Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/isqoYZWDXQJSxmxPlMyUdRIC7Kg.roa
File: isqoYZWDXQJSxmxPlMyUdRIC7Kg.roa (raw, json)
Hash identifier: j4dzbBC6h3xvieRsmWkUpQEa/X5Wih3z/xEPmg2Ssz4=
Subject key identifier: 8A:CA:A8:61:95:83:5D:02:52:C6:6C:4F:94:CC:94:75:12:02:EC:A8
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 0194228DC75441A2465E6566037220E1DA98
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/isqoYZWDXQJSxmxPlMyUdRIC7Kg.roa
Signing time: Wed 01 Jan 2025 15:48:24 +0000
ROA not before: Wed 01 Jan 2025 15:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c7:54:41:a2:46:5e:65:66:03:72:20:e1:da:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Jan 1 15:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8acaa86195835d0252c66c4f94cc94751202eca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:38:32:34:68:60:04:01:b6:86:28:18:a9:85:
14:be:ca:4b:cd:d2:d7:19:69:86:c3:0d:04:50:b6:
5c:bb:66:1c:1b:17:10:b8:ec:db:fa:97:e9:b7:88:
cb:82:57:19:08:69:b4:f3:72:21:7e:e3:75:b2:f4:
d2:c9:40:35:06:7d:c8:05:9d:e5:69:76:61:1b:e8:
e1:16:95:34:f0:fc:d7:8e:42:ca:4c:a9:98:40:e7:
f0:a2:81:46:f5:13:ef:ee:bd:26:91:fd:77:61:d1:
90:38:dc:30:38:bf:59:bc:60:64:c1:75:a9:5a:5a:
10:7b:37:07:be:e0:78:6c:83:26:15:f9:06:23:65:
17:23:1d:1c:29:5e:41:a1:00:1d:0e:ff:a9:32:4f:
04:37:ff:31:14:ae:8b:58:ed:a9:05:e5:2f:03:69:
65:6c:40:8d:e2:e8:85:28:6a:ae:0e:34:a5:ef:2a:
9f:19:c2:bb:20:c6:c4:5f:52:31:01:6d:d4:51:1d:
b8:eb:22:80:63:4e:73:60:7f:df:d4:53:f4:82:db:
68:ac:79:25:8d:95:12:f7:ba:b6:ae:c5:13:c8:f5:
42:97:73:11:73:1e:3b:8a:46:ab:38:42:05:7f:a4:
d9:d7:fd:b3:fd:be:90:2e:fe:e4:d6:b4:fa:a9:67:
ea:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CA:A8:61:95:83:5D:02:52:C6:6C:4F:94:CC:94:75:12:02:EC:A8
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/isqoYZWDXQJSxmxPlMyUdRIC7Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
36:c4:06:44:cb:26:05:37:20:f2:17:7a:97:af:23:e5:bc:d9:
29:dc:9a:95:a5:70:76:92:26:18:60:c1:93:ce:de:ed:f2:b1:
d3:18:2b:31:f2:00:0a:26:d3:ef:2a:98:ba:98:ed:3c:d1:26:
7c:c7:d1:b5:5a:75:cb:50:6c:74:02:b8:23:86:5a:1f:ed:28:
ca:d0:ae:cb:1f:51:60:40:2d:11:93:eb:a1:b1:ad:73:58:0e:
e5:91:af:15:3c:31:35:be:d2:73:4c:14:17:df:e0:8a:0e:74:
91:17:5c:03:ba:85:63:a0:1e:91:0d:9d:97:09:3a:ec:30:23:
83:ca:17:b0:a2:fd:70:ab:6b:97:a6:12:31:90:25:19:4b:c0:
6e:2a:2c:36:60:ca:1c:8a:93:75:8c:5d:da:59:b3:27:00:5b:
56:6f:ab:ac:47:58:fb:89:31:d7:f6:03:43:b0:c2:f0:5c:a8:
1a:95:11:43:18:66:b0:24:0b:c3:69:69:7a:ee:9b:58:f3:39:
a1:df:fb:49:fc:16:0d:d6:d7:19:2c:1c:2b:67:5a:2c:20:77:
36:63:96:e1:eb:23:fd:d9:5c:30:7d:64:0e:fb:49:8b:bc:56:
53:8a:1b:b9:7e:2b:9e:87:13:e2:32:f5:93:52:93:63:75:c2:
eb:1b:25:84
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQijcdUQaJGXmVmA3Ig4dqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjUwMTAxMTU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNhYTg2MTk1ODM1ZDAyNTJjNjZjNGY5NGNjOTQ3NTEyMDJlY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDgyNGhgBAG2higYqYUUvspLzdLX
GWmGww0EULZcu2YcGxcQuOzb+pfpt4jLglcZCGm083IhfuN1svTSyUA1Bn3IBZ3l
aXZhG+jhFpU08PzXjkLKTKmYQOfwooFG9RPv7r0mkf13YdGQONwwOL9ZvGBkwXWp
WloQezcHvuB4bIMmFfkGI2UXIx0cKV5BoQAdDv+pMk8EN/8xFK6LWO2pBeUvA2ll
bECN4uiFKGquDjSl7yqfGcK7IMbEX1IxAW3UUR246yKAY05zYH/f1FP0gttorHkl
jZUS97q2rsUTyPVCl3MRcx47ikarOEIFf6TZ1/2z/b6QLv7k1rT6qWfqBQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIrKqGGVg10CUsZsT5TMlHUSAuyoMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvaXNxb1laV0RYUUpTeG14UGxNeVVkUklDN0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJKoZIhvcN
AQELBQADggEBADbEBkTLJgU3IPIXepevI+W82SncmpWlcHaSJhhgwZPO3u3ysdMY
KzHyAAom0+8qmLqY7TzRJnzH0bVadctQbHQCuCOGWh/tKMrQrssfUWBALRGT66Gx
rXNYDuWRrxU8MTW+0nNMFBff4IoOdJEXXAO6hWOgHpENnZcJOuwwI4PKF7Ci/XCr
a5emEjGQJRlLwG4qLDZgyhyKk3WMXdpZsycAW1Zvq6xHWPuJMdf2A0OwwvBcqBqV
EUMYZrAkC8NpaXrum1jzOaHf+0n8Fg3W1xksHCtnWiwgdzZjluHrI/3ZXDB9ZA77
SYu8VlOKG7l+K56HE+Iy9ZNSk2N1wusbJYQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:46:21 2025 by rpki-client