Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/9UQ3bjYFxbuQ6WDKQ2z12cmzNp4.roa
File: 9UQ3bjYFxbuQ6WDKQ2z12cmzNp4.roa (raw, json)
Hash identifier: utvXFHGbNyh5QD6WYroUVLQ+dfrlJs+U1O2AiYH3XWs=
Subject key identifier: F5:44:37:6E:36:05:C5:BB:90:E9:60:CA:43:6C:F5:D9:C9:B3:36:9E
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 0194252184C2A1052DAB7C0B5DC4A8715F3B
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/9UQ3bjYFxbuQ6WDKQ2z12cmzNp4.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50796
IP address blocks: 37.32.56.0/21 maxlen: 24
178.22.0.0/21 maxlen: 24
185.3.196.0/22 maxlen: 24
192.166.204.0/22 maxlen: 24
194.180.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:84:c2:a1:05:2d:ab:7c:0b:5d:c4:a8:71:5f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f544376e3605c5bb90e960ca436cf5d9c9b3369e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a0:51:d6:24:dc:9a:0f:c2:c7:7f:01:f0:ce:
8e:1e:a0:c2:42:b0:ed:c4:b5:2d:77:b3:7f:67:ec:
3e:f5:a2:2b:1a:a1:c4:c1:fb:1d:40:a6:f3:0c:ae:
5c:5f:64:64:c1:73:74:32:23:4a:02:ac:c4:9a:cd:
97:15:45:7f:d5:73:3c:29:c0:64:65:f9:60:3a:dc:
c8:55:e0:3e:3c:3c:1c:bc:15:a0:48:14:67:53:55:
43:4d:96:6b:96:45:57:9d:9b:95:44:c7:58:2c:8a:
5a:62:a3:81:e5:86:1e:67:59:d8:4c:df:89:93:ba:
fc:0c:84:6f:ed:9a:12:0d:04:ba:30:81:36:46:d5:
1e:bf:2a:87:94:c3:38:84:10:62:1b:cf:59:d7:b9:
90:44:6a:52:70:3b:02:7f:67:0c:1a:e2:0a:37:be:
50:98:1b:7f:dd:52:a1:8c:90:29:49:b1:73:8d:c0:
2f:41:5b:0d:da:81:a3:6c:b6:d0:36:82:78:fa:54:
2a:3f:f4:58:27:8b:95:8d:e0:f8:6b:aa:f4:b0:ac:
97:05:ef:c5:cb:3a:c6:c1:14:da:57:00:21:41:63:
4c:b7:c6:ea:48:2a:ea:28:89:d3:71:7a:9d:24:1d:
3c:8d:b0:23:5d:77:da:75:13:c5:76:f2:a9:f7:b9:
c2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:44:37:6E:36:05:C5:BB:90:E9:60:CA:43:6C:F5:D9:C9:B3:36:9E
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/9UQ3bjYFxbuQ6WDKQ2z12cmzNp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.56.0/21
178.22.0.0/21
185.3.196.0/22
192.166.204.0/22
194.180.116.0/22
Signature Algorithm: sha256WithRSAEncryption
66:71:77:c0:4d:79:38:7c:e0:cf:c3:9c:cf:68:e6:4d:ba:22:
b9:65:1d:7d:75:bf:6d:79:06:fb:51:4c:c0:27:62:45:56:fb:
40:01:d1:bb:51:8a:1b:8e:90:2d:04:1f:29:40:7a:a1:6f:e7:
53:5f:72:46:00:6f:93:6c:4d:63:d1:ad:49:f8:5a:2d:df:ad:
fd:0c:aa:71:f7:0f:b6:fa:00:a2:43:a3:fa:9d:8b:9d:3d:2e:
fd:da:76:a7:dd:b2:50:da:8e:05:db:04:db:63:5b:7d:c6:dd:
b3:c3:7e:28:1f:1a:33:c0:b6:5d:90:b5:09:f7:8c:41:53:2f:
44:08:76:37:76:ab:e7:84:8b:ae:cb:93:00:36:6f:20:d0:e8:
2c:25:38:cb:f7:c3:93:1e:35:d8:33:a8:73:eb:53:34:19:4b:
78:0c:e1:fd:b9:6d:bf:06:a8:47:f6:4c:3b:85:96:20:66:97:
f7:34:88:cb:1d:90:08:0e:c5:fe:4d:5e:88:51:bd:74:73:94:
7f:15:52:6a:a4:a2:3e:08:78:8d:a1:0f:4a:0c:fa:af:bd:ea:
01:e3:fb:c4:0f:fb:4c:39:0e:5d:d4:8b:73:39:79:b5:80:52:
2d:54:36:39:5a:d4:b2:14:87:84:e6:40:e4:89:f9:a4:af:fc:
f2:ff:4d:38
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQlIYTCoQUtq3wLXcSocV87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQ0Mzc2ZTM2MDVjNWJiOTBlOTYwY2E0MzZjZjVkOWM5YjMzNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6BR1iTcmg/Cx38B8M6OHqDCQrDt
xLUtd7N/Z+w+9aIrGqHEwfsdQKbzDK5cX2RkwXN0MiNKAqzEms2XFUV/1XM8KcBk
ZflgOtzIVeA+PDwcvBWgSBRnU1VDTZZrlkVXnZuVRMdYLIpaYqOB5YYeZ1nYTN+J
k7r8DIRv7ZoSDQS6MIE2RtUevyqHlMM4hBBiG89Z17mQRGpScDsCf2cMGuIKN75Q
mBt/3VKhjJApSbFzjcAvQVsN2oGjbLbQNoJ4+lQqP/RYJ4uVjeD4a6r0sKyXBe/F
yzrGwRTaVwAhQWNMt8bqSCrqKInTcXqdJB08jbAjXXfadRPFdvKp97nCMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPVEN242BcW7kOlgykNs9dnJszaeMB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvOVVRM2JqWUZ4YnVRNldES1EyejEyY216TnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJSA4AwQD
shYAAwQCuQPEAwQCwKbMAwQCwrR0MA0GCSqGSIb3DQEBCwUAA4IBAQBmcXfATXk4
fODPw5zPaOZNuiK5ZR19db9teQb7UUzAJ2JFVvtAAdG7UYobjpAtBB8pQHqhb+dT
X3JGAG+TbE1j0a1J+Fot3639DKpx9w+2+gCiQ6P6nYudPS792nan3bJQ2o4F2wTb
Y1t9xt2zw34oHxozwLZdkLUJ94xBUy9ECHY3dqvnhIuuy5MANm8g0OgsJTjL98OT
HjXYM6hz61M0GUt4DOH9uW2/BqhH9kw7hZYgZpf3NIjLHZAIDsX+TV6IUb10c5R/
FVJqpKI+CHiNoQ9KDPqvveoB4/vED/tMOQ5d1ItzOXm1gFItVDY5WtSyFIeE5kDk
ifmkr/zy/004
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:40 2025 by rpki-client on console.sobornost.net