Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/bcdecd-6689-4cd8-a109-20de6972609b/1/_Y3WU0rL_Z5yMospeFK2kheOtgM.roa
File: _Y3WU0rL_Z5yMospeFK2kheOtgM.roa (raw, json)
Hash identifier: qqDo+PPhN0qvkLG+7KSZ3FS8hY7kC2hitlOvSMnc4pQ=
Subject key identifier: FD:8D:D6:53:4A:CB:FD:9E:72:32:8B:29:78:52:B6:92:17:8E:B6:03
Certificate issuer: /CN=19001d557a0698dad77c4b3eddf2a7d36b72ab00
Certificate serial: 01941FFA2AAEC98467360CD81E92041BB6AA
Authority key identifier: 19:00:1D:55:7A:06:98:DA:D7:7C:4B:3E:DD:F2:A7:D3:6B:72:AB:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQAdVXoGmNrXfEs-3fKn02tyqwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/bcdecd-6689-4cd8-a109-20de6972609b/1/_Y3WU0rL_Z5yMospeFK2kheOtgM.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201730
IP address blocks: 37.221.88.0/22 maxlen: 24
185.65.92.0/22 maxlen: 22
185.65.92.0/24 maxlen: 24
185.65.93.0/24 maxlen: 24
185.65.94.0/24 maxlen: 24
185.65.95.0/24 maxlen: 24
185.78.100.0/22 maxlen: 22
185.78.100.0/24 maxlen: 24
185.78.101.0/24 maxlen: 24
185.78.102.0/24 maxlen: 24
185.78.103.0/24 maxlen: 24
185.138.244.0/22 maxlen: 22
185.138.244.0/24 maxlen: 24
185.138.245.0/24 maxlen: 24
185.138.246.0/24 maxlen: 24
185.138.247.0/24 maxlen: 24
185.146.148.0/22 maxlen: 22
185.146.148.0/24 maxlen: 24
185.146.149.0/24 maxlen: 24
185.146.150.0/24 maxlen: 24
185.146.151.0/24 maxlen: 24
194.169.252.0/24 maxlen: 24
2a03:1aa0::/32 maxlen: 36
2a05:5fc1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2a:ae:c9:84:67:36:0c:d8:1e:92:04:1b:b6:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19001d557a0698dad77c4b3eddf2a7d36b72ab00
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd8dd6534acbfd9e72328b297852b692178eb603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7e:46:b4:24:7c:69:53:c2:45:b3:49:02:09:
52:44:aa:67:a5:93:a5:8a:69:41:b6:ac:38:ed:4a:
9e:b8:93:9e:e5:5b:c2:df:87:d4:4d:28:13:a8:1c:
85:c7:8e:57:66:d6:28:e2:ea:30:c7:92:fe:c5:aa:
e0:75:fa:0d:20:77:c7:e6:b4:78:cd:03:7d:91:52:
15:e6:6d:3b:82:af:b1:df:aa:92:0d:81:de:47:3e:
80:08:2f:40:a9:2c:b1:0b:97:1d:c0:9d:59:f5:d0:
48:59:bc:38:6e:bd:31:f4:de:4a:a6:df:e5:ea:75:
5e:57:41:e3:7f:8e:9f:74:20:2f:8e:15:f0:4a:f8:
06:f1:88:07:03:40:6f:37:76:a3:30:89:89:71:24:
46:f6:35:c7:93:3e:9e:61:40:7f:7a:f9:e3:d0:dd:
92:ae:00:84:8f:75:5c:7e:76:8b:6c:73:8f:2a:2a:
e8:cc:8c:2b:a2:3f:38:22:2a:f0:a0:4c:64:69:4d:
4e:02:0b:8b:ec:74:34:76:89:a1:7d:ba:f2:a1:6c:
47:4e:0f:ee:7d:11:6b:7e:8a:61:9e:43:22:69:19:
28:ce:8e:f1:98:3d:59:ea:03:48:0e:44:d2:c6:1f:
f3:34:3f:14:97:73:5e:ea:ae:96:67:6b:b5:49:61:
44:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8D:D6:53:4A:CB:FD:9E:72:32:8B:29:78:52:B6:92:17:8E:B6:03
X509v3 Authority Key Identifier:
keyid:19:00:1D:55:7A:06:98:DA:D7:7C:4B:3E:DD:F2:A7:D3:6B:72:AB:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQAdVXoGmNrXfEs-3fKn02tyqwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bcdecd-6689-4cd8-a109-20de6972609b/1/_Y3WU0rL_Z5yMospeFK2kheOtgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bcdecd-6689-4cd8-a109-20de6972609b/1/GQAdVXoGmNrXfEs-3fKn02tyqwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.88.0/22
