Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/G7XXYeuDbpID6VSb6-FGV9VGpgs.roa
File: G7XXYeuDbpID6VSb6-FGV9VGpgs.roa (raw, json)
Hash identifier: WaF90psbvkgvDHdKvlh/tkHZ6G6dnCD5Gj1Ug31oZTc=
Subject key identifier: 1B:B5:D7:61:EB:83:6E:92:03:E9:54:9B:EB:E1:46:57:D5:46:A6:0B
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0191DFFEE27F252FC65267F0E0B87F12ED59
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/G7XXYeuDbpID6VSb6-FGV9VGpgs.roa
Signing time: Wed 11 Sep 2024 07:31:48 +0000
ROA not before: Wed 11 Sep 2024 07:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 37.49.150.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
176.46.159.0/24 maxlen: 24
185.34.160.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:df:fe:e2:7f:25:2f:c6:52:67:f0:e0:b8:7f:12:ed:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 11 07:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bb5d761eb836e9203e9549bebe14657d546a60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:de:e4:c7:e2:b1:86:00:30:aa:8c:60:e2:
bb:c5:af:05:6d:9f:3e:c2:a6:95:f1:3f:77:55:a3:
63:ec:a8:cb:b1:c1:0d:a9:f2:fd:07:9b:78:1b:9d:
b5:82:86:82:2b:dd:7d:4f:f4:c7:7b:bc:c8:98:86:
97:58:05:af:c9:a1:f5:1f:4d:76:75:d0:5a:35:8f:
78:79:de:08:27:79:a0:bf:3a:fe:ec:6e:da:0e:9b:
15:35:38:0f:bb:80:46:d4:66:e1:63:82:1c:31:8b:
55:b2:19:95:26:26:20:7b:cd:54:2a:eb:ab:29:bf:
73:38:df:7c:07:a5:fa:f0:e3:2f:4f:9c:87:5c:a4:
d3:7a:37:97:03:ac:96:cf:ba:c6:7b:8f:95:ec:ba:
9b:ea:98:dc:72:73:62:1f:e7:f2:f0:f9:21:a7:c4:
55:1c:a2:12:84:f3:29:32:56:14:e6:78:61:79:7b:
87:d3:21:27:fb:16:63:b3:b6:ae:da:84:c4:13:7e:
37:e7:86:c8:bc:ff:c2:66:42:27:a7:ae:5b:b2:cc:
49:85:1c:ea:86:1f:27:bf:34:ee:2f:6c:ee:cd:b7:
6a:3f:e7:bc:b7:56:4c:08:81:18:92:fa:11:03:6d:
96:c2:e9:cd:e5:7b:c9:74:e1:f9:e2:e9:a6:eb:60:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B5:D7:61:EB:83:6E:92:03:E9:54:9B:EB:E1:46:57:D5:46:A6:0B
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/G7XXYeuDbpID6VSb6-FGV9VGpgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.150.0/24
176.46.143.0/24
176.46.146.0/24
176.46.159.0/24
185.34.160.0/23
Signature Algorithm: sha256WithRSAEncryption
57:34:cd:6b:37:b9:f0:72:d8:24:57:f5:ed:7a:4e:e8:ee:52:
7b:8d:06:f6:f0:42:46:0a:18:6f:47:df:15:3a:38:e8:fd:89:
1d:b3:54:06:dc:21:c1:e9:fd:08:c5:f7:a9:fb:a3:28:4a:0c:
40:0d:b1:f3:87:f5:3e:7e:3f:d3:82:e6:e9:40:05:46:49:07:
77:83:5c:33:15:fc:bc:a0:4b:00:52:b3:b3:05:44:3b:43:a3:
c7:55:5d:98:91:47:37:bd:ec:09:78:c8:d9:36:71:0e:49:3b:
6c:d0:af:23:db:59:33:9d:73:6b:e9:1f:e3:4c:35:76:23:f2:
a2:09:73:1a:cd:1b:71:16:4e:16:a7:52:e1:b1:60:b8:2d:49:
12:40:0f:9e:0f:51:b3:0a:1a:c2:b0:ea:f7:3f:a2:f0:b0:4f:
f2:65:40:9f:88:50:d6:f4:fc:91:99:c7:43:dc:27:c4:ad:43:
07:6b:61:42:14:78:a8:70:ae:7e:24:09:f8:d4:4e:33:15:a9:
49:a4:7d:96:9f:db:10:ac:8c:1d:62:01:c8:01:f1:5c:10:85:
4b:5a:1b:9a:49:b2:22:98:ac:20:6d:20:20:3a:10:24:35:84:
53:fd:f7:67:70:9e:13:99:69:5c:fa:5c:b7:2e:a8:c7:8b:1d:
8b:c6:ae:e7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHf/uJ/JS/GUmfw4Lh/Eu1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwOTExMDczMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmI1ZDc2MWViODM2ZTkyMDNlOTU0OWJlYmUxNDY1N2Q1NDZhNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWPe5MfisYYAMKqMYOK7xa8FbZ8+
wqaV8T93VaNj7KjLscENqfL9B5t4G521goaCK919T/THe7zImIaXWAWvyaH1H012
ddBaNY94ed4IJ3mgvzr+7G7aDpsVNTgPu4BG1GbhY4IcMYtVshmVJiYge81UKuur
Kb9zON98B6X68OMvT5yHXKTTejeXA6yWz7rGe4+V7Lqb6pjccnNiH+fy8Pkhp8RV
HKIShPMpMlYU5nhheXuH0yEn+xZjs7au2oTEE34354bIvP/CZkInp65bssxJhRzq
hh8nvzTuL2zuzbdqP+e8t1ZMCIEYkvoRA22WwunN5XvJdOH54umm62CjCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBu112Hrg26SA+lUm+vhRlfVRqYLMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvRzdYWFlldURicElENlZTYjYtRkdWOVZHcGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJTGWAwQA
sC6PAwQAsC6SAwQAsC6fAwQBuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQBXNM1rN7nw
ctgkV/Xtek7o7lJ7jQb28EJGChhvR98VOjjo/Ykds1QG3CHB6f0Ixfep+6MoSgxA
DbHzh/U+fj/TgubpQAVGSQd3g1wzFfy8oEsAUrOzBUQ7Q6PHVV2YkUc3vewJeMjZ
NnEOSTts0K8j21kznXNr6R/jTDV2I/KiCXMazRtxFk4Wp1LhsWC4LUkSQA+eD1Gz
ChrCsOr3P6LwsE/yZUCfiFDW9PyRmcdD3CfErUMHa2FCFHiocK5+JAn41E4zFalJ
pH2Wn9sQrIwdYgHIAfFcEIVLWhuaSbIimKwgbSAgOhAkNYRT/fdncJ4TmWlc+ly3
LqjHix2Lxq7n
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:08 2025 by rpki-client