Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/5NVHCfMQ6W48yxlWBv3uWNtbJDs.roa
File: 5NVHCfMQ6W48yxlWBv3uWNtbJDs.roa (raw, json)
Hash identifier: xWoUftWDtv357JcFYDaq4ko62SbPA3ugAxMWTRo1aWY=
Subject key identifier: E4:D5:47:09:F3:10:E9:6E:3C:CB:19:56:06:FD:EE:58:DB:5B:24:3B
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 019423D744C0F7B84759A2451A00688F9E29
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/5NVHCfMQ6W48yxlWBv3uWNtbJDs.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213068
IP address blocks: 185.237.152.0/24 maxlen: 24
185.237.153.0/24 maxlen: 24
185.237.154.0/24 maxlen: 24
185.237.155.0/24 maxlen: 24
2001:678:da0::/48 maxlen: 48
2001:678:da4::/48 maxlen: 48
2001:678:da8::/48 maxlen: 48
2001:678:dac::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:44:c0:f7:b8:47:59:a2:45:1a:00:68:8f:9e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4d54709f310e96e3ccb195606fdee58db5b243b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:49:30:85:9f:fe:53:a3:35:c8:b5:c6:df:51:
62:70:a9:73:d4:e1:bd:c8:a3:f1:3f:25:54:d4:28:
14:36:55:d9:b7:92:a0:22:5f:87:5e:2b:5e:3f:f9:
e4:34:23:f9:a9:aa:7f:17:33:09:dd:a8:ce:d4:6a:
2c:26:d2:91:6d:68:66:db:a2:02:3e:1e:3d:48:23:
81:a8:25:d0:f1:76:49:d9:c4:18:45:32:17:7c:cd:
f5:83:32:77:6e:64:57:14:44:61:9a:d1:67:0b:c5:
66:87:f4:d8:0d:3a:9f:71:77:14:3a:d5:c7:e8:5a:
92:99:e7:94:76:9e:b6:c6:8d:11:a7:19:25:dc:c1:
c8:af:df:1e:1e:4e:8f:87:fd:1c:3b:06:4c:6e:12:
26:a9:e1:6e:59:1b:8d:16:7b:f7:8d:61:dc:a2:92:
84:92:e9:fc:e2:dc:3c:fe:dd:3b:a9:0e:fc:83:b8:
93:ed:7c:ab:94:f0:2b:76:03:d2:f3:9d:c9:7f:93:
8b:24:9c:d0:55:7c:ed:cb:73:02:3f:4c:fa:ff:bf:
46:b6:ae:24:62:6d:d4:bf:dd:e1:02:74:2f:01:69:
76:30:63:83:36:e2:02:43:56:a4:5f:62:0b:a8:06:
f8:c4:b3:4c:06:6b:5b:99:7c:72:38:2c:51:7a:23:
6d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D5:47:09:F3:10:E9:6E:3C:CB:19:56:06:FD:EE:58:DB:5B:24:3B
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/5NVHCfMQ6W48yxlWBv3uWNtbJDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.152.0/22
IPv6:
2001:678:da0::/48
2001:678:da4::/48
2001:678:da8::/48
2001:678:dac::/48
Signature Algorithm: sha256WithRSAEncryption
61:4b:39:fb:67:5c:8c:33:77:9f:d5:45:ea:56:a5:99:30:04:
9d:7c:09:c4:1e:d6:ce:cf:88:b8:d5:fb:37:20:db:b1:af:8b:
43:40:69:b3:95:c1:95:89:ad:a9:03:a5:e5:aa:2e:e6:56:1c:
e4:7c:81:8b:d0:31:8c:18:8b:c3:48:21:8a:e6:4a:27:fa:93:
6a:96:56:7b:bc:5a:b5:27:df:e9:b1:a9:96:ef:9d:2c:14:3f:
4a:37:9b:fd:89:84:0d:7a:96:d5:0a:1e:77:3c:62:37:e3:2b:
9c:96:bc:6b:0d:0f:9e:5b:d0:5b:a0:ee:92:41:30:73:4f:d3:
c7:a9:d0:51:0e:ab:35:40:6a:e4:a7:3d:98:b0:fa:a9:ea:29:
c6:02:cd:bb:3a:82:7c:74:47:d4:98:75:5d:d7:37:8f:75:a6:
7e:67:6c:46:64:a8:f2:41:da:7a:f7:e2:4a:62:53:a2:65:70:
da:46:c5:b6:ca:53:10:14:4b:a1:a4:6f:07:03:3d:ac:44:c1:
b3:d3:98:c3:03:83:69:59:c1:eb:b2:2c:1c:53:56:9e:53:0f:
64:ff:6f:b8:83:0e:a2:3e:9b:94:ca:0e:af:00:33:e1:9e:81:
fd:4a:ad:1a:ca:ad:2b:3c:02:7c:fc:5f:a8:b9:6d:ca:4a:ee:
47:b6:75:a7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQj10TA97hHWaJFGgBoj54pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQ1NDcwOWYzMTBlOTZlM2NjYjE5NTYwNmZkZWU1OGRiNWIyNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUkwhZ/+U6M1yLXG31FicKlz1OG9
yKPxPyVU1CgUNlXZt5KgIl+HXiteP/nkNCP5qap/FzMJ3ajO1GosJtKRbWhm26IC
Ph49SCOBqCXQ8XZJ2cQYRTIXfM31gzJ3bmRXFERhmtFnC8Vmh/TYDTqfcXcUOtXH
6FqSmeeUdp62xo0Rpxkl3MHIr98eHk6Ph/0cOwZMbhImqeFuWRuNFnv3jWHcopKE
kun84tw8/t07qQ78g7iT7XyrlPArdgPS853Jf5OLJJzQVXzty3MCP0z6/79Gtq4k
Ym3Uv93hAnQvAWl2MGODNuICQ1akX2ILqAb4xLNMBmtbmXxyOCxReiNt8wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOTVRwnzEOluPMsZVgb97ljbWyQ7MB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvNU5WSENmTVE2VzQ4eXhsV0J2M3VXTnRiSkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQCue2YMCoE
AgACMCQDBwAgAQZ4DaADBwAgAQZ4DaQDBwAgAQZ4DagDBwAgAQZ4DawwDQYJKoZI
hvcNAQELBQADggEBAGFLOftnXIwzd5/VRepWpZkwBJ18CcQe1s7PiLjV+zcg27Gv
i0NAabOVwZWJrakDpeWqLuZWHOR8gYvQMYwYi8NIIYrmSif6k2qWVnu8WrUn3+mx
qZbvnSwUP0o3m/2JhA16ltUKHnc8YjfjK5yWvGsND55b0Fug7pJBMHNP08ep0FEO
qzVAauSnPZiw+qnqKcYCzbs6gnx0R9SYdV3XN491pn5nbEZkqPJB2nr34kpiU6Jl
cNpGxbbKUxAUS6GkbwcDPaxEwbPTmMMDg2lZweuyLBxTVp5TD2T/b7iDDqI+m5TK
Dq8AM+Gegf1KrRrKrSs8Anz8X6i5bcpK7ke2dac=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:57:13 2025 by rpki-client