Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/MZ5fy1-utGwSr-Lq7utA7gVKWh8.roa
File: MZ5fy1-utGwSr-Lq7utA7gVKWh8.roa (raw, json)
Hash identifier: BREXJHkiCq6VwpqJ+jZLrGA1rBGRzRPJzMLTLjwz/sc=
Subject key identifier: 31:9E:5F:CB:5F:AE:B4:6C:12:AF:E2:EA:EE:EB:40:EE:05:4A:5A:1F
Certificate issuer: /CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Certificate serial: 018CC3B719BE8464EC7849932617C0BAB445
Authority key identifier: CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/MZ5fy1-utGwSr-Lq7utA7gVKWh8.roa
Signing time: Mon 01 Jan 2024 06:30:05 +0000
ROA not before: Mon 01 Jan 2024 06:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41171
IP address blocks: 37.72.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:19:be:84:64:ec:78:49:93:26:17:c0:ba:b4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Validity
Not Before: Jan 1 06:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=319e5fcb5faeb46c12afe2eaeeeb40ee054a5a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:02:bf:1b:57:91:4a:3e:7a:38:a0:49:c6:b6:
43:dd:6e:ee:c5:56:23:e9:08:2c:d4:53:85:c3:67:
a9:0b:d7:e1:32:27:ff:12:8f:ba:fb:e7:e8:df:55:
50:37:4f:85:29:bd:03:ba:52:c9:01:de:fc:bd:87:
37:a5:b6:2a:1d:36:83:57:fc:8e:b3:97:3f:e6:60:
57:a6:c5:46:6e:17:39:4d:5e:17:02:5e:d0:f9:0b:
a5:9b:a2:46:65:1d:ef:35:56:99:25:66:c0:9f:02:
85:2d:3e:ac:36:35:df:7b:e7:51:ac:dd:71:3f:db:
3b:3c:b7:a7:a4:c8:8d:39:e7:9c:06:32:40:bd:fb:
53:00:e6:45:7b:fd:09:01:e2:68:9b:e7:1b:ad:eb:
3f:ac:07:0a:5b:0d:ae:85:a5:43:6f:52:f0:36:07:
ca:0c:78:d4:58:ae:c9:2d:ae:ae:b6:4d:b2:e6:f6:
26:37:3a:bd:76:f0:79:76:44:a1:b6:d9:ab:a7:96:
36:5d:2d:f5:d4:b5:fb:82:ff:96:0c:d0:d9:f0:59:
b3:6b:5b:00:94:47:e5:bc:8e:83:e6:22:f9:6d:f1:
b0:ca:4b:f0:15:d0:74:82:04:ce:ab:4f:0b:d6:d9:
40:31:75:ed:e7:eb:a4:d2:44:61:26:14:90:20:3b:
cf:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9E:5F:CB:5F:AE:B4:6C:12:AF:E2:EA:EE:EB:40:EE:05:4A:5A:1F
X509v3 Authority Key Identifier:
keyid:CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/MZ5fy1-utGwSr-Lq7utA7gVKWh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/yv0xM99HziuwfEcvvmu06ReMYjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.133.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:a0:72:fa:d0:10:02:9d:46:c8:97:bd:03:23:cb:ff:58:72:
92:97:ce:e4:98:d1:dc:f0:98:94:4a:f0:e0:a2:28:56:e0:0d:
70:c9:f9:2c:99:0a:c9:e0:17:3a:a7:eb:ec:49:83:1f:a2:31:
ed:6a:b2:ee:ac:50:69:f0:8a:1b:54:48:94:a7:20:29:a9:c2:
6f:de:55:ea:2f:20:73:2b:94:73:2f:c3:4a:76:28:f9:06:61:
6a:ca:9c:0f:30:60:e3:8d:9b:0c:69:23:ee:a5:19:35:a9:36:
dc:44:9d:b9:60:49:49:24:2e:9b:90:11:a3:00:78:75:bf:cd:
41:11:de:62:9c:4b:a4:f1:72:c5:6f:b7:47:7d:2f:1b:98:9b:
2c:eb:67:72:0a:ac:8c:21:36:e9:46:9d:2d:be:c4:bc:ba:31:
89:04:74:f2:05:f1:3f:93:31:46:ce:09:c2:bf:b6:3a:89:e2:
0d:51:80:98:e3:2a:6f:f4:af:ee:df:d1:98:28:99:e2:ed:98:
04:7d:d3:b2:ae:73:b7:36:b6:ca:19:bd:0b:23:ac:5e:31:37:
50:ee:d1:11:b0:b0:44:9d:9d:62:c6:6e:a2:07:e7:06:00:ab:
dd:c4:a6:74:54:8f:78:a4:58:a3:de:d8:cd:26:f0:e5:65:45:
99:d7:40:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtxm+hGTseEmTJhfAurRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZmQzMTMzZGY0N2NlMmJiMDdjNDcyZmJlNmJiNGU5MTc4
YzYyMzMwHhcNMjQwMTAxMDYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTllNWZjYjVmYWViNDZjMTJhZmUyZWFlZWViNDBlZTA1NGE1YTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAK/G1eRSj56OKBJxrZD3W7uxVYj
6Qgs1FOFw2epC9fhMif/Eo+6++fo31VQN0+FKb0DulLJAd78vYc3pbYqHTaDV/yO
s5c/5mBXpsVGbhc5TV4XAl7Q+Qulm6JGZR3vNVaZJWbAnwKFLT6sNjXfe+dRrN1x
P9s7PLenpMiNOeecBjJAvftTAOZFe/0JAeJom+cbres/rAcKWw2uhaVDb1LwNgfK
DHjUWK7JLa6utk2y5vYmNzq9dvB5dkShttmrp5Y2XS311LX7gv+WDNDZ8Fmza1sA
lEflvI6D5iL5bfGwykvwFdB0ggTOq08L1tlAMXXt5+uk0kRhJhSQIDvPpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGeX8tfrrRsEq/i6u7rQO4FSlofMB8GA1UdIwQY
MBaAFMr9MTPfR84rsHxHL75rtOkXjGIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXYweE05OUh6aXV3ZkVjdnZtdTA2UmVNWWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lYjFjZDUtYzg3MS00ZDRmLWFjM2Yt
NGI1OTlkMDhlZDFjLzEvTVo1ZnkxLXV0R3dTci1McTd1dEE3Z1ZLV2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lYjFjZDUtYzg3MS00ZDRmLWFjM2YtNGI1OTlkMDhlZDFj
LzEveXYweE05OUh6aXV3ZkVjdnZtdTA2UmVNWWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJUiFMA0G
CSqGSIb3DQEBCwUAA4IBAQCxoHL60BACnUbIl70DI8v/WHKSl87kmNHc8JiUSvDg
oihW4A1wyfksmQrJ4Bc6p+vsSYMfojHtarLurFBp8IobVEiUpyApqcJv3lXqLyBz
K5RzL8NKdij5BmFqypwPMGDjjZsMaSPupRk1qTbcRJ25YElJJC6bkBGjAHh1v81B
Ed5inEuk8XLFb7dHfS8bmJss62dyCqyMITbpRp0tvsS8ujGJBHTyBfE/kzFGzgnC
v7Y6ieINUYCY4ypv9K/u39GYKJni7ZgEfdOyrnO3NrbKGb0LI6xeMTdQ7tERsLBE
nZ1ixm6iB+cGAKvdxKZ0VI94pFij3tjNJvDlZUWZ10B6
-----END CERTIFICATE-----
Generated at Thu Jan 11 12:38:56 2024 by rpki-client on console-ams.rpki-client.org