5ZTM1YmQ5MjZiNmQ5NTQ1ZGZkOTEwZDNjYWJmNWE1ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/DBg1J0yUZUGf2SH2aQf2oPPmzu
e80Xn+44Xy4mRkPbSr7IB9TNqFwzPzoriXjdVUiPZCD4uZnq5tizNZsziHMoqqq+
3afzBpgYgYm3k+epBMkEz3wnfUCvCsL6opmZqiOCgqcSbs9yfcDCVC5xjyunEcNf
a4s5VLwQLqjCFTlw8rRuBZqCqWGeowq/Z2K8tanmPQDD1iTqbKAUGAYvcotBxQUa
M6dqtOtvqoKhoeecPv+J9csdFwGOawavHyGK5TZnmU/cdHLimEy7w26XB7ZgpCkG
wQIud5+mv2UNjBaL/Ms1rUeFYb1dvAvHESoD9MdqsCNsbqnHSVgxBiMYnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOWV4Z41vZJrbZVF39kQ08q/Wl37MB8GA1UdIwQY
MBaAFNrXoLABAqKEFuMJO1dloLJ3VczzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnRlZ3NBRUNvb1FXNHdrN1YyV2dzbmRWelBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMmNiMTYtOWMxNi00MGIxLWFjOGMt
OTU5ZGMyMWU5MjkzLzEvNVpYaG5qVzlrbXR0bFVYZjJSRFR5cjlhWGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMmNiMTYtOWMxNi00MGIxLWFjOGMtOTU5ZGMyMWU5Mjkz
LzEvMnRlZ3NBRUNvb1FXNHdrN1YyV2dzbmRWelBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJWPAAwQC
uTccMA0EAgACMAcDBQAqAlRAMA0GCSqGSIb3DQEBCwUAA4IBAQB5YPMDU4JZWFO/
zjBfEOoBvIkdWpDiEZn4GUezpi0n8qssb6L9Q/TR1mqyUoR3iqODalBOS6eAp0oy
B4WdwxDCsiAA7+1KdZe8sGd/1kBv005bCSeuBMRT58QxR3QOqs46D1GIH9L3DF3w
KhxzL2UKtHP8C1fhG5zrm7k6fPlatUpr106SoNFX/KwfePGz4Mg3ySMIxOvtcvLS
H6jVf9eQphzjpLeSQkSWwWIw5BSdhHXKWeQdBEvTsJRlYjOvsdLBbmGjrxbEQW3p
E2r3u09q6+RTbLnCcP5mA/OXgKGD/ObhfpsOB8kpTgPnApqP26V4Pn3uJGqoNXHt
q/wE7w3q
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net