Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/3di8Ov7mrhnHncWp-0tiaxxK39Y.roa
File: 3di8Ov7mrhnHncWp-0tiaxxK39Y.roa (raw, json)
Hash identifier: Z+GieKclBBpndX1SDrLCHPx0kn+9nsJ9q1bVKzjahas=
Subject key identifier: DD:D8:BC:3A:FE:E6:AE:19:C7:9D:C5:A9:FB:4B:62:6B:1C:4A:DF:D6
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BF0D2B19D938AD64691B82F62444B8B5A
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/3di8Ov7mrhnHncWp-0tiaxxK39Y.roa
Signing time: Tue 21 Nov 2023 07:40:21 +0000
ROA not before: Tue 21 Nov 2023 07:40:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
176.46.148.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
176.46.159.0/24 maxlen: 24
176.46.157.0/24 maxlen: 24
176.46.158.0/24 maxlen: 24
176.46.156.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
37.49.145.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:d2:b1:9d:93:8a:d6:46:91:b8:2f:62:44:4b:8b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 21 07:40:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddd8bc3afee6ae19c79dc5a9fb4b626b1c4adfd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c6:08:42:7a:cd:19:63:cd:7e:32:49:8c:9a:
03:23:1d:37:a2:3e:c0:37:a5:4b:48:ec:c0:07:f6:
5f:0f:89:05:ab:77:79:3b:98:6c:fd:41:97:b7:c5:
17:59:cd:4c:08:35:d7:a1:63:69:2d:a9:1c:ce:53:
bb:00:a9:fb:2b:15:48:7a:36:59:8d:89:1a:5b:35:
4c:da:7a:ea:be:a8:51:62:a8:b4:a5:d1:ba:4a:70:
af:fb:0c:82:37:d8:94:0e:7d:f9:3b:ca:98:9a:93:
1e:da:8a:c6:2a:1d:28:21:cd:c8:98:95:60:2d:55:
0b:db:c3:4a:89:da:dd:83:74:d7:3a:df:c4:fd:7f:
9a:d3:7c:af:d6:86:e5:9a:a0:4e:40:54:22:c9:70:
6b:b8:7b:ca:a6:4e:8b:c3:48:33:0b:05:ab:66:a8:
dc:b5:c6:41:10:d4:fc:59:84:5b:9b:50:72:62:7a:
93:5e:65:58:2f:15:cb:ab:6b:2a:98:9f:44:64:13:
e6:d5:53:7b:c2:d2:ef:e9:62:27:71:71:c7:ae:38:
60:32:1e:68:03:d7:97:54:65:3a:2e:e8:e1:19:49:
e4:d0:38:df:5c:2c:fa:5f:5c:e9:87:51:bf:3a:3a:
4a:d7:00:7e:71:6d:5c:82:7d:b5:c4:be:44:a9:9f:
ef:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D8:BC:3A:FE:E6:AE:19:C7:9D:C5:A9:FB:4B:62:6B:1C:4A:DF:D6
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/3di8Ov7mrhnHncWp-0tiaxxK39Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.145.0/24
37.49.147.0/24
94.74.152.0-94.74.156.255
109.203.160.0/24
109.203.168.0-109.203.191.255
176.46.129.0-176.46.130.255
176.46.132.0-176.46.136.255
176.46.138.0-176.46.142.255
176.46.146.0/24
176.46.148.0/24
176.46.150.0/23
176.46.153.0-176.46.159.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:c4:44:8f:f0:cc:31:3f:e3:10:3f:ce:4a:f5:ea:0d:46:a2:
8a:11:59:c9:18:e4:27:f3:51:87:de:4a:df:9c:38:27:2a:d8:
e5:c6:88:dc:0f:e1:f4:fc:8a:b2:56:3f:f2:15:48:c8:fa:33:
1d:cb:18:5b:af:7c:22:ae:84:17:ce:4b:32:74:44:ba:c0:ae:
89:72:5c:08:32:b8:cb:df:2d:94:b2:9c:f2:bf:f7:8f:d6:69:
6e:0d:bd:67:21:0c:6a:6d:98:90:ca:cc:23:2a:d1:2d:c3:c0:
7e:4f:b2:f7:00:12:cc:aa:56:a3:6f:b8:97:a3:cd:87:bd:a4:
10:e8:63:70:09:4e:c7:10:c3:fd:98:05:14:40:bd:f3:73:0b:
77:15:e6:c9:dc:e1:75:0c:32:73:08:44:ec:91:71:e8:03:c4:
90:c5:d7:ab:cd:6f:eb:d9:8c:93:4b:b0:10:c2:e2:9f:3f:7a:
91:4f:7e:0c:9c:f3:81:9b:5c:79:64:a3:3d:79:e8:62:e9:31:
68:e8:ef:06:0e:ca:8b:21:ee:fc:6c:d3:99:40:84:a9:00:87:
24:87:89:7b:39:91:19:ca:f4:8f:39:96:58:46:a4:a7:bf:43:
8f:bf:80:63:d9:83:cd:66:19:b2:cb:7e:f8:fc:b8:e6:eb:68:
e1:0e:e9:82
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYvw0rGdk4rWRpG4L2JES4taMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTIxMDc0MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ4YmMzYWZlZTZhZTE5Yzc5ZGM1YTlmYjRiNjI2YjFjNGFkZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMYIQnrNGWPNfjJJjJoDIx03oj7A
N6VLSOzAB/ZfD4kFq3d5O5hs/UGXt8UXWc1MCDXXoWNpLakczlO7AKn7KxVIejZZ
jYkaWzVM2nrqvqhRYqi0pdG6SnCv+wyCN9iUDn35O8qYmpMe2orGKh0oIc3ImJVg
LVUL28NKidrdg3TXOt/E/X+a03yv1oblmqBOQFQiyXBruHvKpk6Lw0gzCwWrZqjc
tcZBENT8WYRbm1ByYnqTXmVYLxXLq2sqmJ9EZBPm1VN7wtLv6WIncXHHrjhgMh5o
A9eXVGU6LujhGUnk0DjfXCz6X1zph1G/OjpK1wB+cW1cgn21xL5EqZ/vkQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFN3YvDr+5q4Zx53FqftLYmscSt/WMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvM2RpOE92N21yaG5IbmNXcC0wdGlheHhLMzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEACUx
kQMEACUxkzAMAwQDXkqYAwQAXkqcAwQAbcugMAwDBANty6gDBAZty4AwDAMEALAu
gQMEALAugjAMAwQCsC6EAwQAsC6IMAwDBAGwLooDBACwLo4DBACwLpIDBACwLpQD
BAGwLpYwDAMEALAumQMEBbAugAMEArkioDANBgkqhkiG9w0BAQsFAAOCAQEAOsRE
j/DMMT/jED/OSvXqDUaiihFZyRjkJ/NRh95K35w4JyrY5caI3A/h9PyKslY/8hVI
yPozHcsYW698Iq6EF85LMnREusCuiXJcCDK4y98tlLKc8r/3j9Zpbg29ZyEMam2Y
kMrMIyrRLcPAfk+y9wASzKpWo2+4l6PNh72kEOhjcAlOxxDD/ZgFFEC983MLdxXm
ydzhdQwycwhE7JFx6APEkMXXq81v69mMk0uwEMLinz96kU9+DJzzgZtceWSjPXno
YukxaOjvBg7KiyHu/GzTmUCEqQCHJIeJezmRGcr0jzmWWEakp79Dj7+AY9mDzWYZ
sst++Py45uto4Q7pgg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:10 2025 by rpki-client