Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/pxXuXU58X4H8fIZKv0CDHdg-Q8M.roa
File: pxXuXU58X4H8fIZKv0CDHdg-Q8M.roa (raw, json)
Hash identifier: eTGcg3yr4CZi8oKJSwmwrav0KbRAU7TnVL+UEFP/RYo=
Subject key identifier: A7:15:EE:5D:4E:7C:5F:81:FC:7C:86:4A:BF:40:83:1D:D8:3E:43:C3
Certificate issuer: /CN=1c020297839c7390df20251a5c0930e6a672bee3
Certificate serial: 019425FC57AD47DBDAF448E734F0655B8C85
Authority key identifier: 1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/pxXuXU58X4H8fIZKv0CDHdg-Q8M.roa
Signing time: Thu 02 Jan 2025 07:48:01 +0000
ROA not before: Thu 02 Jan 2025 07:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50558
IP address blocks: 37.32.112.0/20 maxlen: 24
37.32.112.0/21 maxlen: 21
37.32.120.0/21 maxlen: 24
37.32.120.0/24 maxlen: 24
37.32.124.0/24 maxlen: 24
37.32.126.0/24 maxlen: 24
185.49.96.0/22 maxlen: 24
2a01:9180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:57:ad:47:db:da:f4:48:e7:34:f0:65:5b:8c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c020297839c7390df20251a5c0930e6a672bee3
Validity
Not Before: Jan 2 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a715ee5d4e7c5f81fc7c864abf40831dd83e43c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:19:b9:08:a9:1b:27:6e:99:34:9e:9f:ad:25:
6c:e3:5b:81:f3:63:45:8e:ca:f3:b5:d3:34:28:05:
ac:02:22:df:04:77:95:a5:65:cf:ba:c0:63:61:08:
5e:37:2b:a4:94:77:94:76:3f:b6:d5:30:4c:b6:ac:
66:40:6c:3c:c6:b6:2f:52:fa:60:55:59:37:91:07:
d9:bb:a6:b1:18:05:2e:e1:13:a2:2a:47:61:a9:2d:
d6:bd:f6:87:b2:ad:af:a3:56:a4:1f:46:ab:3d:ee:
7b:fa:96:3a:4c:0f:59:2b:4a:be:01:2a:75:97:17:
67:e5:fb:20:d3:3c:c8:4e:bf:1b:71:49:c3:12:15:
f8:76:d2:a1:9c:1b:fa:18:b4:dd:8f:2d:fe:76:df:
e7:0f:12:dc:c8:28:9a:4e:1b:fe:11:db:3d:8c:b1:
84:60:0d:5c:ce:54:31:72:ed:27:1d:cf:a8:95:a2:
6a:5a:32:07:26:98:05:5d:85:52:f5:a6:ba:ea:1b:
e0:72:fb:85:30:1c:ef:bc:95:e0:02:26:c3:8a:eb:
fe:f4:38:77:eb:19:8a:ec:18:be:59:4d:bb:41:86:
cf:c4:61:0e:c2:87:55:91:be:d3:6e:10:5f:0b:24:
b0:2d:7f:1b:16:21:89:95:d4:80:06:85:6b:c5:ba:
47:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:15:EE:5D:4E:7C:5F:81:FC:7C:86:4A:BF:40:83:1D:D8:3E:43:C3
X509v3 Authority Key Identifier:
keyid:1C:02:02:97:83:9C:73:90:DF:20:25:1A:5C:09:30:E6:A6:72:BE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAICl4Occ5DfICUaXAkw5qZyvuM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/pxXuXU58X4H8fIZKv0CDHdg-Q8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/79733f-5332-451b-86af-142a2b98f4c8/1/HAICl4Occ5DfICUaXAkw5qZyvuM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.112.0/20
