Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/y8Eeia8hdhX_DpCgeBhu63E2X4A.roa
File: y8Eeia8hdhX_DpCgeBhu63E2X4A.roa (raw, json)
Hash identifier: wzZxfTRF1LtzRT1r6hfEh3O3egTZFWx9R6sOBFN3GRI=
Subject key identifier: CB:C1:1E:89:AF:21:76:15:FF:0E:90:A0:78:18:6E:EB:71:36:5F:80
Certificate issuer: /CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
Certificate serial: 0194228E06CCD7268E4486D97DFBE8761AC6
Authority key identifier: 40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/y8Eeia8hdhX_DpCgeBhu63E2X4A.roa
Signing time: Wed 01 Jan 2025 15:48:40 +0000
ROA not before: Wed 01 Jan 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198436
IP address blocks: 37.72.48.0/24 maxlen: 24
37.72.49.0/24 maxlen: 24
37.72.50.0/24 maxlen: 24
37.72.51.0/24 maxlen: 24
37.72.52.0/24 maxlen: 24
37.72.53.0/24 maxlen: 24
37.72.54.0/24 maxlen: 24
37.72.55.0/24 maxlen: 24
37.72.56.0/24 maxlen: 24
37.72.57.0/24 maxlen: 24
37.72.58.0/24 maxlen: 24
37.72.59.0/24 maxlen: 24
37.72.60.0/24 maxlen: 24
37.72.61.0/24 maxlen: 24
37.72.62.0/24 maxlen: 24
37.72.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:06:cc:d7:26:8e:44:86:d9:7d:fb:e8:76:1a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
Validity
Not Before: Jan 1 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbc11e89af217615ff0e90a078186eeb71365f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:61:03:3c:42:d8:da:9b:4b:05:26:17:3d:3c:
d2:62:5b:db:01:60:88:94:c6:54:73:78:c1:a4:ea:
38:34:c0:b1:9e:ac:a1:1e:01:69:3e:bb:32:8f:61:
33:9a:18:99:08:80:3e:40:25:b4:d1:db:1f:10:e0:
22:f8:be:20:d6:8e:29:c4:e6:90:0e:4f:a8:d3:2f:
73:52:7e:16:25:10:9a:fa:ff:c7:31:5e:74:20:b2:
e9:e5:65:4b:48:60:0f:b7:8f:3c:3a:ca:13:c3:88:
ac:8f:71:a7:16:ea:8f:b1:ff:7c:39:55:ca:bc:17:
af:07:5d:36:0f:f8:8e:99:75:9d:d0:90:01:f2:30:
d7:80:47:43:77:ec:7a:90:3a:06:d4:8e:22:01:53:
53:5d:89:1d:29:0f:1c:99:64:20:90:9e:ca:cd:07:
b9:52:22:34:48:c8:da:b2:61:eb:2e:f5:70:9e:95:
93:a2:f6:40:a0:f7:09:8e:1e:de:c5:cd:ad:06:98:
f4:50:86:1c:59:0d:f4:04:b9:88:ec:6e:fa:cd:d2:
96:42:f5:f3:d4:47:fc:f1:2a:34:1b:de:7a:e9:48:
d2:bf:b5:b8:81:fc:4b:d7:cf:8e:a2:81:60:b2:06:
4a:3d:de:2d:8c:f1:9a:ac:7e:13:ba:af:77:ce:ce:
ad:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C1:1E:89:AF:21:76:15:FF:0E:90:A0:78:18:6E:EB:71:36:5F:80
X509v3 Authority Key Identifier:
keyid:40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/y8Eeia8hdhX_DpCgeBhu63E2X4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/QOxdgqjrXZjOduYdr-UXZh_E5nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.48.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:49:9b:8d:d8:bc:8d:b7:cf:27:6d:12:4f:5b:41:84:8a:df:
39:29:0c:79:e0:15:b0:bc:b3:7d:64:64:af:de:84:97:e5:0b:
49:28:2a:19:1e:99:db:20:03:f0:31:25:32:18:36:86:d4:89:
0b:f2:53:7c:8a:55:26:aa:2c:0d:de:51:15:5a:a4:92:00:14:
80:f0:15:e6:25:5a:fb:3a:c0:2b:9a:62:0d:ce:21:4d:fb:0d:
de:49:1a:87:e8:28:8a:9d:6f:b8:9b:be:68:5c:d1:62:aa:65:
72:32:09:4b:c3:ec:22:3e:d9:76:5a:b2:39:bf:8f:27:64:c8:
b2:e6:34:9e:cb:ec:9f:23:a9:d5:0d:f7:61:c7:1e:63:02:d1:
22:8d:dc:69:ba:b2:ee:c0:a5:17:41:06:24:0f:15:0a:81:2c:
46:40:bf:1f:f9:b4:e8:ff:7b:84:2f:52:73:28:5a:35:fd:ab:
76:2d:1c:e6:b3:1f:9f:5d:89:e6:b4:81:8d:13:4b:d5:3f:27:
9c:60:32:1d:54:02:37:8d:f7:35:ba:4e:d1:d4:a2:5a:4f:12:
b2:d2:71:0f:e2:7b:75:2e:ff:e2:bf:9d:0b:03:78:23:4f:18:
d7:a2:a8:7d:3b:79:97:54:c7:d0:46:89:9d:54:28:e4:ac:a8:
97:9a:43:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijgbM1yaORIbZffvodhrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWM1ZDgyYThlYjVkOThjZTc2ZTYxZGFmZTUxNzY2MWZj
NGU2NzUwHhcNMjUwMTAxMTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmMxMWU4OWFmMjE3NjE1ZmYwZTkwYTA3ODE4NmVlYjcxMzY1ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmEDPELY2ptLBSYXPTzSYlvbAWCI
lMZUc3jBpOo4NMCxnqyhHgFpPrsyj2EzmhiZCIA+QCW00dsfEOAi+L4g1o4pxOaQ
Dk+o0y9zUn4WJRCa+v/HMV50ILLp5WVLSGAPt488OsoTw4isj3GnFuqPsf98OVXK
vBevB102D/iOmXWd0JAB8jDXgEdDd+x6kDoG1I4iAVNTXYkdKQ8cmWQgkJ7KzQe5
UiI0SMjasmHrLvVwnpWTovZAoPcJjh7exc2tBpj0UIYcWQ30BLmI7G76zdKWQvXz
1Ef88So0G9566UjSv7W4gfxL18+OooFgsgZKPd4tjPGarH4Tuq93zs6tYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvBHomvIXYV/w6QoHgYbutxNl+AMB8GA1UdIwQY
MBaAFEDsXYKo612YznbmHa/lF2YfxOZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUt
ZGYzMTc0NWNjMjI5LzEveThFZWlhOGhkaFhfRHBDZ2VCaHU2M0UyWDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUtZGYzMTc0NWNjMjI5
LzEvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJUgwMA0G
CSqGSIb3DQEBCwUAA4IBAQCtSZuN2LyNt88nbRJPW0GEit85KQx54BWwvLN9ZGSv
3oSX5QtJKCoZHpnbIAPwMSUyGDaG1IkL8lN8ilUmqiwN3lEVWqSSABSA8BXmJVr7
OsArmmINziFN+w3eSRqH6CiKnW+4m75oXNFiqmVyMglLw+wiPtl2WrI5v48nZMiy
5jSey+yfI6nVDfdhxx5jAtEijdxpurLuwKUXQQYkDxUKgSxGQL8f+bTo/3uEL1Jz
KFo1/at2LRzmsx+fXYnmtIGNE0vVPyecYDIdVAI3jfc1uk7R1KJaTxKy0nEP4nt1
Lv/iv50LA3gjTxjXoqh9O3mXVMfQRomdVCjkrKiXmkNR
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:15:59 2025 by rpki-client