Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/hTYp4tVFk2Iv0MXe_TkiKDxhHf0.roa
File: hTYp4tVFk2Iv0MXe_TkiKDxhHf0.roa (raw, json)
Hash identifier: 6GO6BRanOpSP6VfdzTHxANKln0jgA0SAFTnzf0Z3Hfw=
Subject key identifier: 85:36:29:E2:D5:45:93:62:2F:D0:C5:DE:FD:39:22:28:3C:61:1D:FD
Certificate issuer: /CN=27962a33fd2348781ac123a12722a086ee8fba7d
Certificate serial: 01942067F2F891E14142F9D5E6B785A00B6E
Authority key identifier: 27:96:2A:33:FD:23:48:78:1A:C1:23:A1:27:22:A0:86:EE:8F:BA:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5YqM_0jSHgawSOhJyKghu6Pun0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/hTYp4tVFk2Iv0MXe_TkiKDxhHf0.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58081
IP address blocks: 37.75.240.0/24 maxlen: 24
37.75.241.0/24 maxlen: 24
37.75.242.0/24 maxlen: 24
2a03:49c0::/32 maxlen: 32
2a03:49c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f2:f8:91:e1:41:42:f9:d5:e6:b7:85:a0:0b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27962a33fd2348781ac123a12722a086ee8fba7d
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=853629e2d54593622fd0c5defd3922283c611dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6a:9c:9b:54:84:31:3e:ad:56:a8:0b:70:a0:
3e:02:58:61:70:69:28:51:1d:6e:84:02:0e:f6:e4:
28:73:43:9c:08:7e:dc:46:69:47:4e:5f:df:b2:f3:
20:8a:20:71:a9:e9:65:c9:ff:4f:23:98:b0:da:86:
f5:45:c1:da:3b:9f:c9:2b:4e:b2:61:60:2d:8f:75:
22:d1:3e:32:04:5a:38:20:6c:a2:12:9d:4f:14:a4:
22:08:46:e4:2f:37:c1:80:ee:66:47:4f:07:e4:ed:
48:a3:cf:2b:5d:cc:bd:c6:77:a1:08:2a:45:e7:67:
3e:09:bc:fc:13:b1:00:53:ff:66:a1:be:8b:16:21:
32:85:f6:a6:55:72:26:1e:df:e9:22:79:5b:e9:7e:
3f:16:f1:9e:bb:04:69:65:0a:36:c7:75:23:be:6b:
9c:59:97:d3:eb:d1:6e:c2:a9:3d:03:6d:ba:e4:35:
8a:a3:8f:62:ad:24:af:b7:8e:43:a8:80:e5:cf:57:
37:28:05:ad:8a:00:69:a2:af:15:54:d6:d5:1f:c9:
bd:52:7b:ea:ee:55:1a:1d:85:71:ed:90:82:59:a6:
15:7c:05:30:54:b1:c8:3e:5f:c4:02:09:c0:bb:f6:
ce:0d:d5:22:b3:1f:6c:9d:52:76:a1:fe:b1:b9:94:
c2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:36:29:E2:D5:45:93:62:2F:D0:C5:DE:FD:39:22:28:3C:61:1D:FD
X509v3 Authority Key Identifier:
keyid:27:96:2A:33:FD:23:48:78:1A:C1:23:A1:27:22:A0:86:EE:8F:BA:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5YqM_0jSHgawSOhJyKghu6Pun0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/hTYp4tVFk2Iv0MXe_TkiKDxhHf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/1145d2-b1bd-4a57-a44d-bb6bffe66ff3/1/J5YqM_0jSHgawSOhJyKghu6Pun0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.240.0-37.75.242.255
IPv6:
2a03:49c0::/32
