Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/DrCnAJ2qdWMfu-hQJQg9Y4959zU.roa
File: DrCnAJ2qdWMfu-hQJQg9Y4959zU.roa (raw, json)
Hash identifier: QhbdSGuc5oywIV8H1NTHN3LgljhbiAcQ5R9DuPJ5Ziw=
Subject key identifier: 0E:B0:A7:00:9D:AA:75:63:1F:BB:E8:50:25:08:3D:63:8F:79:F7:35
Certificate issuer: /CN=a84e3e1becf30b44a469815fd0f8c069c562f996
Certificate serial: 018B7052CCBAD4785946C28C5C26EF6F0210
Authority key identifier: A8:4E:3E:1B:EC:F3:0B:44:A4:69:81:5F:D0:F8:C0:69:C5:62:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qE4-G-zzC0SkaYFf0PjAacVi-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/DrCnAJ2qdWMfu-hQJQg9Y4959zU.roa
Signing time: Fri 27 Oct 2023 08:49:16 +0000
ROA not before: Fri 27 Oct 2023 08:49:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 37.1.229.0/24 maxlen: 24
37.1.228.0/24 maxlen: 24
37.1.231.0/24 maxlen: 24
37.1.230.0/24 maxlen: 24
77.75.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:52:cc:ba:d4:78:59:46:c2:8c:5c:26:ef:6f:02:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a84e3e1becf30b44a469815fd0f8c069c562f996
Validity
Not Before: Oct 27 08:49:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0eb0a7009daa75631fbbe85025083d638f79f735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:31:32:6f:b7:ae:bc:47:ee:4a:f4:3d:d0:c5:
45:1a:42:40:64:20:13:7a:83:60:a4:1d:45:47:36:
4b:10:4d:fd:89:aa:ac:fd:de:57:8f:2d:a1:43:b4:
84:6c:73:26:8f:b9:d0:00:09:9f:50:8f:db:cd:4d:
55:34:cb:0b:cd:b4:a1:d7:71:d2:14:d7:bd:bc:ff:
52:7e:2e:8e:d2:f0:43:80:cf:53:8a:ca:49:80:59:
e6:c5:da:1a:f1:76:1c:9d:67:26:35:9d:c0:00:a6:
83:2f:a7:57:b1:82:87:d4:a9:18:9d:e0:ab:9b:69:
24:95:9d:bb:6a:2d:c0:92:64:d8:6d:38:bf:d4:d6:
15:58:7e:6d:77:1e:73:04:43:af:0a:f7:fb:6c:e6:
49:fb:bf:9c:1b:06:f4:c8:e7:84:79:00:8f:ce:ce:
d2:7d:3e:77:19:f9:50:f0:f6:64:99:ad:c1:c0:cf:
12:7a:97:a7:8c:c1:b8:fb:fa:4b:9d:b0:de:28:88:
fe:c3:ce:44:9a:8e:14:bb:72:c1:95:54:98:77:78:
45:c1:9e:c8:40:3e:83:61:a9:7a:66:7e:17:10:ec:
c9:cb:a7:55:ec:0e:fd:f0:9c:2e:65:59:14:18:2a:
e7:a0:b2:07:db:ba:d6:2d:d2:c9:34:d2:d6:99:61:
e6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B0:A7:00:9D:AA:75:63:1F:BB:E8:50:25:08:3D:63:8F:79:F7:35
X509v3 Authority Key Identifier:
keyid:A8:4E:3E:1B:EC:F3:0B:44:A4:69:81:5F:D0:F8:C0:69:C5:62:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qE4-G-zzC0SkaYFf0PjAacVi-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/DrCnAJ2qdWMfu-hQJQg9Y4959zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/qE4-G-zzC0SkaYFf0PjAacVi-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.228.0/22
