Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/XE7cRB6SWvPtqodUbBU29gAlxy0.roa
File: XE7cRB6SWvPtqodUbBU29gAlxy0.roa (raw, json)
Hash identifier: VEw1GCPGuZXegW9h5elGs3pbrIScm0hRkL6R6Vn1RLY=
Subject key identifier: 5C:4E:DC:44:1E:92:5A:F3:ED:AA:87:54:6C:15:36:F6:00:25:C7:2D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0195F7B10B2693C9B494537F9C3CB5F6B628
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/XE7cRB6SWvPtqodUbBU29gAlxy0.roa
Signing time: Wed 02 Apr 2025 18:08:49 +0000
ROA not before: Wed 02 Apr 2025 18:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42532
IP address blocks: 37.128.204.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f7:b1:0b:26:93:c9:b4:94:53:7f:9c:3c:b5:f6:b6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 2 18:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c4edc441e925af3edaa87546c1536f60025c72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a6:d7:f9:f0:29:2e:27:20:83:ee:8c:de:86:
70:18:fd:db:03:45:8d:29:7a:66:51:fe:a4:d8:93:
dd:fd:41:a4:2b:da:36:9b:a5:df:5c:67:41:d8:0a:
8a:c6:91:db:b1:c9:53:ec:d5:fc:68:aa:46:f8:cd:
28:57:27:dd:ed:ac:9d:4a:22:18:22:b4:85:6b:d1:
85:5a:62:6e:da:c6:33:6e:e0:02:f0:3f:c3:2b:71:
11:01:a7:31:aa:1f:e7:fc:aa:c8:72:aa:14:65:91:
49:dd:65:4b:d0:59:88:be:84:67:06:ac:36:65:af:
32:67:aa:58:ba:da:46:a2:b1:53:6f:7e:fa:b1:f8:
4d:1a:3a:05:51:59:d6:38:d3:c7:92:f5:b5:63:8d:
fd:8e:aa:6a:b1:0f:ff:51:3d:6c:6e:c4:bf:91:f3:
31:59:94:2c:ea:9e:ac:86:89:59:26:c9:6d:b1:50:
ab:9d:c1:b0:7b:15:75:bd:ba:dd:4f:a5:d8:eb:75:
14:e4:6f:bb:e1:1e:a3:e3:99:5e:2a:d6:fb:cb:29:
30:10:9a:b4:d5:fb:78:6d:ee:21:00:a6:5c:2b:0f:
85:63:2e:ad:43:29:f3:3e:c5:f3:e2:47:68:ba:5b:
fb:3e:e5:74:84:7f:47:b3:f0:a6:73:1c:f8:1f:40:
81:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4E:DC:44:1E:92:5A:F3:ED:AA:87:54:6C:15:36:F6:00:25:C7:2D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/XE7cRB6SWvPtqodUbBU29gAlxy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.204.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:d6:53:dd:05:a1:35:e8:de:73:4d:29:4e:cd:43:fb:14:29:
c2:6c:f6:91:74:62:7d:e3:a8:cd:4d:fa:1b:22:b3:33:38:94:
97:af:94:80:f6:5e:fb:51:2e:cb:88:04:3e:5b:1e:d0:7d:0a:
03:81:04:45:bc:d8:df:9c:5c:a1:9f:a1:ad:32:b6:d2:7f:cc:
b9:94:f3:a8:79:eb:2d:a8:a4:77:97:4e:8a:34:3a:24:55:8b:
e9:4b:a9:b2:d6:71:1e:ca:b1:67:0a:ba:a5:72:b6:bd:24:92:
2a:4b:0c:d1:8f:ce:d9:96:e7:f5:1d:ac:8e:56:a7:9e:99:a4:
be:a8:13:77:71:21:77:5f:0b:71:f0:9d:d1:d1:0d:3f:ac:83:
21:f5:29:6f:af:ee:8a:bb:74:af:6d:85:50:08:76:0b:8f:3c:
56:27:eb:38:86:9a:4d:e6:e0:8e:c0:62:cf:45:65:b5:b7:21:
62:2b:0a:64:f0:4a:94:e8:20:0a:3b:92:d7:8e:a9:17:89:68:
a0:38:ae:40:a7:29:b7:56:4b:d3:fe:4d:eb:da:eb:53:07:21:
8a:99:86:0f:65:bf:01:68:82:24:cf:ab:3d:1b:4a:b6:b6:4b:
7c:35:9d:cf:76:a7:ea:ae:56:ec:a0:dd:13:80:3a:8e:e9:df:
ae:23:81:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX3sQsmk8m0lFN/nDy19rYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwNDAyMTgwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRlZGM0NDFlOTI1YWYzZWRhYTg3NTQ2YzE1MzZmNjAwMjVjNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKbX+fApLicgg+6M3oZwGP3bA0WN
KXpmUf6k2JPd/UGkK9o2m6XfXGdB2AqKxpHbsclT7NX8aKpG+M0oVyfd7aydSiIY
IrSFa9GFWmJu2sYzbuAC8D/DK3ERAacxqh/n/KrIcqoUZZFJ3WVL0FmIvoRnBqw2
Za8yZ6pYutpGorFTb376sfhNGjoFUVnWONPHkvW1Y439jqpqsQ//UT1sbsS/kfMx
WZQs6p6sholZJsltsVCrncGwexV1vbrdT6XY63UU5G+74R6j45leKtb7yykwEJq0
1ft4be4hAKZcKw+FYy6tQynzPsXz4kdoulv7PuV0hH9Hs/Cmcxz4H0CB9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxO3EQeklrz7aqHVGwVNvYAJcctMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvWEU3Y1JCNlNXdlB0cW9kVWJCVTI5Z0FseHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJYDMMA0G
CSqGSIb3DQEBCwUAA4IBAQCi1lPdBaE16N5zTSlOzUP7FCnCbPaRdGJ946jNTfob
IrMzOJSXr5SA9l77US7LiAQ+Wx7QfQoDgQRFvNjfnFyhn6GtMrbSf8y5lPOoeest
qKR3l06KNDokVYvpS6my1nEeyrFnCrqlcra9JJIqSwzRj87Zluf1HayOVqeemaS+
qBN3cSF3Xwtx8J3R0Q0/rIMh9Slvr+6Ku3SvbYVQCHYLjzxWJ+s4hppN5uCOwGLP
RWW1tyFiKwpk8EqU6CAKO5LXjqkXiWigOK5Apym3VkvT/k3r2utTByGKmYYPZb8B
aIIkz6s9G0q2tkt8NZ3PdqfqrlbsoN0TgDqO6d+uI4FX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:42 2025 by rpki-client on console.sobornost.net