Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/keHHD0uYg4omJd2TQzfe5cbaGwo.roa
File: keHHD0uYg4omJd2TQzfe5cbaGwo.roa (raw, json)
Hash identifier: jdVZEPVZb0qxdh1EexMy0y6agzv8H178L+bLUg+Igec=
Subject key identifier: 91:E1:C7:0F:4B:98:83:8A:26:25:DD:93:43:37:DE:E5:C6:DA:1B:0A
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 01919A34E244B8A085D85CBDB6ECB95030C3
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/keHHD0uYg4omJd2TQzfe5cbaGwo.roa
Signing time: Wed 28 Aug 2024 18:17:22 +0000
ROA not before: Wed 28 Aug 2024 18:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 62.204.37.0/24 maxlen: 24
2a13:9200::/29 maxlen: 29
2a13:9300::/29 maxlen: 29
2a13:a700::/29 maxlen: 29
2a13:b100::/29 maxlen: 29
2a13:b500::/29 maxlen: 29
2a13:b900::/29 maxlen: 29
2a13:da00::/29 maxlen: 29
2a13:e200::/29 maxlen: 29
2a13:e400::/29 maxlen: 29
2a13:fe00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9a:34:e2:44:b8:a0:85:d8:5c:bd:b6:ec:b9:50:30:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Aug 28 18:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91e1c70f4b98838a2625dd934337dee5c6da1b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d7:50:ba:07:79:e3:61:d4:2a:d0:ed:bd:84:
8b:81:78:08:e2:e3:74:f4:3e:37:f6:07:df:29:84:
32:d5:4f:eb:d1:b2:94:30:80:63:c8:c6:1b:cd:e5:
81:87:2c:76:61:d7:80:a2:92:06:08:1d:8a:b4:67:
c0:c0:78:d2:30:97:a0:93:49:12:a4:7b:0f:32:44:
85:c4:63:b0:af:86:f1:26:d3:ed:d2:08:b0:d7:b9:
64:e8:88:68:4c:27:b3:f0:18:b6:53:5d:c3:46:9e:
76:1a:c8:73:f7:99:ed:ee:7b:06:30:e8:79:27:f3:
0d:ef:ee:60:8c:e2:fe:9a:27:ba:d3:1a:3e:50:43:
7a:66:dd:22:95:59:0a:df:e5:65:70:a0:21:81:fd:
a7:49:bc:a6:b3:0d:2a:35:1b:f7:79:85:85:56:30:
c4:8d:15:ea:0c:56:8b:bf:30:a7:65:be:ae:6e:54:
3c:41:0f:3f:bf:38:99:d9:54:7f:51:d4:4a:dc:0a:
36:48:4b:31:03:67:38:dd:21:02:dc:64:01:ed:e7:
90:88:71:1a:6c:73:ae:ec:f0:7e:08:c9:1b:59:1f:
ff:5e:9d:4c:17:5b:d5:a2:ce:2d:4c:ab:a1:28:6a:
58:5b:73:27:8b:93:5f:b2:5e:00:1a:e4:b9:4a:92:
6a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E1:C7:0F:4B:98:83:8A:26:25:DD:93:43:37:DE:E5:C6:DA:1B:0A
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/keHHD0uYg4omJd2TQzfe5cbaGwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.37.0/24
IPv6:
2a13:9200::/29
2a13:9300::/29
2a13:a700::/29
2a13:b100::/29
2a13:b500::/29
2a13:b900::/29
2a13:da00::/29
