Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/3hcLMvc25IMPdhmKQEHCMZTqIjs.roa
File: 3hcLMvc25IMPdhmKQEHCMZTqIjs.roa (raw, json)
Hash identifier: SEybTz+/cd8wiIccvdujur1jHcT09AAEthIXnDu/BtA=
Subject key identifier: DE:17:0B:32:F7:36:E4:83:0F:76:19:8A:40:41:C2:31:94:EA:22:3B
Certificate issuer: /CN=a21788c08aa437d1165cecbd68fdb195a15dfa08
Certificate serial: 01942369E3C34EF6B298FE23FDD572EF719C
Authority key identifier: A2:17:88:C0:8A:A4:37:D1:16:5C:EC:BD:68:FD:B1:95:A1:5D:FA:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oheIwIqkN9EWXOy9aP2xlaFd-gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/3hcLMvc25IMPdhmKQEHCMZTqIjs.roa
Signing time: Wed 01 Jan 2025 19:48:49 +0000
ROA not before: Wed 01 Jan 2025 19:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207916
IP address blocks: 37.26.74.0/23 maxlen: 23
37.26.76.0/22 maxlen: 22
83.229.20.0/23 maxlen: 23
93.174.80.0/21 maxlen: 21
185.80.116.0/22 maxlen: 22
2a00:1350::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e3:c3:4e:f6:b2:98:fe:23:fd:d5:72:ef:71:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a21788c08aa437d1165cecbd68fdb195a15dfa08
Validity
Not Before: Jan 1 19:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de170b32f736e4830f76198a4041c23194ea223b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:db:3c:1d:ed:25:1d:2f:47:e6:ec:5a:3d:8c:
64:06:33:e3:73:13:44:7a:7c:30:a1:aa:84:d4:52:
4b:75:88:2c:84:95:e8:70:21:a5:0f:a3:a3:df:07:
aa:98:3c:a4:ef:0c:b2:8d:44:75:b2:62:9d:9d:80:
ef:5f:cd:2c:b2:9e:d6:b5:0c:52:2b:4e:04:2b:ee:
14:1e:e1:58:9f:f9:87:08:ab:f3:c8:d5:18:7e:03:
6f:0a:32:a2:56:52:2d:17:6d:f5:0e:e9:e6:ba:a2:
fd:27:2e:07:81:4e:96:0e:4b:bf:21:7e:bf:ca:1d:
3d:56:65:c3:d7:99:f7:6b:c6:24:f4:ce:81:ee:13:
da:f0:d4:74:ab:9f:09:2e:5b:76:d7:57:be:29:1d:
a8:0f:ca:b0:06:3b:9c:1f:4e:b9:3a:f8:43:12:ae:
62:3e:17:3b:2f:75:84:c2:90:e9:12:f2:e1:1d:07:
83:86:94:cf:91:82:7e:19:81:be:52:df:e2:34:cc:
ac:ad:5e:02:a2:39:e9:cd:1c:5b:c0:a7:7e:66:fa:
e2:24:37:29:76:0d:f7:9f:6b:44:19:6e:c4:3e:b2:
16:2d:3a:cf:6c:06:3b:be:a2:ca:d0:7a:16:af:6a:
23:55:49:f6:a7:5b:dc:6f:39:3b:35:95:22:85:ea:
7b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:17:0B:32:F7:36:E4:83:0F:76:19:8A:40:41:C2:31:94:EA:22:3B
X509v3 Authority Key Identifier:
keyid:A2:17:88:C0:8A:A4:37:D1:16:5C:EC:BD:68:FD:B1:95:A1:5D:FA:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oheIwIqkN9EWXOy9aP2xlaFd-gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/3hcLMvc25IMPdhmKQEHCMZTqIjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a0c7c-f2ca-4aa9-87c5-77f4fd53425e/1/oheIwIqkN9EWXOy9aP2xlaFd-gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.74.0-37.26.79.255
