Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/908a94-daa8-4c6b-ab24-499ef16e2082/1/A2QEf71RdaTv7-Rw5IFhLuGQC4U.roa
File: A2QEf71RdaTv7-Rw5IFhLuGQC4U.roa (raw, json)
Hash identifier: Z1OLFVFoQ+NSvR47C8hJwPMxNvIVBkBVq/jOlyMfUUc=
Subject key identifier: 03:64:04:7F:BD:51:75:A4:EF:EF:E4:70:E4:81:61:2E:E1:90:0B:85
Certificate issuer: /CN=68b0ba75fce55721c30637589be3d34fa259c2b5
Certificate serial: 01942143BB90EAD203F428A6D2F0BA061012
Authority key identifier: 68:B0:BA:75:FC:E5:57:21:C3:06:37:58:9B:E3:D3:4F:A2:59:C2:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLC6dfzlVyHDBjdYm-PTT6JZwrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/908a94-daa8-4c6b-ab24-499ef16e2082/1/A2QEf71RdaTv7-Rw5IFhLuGQC4U.roa
Signing time: Wed 01 Jan 2025 09:47:54 +0000
ROA not before: Wed 01 Jan 2025 09:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57677
IP address blocks: 37.46.152.0/21 maxlen: 21
37.46.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:bb:90:ea:d2:03:f4:28:a6:d2:f0:ba:06:10:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b0ba75fce55721c30637589be3d34fa259c2b5
Validity
Not Before: Jan 1 09:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0364047fbd5175a4efefe470e481612ee1900b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b5:a0:6e:2e:ae:b0:ac:54:92:32:9c:af:e5:
89:65:35:90:a6:2c:6f:1d:ce:bd:ab:17:ad:f3:ad:
22:60:e0:54:1f:0b:8f:11:d5:97:21:8e:54:78:32:
de:0a:94:d8:e6:8b:00:bc:9a:51:c1:74:5e:22:74:
bb:fd:42:37:c0:4e:f6:81:b0:25:e5:69:71:e5:04:
96:e4:c7:81:fa:e3:85:2c:5b:83:f2:02:d0:7b:95:
38:cb:6e:f7:ce:75:10:12:90:05:aa:41:23:50:23:
da:31:62:a0:b9:bf:a1:4b:7c:9a:e0:b1:e3:44:2c:
c3:bd:6d:c4:26:d1:67:96:ff:a7:76:3f:0a:ba:69:
72:c0:3f:59:49:28:06:dd:04:6b:19:71:8a:6a:70:
60:5f:74:ce:60:75:fc:e3:8c:10:69:ad:95:d3:3c:
97:bf:aa:00:f5:15:99:4d:52:cf:c2:8b:55:ec:a9:
82:f1:7b:ba:1b:ff:b3:81:ec:12:a7:4b:ff:5f:6b:
ce:6b:b2:f0:41:81:f4:0e:bf:6b:d9:c3:8a:c2:0d:
34:a2:91:71:11:81:67:17:2c:de:6a:0a:48:2c:d9:
29:29:ee:f5:77:d9:ad:12:bc:52:99:a7:eb:49:93:
2e:22:e6:c1:aa:81:f3:a3:94:00:cf:29:66:03:63:
66:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:64:04:7F:BD:51:75:A4:EF:EF:E4:70:E4:81:61:2E:E1:90:0B:85
X509v3 Authority Key Identifier:
keyid:68:B0:BA:75:FC:E5:57:21:C3:06:37:58:9B:E3:D3:4F:A2:59:C2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLC6dfzlVyHDBjdYm-PTT6JZwrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/908a94-daa8-4c6b-ab24-499ef16e2082/1/A2QEf71RdaTv7-Rw5IFhLuGQC4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/908a94-daa8-4c6b-ab24-499ef16e2082/1/aLC6dfzlVyHDBjdYm-PTT6JZwrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.152.0/21