2a13:e200::/29
2a13:e400::/29
2a13:fe00::/29
Signature Algorithm: sha256WithRSAEncryption
5f:e0:1a:b7:31:44:c5:eb:28:1b:bb:dd:c2:f6:dc:4c:a6:79:
84:6d:69:84:32:b0:48:a5:f8:4e:47:23:8e:ac:fc:ba:ec:d4:
00:d5:c4:24:a1:50:4d:7b:12:29:a4:72:c6:52:c6:55:2d:99:
f9:48:d7:68:5e:12:78:6e:b8:0d:9c:88:96:f0:4a:40:28:d1:
94:a8:69:a9:f1:56:d6:a0:7e:ec:85:fb:5f:3c:0d:98:6c:73:
fe:ca:49:32:7d:63:44:51:c4:42:68:48:18:2f:3f:e4:b1:a4:
ff:ab:06:a6:95:2a:89:a5:76:7f:76:14:fe:4e:31:bf:20:3f:
0d:58:0c:cf:10:76:95:f5:b0:72:a4:34:c5:66:a1:75:82:81:
5a:0e:53:8a:ea:47:00:46:59:a4:20:5f:25:97:cc:ad:b7:c1:
02:fb:8d:72:4c:1e:e5:8f:0c:c6:57:c7:89:a3:f0:48:da:04:
66:61:7b:96:25:68:b7:bf:98:c5:05:17:b1:73:83:0a:de:f1:
38:60:7c:d4:2f:7a:6a:db:f2:dd:e8:a4:18:71:7f:a2:d5:6f:
78:b8:53:0c:ae:2a:b0:c1:e3:14:34:5d:19:f4:c6:4b:26:bf:
e5:32:6d:2c:46:25:5b:13:82:25:86:05:f6:82:f2:07:de:5c:
1a:26:73:7d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZGaNOJEuKCF2Fy9tuy5UDDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwODI4MTgxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWUxYzcwZjRiOTg4MzhhMjYyNWRkOTM0MzM3ZGVlNWM2ZGExYjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNdQugd542HUKtDtvYSLgXgI4uN0
9D439gffKYQy1U/r0bKUMIBjyMYbzeWBhyx2YdeAopIGCB2KtGfAwHjSMJegk0kS
pHsPMkSFxGOwr4bxJtPt0giw17lk6IhoTCez8Bi2U13DRp52Gshz95nt7nsGMOh5
J/MN7+5gjOL+mie60xo+UEN6Zt0ilVkK3+VlcKAhgf2nSbymsw0qNRv3eYWFVjDE
jRXqDFaLvzCnZb6ublQ8QQ8/vziZ2VR/UdRK3Ao2SEsxA2c43SEC3GQB7eeQiHEa
bHOu7PB+CMkbWR//Xp1MF1vVos4tTKuhKGpYW3Mni5Nfsl4AGuS5SpJq0QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJHhxw9LmIOKJiXdk0M33uXG2hsKMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEva2VISEQwdVlnNG9tSmQyVFF6ZmU1Y2JhR3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAMBAIAATAGAwQAPswlMEwE
AgACMEYDBQMqE5IAAwUDKhOTAAMFAyoTpwADBQMqE7EAAwUDKhO1AAMFAyoTuQAD
BQMqE9oAAwUDKhPiAAMFAyoT5AADBQMqE/4AMA0GCSqGSIb3DQEBCwUAA4IBAQBf
4Bq3MUTF6ygbu93C9txMpnmEbWmEMrBIpfhORyOOrPy67NQA1cQkoVBNexIppHLG
UsZVLZn5SNdoXhJ4brgNnIiW8EpAKNGUqGmp8VbWoH7shftfPA2YbHP+ykkyfWNE
UcRCaEgYLz/ksaT/qwamlSqJpXZ/dhT+TjG/ID8NWAzPEHaV9bBypDTFZqF1goFa
DlOK6kcARlmkIF8ll8ytt8EC+41yTB7ljwzGV8eJo/BI2gRmYXuWJWi3v5jFBRex
c4MK3vE4YHzUL3pq2/Ld6KQYcX+i1W94uFMMriqwweMUNF0Z9MZLJr/lMm0sRiVb
E4IlhgX2gvIH3lwaJnN9
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:35:11 2025 by rpki-client