185.49.96.0/22
IPv6:
2a01:9180::/32
Signature Algorithm: sha256WithRSAEncryption
6b:80:7f:12:3b:1e:8a:ed:83:54:0b:0b:76:f5:2a:b1:67:0d:
9b:9c:6e:cb:20:b7:55:20:dd:f9:16:88:52:f7:9d:5b:15:60:
38:55:89:c9:21:7b:9e:f2:b6:91:44:6c:ad:41:54:bb:b9:46:
f9:83:68:a2:72:5e:6e:8a:38:a2:5e:ef:27:2c:34:e0:cf:74:
a0:47:3a:53:6d:ca:57:22:12:b3:dc:1a:33:2c:d0:3b:32:14:
5e:42:07:20:20:7c:53:50:d9:33:38:2f:c0:dd:d8:c5:7f:42:
96:a4:e6:b5:8c:48:20:5b:53:d8:c1:55:4c:c8:b6:03:ab:1b:
c9:f0:3e:db:09:91:ad:a5:45:7f:e7:64:c0:ec:27:64:15:04:
73:e6:72:24:61:62:e6:c6:6b:d7:ea:d4:e6:ce:c6:a8:34:03:
66:9b:6d:a4:91:20:ba:14:74:ca:72:2e:6b:c1:ee:6b:b5:51:
02:2f:d1:ff:fc:5d:10:98:c7:14:9e:08:f0:5d:ff:67:52:ba:
fa:a6:ba:5d:33:e7:7b:1e:0d:bb:7a:d4:25:fb:4e:83:e3:a1:
f8:db:fb:87:85:03:31:89:71:03:52:a1:1b:45:38:f0:88:42:
58:8d:f3:bc:b1:88:bd:bc:c1:06:52:77:22:61:eb:b5:c4:44:
3b:2c:48:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/FetR9va9EjnNPBlW4yFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDIwMjk3ODM5YzczOTBkZjIwMjUxYTVjMDkzMGU2YTY3
MmJlZTMwHhcNMjUwMTAyMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzE1ZWU1ZDRlN2M1ZjgxZmM3Yzg2NGFiZjQwODMxZGQ4M2U0M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRm5CKkbJ26ZNJ6frSVs41uB82NF
jsrztdM0KAWsAiLfBHeVpWXPusBjYQheNyuklHeUdj+21TBMtqxmQGw8xrYvUvpg
VVk3kQfZu6axGAUu4ROiKkdhqS3WvfaHsq2vo1akH0arPe57+pY6TA9ZK0q+ASp1
lxdn5fsg0zzITr8bcUnDEhX4dtKhnBv6GLTdjy3+dt/nDxLcyCiaThv+Eds9jLGE
YA1czlQxcu0nHc+olaJqWjIHJpgFXYVS9aa66hvgcvuFMBzvvJXgAibDiuv+9Dh3
6xmK7Bi+WU27QYbPxGEOwodVkb7TbhBfCySwLX8bFiGJldSABoVrxbpHvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKcV7l1OfF+B/HyGSr9Agx3YPkPDMB8GA1UdIwQY
MBaAFBwCApeDnHOQ3yAlGlwJMOamcr7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYt
MTQyYTJiOThmNGM4LzEvcHhYdVhVNThYNEg4ZklaS3YwQ0RIZGctUThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83OTczM2YtNTMzMi00NTFiLTg2YWYtMTQyYTJiOThmNGM4
LzEvSEFJQ2w0T2NjNURmSUNVYVhBa3c1cVp5dnVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEJSBwAwQC
uTFgMA0EAgACMAcDBQAqAZGAMA0GCSqGSIb3DQEBCwUAA4IBAQBrgH8SOx6K7YNU
Cwt29SqxZw2bnG7LILdVIN35FohS951bFWA4VYnJIXue8raRRGytQVS7uUb5g2ii
cl5uijiiXu8nLDTgz3SgRzpTbcpXIhKz3BozLNA7MhReQgcgIHxTUNkzOC/A3djF
f0KWpOa1jEggW1PYwVVMyLYDqxvJ8D7bCZGtpUV/52TA7CdkFQRz5nIkYWLmxmvX
6tTmzsaoNANmm22kkSC6FHTKci5rwe5rtVECL9H//F0QmMcUngjwXf9nUrr6prpd
M+d7Hg27etQl+06D46H42/uHhQMxiXEDUqEbRTjwiEJYjfO8sYi9vMEGUnciYeu1
xEQ7LEiC
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:45:08 2025 by rpki-client