Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/2MWwWUq-nPd7Gzhb6Z0417winfw.roa
File: 2MWwWUq-nPd7Gzhb6Z0417winfw.roa (raw, json)
Hash identifier: JU/lw4BXm/KV3NT2WmLhKrIC3zR0XBpPPnNeGokCO90=
Subject key identifier: D8:C5:B0:59:4A:BE:9C:F7:7B:1B:38:5B:E9:9D:38:D7:BC:22:9D:FC
Certificate issuer: /CN=00642b607b94a143ff41c554c913bd5a651f8c05
Certificate serial: 019424B36913EA9BBD02FE16A97F1A26C177
Authority key identifier: 00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/2MWwWUq-nPd7Gzhb6Z0417winfw.roa
Signing time: Thu 02 Jan 2025 01:48:45 +0000
ROA not before: Thu 02 Jan 2025 01:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50563
IP address blocks: 37.98.204.0/22 maxlen: 22
37.98.204.0/23 maxlen: 23
37.98.204.0/24 maxlen: 24
37.98.205.0/24 maxlen: 24
37.98.206.0/23 maxlen: 23
37.98.206.0/24 maxlen: 24
37.98.207.0/24 maxlen: 24
93.119.16.0/23 maxlen: 23
93.119.16.0/24 maxlen: 24
93.119.17.0/24 maxlen: 24
93.119.19.0/24 maxlen: 24
185.66.44.0/22 maxlen: 22
185.66.44.0/23 maxlen: 23
185.66.44.0/24 maxlen: 24
185.66.45.0/24 maxlen: 24
185.66.46.0/23 maxlen: 23
185.66.46.0/24 maxlen: 24
185.66.47.0/24 maxlen: 24
185.72.112.0/22 maxlen: 22
185.72.112.0/23 maxlen: 23
185.72.112.0/24 maxlen: 24
185.72.113.0/24 maxlen: 24
185.72.114.0/23 maxlen: 23
185.72.114.0/24 maxlen: 24
185.72.115.0/24 maxlen: 24
185.125.28.0/22 maxlen: 22
188.240.192.0/24 maxlen: 24
188.240.193.0/24 maxlen: 24
195.189.208.0/23 maxlen: 23
195.189.208.0/24 maxlen: 24
195.189.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:69:13:ea:9b:bd:02:fe:16:a9:7f:1a:26:c1:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00642b607b94a143ff41c554c913bd5a651f8c05
Validity
Not Before: Jan 2 01:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8c5b0594abe9cf77b1b385be99d38d7bc229dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:51:95:c0:5f:03:b3:f7:15:6d:0b:e4:c5:e7:
0e:9c:92:84:c1:ca:ca:22:d6:20:d2:57:7a:db:df:
97:a1:16:d9:f3:e6:1d:fd:af:cb:d9:86:ec:77:01:
c4:f8:2a:be:bd:2f:d1:4c:44:f8:71:89:f4:d0:67:
45:1e:fd:d7:19:d2:22:21:57:62:8f:13:61:1e:90:
2b:d9:f2:c4:1a:8f:0b:14:75:78:8c:50:ef:bf:8a:
72:f4:63:d1:14:8a:b8:bd:88:34:22:7e:fa:4f:a1:
ca:37:87:0a:08:07:1e:44:5a:ca:6c:c3:51:91:3c:
e7:0c:ca:1c:a2:34:5b:a8:ed:a2:80:62:6a:ba:d3:
f3:fb:74:25:a5:82:96:90:b8:ba:65:3d:a8:a0:df:
1d:9e:2c:df:61:a4:12:de:ac:bf:f6:7d:17:7e:14:
79:51:e4:15:69:26:95:f3:b9:ff:9b:64:69:fa:7e:
6f:b8:01:b3:13:a6:83:ea:f3:ae:69:dc:4c:50:f1:
8c:c8:9e:31:67:72:8d:bc:76:b2:b5:96:a3:72:8e:
0a:45:03:04:b8:cf:bb:50:1d:5a:e4:f9:fe:ea:c8:
de:92:d7:b6:9c:90:8f:79:df:44:87:77:0d:c3:26:
70:dd:bb:5d:29:40:ab:d5:94:0c:4b:b7:d8:6a:80:
21:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C5:B0:59:4A:BE:9C:F7:7B:1B:38:5B:E9:9D:38:D7:BC:22:9D:FC
X509v3 Authority Key Identifier:
