Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/qGclPxhfh32KtuLneyqN4qho8W0.roa
File: qGclPxhfh32KtuLneyqN4qho8W0.roa (raw, json)
Hash identifier: Hhh+blGm68/K3Y0iK4idov3LXxMurIpuJKDKpXuGS98=
Subject key identifier: A8:67:25:3F:18:5F:87:7D:8A:B6:E2:E7:7B:2A:8D:E2:A8:68:F1:6D
Certificate issuer: /CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d
Certificate serial: 01941F8CA554821539C6B104042432EF5F40
Authority key identifier: 38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/qGclPxhfh32KtuLneyqN4qho8W0.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44133
IP address blocks: 37.252.184.0/21 maxlen: 21
93.189.24.0/21 maxlen: 21
185.119.116.0/22 maxlen: 22
2a00:63c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a5:54:82:15:39:c6:b1:04:04:24:32:ef:5f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a867253f185f877d8ab6e2e77b2a8de2a868f16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:21:ae:4e:db:3e:74:4c:c8:71:ae:55:e3:
e9:8e:64:0e:3f:4b:f5:f2:77:a3:37:03:7a:70:a9:
ac:d6:d3:fd:88:87:7e:10:46:1c:eb:1d:99:19:dc:
b1:c5:7d:9e:71:b1:2a:1a:f0:c1:91:76:6e:6e:36:
2f:ac:4f:97:53:fc:1c:00:21:76:93:97:8e:15:36:
eb:bf:b2:34:91:4f:e2:19:ed:56:10:77:ab:93:81:
a6:ea:96:37:a9:af:28:13:f7:98:78:c3:41:a7:80:
b0:14:e2:3f:f3:d7:6d:21:8d:dc:95:e5:8a:72:5e:
93:20:4b:db:fe:34:d7:fd:71:a7:65:5b:1a:6f:4b:
3d:69:04:4d:14:d3:14:e6:5e:3e:77:7d:fe:5c:2e:
2c:3e:62:82:6a:0f:16:5c:e0:68:b4:13:23:8a:f3:
f2:9e:68:61:91:2f:f9:d5:d8:af:d8:fa:a9:98:62:
be:c9:5f:3d:b4:e6:f8:ab:76:84:6a:19:6a:94:14:
d0:49:11:1f:95:a5:41:5b:53:82:42:c3:f5:be:2d:
76:03:50:e0:18:77:a7:93:1b:8b:1c:4c:e8:52:b1:
63:20:9c:35:a2:09:fc:f8:48:e4:59:90:d7:80:22:
15:8e:27:e6:76:87:b0:66:72:65:ef:b7:6a:15:df:
fe:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:67:25:3F:18:5F:87:7D:8A:B6:E2:E7:7B:2A:8D:E2:A8:68:F1:6D
X509v3 Authority Key Identifier:
keyid:38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/qGclPxhfh32KtuLneyqN4qho8W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OLeMju-a0lfWkNd9ya4_6aYkso0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.184.0/21
93.189.24.0/21
185.119.116.0/22
IPv6:
2a00:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
70:b9:11:36:da:be:e9:7b:08:56:56:ac:e0:31:9a:af:fc:37:
4d:95:a5:f9:ba:1b:32:db:3d:1d:e2:a6:99:41:bd:27:fd:3e:
3c:63:d1:c0:1b:61:f3:43:6a:33:82:75:4c:e9:11:2f:21:29:
17:8b:7d:4b:61:59:c0:60:ce:35:60:c5:72:b6:82:c3:fb:ea:
bb:a9:39:3b:d3:80:d8:11:2c:3a:f7:c7:8a:56:c1:84:47:b0:
16:5f:6b:33:de:27:77:27:08:d9:21:89:36:4b:f2:7c:3d:84:
b6:f1:8d:a5:c3:15:5d:26:76:4d:fb:bd:14:d9:fc:1e:13:86:
7e:d3:fe:45:ba:43:ba:84:cf:94:b3:a9:c5:64:65:f3:a6:05:
e8:c8:ed:72:85:d8:76:f3:2f:a6:89:0e:b7:15:45:b9:2c:e9:
8a:44:4b:b3:9a:4b:dc:21:29:09:12:ad:bc:18:67:8f:5c:3b:
4b:bc:8c:05:0b:09:da:cf:11:45:f1:1e:28:34:77:a2:78:1a:
1e:ab:af:2a:87:4a:0e:fb:dd:ad:23:4b:34:df:53:8a:89:d2:
33:89:00:dd:8c:61:50:f5:fa:d8:08:04:b8:1b:01:93:16:ad:
48:91:b5:78:bb:da:be:fa:da:ab:ba:d8:72:a0:a7:98:c5:82:
08:f2:a7:62
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjKVUghU5xrEEBCQy719AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Yjc4YzhlZWY5YWQyNTdkNjkwZDc3ZGM5YWUzZmU5YTYy
NGIyOGQwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY3MjUzZjE4NWY4NzdkOGFiNmUyZTc3YjJhOGRlMmE4NjhmMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZUhrk7bPnRMyHGuVePpjmQOP0v1
8nejNwN6cKms1tP9iId+EEYc6x2ZGdyxxX2ecbEqGvDBkXZubjYvrE+XU/wcACF2
k5eOFTbrv7I0kU/iGe1WEHerk4Gm6pY3qa8oE/eYeMNBp4CwFOI/89dtIY3cleWK
cl6TIEvb/jTX/XGnZVsab0s9aQRNFNMU5l4+d33+XC4sPmKCag8WXOBotBMjivPy
nmhhkS/51div2PqpmGK+yV89tOb4q3aEahlqlBTQSREflaVBW1OCQsP1vi12A1Dg
GHenkxuLHEzoUrFjIJw1ogn8+EjkWZDXgCIVjifmdoewZnJl77dqFd/+hwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKhnJT8YX4d9irbi53sqjeKoaPFtMB8GA1UdIwQY
MBaAFDi3jI7vmtJX1pDXfcmuP+mmJLKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xlTWp1LWEwbGZXa05kOXlhNF82YVlrc28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMjVmZDYtY2FmMy00Y2FmLWIzMTEt
ZjUxOGE5Zjc5NzkwLzEvcUdjbFB4aGZoMzJLdHVMbmV5cU40cWhvOFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMjVmZDYtY2FmMy00Y2FmLWIzMTEtZjUxOGE5Zjc5Nzkw
LzEvT0xlTWp1LWEwbGZXa05kOXlhNF82YVlrc28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJfy4AwQD
Xb0YAwQCuXd0MA0EAgACMAcDBQMqAGPAMA0GCSqGSIb3DQEBCwUAA4IBAQBwuRE2
2r7pewhWVqzgMZqv/DdNlaX5uhsy2z0d4qaZQb0n/T48Y9HAG2HzQ2ozgnVM6REv
ISkXi31LYVnAYM41YMVytoLD++q7qTk704DYESw698eKVsGER7AWX2sz3id3JwjZ
IYk2S/J8PYS28Y2lwxVdJnZN+70U2fweE4Z+0/5FukO6hM+Us6nFZGXzpgXoyO1y
hdh28y+miQ63FUW5LOmKREuzmkvcISkJEq28GGePXDtLvIwFCwnazxFF8R4oNHei
eBoeq68qh0oO+92tI0s031OKidIziQDdjGFQ9frYCAS4GwGTFq1IkbV4u9q++tqr
uthyoKeYxYII8qdi
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:33:35 2025 by rpki-client