77.75.198.0/24
Signature Algorithm: sha256WithRSAEncryption
58:92:16:a3:85:cd:eb:f2:c3:52:7f:65:95:7a:6f:5e:1b:99:
23:8a:e2:9b:1b:1d:f5:67:a1:cd:93:63:4f:22:db:e8:1e:41:
69:d6:4a:c2:8c:59:e1:d7:10:7d:f9:c6:ce:82:f1:43:9f:20:
89:c0:d0:55:7f:b5:3b:f9:4b:d4:10:1e:bb:4f:00:0d:8b:dc:
6a:75:95:f2:60:8f:2a:ff:82:25:a2:40:6c:f7:3d:1b:1a:ad:
35:79:d6:13:20:0f:9a:48:9b:b5:40:a7:2d:92:29:2f:c1:12:
ba:f1:27:8f:44:6b:82:42:2f:80:6a:78:7c:97:cd:71:a1:01:
87:cf:08:95:62:48:a7:6a:2b:9d:c5:c6:34:ba:21:39:a0:57:
6b:41:6f:b1:1a:2a:ed:39:c0:84:d2:f9:c7:a6:c0:56:2a:11:
1f:da:0d:2c:25:c9:f2:1a:09:2d:66:4c:a7:5f:16:27:16:c6:
f3:3a:88:49:03:58:2c:58:8e:8b:9f:dd:1a:74:60:c9:47:41:
c8:08:29:65:06:97:06:47:51:f8:6b:fe:91:12:6b:6e:39:7a:
b4:4d:92:82:be:b0:62:72:2d:87:a5:8f:e6:a6:e8:2f:28:aa:
76:29:73:0b:a2:39:f1:97:ab:56:7a:ba:dd:e1:85:70:7a:af:
7e:e0:8f:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtwUsy61HhZRsKMXCbvbwIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NGUzZTFiZWNmMzBiNDRhNDY5ODE1ZmQwZjhjMDY5YzU2
MmY5OTYwHhcNMjMxMDI3MDg0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWIwYTcwMDlkYWE3NTYzMWZiYmU4NTAyNTA4M2Q2MzhmNzlmNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjEyb7euvEfuSvQ90MVFGkJAZCAT
eoNgpB1FRzZLEE39iaqs/d5Xjy2hQ7SEbHMmj7nQAAmfUI/bzU1VNMsLzbSh13HS
FNe9vP9Sfi6O0vBDgM9TispJgFnmxdoa8XYcnWcmNZ3AAKaDL6dXsYKH1KkYneCr
m2kklZ27ai3AkmTYbTi/1NYVWH5tdx5zBEOvCvf7bOZJ+7+cGwb0yOeEeQCPzs7S
fT53GflQ8PZkma3BwM8SepenjMG4+/pLnbDeKIj+w85Emo4Uu3LBlVSYd3hFwZ7I
QD6DYal6Zn4XEOzJy6dV7A798JwuZVkUGCrnoLIH27rWLdLJNNLWmWHmGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA6wpwCdqnVjH7voUCUIPWOPefc1MB8GA1UdIwQY
MBaAFKhOPhvs8wtEpGmBX9D4wGnFYvmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUU0LUctenpDMFNrYVlGZjBQakFhY1ZpLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZGRlYmUtMzcyZi00MjU4LWJhMGYt
Y2M0ZmU2MzIzZmVjLzEvRHJDbkFKMnFkV01mdS1oUUpRZzlZNDk1OXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZGRlYmUtMzcyZi00MjU4LWJhMGYtY2M0ZmU2MzIzZmVj
LzEvcUU0LUctenpDMFNrYVlGZjBQakFhY1ZpLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJQHkAwQA
TUvGMA0GCSqGSIb3DQEBCwUAA4IBAQBYkhajhc3r8sNSf2WVem9eG5kjiuKbGx31
Z6HNk2NPItvoHkFp1krCjFnh1xB9+cbOgvFDnyCJwNBVf7U7+UvUEB67TwANi9xq
dZXyYI8q/4IlokBs9z0bGq01edYTIA+aSJu1QKctkikvwRK68SePRGuCQi+Aanh8
l81xoQGHzwiVYkinaiudxcY0uiE5oFdrQW+xGirtOcCE0vnHpsBWKhEf2g0sJcny
GgktZkynXxYnFsbzOohJA1gsWI6Ln90adGDJR0HICCllBpcGR1H4a/6REmtuOXq0
TZKCvrBici2HpY/mpugvKKp2KXMLojnxl6tWerrd4YVweq9+4I8b
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:16 2025 by rpki-client