Signature Algorithm: sha256WithRSAEncryption
91:8f:e1:fa:59:7e:29:05:19:35:1a:7c:76:eb:c4:0f:2d:14:
0a:f7:0d:5a:cc:46:82:25:c5:ec:9e:80:76:ac:a7:b9:df:09:
5b:4e:19:0d:8b:e5:2d:11:d4:b6:be:fa:d8:19:7e:81:ed:ad:
f9:2b:18:16:f7:1d:06:d9:03:90:8b:c3:6a:36:42:5a:0e:ed:
3e:f3:f9:23:18:89:4e:d2:f9:5d:9b:42:cc:73:49:95:aa:5e:
d7:23:ed:40:90:49:1d:96:96:07:f9:a4:a3:8b:5a:e6:79:26:
ce:32:57:91:e9:a4:4d:96:b4:15:a7:10:6a:5f:29:37:68:6d:
99:d4:7e:df:7b:65:00:85:fb:9c:2d:cd:7d:f2:3e:48:10:1b:
4f:93:6c:0d:ba:bf:27:a8:1d:b4:f3:17:e3:d7:28:8e:f1:3f:
57:ea:00:3e:e0:77:07:53:47:5c:1e:03:28:be:34:6e:51:fc:
3d:e3:d1:e5:87:27:2d:43:19:91:42:b5:df:cb:e3:49:b4:7c:
8e:ff:86:46:46:9d:4c:0f:7f:57:05:6b:78:4e:67:ff:58:0d:
4e:20:16:52:5b:1a:e6:c4:b8:10:98:f7:4d:1c:4d:8f:42:0f:
2d:75:f8:b6:91:45:c5:a8:4c:d3:0e:31:a6:e8:ac:b1:56:e0:
7c:3c:62:a0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQgZ/L4keFBQvnV5reFoAtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTYyYTMzZmQyMzQ4NzgxYWMxMjNhMTI3MjJhMDg2ZWU4
ZmJhN2QwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM2MjllMmQ1NDU5MzYyMmZkMGM1ZGVmZDM5MjIyODNjNjExZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2qcm1SEMT6tVqgLcKA+AlhhcGko
UR1uhAIO9uQoc0OcCH7cRmlHTl/fsvMgiiBxqellyf9PI5iw2ob1RcHaO5/JK06y
YWAtj3Ui0T4yBFo4IGyiEp1PFKQiCEbkLzfBgO5mR08H5O1Io88rXcy9xnehCCpF
52c+Cbz8E7EAU/9mob6LFiEyhfamVXImHt/pInlb6X4/FvGeuwRpZQo2x3Ujvmuc
WZfT69Fuwqk9A2265DWKo49irSSvt45DqIDlz1c3KAWtigBpoq8VVNbVH8m9Unvq
7lUaHYVx7ZCCWaYVfAUwVLHIPl/EAgnAu/bODdUisx9snVJ2of6xuZTCPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIU2KeLVRZNiL9DF3v05Iig8YR39MB8GA1UdIwQY
MBaAFCeWKjP9I0h4GsEjoScioIbuj7p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVZcU1fMGpTSGdhd1NPaEp5S2dodTZQdW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8xMTQ1ZDItYjFiZC00YTU3LWE0NGQt
YmI2YmZmZTY2ZmYzLzEvaFRZcDR0VkZrMkl2ME1YZV9Ua2lLRHhoSGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8xMTQ1ZDItYjFiZC00YTU3LWE0NGQtYmI2YmZmZTY2ZmYz
LzEvSjVZcU1fMGpTSGdhd1NPaEp5S2dodTZQdW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAQlS/AD
BAAlS/IwDQQCAAIwBwMFACoDScAwDQYJKoZIhvcNAQELBQADggEBAJGP4fpZfikF
GTUafHbrxA8tFAr3DVrMRoIlxeyegHasp7nfCVtOGQ2L5S0R1La++tgZfoHtrfkr
GBb3HQbZA5CLw2o2QloO7T7z+SMYiU7S+V2bQsxzSZWqXtcj7UCQSR2Wlgf5pKOL
WuZ5Js4yV5HppE2WtBWnEGpfKTdobZnUft97ZQCF+5wtzX3yPkgQG0+TbA26vyeo
HbTzF+PXKI7xP1fqAD7gdwdTR1weAyi+NG5R/D3j0eWHJy1DGZFCtd/L40m0fI7/
hkZGnUwPf1cFa3hOZ/9YDU4gFlJbGubEuBCY900cTY9CDy11+LaRRcWoTNMOMabo
rLFW4Hw8YqA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:32:23 2025 by rpki-client