Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/GZThP8aaQubS3KAgbz-cHK7whgQ.roa
File: GZThP8aaQubS3KAgbz-cHK7whgQ.roa (raw, json)
Hash identifier: R+tAu1sreAzaC7Ya1kLUxlFntYt2RFEmFctsrAOTmTM=
Subject key identifier: 19:94:E1:3F:C6:9A:42:E6:D2:DC:A0:20:6F:3F:9C:1C:AE:F0:86:04
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01845BE28B8E6A309E8DEEE71E698127E33D
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/GZThP8aaQubS3KAgbz-cHK7whgQ.roa
Signing time: Wed 09 Nov 2022 10:14:44 +0000
ROA not before: Wed 09 Nov 2022 10:14:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 109.203.164.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:e2:8b:8e:6a:30:9e:8d:ee:e7:1e:69:81:27:e3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 9 10:14:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1994e13fc69a42e6d2dca0206f3f9c1caef08604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:21:ed:b5:0b:94:c6:62:1d:75:f7:4a:74:d1:
90:75:a7:a9:5c:91:9d:98:69:20:ab:07:ec:61:7b:
55:f3:c7:08:07:e1:77:3d:a8:c3:d4:d9:c5:d3:3f:
c1:f8:c1:4d:d2:a0:ee:5b:5f:e6:f7:a3:83:fe:2e:
e8:88:30:59:d0:20:c7:ae:52:08:e1:b0:93:93:13:
cf:ec:fb:d9:4a:46:10:27:76:bf:c9:0f:10:91:d9:
b5:50:23:0d:ad:06:54:40:0d:80:21:15:77:bc:41:
99:95:cc:8d:6d:45:ac:ff:7c:cd:0a:c2:3d:6a:e3:
ac:b0:4f:b7:f6:0e:0d:dd:5a:bf:27:99:62:39:ea:
e0:9f:1c:88:fc:4b:81:9c:15:c4:25:6c:87:87:5f:
1b:f1:96:a2:db:2f:15:2c:6f:a4:99:f6:0c:6b:40:
1a:36:e1:04:19:ab:79:0a:58:be:c8:f8:0f:25:16:
11:9c:98:3c:81:1b:2d:23:36:86:e9:2f:45:9f:af:
35:71:ac:29:c8:27:56:27:be:5c:c8:0b:97:f4:85:
18:4f:f6:31:71:1b:39:fb:cf:28:55:32:ef:11:f8:
4d:a6:c8:0a:0b:24:eb:b4:17:3a:d2:95:23:aa:c4:
c0:60:1b:8b:2e:b1:56:04:78:52:75:e0:f9:25:1b:
8f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:94:E1:3F:C6:9A:42:E6:D2:DC:A0:20:6F:3F:9C:1C:AE:F0:86:04
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/GZThP8aaQubS3KAgbz-cHK7whgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/22
109.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
65:5a:86:99:4a:92:69:fd:46:61:f0:05:05:a9:a1:29:32:f0:
d3:16:44:59:c0:84:df:23:8e:28:54:c9:e4:c6:f2:31:85:61:
1a:2e:a6:ba:e8:6b:48:b7:d7:57:c6:fd:3e:c7:47:c6:17:f2:
4d:d6:75:a8:ff:88:ac:15:ea:7a:0e:03:7d:8d:1d:e5:62:7a:
98:48:68:1a:d0:22:64:65:df:88:59:98:da:3c:72:6e:5e:dc:
7c:59:70:d4:37:a8:99:22:04:de:af:3b:3d:6c:71:c5:12:26:
9d:d0:c9:22:70:06:40:ca:7f:5c:0c:5a:96:c2:f6:01:76:0b:
da:b9:67:fb:88:5c:7c:15:cf:66:f7:09:d3:d3:3b:03:b2:d5:
a4:e7:09:0d:8b:a5:38:42:e0:89:dc:5d:a3:d7:47:d5:cc:08:
3a:6d:35:49:d2:db:5f:cc:2c:de:0d:2c:6d:06:2d:3b:7c:3d:
70:a8:6e:bf:d4:7b:25:a1:76:51:54:91:2b:9b:95:ed:1d:af:
73:0c:0c:8d:68:31:4a:a7:63:d1:4b:aa:9b:5f:40:64:be:22:
df:de:a5:6e:6a:cf:45:0b:98:7a:72:b2:67:4f:82:c4:d3:93:
70:6c:c5:28:c5:a9:f3:bf:7c:0b:42:b7:ef:1d:50:e5:5a:d3:
4f:ef:66:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRb4ouOajCeje7nHmmBJ+M9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTA5MTAxNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk0ZTEzZmM2OWE0MmU2ZDJkY2EwMjA2ZjNmOWMxY2FlZjA4NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCHttQuUxmIddfdKdNGQdaepXJGd
mGkgqwfsYXtV88cIB+F3PajD1NnF0z/B+MFN0qDuW1/m96OD/i7oiDBZ0CDHrlII
4bCTkxPP7PvZSkYQJ3a/yQ8Qkdm1UCMNrQZUQA2AIRV3vEGZlcyNbUWs/3zNCsI9
auOssE+39g4N3Vq/J5liOergnxyI/EuBnBXEJWyHh18b8Zai2y8VLG+kmfYMa0Aa
NuEEGat5Cli+yPgPJRYRnJg8gRstIzaG6S9Fn681cawpyCdWJ75cyAuX9IUYT/Yx
cRs5+88oVTLvEfhNpsgKCyTrtBc60pUjqsTAYBuLLrFWBHhSdeD5JRuPuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBmU4T/GmkLm0tygIG8/nByu8IYEMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvR1pUaFA4YWFRdWJTM0tBZ2J6LWNISzd3aGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJTGUAwQC
bcukMA0GCSqGSIb3DQEBCwUAA4IBAQBlWoaZSpJp/UZh8AUFqaEpMvDTFkRZwITf
I44oVMnkxvIxhWEaLqa66GtIt9dXxv0+x0fGF/JN1nWo/4isFep6DgN9jR3lYnqY
SGga0CJkZd+IWZjaPHJuXtx8WXDUN6iZIgTerzs9bHHFEiad0MkicAZAyn9cDFqW
wvYBdgvauWf7iFx8Fc9m9wnT0zsDstWk5wkNi6U4QuCJ3F2j10fVzAg6bTVJ0ttf
zCzeDSxtBi07fD1wqG6/1HsloXZRVJErm5XtHa9zDAyNaDFKp2PRS6qbX0BkviLf
3qVuas9FC5h6crJnT4LE05NwbMUoxanzv3wLQrfvHVDlWtNP72bI
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:52 2025 by rpki-client