83.229.20.0/23
93.174.80.0/21
185.80.116.0/22
IPv6:
2a00:1350::/32
Signature Algorithm: sha256WithRSAEncryption
63:6c:7e:0f:95:f6:17:d5:30:10:e9:97:e7:48:cb:49:ac:10:
23:28:78:76:62:b9:1f:a3:e7:31:5a:81:08:d8:85:6d:eb:ef:
7d:03:31:27:6c:1e:c0:44:ff:59:55:f8:dc:16:f7:11:77:99:
a1:36:9c:a9:bd:64:21:d7:5f:f8:79:27:47:80:31:aa:d9:42:
46:64:7e:c7:e7:f3:a4:18:24:de:72:73:87:e6:3e:73:cc:a4:
8f:fb:67:7f:e6:66:5d:2e:03:81:06:6c:0f:94:be:69:b9:c5:
3c:93:43:61:03:db:7f:53:77:93:72:95:a8:b4:2e:d7:0e:f8:
d0:fe:f7:ae:b5:43:08:c5:f4:17:30:a9:d4:e0:5b:c4:6a:aa:
48:f4:a8:e4:85:22:08:f6:81:cf:39:7d:5a:88:42:4d:ae:1f:
cf:33:5d:f4:d5:ea:96:7d:1c:c5:25:01:cb:d0:8a:4f:3f:39:
28:6a:a9:6b:58:04:ce:99:50:dc:8d:30:11:2f:7c:ea:1b:03:
4d:b9:f3:8b:44:10:b0:e8:6b:31:15:51:3c:d2:d8:81:0a:dd:
de:14:c7:94:81:a2:5e:73:21:ce:37:65:da:f8:25:d4:58:fa:
ad:b1:ff:8a:b5:82:af:9a:81:44:64:18:34:78:88:a7:95:c5:
50:4c:19:43
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQjaePDTvaymP4j/dVy73GcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMTc4OGMwOGFhNDM3ZDExNjVjZWNiZDY4ZmRiMTk1YTE1
ZGZhMDgwHhcNMjUwMTAxMTk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE3MGIzMmY3MzZlNDgzMGY3NjE5OGE0MDQxYzIzMTk0ZWEyMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ds8He0lHS9H5uxaPYxkBjPjcxNE
enwwoaqE1FJLdYgshJXocCGlD6Oj3weqmDyk7wyyjUR1smKdnYDvX80ssp7WtQxS
K04EK+4UHuFYn/mHCKvzyNUYfgNvCjKiVlItF231DunmuqL9Jy4HgU6WDku/IX6/
yh09VmXD15n3a8Yk9M6B7hPa8NR0q58JLlt211e+KR2oD8qwBjucH065OvhDEq5i
Phc7L3WEwpDpEvLhHQeDhpTPkYJ+GYG+Ut/iNMysrV4CojnpzRxbwKd+ZvriJDcp
dg33n2tEGW7EPrIWLTrPbAY7vqLK0HoWr2ojVUn2p1vcbzk7NZUihep7pwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFN4XCzL3NuSDD3YZikBBwjGU6iI7MB8GA1UdIwQY
MBaAFKIXiMCKpDfRFlzsvWj9sZWhXfoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2hlSXdJcWtOOUVXWE95OWFQMnhsYUZkLWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTBjN2MtZjJjYS00YWE5LTg3YzUt
NzdmNGZkNTM0MjVlLzEvM2hjTE12YzI1SU1QZGhtS1FFSENNWlRxSWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTBjN2MtZjJjYS00YWE5LTg3YzUtNzdmNGZkNTM0MjVl
LzEvb2hlSXdJcWtOOUVXWE95OWFQMnhsYUZkLWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAElGkoD
BAQlGkADBAFT5RQDBANdrlADBAK5UHQwDQQCAAIwBwMFACoAE1AwDQYJKoZIhvcN
AQELBQADggEBAGNsfg+V9hfVMBDpl+dIy0msECMoeHZiuR+j5zFagQjYhW3r730D
MSdsHsBE/1lV+NwW9xF3maE2nKm9ZCHXX/h5J0eAMarZQkZkfsfn86QYJN5yc4fm
PnPMpI/7Z3/mZl0uA4EGbA+Uvmm5xTyTQ2ED239Td5Nylai0LtcO+ND+9661QwjF
9BcwqdTgW8Rqqkj0qOSFIgj2gc85fVqIQk2uH88zXfTV6pZ9HMUlAcvQik8/OShq
qWtYBM6ZUNyNMBEvfOobA02584tEELDoazEVUTzS2IEK3d4Ux5SBol5zIc43Zdr4
JdRY+q2x/4q1gq+agURkGDR4iKeVxVBMGUM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:39 2025 by rpki-client on console.sobornost.net