Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MoyBXJD9gtzr0qvmylkuYBg8IkE.roa
File: MoyBXJD9gtzr0qvmylkuYBg8IkE.roa (raw, json)
Hash identifier: NKq7JtkMbFHpxX1uVgQMk+ysfsWthGYzwkCjvtiN7/I=
Subject key identifier: 32:8C:81:5C:90:FD:82:DC:EB:D2:AB:E6:CA:59:2E:60:18:3C:22:41
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C7D3A9253982BAA0773A4D39395C316BF
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MoyBXJD9gtzr0qvmylkuYBg8IkE.roa
Signing time: Mon 18 Dec 2023 14:00:39 +0000
ROA not before: Mon 18 Dec 2023 14:00:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203963
IP address blocks: 176.46.144.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:3a:92:53:98:2b:aa:07:73:a4:d3:93:95:c3:16:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 18 14:00:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=328c815c90fd82dcebd2abe6ca592e60183c2241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:30:35:74:d1:26:6d:92:aa:c6:5d:6a:51:af:
be:ed:fc:9c:36:27:97:31:0f:27:84:99:d6:37:67:
e0:0d:15:9d:84:b3:1e:52:61:61:9d:e4:51:fb:a3:
94:53:16:94:e1:a1:96:b8:ba:7f:05:f7:8c:4f:e4:
8c:9e:9a:4f:89:e1:56:5f:18:69:fe:e2:95:f7:90:
e6:1d:18:e8:da:13:04:5c:80:7a:9a:32:f6:79:d2:
27:75:d3:67:0b:0b:f8:43:07:41:3a:8a:d1:b8:fa:
49:cc:8c:13:9e:a5:02:ab:6b:54:ab:53:a6:b1:65:
58:7a:3c:53:fa:ed:97:d7:43:39:97:cc:2a:0e:9f:
c3:7f:b5:6e:59:e9:6a:f9:da:d2:42:84:11:0d:cd:
17:0e:7d:c2:ae:0c:42:7a:ec:ef:df:52:ca:53:9f:
1c:cf:16:9a:b4:8d:49:49:c7:cd:93:06:8c:51:29:
bc:c2:d6:cf:76:6f:c5:ef:14:b6:14:46:93:84:73:
8d:30:29:0c:17:9f:e6:91:98:86:28:e9:ef:0d:22:
19:a9:df:28:b2:93:2d:c7:6b:75:74:20:bd:0c:3f:
a8:0c:0f:d0:48:e8:c0:61:76:61:85:87:71:f4:08:
f8:cd:28:c9:7c:f5:f4:a2:04:ba:79:f0:5b:65:90:
22:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8C:81:5C:90:FD:82:DC:EB:D2:AB:E6:CA:59:2E:60:18:3C:22:41
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MoyBXJD9gtzr0qvmylkuYBg8IkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.148.0-37.49.150.255
94.74.137.0/24
94.74.140.0/24
94.74.147.0/24
94.74.158.0/23
94.74.164.0/24
94.74.169.0/24
94.74.171.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
176.46.144.0/24
176.46.149.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
85:9c:55:36:61:ca:d6:4a:ef:d3:13:de:8c:64:ad:7b:34:14:
aa:58:14:37:4c:3a:57:5d:00:88:7f:94:04:74:d2:b3:8b:eb:
73:fc:81:47:53:89:35:41:60:f0:74:44:e5:33:bc:a0:e3:1a:
97:8f:1c:76:64:f4:f8:57:5a:fa:ae:1d:9d:f0:0a:9d:e8:9f:
b2:20:26:03:df:42:3e:0f:eb:fe:02:e1:13:af:9c:19:16:cc:
fc:f8:47:c4:f8:13:f4:ec:ea:44:7c:f0:56:93:a1:3f:52:bd:
d9:79:78:05:a7:67:a6:b7:b0:8a:73:b4:7f:90:d2:d6:b3:dd:
58:0a:36:ce:55:4e:57:a2:a9:6a:25:b3:57:1e:91:98:9f:5f:
14:d0:31:d3:a9:fd:ec:15:f0:ce:c4:c0:b0:f7:c9:83:65:4f:
58:22:13:53:32:02:c2:6b:69:60:b7:0d:ae:0e:86:54:08:9d:
24:b9:87:a3:06:68:8c:ed:36:8b:98:df:df:de:e1:da:2f:a1:
a7:ef:6d:cc:0e:cb:c0:89:51:07:44:40:c6:a2:9a:7d:8f:d5:
5f:39:cd:69:93:b2:ef:6d:d0:68:f4:e9:14:a2:8f:08:a2:56:
2d:71:bf:7b:16:12:30:87:d8:36:8e:6d:de:e3:b5:f6:77:fb:
ca:07:a3:ed
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYx9OpJTmCuqB3Ok05OVwxa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMjE4MTQwMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjhjODE1YzkwZmQ4MmRjZWJkMmFiZTZjYTU5MmU2MDE4M2MyMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzA1dNEmbZKqxl1qUa++7fycNieX
MQ8nhJnWN2fgDRWdhLMeUmFhneRR+6OUUxaU4aGWuLp/BfeMT+SMnppPieFWXxhp
/uKV95DmHRjo2hMEXIB6mjL2edInddNnCwv4QwdBOorRuPpJzIwTnqUCq2tUq1Om
sWVYejxT+u2X10M5l8wqDp/Df7VuWelq+drSQoQRDc0XDn3CrgxCeuzv31LKU58c
zxaatI1JScfNkwaMUSm8wtbPdm/F7xS2FEaThHONMCkMF5/mkZiGKOnvDSIZqd8o
spMtx2t1dCC9DD+oDA/QSOjAYXZhhYdx9Aj4zSjJfPX0ogS6efBbZZAiBwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFDKMgVyQ/YLc69Kr5spZLmAYPCJBMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTW95QlhKRDlndHpyMHF2bXlsa3VZQmc4SWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAJTGQMAwD
BAIlMZQDBAAlMZYDBABeSokDBABeSowDBABeSpMDBAFeSp4DBABeSqQDBABeSqkD
BABeSqsDBABeSrYDBABeSrsDBABeSr8DBACwLpADBACwLpUDBACwLpgwDQYJKoZI
hvcNAQELBQADggEBAIWcVTZhytZK79MT3oxkrXs0FKpYFDdMOlddAIh/lAR00rOL
63P8gUdTiTVBYPB0ROUzvKDjGpePHHZk9PhXWvquHZ3wCp3on7IgJgPfQj4P6/4C
4ROvnBkWzPz4R8T4E/Ts6kR88FaToT9Svdl5eAWnZ6a3sIpztH+Q0taz3VgKNs5V
TleiqWols1cekZifXxTQMdOp/ewV8M7EwLD3yYNlT1giE1MyAsJraWC3Da4OhlQI
nSS5h6MGaIztNouY39/e4dovoafvbcwOy8CJUQdEQMaimn2P1V85zWmTsu9t0Gj0
6RSijwiiVi1xv3sWEjCH2DaObd7jtfZ3+8oHo+0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:28 2025 by rpki-client