Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/dvBncm1ioxMkZxfIwj8AHN_pV2o.roa
File: dvBncm1ioxMkZxfIwj8AHN_pV2o.roa (raw, json)
Hash identifier: trXkcGGpz9kCkLdcS7m7ANXF3QdwZlrIN5sw/IjjJ50=
Subject key identifier: 76:F0:67:72:6D:62:A3:13:24:67:17:C8:C2:3F:00:1C:DF:E9:57:6A
Certificate issuer: /CN=b146010283a8202eeaa3fef32534e3e97e04079e
Certificate serial: 019420D62A44FD193E4320FF95DF6E3DBDAF
Authority key identifier: B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/dvBncm1ioxMkZxfIwj8AHN_pV2o.roa
Signing time: Wed 01 Jan 2025 07:48:13 +0000
ROA not before: Wed 01 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41811
IP address blocks: 37.205.56.0/21 maxlen: 21
46.255.112.0/21 maxlen: 21
88.151.216.0/21 maxlen: 21
88.202.168.0/21 maxlen: 21
109.232.56.0/21 maxlen: 21
137.221.128.0/19 maxlen: 19
137.221.160.0/21 maxlen: 21
137.221.168.0/22 maxlen: 22
137.221.184.0/21 maxlen: 21
185.30.24.0/22 maxlen: 22
2a01:a200::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2a:44:fd:19:3e:43:20:ff:95:df:6e:3d:bd:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b146010283a8202eeaa3fef32534e3e97e04079e
Validity
Not Before: Jan 1 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76f067726d62a313246717c8c23f001cdfe9576a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:eb:40:2d:dd:f0:1e:32:af:50:aa:36:e2:7a:
32:04:d9:eb:97:05:eb:88:75:41:7c:eb:4a:6e:30:
ea:a9:ce:d1:77:b0:35:87:b9:6f:cb:21:51:00:de:
75:c9:2f:94:49:9c:42:83:98:f3:ef:a3:e5:7d:a0:
ba:0c:3d:c2:4a:49:47:2f:3f:eb:14:fc:ab:a7:fa:
e3:92:b9:a5:ca:3a:c6:58:2b:9f:ec:d7:56:e7:29:
da:be:a9:68:72:f8:5a:a1:23:3b:69:55:6e:67:d7:
c8:74:2c:6f:c9:8f:05:6c:53:d2:ce:9a:11:cd:b3:
ca:52:46:ad:ff:fa:67:11:ff:2a:b9:7c:6a:75:f0:
87:8f:bb:25:09:f4:59:97:ac:17:62:e3:a8:fd:4e:
d8:02:1f:2d:ad:ea:08:ad:28:b4:6e:81:9f:8e:5b:
69:25:3f:ed:56:7d:f7:6f:0a:d1:f7:f9:39:f7:87:
7c:1d:b0:3b:bd:06:58:f7:19:85:90:d6:05:1c:fc:
ff:c3:3e:68:6f:1b:c5:8b:47:49:7b:cf:a6:13:06:
39:5f:3b:20:ff:91:61:84:89:3e:e9:5a:40:38:cd:
bc:bf:27:34:2f:ec:2e:02:da:46:83:e9:71:fc:7e:
c6:4a:ef:40:98:56:4c:96:b7:e8:28:cf:04:17:7f:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F0:67:72:6D:62:A3:13:24:67:17:C8:C2:3F:00:1C:DF:E9:57:6A
X509v3 Authority Key Identifier:
keyid:B1:46:01:02:83:A8:20:2E:EA:A3:FE:F3:25:34:E3:E9:7E:04:07:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUYBAoOoIC7qo_7zJTTj6X4EB54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/dvBncm1ioxMkZxfIwj8AHN_pV2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bac0b9-c99f-49bb-905b-c0307b0f62dc/1/sUYBAoOoIC7qo_7zJTTj6X4EB54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.56.0/21
46.255.112.0/21