Signature Algorithm: sha256WithRSAEncryption
43:c8:08:7c:0c:96:2e:d9:b4:ce:b1:10:c3:3e:41:1c:5c:4d:
7e:e5:0b:e3:b7:e9:22:47:3b:f6:63:af:3a:a2:7f:e0:f9:55:
35:d4:29:97:1b:d0:08:10:38:a6:dc:36:21:e0:90:e1:ee:20:
6c:a8:fb:22:a0:ef:99:b3:2b:60:37:49:cc:b6:35:ae:73:a3:
52:9b:8a:6e:6f:65:b6:c5:a0:67:94:e5:66:c9:a7:1b:3c:36:
71:3b:97:37:e2:ad:85:de:9d:de:01:f8:df:ca:5e:ec:64:1f:
26:13:d9:bf:1e:e2:d4:ba:f7:6d:47:68:70:4b:41:8e:3e:90:
02:91:fb:36:f5:0c:d6:f2:21:52:28:7c:99:2d:83:95:fb:8d:
6b:f3:6c:ed:52:d1:a7:53:74:65:87:e1:d2:77:01:10:f4:cf:
8c:70:87:bd:19:a0:b2:52:05:13:b9:05:17:fa:ff:12:4f:41:
93:35:1a:4a:16:e2:db:49:d6:5f:b9:bf:db:91:80:07:60:cc:
be:7d:32:17:7d:65:c0:29:be:df:a2:69:d6:c8:56:51:98:18:
1f:a1:db:ee:22:17:39:f0:02:d1:b6:03:c6:ca:95:9f:ac:87:
32:0a:73:1f:0e:11:a3:70:96:4e:1f:25:1d:7d:b9:b3:00:31:
5f:20:7c:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ7uQ6tID9Cim0vC6BhASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YjBiYTc1ZmNlNTU3MjFjMzA2Mzc1ODliZTNkMzRmYTI1
OWMyYjUwHhcNMjUwMTAxMDk0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY0MDQ3ZmJkNTE3NWE0ZWZlZmU0NzBlNDgxNjEyZWUxOTAwYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLWgbi6usKxUkjKcr+WJZTWQpixv
Hc69qxet860iYOBUHwuPEdWXIY5UeDLeCpTY5osAvJpRwXReInS7/UI3wE72gbAl
5Wlx5QSW5MeB+uOFLFuD8gLQe5U4y273znUQEpAFqkEjUCPaMWKgub+hS3ya4LHj
RCzDvW3EJtFnlv+ndj8KumlywD9ZSSgG3QRrGXGKanBgX3TOYHX844wQaa2V0zyX
v6oA9RWZTVLPwotV7KmC8Xu6G/+zgewSp0v/X2vOa7LwQYH0Dr9r2cOKwg00opFx
EYFnFyzeagpILNkpKe71d9mtErxSmafrSZMuIubBqoHzo5QAzylmA2NmFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANkBH+9UXWk7+/kcOSBYS7hkAuFMB8GA1UdIwQY
MBaAFGiwunX85VchwwY3WJvj00+iWcK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUxDNmRmemxWeUhEQmpkWW0tUFRUNkpad3JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MDhhOTQtZGFhOC00YzZiLWFiMjQt
NDk5ZWYxNmUyMDgyLzEvQTJRRWY3MVJkYVR2Ny1SdzVJRmhMdUdRQzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MDhhOTQtZGFhOC00YzZiLWFiMjQtNDk5ZWYxNmUyMDgy
LzEvYUxDNmRmemxWeUhEQmpkWW0tUFRUNkpad3JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJS6YMA0G
CSqGSIb3DQEBCwUAA4IBAQBDyAh8DJYu2bTOsRDDPkEcXE1+5Qvjt+kiRzv2Y686
on/g+VU11CmXG9AIEDim3DYh4JDh7iBsqPsioO+ZsytgN0nMtjWuc6NSm4pub2W2
xaBnlOVmyacbPDZxO5c34q2F3p3eAfjfyl7sZB8mE9m/HuLUuvdtR2hwS0GOPpAC
kfs29QzW8iFSKHyZLYOV+41r82ztUtGnU3Rlh+HSdwEQ9M+McIe9GaCyUgUTuQUX
+v8ST0GTNRpKFuLbSdZfub/bkYAHYMy+fTIXfWXAKb7fomnWyFZRmBgfodvuIhc5
8ALRtgPGypWfrIcyCnMfDhGjcJZOHyUdfbmzADFfIHyP
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:08:12 2025 by rpki-client