Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/fFbdm0OeWE1GYVnCMSWrkaX1IWg.roa
File: fFbdm0OeWE1GYVnCMSWrkaX1IWg.roa (raw, json)
Hash identifier: H5NNOHLLRS0hsZTLRHxW4ce45JGvEraIddrEMS924Cg=
Subject key identifier: 7C:56:DD:9B:43:9E:58:4D:46:61:59:C2:31:25:AB:91:A5:F5:21:68
Certificate issuer: /CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Certificate serial: 01942369D32105D2F258B2BB6FE126C91824
Authority key identifier: A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/fFbdm0OeWE1GYVnCMSWrkaX1IWg.roa
Signing time: Wed 01 Jan 2025 19:48:45 +0000
ROA not before: Wed 01 Jan 2025 19:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58045
IP address blocks: 37.209.240.0/23 maxlen: 23
37.209.240.0/24 maxlen: 24
37.209.241.0/24 maxlen: 24
37.209.242.0/23 maxlen: 23
37.209.242.0/24 maxlen: 24
37.209.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d3:21:05:d2:f2:58:b2:bb:6f:e1:26:c9:18:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47c0ac8a9d5f62c491d4b17cb212b52c0e75607
Validity
Not Before: Jan 1 19:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c56dd9b439e584d466159c23125ab91a5f52168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3b:c1:de:30:b0:2a:27:25:91:bc:80:ed:87:
02:1d:91:18:73:1e:49:0e:a6:f5:6f:e0:88:6d:c0:
5e:60:4d:ee:2f:7d:a0:79:c4:3a:e7:ac:ad:f5:68:
a9:58:3a:40:35:06:f0:ac:0b:b4:87:ad:d3:d3:ac:
19:5d:86:76:71:41:2a:6b:d9:4e:80:3d:02:eb:fa:
51:c3:09:5a:50:11:46:98:4a:99:4e:a9:21:9f:32:
49:57:92:c0:68:d3:e8:3f:a0:84:2f:d6:fd:f5:27:
ad:2a:6e:50:b2:f9:a2:ed:78:c1:f9:42:86:88:f0:
b8:33:f6:75:03:cd:e7:07:e3:41:79:31:c0:ba:2a:
42:18:f6:65:e3:fc:82:c1:b4:50:35:7e:cf:37:64:
5c:2f:99:a1:c1:73:67:ba:a7:25:e6:68:03:e7:f1:
d2:3e:e3:c1:4f:c7:04:15:28:5e:87:4b:36:80:90:
92:ca:86:66:70:59:e9:54:7a:8a:07:95:ad:22:05:
29:e7:55:07:b1:fa:0c:4e:2f:9a:ee:2e:55:6e:39:
a6:da:a0:47:05:c8:4d:51:6a:73:7f:bc:b7:c8:ce:
2f:2a:b7:4e:6a:98:05:a0:da:13:42:0e:ca:28:6e:
4d:e7:77:58:21:a5:a0:8a:ae:d7:ac:73:59:f7:43:
48:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:56:DD:9B:43:9E:58:4D:46:61:59:C2:31:25:AB:91:A5:F5:21:68
X509v3 Authority Key Identifier:
keyid:A4:7C:0A:C8:A9:D5:F6:2C:49:1D:4B:17:CB:21:2B:52:C0:E7:56:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHwKyKnV9ixJHUsXyyErUsDnVgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/fFbdm0OeWE1GYVnCMSWrkaX1IWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/25c91d-5a05-46a2-9a79-420cc251e5eb/1/pHwKyKnV9ixJHUsXyyErUsDnVgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:0c:da:e0:4f:a9:71:9f:16:8c:0e:91:e4:5f:b8:f8:f3:48:
af:fa:af:cb:bb:a6:73:7b:b3:e1:b0:14:48:be:2c:41:d5:2f:
cd:e5:98:2a:36:04:53:99:6d:bd:25:86:13:a2:2f:9a:70:2c:
77:b8:81:96:40:b3:0c:4e:54:b0:b4:fb:8a:47:f0:94:0d:7a:
5e:37:d1:ba:67:af:1b:5a:b2:e8:ff:43:87:bc:8a:a3:ba:38:
47:80:83:e8:12:0c:0c:a1:6b:ef:45:e7:75:19:b3:7d:eb:31:
09:ed:07:74:9c:fb:30:66:0f:d2:ce:ec:e8:4d:7e:4d:07:c5:
10:20:98:31:73:79:cc:6d:6d:31:a1:b9:73:d1:bc:e5:6f:7a:
5d:3a:5a:f0:c2:70:b5:48:40:3b:75:8f:8d:52:77:4e:88:fc:
68:a2:d9:8c:1e:51:f6:8a:3a:09:f0:92:d8:f4:99:1a:f8:a0:
d9:7c:36:03:ee:e9:e1:d7:c7:af:91:09:02:fb:bf:2a:f9:31:
54:9c:66:4a:46:37:0b:f6:99:9f:ef:3a:80:5d:2c:69:cf:bd:
26:ed:7a:3a:18:ba:cf:12:19:d8:f4:ee:3a:76:2c:93:56:b8:
59:8a:12:09:da:b6:5a:65:61:11:2b:42:9e:38:2f:29:c9:13:
e6:6c:3e:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjadMhBdLyWLK7b+EmyRgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2MwYWM4YTlkNWY2MmM0OTFkNGIxN2NiMjEyYjUyYzBl
NzU2MDcwHhcNMjUwMTAxMTk0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU2ZGQ5YjQzOWU1ODRkNDY2MTU5YzIzMTI1YWI5MWE1ZjUyMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jvB3jCwKiclkbyA7YcCHZEYcx5J
Dqb1b+CIbcBeYE3uL32gecQ656yt9WipWDpANQbwrAu0h63T06wZXYZ2cUEqa9lO
gD0C6/pRwwlaUBFGmEqZTqkhnzJJV5LAaNPoP6CEL9b99SetKm5Qsvmi7XjB+UKG
iPC4M/Z1A83nB+NBeTHAuipCGPZl4/yCwbRQNX7PN2RcL5mhwXNnuqcl5mgD5/HS
PuPBT8cEFSheh0s2gJCSyoZmcFnpVHqKB5WtIgUp51UHsfoMTi+a7i5Vbjmm2qBH
BchNUWpzf7y3yM4vKrdOapgFoNoTQg7KKG5N53dYIaWgiq7XrHNZ90NI1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxW3ZtDnlhNRmFZwjElq5Gl9SFoMB8GA1UdIwQY
MBaAFKR8Csip1fYsSR1LF8shK1LA51YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzkt
NDIwY2MyNTFlNWViLzEvZkZiZG0wT2VXRTFHWVZuQ01TV3JrYVgxSVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yNWM5MWQtNWEwNS00NmEyLTlhNzktNDIwY2MyNTFlNWVi
LzEvcEh3S3lLblY5aXhKSFVzWHl5RXJVc0RuVmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJdHwMA0G
CSqGSIb3DQEBCwUAA4IBAQCnDNrgT6lxnxaMDpHkX7j480iv+q/Lu6Zze7PhsBRI
vixB1S/N5ZgqNgRTmW29JYYToi+acCx3uIGWQLMMTlSwtPuKR/CUDXpeN9G6Z68b
WrLo/0OHvIqjujhHgIPoEgwMoWvvRed1GbN96zEJ7Qd0nPswZg/SzuzoTX5NB8UQ
IJgxc3nMbW0xoblz0bzlb3pdOlrwwnC1SEA7dY+NUndOiPxootmMHlH2ijoJ8JLY
9Jka+KDZfDYD7unh18evkQkC+78q+TFUnGZKRjcL9pmf7zqAXSxpz70m7Xo6GLrP
EhnY9O46diyTVrhZihIJ2rZaZWERK0KeOC8pyRPmbD6C
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:07:01 2025 by rpki-client