88.151.216.0/21
88.202.168.0/21
109.232.56.0/21
137.221.128.0-137.221.171.255
137.221.184.0/21
185.30.24.0/22
IPv6:
2a01:a200::/32
Signature Algorithm: sha256WithRSAEncryption
43:df:2c:1c:e5:ee:4c:24:d1:79:89:fd:c5:46:01:b2:43:ed:
39:a3:9d:b4:f9:0b:f8:e5:5b:38:a8:3b:4b:ce:0f:9e:47:fb:
90:e7:8b:7d:32:91:45:3c:ef:d8:9d:99:4e:c5:b4:19:ca:f2:
e2:ad:76:d7:27:a3:63:0b:04:41:29:c3:ed:14:5c:04:fd:e6:
f5:8e:55:fc:6e:52:0a:5a:4e:92:c1:5c:5b:95:bf:04:a6:17:
48:fc:38:ab:df:74:19:8d:42:1d:f0:ed:92:8c:56:84:0c:32:
f2:53:b3:b9:a3:59:81:cc:45:d6:7a:1a:d1:61:03:ca:fb:63:
7b:4f:0f:65:f9:ca:e8:cd:08:50:af:ce:1b:78:c2:09:f4:db:
e1:9d:a8:15:8d:15:25:32:bf:7d:6f:67:cf:ec:7b:32:3d:9c:
f4:d9:c4:6e:48:1d:9c:d4:0e:72:a7:d2:96:0b:ee:90:52:7e:
e0:56:b8:07:1f:26:70:67:d0:d6:3a:d9:a9:e2:c3:a5:08:e8:
40:e4:ed:86:4c:77:41:83:1b:86:5a:6b:67:0d:e4:07:3f:c4:
4f:26:24:62:4e:d6:dc:73:98:44:a8:28:e1:45:52:05:11:5a:
0f:5b:33:e1:a8:b0:43:d9:71:1f:0f:47:a8:cb:4e:63:da:a2:
04:af:5d:8a
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQg1ipE/Rk+QyD/ld9uPb2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDYwMTAyODNhODIwMmVlYWEzZmVmMzI1MzRlM2U5N2Uw
NDA3OWUwHhcNMjUwMTAxMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmYwNjc3MjZkNjJhMzEzMjQ2NzE3YzhjMjNmMDAxY2RmZTk1NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkutALd3wHjKvUKo24noyBNnrlwXr
iHVBfOtKbjDqqc7Rd7A1h7lvyyFRAN51yS+USZxCg5jz76PlfaC6DD3CSklHLz/r
FPyrp/rjkrmlyjrGWCuf7NdW5ynavqlocvhaoSM7aVVuZ9fIdCxvyY8FbFPSzpoR
zbPKUkat//pnEf8quXxqdfCHj7slCfRZl6wXYuOo/U7YAh8treoIrSi0boGfjltp
JT/tVn33bwrR9/k594d8HbA7vQZY9xmFkNYFHPz/wz5obxvFi0dJe8+mEwY5Xzsg
/5FhhIk+6VpAOM28vyc0L+wuAtpGg+lx/H7GSu9AmFZMlrfoKM8EF38SSwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHbwZ3JtYqMTJGcXyMI/ABzf6VdqMB8GA1UdIwQY
MBaAFLFGAQKDqCAu6qP+8yU04+l+BAeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWIt
YzAzMDdiMGY2MmRjLzEvZHZCbmNtMWlveE1rWnhmSXdqOEFITl9wVjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iYWMwYjktYzk5Zi00OWJiLTkwNWItYzAzMDdiMGY2MmRj
LzEvc1VZQkFvT29JQzdxb183ekpUVGo2WDRFQjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDJc04AwQD
Lv9wAwQDWJfYAwQDWMqoAwQDbeg4MAwDBAeJ3YADBAKJ3agDBAOJ3bgDBAK5Hhgw
DQQCAAIwBwMFACoBogAwDQYJKoZIhvcNAQELBQADggEBAEPfLBzl7kwk0XmJ/cVG
AbJD7TmjnbT5C/jlWzioO0vOD55H+5Dni30ykUU879idmU7FtBnK8uKtdtcno2ML
BEEpw+0UXAT95vWOVfxuUgpaTpLBXFuVvwSmF0j8OKvfdBmNQh3w7ZKMVoQMMvJT
s7mjWYHMRdZ6GtFhA8r7Y3tPD2X5yujNCFCvzht4wgn02+GdqBWNFSUyv31vZ8/s
ezI9nPTZxG5IHZzUDnKn0pYL7pBSfuBWuAcfJnBn0NY62aniw6UI6EDk7YZMd0GD
G4Zaa2cN5Ac/xE8mJGJO1txzmESoKOFFUgURWg9bM+GosEPZcR8PR6jLTmPaogSv
XYo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:13 2025 by rpki-client on console.sobornost.net