Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/idwzkQBauFhn5yVkIjeQVtz5mZE.roa
File: idwzkQBauFhn5yVkIjeQVtz5mZE.roa (raw, json)
Hash identifier: 44TjgVB7J3xRAwnTMWxvN7AZUFhxeYggq97H4Mjz/Lw=
Subject key identifier: 89:DC:33:91:00:5A:B8:58:67:E7:25:64:22:37:90:56:DC:F9:99:91
Certificate issuer: /CN=29db7ca4eee1e453d26fab99c8201adf894612be
Certificate serial: 019428265A5C4C0759440FF88B1A03D7B790
Authority key identifier: 29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/idwzkQBauFhn5yVkIjeQVtz5mZE.roa
Signing time: Thu 02 Jan 2025 17:53:09 +0000
ROA not before: Thu 02 Jan 2025 17:53:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198623
IP address blocks: 37.77.192.0/21 maxlen: 24
37.123.248.0/21 maxlen: 21
193.104.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:5a:5c:4c:07:59:44:0f:f8:8b:1a:03:d7:b7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29db7ca4eee1e453d26fab99c8201adf894612be
Validity
Not Before: Jan 2 17:53:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89dc3391005ab85867e7256422379056dcf99991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0e:e3:19:43:82:10:82:55:b8:51:fb:37:54:
5f:7e:9e:63:ee:b4:e2:4a:8c:05:0e:77:50:c2:be:
6e:a3:ee:42:5f:29:76:b1:b0:e5:0d:99:47:99:31:
67:2a:61:b5:d4:e2:16:7b:b4:04:74:c6:42:38:d5:
71:bc:0f:4f:96:8e:0a:0b:b5:ed:d3:be:21:28:71:
60:b6:fd:38:a8:84:1c:eb:43:90:69:26:81:3c:47:
8d:ec:a6:97:57:47:91:c1:fb:38:5f:aa:c9:77:d4:
6d:cd:53:3f:1e:40:e3:d1:d8:cc:b3:8f:89:c6:5a:
84:e0:7a:ac:88:9f:6e:96:9a:0c:28:10:df:da:c1:
7b:96:cf:8c:32:1f:3c:3b:1b:0f:bd:f8:19:20:8a:
1e:62:1d:c3:b8:10:f5:c6:54:de:7e:de:c4:93:5e:
e3:de:35:c1:9b:30:f1:56:0c:e2:ff:45:95:7a:24:
4c:b9:a3:c0:06:a7:20:3b:c1:9e:47:c6:72:d5:c7:
ff:1a:1f:cd:25:06:de:7b:0e:6c:fe:23:e2:91:3b:
55:2b:91:dc:ed:e8:ad:b9:ed:ef:94:ca:bd:72:41:
bd:6a:14:21:d1:ae:ab:c2:b4:26:f7:0f:54:da:68:
2d:28:96:c0:20:0c:1d:1d:d6:fc:9b:e5:a7:2b:4c:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DC:33:91:00:5A:B8:58:67:E7:25:64:22:37:90:56:DC:F9:99:91
X509v3 Authority Key Identifier:
keyid:29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/idwzkQBauFhn5yVkIjeQVtz5mZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/Kdt8pO7h5FPSb6uZyCAa34lGEr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.192.0/21
37.123.248.0/21
193.104.81.0/24
Signature Algorithm: sha256WithRSAEncryption
11:69:ad:63:60:bf:e1:b9:d0:b1:5d:5e:43:d3:f9:89:dc:59:
57:0d:0f:0b:bf:98:d2:5c:1f:9d:c4:7b:77:18:f3:83:c5:b7:
e8:c8:3d:13:76:83:af:47:6a:4e:3a:f3:f2:6b:5e:5e:5d:80:
d1:01:4a:b6:61:cc:c9:96:31:db:7c:dc:5a:48:86:a3:2b:74:
e9:bc:7c:d6:d0:fe:fd:87:8d:3c:b2:98:2b:9e:bf:55:d1:4a:
8d:47:17:ba:74:22:85:e4:81:0d:b4:93:e3:5c:e4:57:9c:41:
f2:a3:6c:aa:69:39:95:52:88:03:4f:2c:01:4b:3c:1e:7c:a5:
a0:96:88:d9:af:b0:dd:0d:69:7d:a7:49:c2:a0:69:9b:98:53:
b2:22:fd:bc:49:a6:79:c3:0c:f8:5d:fe:13:6f:d6:c0:2c:b2:
b5:58:21:7c:51:fb:05:4f:2c:43:da:c4:4a:29:45:88:42:7b:
20:8b:69:e2:49:24:22:da:a9:5b:e2:91:0f:17:5c:77:dd:af:
99:41:77:9e:b7:25:70:83:3a:c2:e1:72:39:d2:76:ff:6b:d3:
8c:85:35:e9:53:10:5e:c4:bb:4c:eb:8f:cb:a7:aa:bb:02:95:
66:07:27:09:1b:fe:3f:6a:33:67:70:88:3e:d5:be:bf:9e:c5:
50:d2:47:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJlpcTAdZRA/4ixoD17eQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZGI3Y2E0ZWVlMWU0NTNkMjZmYWI5OWM4MjAxYWRmODk0
NjEyYmUwHhcNMjUwMTAyMTc1MzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRjMzM5MTAwNWFiODU4NjdlNzI1NjQyMjM3OTA1NmRjZjk5OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug7jGUOCEIJVuFH7N1Rffp5j7rTi
SowFDndQwr5uo+5CXyl2sbDlDZlHmTFnKmG11OIWe7QEdMZCONVxvA9Plo4KC7Xt
074hKHFgtv04qIQc60OQaSaBPEeN7KaXV0eRwfs4X6rJd9RtzVM/HkDj0djMs4+J
xlqE4HqsiJ9ulpoMKBDf2sF7ls+MMh88OxsPvfgZIIoeYh3DuBD1xlTeft7Ek17j
3jXBmzDxVgzi/0WVeiRMuaPABqcgO8GeR8Zy1cf/Gh/NJQbeew5s/iPikTtVK5Hc
7eitue3vlMq9ckG9ahQh0a6rwrQm9w9U2mgtKJbAIAwdHdb8m+WnK0xH3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIncM5EAWrhYZ+clZCI3kFbc+ZmRMB8GA1UdIwQY
MBaAFCnbfKTu4eRT0m+rmcggGt+JRhK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2Yt
ZDMzZmExNjA1YWUxLzEvaWR3emtRQmF1RmhuNXlWa0lqZVFWdHo1bVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2YtZDMzZmExNjA1YWUx
LzEvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJU3AAwQD
JXv4AwQAwWhRMA0GCSqGSIb3DQEBCwUAA4IBAQARaa1jYL/hudCxXV5D0/mJ3FlX
DQ8Lv5jSXB+dxHt3GPODxbfoyD0TdoOvR2pOOvPya15eXYDRAUq2YczJljHbfNxa
SIajK3TpvHzW0P79h408spgrnr9V0UqNRxe6dCKF5IENtJPjXORXnEHyo2yqaTmV
UogDTywBSzwefKWglojZr7DdDWl9p0nCoGmbmFOyIv28SaZ5wwz4Xf4Tb9bALLK1
WCF8UfsFTyxD2sRKKUWIQnsgi2niSSQi2qlb4pEPF1x33a+ZQXeetyVwgzrC4XI5
0nb/a9OMhTXpUxBexLtM64/Lp6q7ApVmBycJG/4/ajNncIg+1b6/nsVQ0kfe
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:36:11 2025 by rpki-client