185.65.92.0/22
185.78.100.0/22
185.138.244.0/22
185.146.148.0/22
194.169.252.0/24
IPv6:
2a03:1aa0::/32
2a05:5fc1::/32
Signature Algorithm: sha256WithRSAEncryption
3e:32:66:3d:16:4b:98:2b:a0:04:da:8b:f8:40:70:c0:71:5c:
01:55:a7:66:d6:64:c8:63:e6:75:34:02:62:3a:41:93:29:b3:
f7:4b:86:cd:1f:ff:d1:d6:12:f7:4e:60:0c:53:7b:02:1c:4e:
be:f5:0b:eb:88:b5:2a:9d:bc:53:17:bc:b1:08:ad:69:b4:37:
8e:0a:44:df:1a:56:38:30:9c:08:2d:e7:dd:e7:a0:c0:bf:37:
b3:9d:5e:fa:95:ed:03:10:9c:66:f3:d7:d5:bc:5a:9c:f5:63:
3c:bd:ac:fa:ef:f4:80:32:f3:c0:c9:ce:0b:ac:9a:71:e3:f5:
6e:33:86:41:3e:1c:24:8f:d2:94:c4:3d:df:c5:5b:98:14:14:
e4:ff:49:85:48:f0:68:37:4f:04:bf:4f:e8:6c:c2:1a:d4:e9:
17:bb:70:24:8c:41:ea:19:4f:5e:da:32:ba:3c:cb:ca:63:b2:
00:cf:a7:c2:74:60:42:96:ef:e9:4b:cb:e5:09:10:e8:8e:3a:
3a:11:2e:69:08:16:51:43:95:7b:7b:61:35:df:ba:76:29:dc:
54:5f:eb:05:3b:ae:18:9f:d1:bf:4b:7b:47:1d:d0:4b:9a:65:
26:20:a6:71:59:36:2a:26:eb:60:85:4f:4a:3c:e6:51:b5:4a:
95:70:02:28
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQf+iquyYRnNgzYHpIEG7aqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MDAxZDU1N2EwNjk4ZGFkNzdjNGIzZWRkZjJhN2QzNmI3
MmFiMDAwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhkZDY1MzRhY2JmZDllNzIzMjhiMjk3ODUyYjY5MjE3OGViNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs35GtCR8aVPCRbNJAglSRKpnpZOl
imlBtqw47UqeuJOe5VvC34fUTSgTqByFx45XZtYo4uowx5L+xargdfoNIHfH5rR4
zQN9kVIV5m07gq+x36qSDYHeRz6ACC9AqSyxC5cdwJ1Z9dBIWbw4br0x9N5Kpt/l
6nVeV0Hjf46fdCAvjhXwSvgG8YgHA0BvN3ajMImJcSRG9jXHkz6eYUB/evnj0N2S
rgCEj3VcfnaLbHOPKirozIwroj84IirwoExkaU1OAguL7HQ0domhfbryoWxHTg/u
fRFrfophnkMiaRkozo7xmD1Z6gNIDkTSxh/zND8Ul3Ne6q6WZ2u1SWFE1QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFP2N1lNKy/2ecjKLKXhStpIXjrYDMB8GA1UdIwQY
MBaAFBkAHVV6Bpja13xLPt3yp9NrcqsAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1FBZFZYb0dtTnJYZkVzLTNmS24wMnR5cXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iY2RlY2QtNjY4OS00Y2Q4LWExMDkt
MjBkZTY5NzI2MDliLzEvX1kzV1UwckxfWjV5TW9zcGVGSzJraGVPdGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iY2RlY2QtNjY4OS00Y2Q4LWExMDktMjBkZTY5NzI2MDli
LzEvR1FBZFZYb0dtTnJYZkVzLTNmS24wMnR5cXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCJd1YAwQC
uUFcAwQCuU5kAwQCuYr0AwQCuZKUAwQAwqn8MBQEAgACMA4DBQAqAxqgAwUAKgVf
wTANBgkqhkiG9w0BAQsFAAOCAQEAPjJmPRZLmCugBNqL+EBwwHFcAVWnZtZkyGPm
dTQCYjpBkymz90uGzR//0dYS905gDFN7AhxOvvUL64i1Kp28Uxe8sQitabQ3jgpE
3xpWODCcCC3n3eegwL83s51e+pXtAxCcZvPX1bxanPVjPL2s+u/0gDLzwMnOC6ya
ceP1bjOGQT4cJI/SlMQ938VbmBQU5P9JhUjwaDdPBL9P6GzCGtTpF7twJIxB6hlP
XtoyujzLymOyAM+nwnRgQpbv6UvL5QkQ6I46OhEuaQgWUUOVe3thNd+6dincVF/r
BTuuGJ/Rv0t7Rx3QS5plJiCmcVk2KibrYIVPSjzmUbVKlXACKA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:42 2025 by rpki-client