Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/4cCGGKUhH35QWCmigNGeZIrhpgs.roa
File: 4cCGGKUhH35QWCmigNGeZIrhpgs.roa (raw, json)
Hash identifier: 45OsyHg9JWjxtVy8mZq3i0uUSyRfVVB+VW5sI/c/k2o=
Subject key identifier: E1:C0:86:18:A5:21:1F:7E:50:58:29:A2:80:D1:9E:64:8A:E1:A6:0B
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D9D4CF28FEEB79F5F263E185F2CE8E657
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/4cCGGKUhH35QWCmigNGeZIrhpgs.roa
Signing time: Mon 12 Feb 2024 12:31:22 +0000
ROA not before: Mon 12 Feb 2024 12:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216050
IP address blocks: 37.49.146.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
109.203.162.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.165.0/24 maxlen: 24
109.203.167.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:4c:f2:8f:ee:b7:9f:5f:26:3e:18:5f:2c:e8:e6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 12 12:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1c08618a5211f7e505829a280d19e648ae1a60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:a8:07:46:0b:4a:0b:5e:fe:a6:08:78:b5:
82:35:38:e6:c0:61:be:ab:57:45:5b:f6:22:37:d6:
28:9c:54:74:fc:5e:f0:47:41:43:ac:e0:0a:dc:39:
37:2a:67:b0:25:0b:64:f5:67:f1:7f:1c:b0:6f:90:
e9:0c:31:35:da:a7:3e:c1:7d:81:99:0d:45:15:dd:
63:90:ce:59:e0:8a:01:36:98:4c:cb:48:cb:a4:85:
08:fc:f5:b0:47:d6:b5:18:da:b4:7c:52:10:e6:d8:
6e:ba:1e:01:7c:92:ec:a0:13:86:16:3c:00:99:fb:
75:12:80:fb:fd:07:f4:0c:b2:28:5b:0d:4d:ac:49:
8c:79:be:82:00:e1:58:79:62:c3:b5:e7:25:5b:25:
13:4e:fd:b9:4d:f2:37:77:6e:09:9b:10:b0:c8:0d:
16:6c:29:8c:df:21:9d:c4:92:94:f9:b0:4e:ba:d6:
92:b0:9e:df:bc:e2:45:00:55:7d:a4:3c:bf:8e:56:
e9:ac:84:1a:f9:7a:c6:56:83:1c:b7:e1:ef:22:f3:
fd:ed:b0:22:8d:65:b5:1c:fd:ed:40:98:1f:05:a9:
85:ac:c8:d1:1b:2d:0e:44:e5:7c:8c:8c:5a:be:cd:
49:b6:0d:bb:b2:e6:8f:d7:8b:b5:36:28:ff:7c:79:
7c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C0:86:18:A5:21:1F:7E:50:58:29:A2:80:D1:9E:64:8A:E1:A6:0B
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/4cCGGKUhH35QWCmigNGeZIrhpgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.146.0/24
37.49.149.0/24
109.203.162.0/24
109.203.164.0/23
109.203.167.0/24
176.46.128.0/24
176.46.131.0/24
Signature Algorithm: sha256WithRSAEncryption
54:e1:07:0d:a4:55:5d:fd:f8:b6:72:c0:65:f8:c5:26:ba:a0:
02:c6:85:f6:db:2c:89:13:ec:a4:c6:87:d4:e5:b2:4e:a3:44:
92:77:f5:76:7d:39:c3:fd:3c:8d:59:f7:02:a2:4c:5f:37:4b:
d1:fa:eb:36:a0:b7:50:a9:a2:8a:b9:ed:5d:fb:e8:92:25:7d:
bb:92:a4:98:47:ca:56:4b:b3:1f:33:c8:df:d1:b6:af:e6:2a:
0e:4a:43:ef:ac:72:f6:66:d0:3c:81:87:a8:4c:c4:b8:0d:8f:
30:15:ac:44:95:66:cf:f1:a1:14:ef:e2:69:cb:40:ee:33:5f:
81:d1:5e:2a:a0:e9:dd:38:d0:70:bb:dd:44:e5:76:21:e7:b1:
fa:84:63:4a:5e:5e:53:b9:11:9c:7f:16:b8:31:23:40:ca:09:
46:44:1a:4d:c4:d2:c8:df:05:ad:9c:a6:94:a8:70:a5:a1:42:
e8:79:16:a2:ea:c6:73:61:db:c9:a0:d0:34:3c:f6:e2:fa:86:
8f:38:1f:6a:f9:b7:0f:5f:c7:37:72:f0:90:34:c4:b1:0a:51:
9e:77:88:c3:4a:de:e5:08:c1:57:cd:dc:b8:95:e7:1f:e3:d2:
4b:9c:dd:44:e2:89:23:52:86:82:80:26:7d:3a:3b:b0:9d:5d:
47:45:f6:4f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2dTPKP7refXyY+GF8s6OZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMjEyMTIzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWMwODYxOGE1MjExZjdlNTA1ODI5YTI4MGQxOWU2NDhhZTFhNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6CoB0YLSgte/qYIeLWCNTjmwGG+
q1dFW/YiN9YonFR0/F7wR0FDrOAK3Dk3KmewJQtk9Wfxfxywb5DpDDE12qc+wX2B
mQ1FFd1jkM5Z4IoBNphMy0jLpIUI/PWwR9a1GNq0fFIQ5thuuh4BfJLsoBOGFjwA
mft1EoD7/Qf0DLIoWw1NrEmMeb6CAOFYeWLDteclWyUTTv25TfI3d24JmxCwyA0W
bCmM3yGdxJKU+bBOutaSsJ7fvOJFAFV9pDy/jlbprIQa+XrGVoMct+HvIvP97bAi
jWW1HP3tQJgfBamFrMjRGy0OROV8jIxavs1Jtg27suaP14u1Nij/fHl8+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOHAhhilIR9+UFgpooDRnmSK4aYLMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvNGNDR0dLVWhIMzVRV0NtaWdOR2VaSXJocGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJTGSAwQA
JTGVAwQAbcuiAwQBbcukAwQAbcunAwQAsC6AAwQAsC6DMA0GCSqGSIb3DQEBCwUA
A4IBAQBU4QcNpFVd/fi2csBl+MUmuqACxoX22yyJE+ykxofU5bJOo0SSd/V2fTnD
/TyNWfcCokxfN0vR+us2oLdQqaKKue1d++iSJX27kqSYR8pWS7MfM8jf0bav5ioO
SkPvrHL2ZtA8gYeoTMS4DY8wFaxElWbP8aEU7+Jpy0DuM1+B0V4qoOndONBwu91E
5XYh57H6hGNKXl5TuRGcfxa4MSNAyglGRBpNxNLI3wWtnKaUqHCloULoeRai6sZz
YdvJoNA0PPbi+oaPOB9q+bcPX8c3cvCQNMSxClGed4jDSt7lCMFXzdy4lecf49JL
nN1E4okjUoaCgCZ9OjuwnV1HRfZP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:10 2025 by rpki-client