Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/BHkKvb2qZLeD_4QIPrmVYJe4E6w.roa
File: BHkKvb2qZLeD_4QIPrmVYJe4E6w.roa (raw, json)
Hash identifier: 4HUs5FjtfJoQCq5RfZkLp2netiRG+jQlol4wXGJfij4=
Subject key identifier: 04:79:0A:BD:BD:AA:64:B7:83:FF:84:08:3E:B9:95:60:97:B8:13:AC
Certificate issuer: /CN=b780b3b9e096221629fe47e102ac522da03979c4
Certificate serial: 01942521FF60795C12E36D797D460EB6E6EC
Authority key identifier: B7:80:B3:B9:E0:96:22:16:29:FE:47:E1:02:AC:52:2D:A0:39:79:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4CzueCWIhYp_kfhAqxSLaA5ecQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/BHkKvb2qZLeD_4QIPrmVYJe4E6w.roa
Signing time: Thu 02 Jan 2025 03:49:32 +0000
ROA not before: Thu 02 Jan 2025 03:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205617
IP address blocks: 37.208.112.0/21 maxlen: 21
185.150.208.0/22 maxlen: 22
2a00:c7c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ff:60:79:5c:12:e3:6d:79:7d:46:0e:b6:e6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b780b3b9e096221629fe47e102ac522da03979c4
Validity
Not Before: Jan 2 03:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04790abdbdaa64b783ff84083eb9956097b813ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:81:1a:28:aa:d8:53:2e:58:39:7c:d6:f7:6a:
02:df:e9:19:a9:6b:52:38:3c:b4:5c:84:08:8e:72:
38:a4:85:ee:47:b2:9b:b4:d9:b1:68:57:1f:4b:40:
c1:de:a4:d2:c2:a7:54:c8:cd:88:51:db:5c:ff:3e:
cd:86:ed:08:a8:da:a8:3c:5b:03:00:cc:db:a1:60:
2c:3e:52:a5:5b:96:1c:35:a9:0e:99:08:35:94:b6:
6d:c2:f5:c1:a5:57:d1:84:d5:dc:79:cd:8e:34:cb:
40:93:50:6c:5c:b2:fa:80:93:8d:46:73:b4:f2:d1:
cc:05:3a:cd:a9:a5:0c:58:d2:91:d8:c1:a3:51:af:
64:40:e1:9a:53:3f:b1:df:2b:6a:47:7e:40:61:06:
40:06:4c:f5:99:c3:04:40:14:ab:58:f0:25:9b:73:
cd:1d:df:98:af:a8:8f:b9:93:eb:d9:0e:19:f8:95:
6d:a1:9b:d3:74:ba:e7:d6:c5:fb:a0:4c:cc:d3:fa:
6f:10:e6:e1:2f:5e:7c:54:d4:81:da:18:0f:5e:5f:
f8:03:87:12:f4:71:39:38:e8:e9:8a:2b:27:3f:0f:
9a:5a:26:da:e0:e0:87:50:25:8c:03:f0:b4:9b:4d:
0c:fa:d4:60:f8:43:99:08:a0:dd:05:b1:77:35:69:
8a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:79:0A:BD:BD:AA:64:B7:83:FF:84:08:3E:B9:95:60:97:B8:13:AC
X509v3 Authority Key Identifier:
keyid:B7:80:B3:B9:E0:96:22:16:29:FE:47:E1:02:AC:52:2D:A0:39:79:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4CzueCWIhYp_kfhAqxSLaA5ecQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/BHkKvb2qZLeD_4QIPrmVYJe4E6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/t4CzueCWIhYp_kfhAqxSLaA5ecQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.112.0/21
185.150.208.0/22
IPv6:
2a00:c7c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:81:65:99:10:28:89:ca:df:2f:84:ba:15:5e:20:80:b3:b9:
2b:b3:81:54:53:93:ec:aa:42:7c:7f:48:cd:7a:09:1b:1b:3d:
1d:2c:b0:a0:eb:86:b2:f2:61:03:9a:d8:ff:cb:e9:6e:21:ce:
c9:17:c7:7e:8c:e6:9a:50:95:9e:2e:6e:0b:4d:0b:51:0a:79:
84:37:ea:6d:41:23:cd:01:16:b2:01:79:2f:52:62:f3:81:f6:
93:a6:c9:d4:54:f1:76:2c:ac:16:82:7f:79:d4:f4:8d:9e:6e:
bb:47:66:25:38:44:41:91:61:ea:36:92:68:2f:4e:15:3e:4f:
4f:5d:1e:f6:91:fa:05:a3:a8:25:21:e8:e7:8e:d3:8f:d4:71:
eb:83:91:99:94:8c:35:bc:9a:63:c3:60:c5:bc:d4:d8:1e:dc:
a4:30:dc:f1:86:87:0e:3d:e1:1e:a5:04:0d:44:60:a3:6c:c3:
98:65:46:6a:9a:86:d8:44:ff:7e:10:a4:12:c2:9e:c4:83:58:
62:6e:9f:e4:c1:9e:4d:a8:21:d0:f5:cc:15:bc:4d:51:a3:8b:
dd:2f:13:e5:b1:87:24:85:5c:e7:e3:55:2c:0f:38:4e:a0:94:
7d:fb:2a:5a:e9:12:83:2c:9b:33:49:84:bc:4e:67:03:48:5d:
b1:a0:55:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIf9geVwS4215fUYOtubsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODBiM2I5ZTA5NjIyMTYyOWZlNDdlMTAyYWM1MjJkYTAz
OTc5YzQwHhcNMjUwMTAyMDM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDc5MGFiZGJkYWE2NGI3ODNmZjg0MDgzZWI5OTU2MDk3YjgxM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIEaKKrYUy5YOXzW92oC3+kZqWtS
ODy0XIQIjnI4pIXuR7KbtNmxaFcfS0DB3qTSwqdUyM2IUdtc/z7Nhu0IqNqoPFsD
AMzboWAsPlKlW5YcNakOmQg1lLZtwvXBpVfRhNXcec2ONMtAk1BsXLL6gJONRnO0
8tHMBTrNqaUMWNKR2MGjUa9kQOGaUz+x3ytqR35AYQZABkz1mcMEQBSrWPAlm3PN
Hd+Yr6iPuZPr2Q4Z+JVtoZvTdLrn1sX7oEzM0/pvEObhL158VNSB2hgPXl/4A4cS
9HE5OOjpiisnPw+aWiba4OCHUCWMA/C0m00M+tRg+EOZCKDdBbF3NWmK7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAR5Cr29qmS3g/+ECD65lWCXuBOsMB8GA1UdIwQY
MBaAFLeAs7ngliIWKf5H4QKsUi2gOXnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRDenVlQ1dJaFlwX2tmaEFxeFNMYUE1ZWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xZjMxMTctZjJhMS00MzIyLWI2M2Qt
ZjdlZGIyNjg4NjUyLzEvQkhrS3ZiMnFaTGVEXzRRSVBybVZZSmU0RTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xZjMxMTctZjJhMS00MzIyLWI2M2QtZjdlZGIyNjg4NjUy
LzEvdDRDenVlQ1dJaFlwX2tmaEFxeFNMYUE1ZWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJdBwAwQC
uZbQMA0EAgACMAcDBQMqAMfAMA0GCSqGSIb3DQEBCwUAA4IBAQAhgWWZECiJyt8v
hLoVXiCAs7krs4FUU5PsqkJ8f0jNegkbGz0dLLCg64ay8mEDmtj/y+luIc7JF8d+
jOaaUJWeLm4LTQtRCnmEN+ptQSPNARayAXkvUmLzgfaTpsnUVPF2LKwWgn951PSN
nm67R2YlOERBkWHqNpJoL04VPk9PXR72kfoFo6glIejnjtOP1HHrg5GZlIw1vJpj
w2DFvNTYHtykMNzxhocOPeEepQQNRGCjbMOYZUZqmobYRP9+EKQSwp7Eg1hibp/k
wZ5NqCHQ9cwVvE1Ro4vdLxPlsYckhVzn41UsDzhOoJR9+ypa6RKDLJszSYS8TmcD
SF2xoFWO
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:25 2025 by rpki-client on console.sobornost.net