Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rmu8EBq_8O-5DfgbIbD3D-nII_E.roa
File: rmu8EBq_8O-5DfgbIbD3D-nII_E.roa (raw, json)
Hash identifier: 90gBdF0ltE8zU9azLT9A9YS1EYsrIPK/bYM5RfcStNQ=
Subject key identifier: AE:6B:BC:10:1A:BF:F0:EF:B9:0D:F8:1B:21:B0:F7:0F:E9:C8:23:F1
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0190FEDB054AC01A4462ABDA90935ADD7D48
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rmu8EBq_8O-5DfgbIbD3D-nII_E.roa
Signing time: Mon 29 Jul 2024 14:18:04 +0000
ROA not before: Mon 29 Jul 2024 14:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 37.49.144.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:db:05:4a:c0:1a:44:62:ab:da:90:93:5a:dd:7d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 29 14:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae6bbc101abff0efb90df81b21b0f70fe9c823f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e9:a1:bd:f3:ae:97:88:f1:97:13:9b:bd:e7:
a0:b2:8b:db:1d:a4:fb:cb:39:74:0d:81:a2:7d:d8:
79:05:05:3c:b5:d5:5b:3d:18:4b:10:70:81:3f:b0:
6b:d5:cb:e0:a5:8b:fd:7e:5d:6e:b3:9f:af:68:ff:
89:89:21:0b:41:86:72:de:1b:01:16:ab:1d:d6:8b:
83:24:c5:82:b6:77:9d:bd:1b:cb:f8:b7:e7:bf:b1:
ca:a4:76:8f:a3:2b:e4:89:74:7d:80:20:69:9c:77:
0d:e5:80:38:b1:5a:e3:58:4e:95:06:3c:bd:7b:19:
4d:4b:59:c1:17:2e:4d:b0:64:91:11:8f:2f:8a:1c:
85:83:13:c4:18:71:3b:98:a6:13:bf:fc:54:a9:da:
fc:1f:1b:fa:9c:7e:6b:0c:66:32:e4:6e:28:a3:d5:
ea:7f:72:ba:b4:4e:f3:40:97:0b:52:87:98:a1:92:
0e:a5:69:79:47:68:95:d9:de:fc:b9:08:c9:39:88:
ba:b2:3d:89:5d:73:16:c5:30:8c:f9:46:d6:20:38:
60:4e:a2:76:41:57:15:b2:d3:ed:45:72:a4:12:08:
3b:b1:c6:c8:ac:fc:76:82:ec:f0:d1:09:1e:ff:9f:
42:4d:dd:ee:ad:23:70:d2:3e:15:a3:6d:e7:c0:41:
93:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:6B:BC:10:1A:BF:F0:EF:B9:0D:F8:1B:21:B0:F7:0F:E9:C8:23:F1
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rmu8EBq_8O-5DfgbIbD3D-nII_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
109.203.166.0/24
109.203.168.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:f7:5f:ed:17:5c:28:1e:c6:b6:45:ac:c2:cc:6d:e9:3c:fb:
61:60:fd:9f:6d:33:0f:2d:aa:e8:02:10:1c:24:ec:99:6b:cb:
2a:23:1b:83:96:45:72:97:95:3e:1c:bd:7e:a4:8b:14:c1:f6:
f5:94:b6:dc:e4:a6:22:72:dc:06:52:ac:a8:77:17:d6:5f:08:
ac:0b:59:9c:94:cb:fc:a8:e0:de:6c:1a:e8:66:6c:f4:a3:e4:
c8:91:cb:ca:e0:9f:83:c5:89:f2:ee:b3:26:d9:c2:a5:09:73:
91:38:86:8c:e3:0e:80:48:ac:16:e5:2c:12:db:12:a0:cd:ce:
20:6c:47:4a:4a:f4:4f:3e:b0:bd:3e:e5:ac:f0:22:b5:e2:f9:
45:a2:83:7b:fb:36:00:6a:56:f0:d7:12:16:98:d9:c1:e6:61:
44:bc:b4:93:16:26:74:51:7f:ee:a2:ab:e0:73:94:59:e4:b2:
9f:8f:39:ce:76:c2:55:32:f1:a8:62:94:44:1e:aa:11:b1:a5:
73:e2:11:41:25:f7:45:a7:40:34:84:6f:e9:ad:f1:55:17:eb:
ba:4e:68:26:6c:b0:d5:fc:17:7b:bc:65:52:e3:18:4e:6f:0e:
d4:71:fc:c3:93:fe:16:d7:9f:9f:d2:88:ba:c9:46:d3:05:7f:
cd:af:9a:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZD+2wVKwBpEYqvakJNa3X1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwNzI5MTQxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTZiYmMxMDFhYmZmMGVmYjkwZGY4MWIyMWIwZjcwZmU5YzgyM2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+mhvfOul4jxlxObveegsovbHaT7
yzl0DYGifdh5BQU8tdVbPRhLEHCBP7Br1cvgpYv9fl1us5+vaP+JiSELQYZy3hsB
Fqsd1ouDJMWCtnedvRvL+Lfnv7HKpHaPoyvkiXR9gCBpnHcN5YA4sVrjWE6VBjy9
exlNS1nBFy5NsGSREY8vihyFgxPEGHE7mKYTv/xUqdr8Hxv6nH5rDGYy5G4oo9Xq
f3K6tE7zQJcLUoeYoZIOpWl5R2iV2d78uQjJOYi6sj2JXXMWxTCM+UbWIDhgTqJ2
QVcVstPtRXKkEgg7scbIrPx2guzw0Qke/59CTd3urSNw0j4Vo23nwEGTfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK5rvBAav/DvuQ34GyGw9w/pyCPxMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvcm11OEVCcV84Ty01RGZnYkliRDNELW5JSV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJTGQAwQA
bcumAwQDbcuoMA0GCSqGSIb3DQEBCwUAA4IBAQAv91/tF1woHsa2RazCzG3pPPth
YP2fbTMPLaroAhAcJOyZa8sqIxuDlkVyl5U+HL1+pIsUwfb1lLbc5KYictwGUqyo
dxfWXwisC1mclMv8qODebBroZmz0o+TIkcvK4J+DxYny7rMm2cKlCXOROIaM4w6A
SKwW5SwS2xKgzc4gbEdKSvRPPrC9PuWs8CK14vlFooN7+zYAalbw1xIWmNnB5mFE
vLSTFiZ0UX/uoqvgc5RZ5LKfjznOdsJVMvGoYpREHqoRsaVz4hFBJfdFp0A0hG/p
rfFVF+u6TmgmbLDV/Bd7vGVS4xhObw7UcfzDk/4W15+f0oi6yUbTBX/Nr5oC
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:17 2025 by rpki-client