keyid:00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/2MWwWUq-nPd7Gzhb6Z0417winfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/AGQrYHuUoUP_QcVUyRO9WmUfjAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.204.0/22
93.119.16.0/23
93.119.19.0/24
185.66.44.0/22
185.72.112.0/22
185.125.28.0/22
188.240.192.0/23
195.189.208.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:ca:f6:af:de:ea:c6:d0:9e:3a:a4:83:50:b5:b5:bc:bd:df:
ec:0a:54:e7:a9:4d:18:a2:ab:8e:40:ec:2c:0c:85:cb:a2:e4:
5d:42:6c:99:95:17:19:dc:ac:1a:4d:c8:e9:3b:79:51:0f:a6:
ac:79:98:11:b2:d9:c4:e9:b3:45:3b:e9:6d:cd:f6:4a:16:e2:
b6:3a:a6:5d:de:42:b6:96:81:58:d4:a4:b4:0f:77:a8:c0:97:
8b:11:f3:ac:e6:8f:f9:39:a6:59:02:79:7f:dc:d0:b7:8f:80:
38:a6:63:0a:69:86:bf:7e:40:0b:19:ca:d5:5e:03:8f:0d:cf:
ae:2d:0a:8b:c1:93:49:a4:14:46:6a:2d:e0:4a:1a:87:9c:07:
d1:10:a3:43:66:c8:38:1c:4d:e8:9b:43:db:48:1f:df:01:86:
87:f0:7c:82:04:5d:e0:1d:29:1a:f0:7a:72:c2:a0:c4:fe:ce:
67:13:3f:6e:f2:67:32:87:a3:81:1d:bb:68:ca:83:ea:06:c0:
34:37:cf:03:60:bb:1d:9c:94:b8:5f:66:a9:6b:d8:04:0f:ed:
73:13:49:bf:69:a3:68:99:5c:62:bb:fa:9b:66:ec:4d:98:a1:
53:1d:5a:98:bd:76:5d:c6:0b:c7:25:37:8c:30:0d:e4:86:8c:
7c:1a:d3:a3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQks2kT6pu9Av4WqX8aJsF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNjQyYjYwN2I5NGExNDNmZjQxYzU1NGM5MTNiZDVhNjUx
ZjhjMDUwHhcNMjUwMTAyMDE0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGM1YjA1OTRhYmU5Y2Y3N2IxYjM4NWJlOTlkMzhkN2JjMjI5ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFGVwF8Ds/cVbQvkxecOnJKEwcrK
ItYg0ld629+XoRbZ8+Yd/a/L2YbsdwHE+Cq+vS/RTET4cYn00GdFHv3XGdIiIVdi
jxNhHpAr2fLEGo8LFHV4jFDvv4py9GPRFIq4vYg0In76T6HKN4cKCAceRFrKbMNR
kTznDMocojRbqO2igGJqutPz+3QlpYKWkLi6ZT2ooN8dnizfYaQS3qy/9n0XfhR5
UeQVaSaV87n/m2Rp+n5vuAGzE6aD6vOuadxMUPGMyJ4xZ3KNvHaytZajco4KRQME
uM+7UB1a5Pn+6sjekte2nJCPed9Eh3cNwyZw3btdKUCr1ZQMS7fYaoAhdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNjFsFlKvpz3exs4W+mdONe8Ip38MB8GA1UdIwQY
MBaAFABkK2B7lKFD/0HFVMkTvVplH4wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUt
MTliYzdiZGNjYmMxLzEvMk1Xd1dVcS1uUGQ3R3poYjZaMDQxN3dpbmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUtMTliYzdiZGNjYmMx
LzEvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCJWLMAwQB
XXcQAwQAXXcTAwQCuUIsAwQCuUhwAwQCuX0cAwQBvPDAAwQBw73QMA0GCSqGSIb3
DQEBCwUAA4IBAQAdyvav3urG0J46pINQtbW8vd/sClTnqU0YoquOQOwsDIXLouRd
QmyZlRcZ3KwaTcjpO3lRD6aseZgRstnE6bNFO+ltzfZKFuK2OqZd3kK2loFY1KS0
D3eowJeLEfOs5o/5OaZZAnl/3NC3j4A4pmMKaYa/fkALGcrVXgOPDc+uLQqLwZNJ
pBRGai3gShqHnAfREKNDZsg4HE3om0PbSB/fAYaH8HyCBF3gHSka8HpywqDE/s5n
Ez9u8mcyh6OBHbtoyoPqBsA0N88DYLsdnJS4X2apa9gED+1zE0m/aaNomVxiu/qb
ZuxNmKFTHVqYvXZdxgvHJTeMMA3khox8GtOj
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:00 2025 by rpki-client