Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/viNStdpP2cv2lYFadgVfbJfdgdg.roa
File: viNStdpP2cv2lYFadgVfbJfdgdg.roa (raw, json)
Hash identifier: v4MED9bNI+y+JeAjslQBK8UvyJMFTQIE1Z50A9GanbA=
Subject key identifier: BE:23:52:B5:DA:4F:D9:CB:F6:95:81:5A:76:05:5F:6C:97:DD:81:D8
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D6DA3A10B5728DB77525AD5FA5FFB4EB6
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/viNStdpP2cv2lYFadgVfbJfdgdg.roa
Signing time: Sat 03 Feb 2024 06:24:16 +0000
ROA not before: Sat 03 Feb 2024 06:24:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203963
IP address blocks: 37.49.144.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:a3:a1:0b:57:28:db:77:52:5a:d5:fa:5f:fb:4e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 3 06:24:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be2352b5da4fd9cbf695815a76055f6c97dd81d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:56:d9:e8:2b:76:1a:a2:08:25:75:f5:5a:04:
d4:3b:27:45:5a:39:7b:dd:89:c8:d5:69:aa:e8:9b:
85:f9:a5:33:6c:a9:65:e6:a4:2a:cf:47:17:06:12:
ba:f2:4b:fd:22:32:1a:a1:eb:43:7a:3b:ac:f1:f9:
cf:b3:27:59:10:9c:3d:5f:3f:97:e3:92:b9:b5:cd:
ea:6b:3a:00:f5:c4:4b:8a:f5:fc:37:35:e0:11:07:
c6:c2:e1:df:e8:50:0a:a7:91:2a:47:c6:4e:8c:43:
1e:53:55:db:35:3b:e8:a0:53:4e:45:a9:d9:2e:8a:
3c:1f:42:c2:c0:1e:60:4a:d3:8d:e8:49:e4:dc:66:
80:c5:d9:9e:ba:14:ba:cf:66:3b:73:66:10:42:73:
11:1f:81:c1:fc:83:d2:19:35:70:98:0a:a1:1c:68:
ae:f8:8f:c5:64:bc:e5:c9:dc:dc:5d:0f:f2:cd:74:
b1:5a:86:fa:88:82:fe:ee:0f:f2:dc:36:06:ff:1d:
f0:28:b9:5b:27:90:c1:d8:8a:a3:32:59:e0:3b:c7:
3a:4c:14:00:b8:2c:f1:6e:c0:0e:dc:07:1e:ab:8c:
90:db:03:4d:01:c1:37:59:ec:02:ec:6e:2b:aa:e3:
b8:1d:0b:33:01:26:89:22:eb:32:77:6b:db:ea:b8:
b8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:23:52:B5:DA:4F:D9:CB:F6:95:81:5A:76:05:5F:6C:97:DD:81:D8
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/viNStdpP2cv2lYFadgVfbJfdgdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.148.0-37.49.150.255
94.74.140.0/24
94.74.164.0/24
94.74.169.0/24
94.74.171.0/24
94.74.182.0/24
109.203.163.0/24
109.203.166.0/24
176.46.144.0/24
176.46.149.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
81:5d:4c:a1:9b:f0:b8:61:6e:fb:6c:78:de:65:7a:e3:2f:c7:
1a:b2:cb:ee:02:77:b5:fe:de:8f:45:00:5f:e5:75:11:90:2a:
ec:95:0f:6d:0c:18:98:5f:7d:e7:e8:59:3f:78:25:95:d0:af:
c9:f6:e5:01:3d:29:10:8d:37:91:65:b0:a2:75:94:39:83:a8:
89:3e:bf:c1:8e:49:66:2f:28:d3:b2:c8:70:dd:73:13:37:36:
37:51:95:80:f2:fb:83:36:e4:3a:e9:56:8c:1f:5b:99:e1:39:
af:e8:3e:09:cd:46:e4:32:ec:b4:59:b9:e1:33:91:70:4c:17:
0b:aa:bd:31:44:75:e2:29:58:37:09:a4:3f:3d:a0:08:cf:c7:
4c:dc:65:72:1e:6a:40:cc:8f:a6:d5:31:cb:03:a4:21:2b:8a:
d2:91:f9:fd:31:4c:d7:e6:80:69:39:6d:5e:91:4b:33:25:84:
3c:6e:48:7a:85:17:48:e4:ef:f3:87:a1:1c:1f:59:ea:8d:4b:
26:0b:91:3e:bb:ec:1f:71:92:08:7b:b8:7b:68:07:3d:48:a7:
e1:1c:6d:be:58:d2:07:70:9b:42:6a:c2:3a:b8:bc:59:6e:d7:
39:e4:cb:84:26:ae:fa:c9:4b:4d:bc:5d:5c:dd:d5:0d:28:e5:
cd:93:46:5f
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY1to6ELVyjbd1Ja1fpf+062MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMjAzMDYyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTIzNTJiNWRhNGZkOWNiZjY5NTgxNWE3NjA1NWY2Yzk3ZGQ4MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFbZ6Ct2GqIIJXX1WgTUOydFWjl7
3YnI1Wmq6JuF+aUzbKll5qQqz0cXBhK68kv9IjIaoetDejus8fnPsydZEJw9Xz+X
45K5tc3qazoA9cRLivX8NzXgEQfGwuHf6FAKp5EqR8ZOjEMeU1XbNTvooFNORanZ
Loo8H0LCwB5gStON6Enk3GaAxdmeuhS6z2Y7c2YQQnMRH4HB/IPSGTVwmAqhHGiu
+I/FZLzlydzcXQ/yzXSxWob6iIL+7g/y3DYG/x3wKLlbJ5DB2IqjMlngO8c6TBQA
uCzxbsAO3Aceq4yQ2wNNAcE3WewC7G4rquO4HQszASaJIusyd2vb6ri43wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFL4jUrXaT9nL9pWBWnYFX2yX3YHYMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvdmlOU3RkcFAyY3YybFlGYWRnVmZiSmZkZ2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAJTGQMAwD
BAIlMZQDBAAlMZYDBABeSowDBABeSqQDBABeSqkDBABeSqsDBABeSrYDBABty6MD
BABty6YDBACwLpADBACwLpUDBACwLpgwDQYJKoZIhvcNAQELBQADggEBAIFdTKGb
8LhhbvtseN5leuMvxxqyy+4Cd7X+3o9FAF/ldRGQKuyVD20MGJhffefoWT94JZXQ
r8n25QE9KRCNN5FlsKJ1lDmDqIk+v8GOSWYvKNOyyHDdcxM3NjdRlYDy+4M25Drp
VowfW5nhOa/oPgnNRuQy7LRZueEzkXBMFwuqvTFEdeIpWDcJpD89oAjPx0zcZXIe
akDMj6bVMcsDpCEritKR+f0xTNfmgGk5bV6RSzMlhDxuSHqFF0jk7/OHoRwfWeqN
SyYLkT677B9xkgh7uHtoBz1Ip+Ecbb5Y0gdwm0Jqwjq4vFlu1znky4QmrvrJS028
XVzd1Q0o5c2TRl8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:26 2025 by rpki-client