Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/1-zPVna85ftksdV4FJ9neXPjtcpI.roa
File: 1-zPVna85ftksdV4FJ9neXPjtcpI.roa (raw, json)
Hash identifier: QZU7TnBMGgrxH/31wLq4pOy04Nutyp5VQZmR1sIkjnY=
Subject key identifier: FB:33:D5:9D:AF:39:7E:D9:2C:75:5E:05:27:D9:DE:5C:F8:ED:72:92
Certificate issuer: /CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Certificate serial: 01864B1A27955A3DA305235A52AA80FC4D1A
Authority key identifier: 02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/1-zPVna85ftksdV4FJ9neXPjtcpI.roa
Signing time: Mon 13 Feb 2023 14:07:30 +0000
ROA not before: Mon 13 Feb 2023 14:07:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 37.203.192.0/21 maxlen: 21
37.19.96.0/21 maxlen: 21
185.4.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4b:1a:27:95:5a:3d:a3:05:23:5a:52:aa:80:fc:4d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Validity
Not Before: Feb 13 14:07:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb33d59daf397ed92c755e0527d9de5cf8ed7292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b2:31:ea:2d:5e:1b:73:c0:e0:1e:05:ce:99:
66:45:75:a5:a7:32:34:e4:0d:65:34:19:85:a6:f0:
64:fe:d6:bd:8a:29:fd:d3:31:ed:09:42:98:54:fe:
59:ad:98:f0:4b:c9:aa:35:b3:bf:ba:d4:fe:a3:e8:
7d:53:11:c4:ca:a1:0c:1d:fd:62:10:d5:73:34:14:
f8:3a:1a:f2:c6:f6:1e:b9:09:a8:b7:7a:de:38:ad:
a6:40:fd:d1:96:c1:54:c4:28:a9:fa:3d:ec:4c:56:
f6:9d:1a:1f:fc:81:db:bf:85:92:b6:b2:50:f3:0c:
3b:4f:be:59:1f:3f:91:61:2a:b5:ee:35:26:c7:28:
4f:80:e0:52:60:8d:75:b0:2b:6a:a8:22:18:46:d3:
e4:43:81:40:a8:ec:5f:fb:41:77:7b:b9:67:3b:19:
08:7f:88:14:00:4b:1a:24:92:51:55:66:f8:24:01:
da:49:b1:0c:4f:3f:57:b7:b9:3c:64:93:d6:c3:46:
fa:67:42:26:1b:00:5a:69:39:37:84:7c:cf:87:a2:
50:2a:a1:18:3f:6c:ab:67:f4:a4:12:b1:a9:4f:b1:
c7:26:b4:cf:46:57:69:b2:11:82:72:0a:3c:41:ed:
78:1c:fd:b6:20:71:60:f5:3b:40:a9:74:7f:d3:75:
d4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:33:D5:9D:AF:39:7E:D9:2C:75:5E:05:27:D9:DE:5C:F8:ED:72:92
X509v3 Authority Key Identifier:
keyid:02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/1-zPVna85ftksdV4FJ9neXPjtcpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/AvgcN-ntJNCyDpTBhpDoiuSzEco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.96.0/21
37.203.192.0/21
185.4.192.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:1c:16:c8:9c:3c:70:54:c1:15:b8:12:2e:57:a8:ff:9d:d1:
39:75:e2:7d:13:a9:98:69:ec:88:a5:ff:6d:66:92:c1:af:8c:
e2:58:10:34:95:40:24:a3:a3:9e:eb:25:dd:d0:67:5c:d3:de:
a9:67:50:19:18:ee:8d:f9:a4:e2:e6:b8:e7:48:4e:e0:df:11:
c4:2d:b9:7e:ed:42:e6:cc:e2:49:c9:5c:24:0e:54:38:d9:ac:
1e:3f:02:82:b0:6f:79:3a:6a:79:fb:5f:34:df:99:3e:b4:db:
7c:fd:3b:89:b4:ed:a3:0a:e9:d4:6a:84:30:55:73:e7:1e:b0:
09:eb:85:c8:a1:a2:6f:7e:e5:c5:b7:3b:54:4c:5b:d9:cb:e3:
e1:cf:95:36:c2:58:64:00:02:75:b5:ec:5a:4d:d2:ed:5d:07:
47:e9:a8:14:60:3d:67:e0:f7:b6:74:5d:b6:15:4d:7b:87:2c:
02:6b:2e:9c:fc:22:07:33:b1:6a:42:ef:f7:5c:af:b8:0f:e5:
f1:ac:d7:68:84:54:2c:fe:79:bc:88:fc:7f:04:b7:d5:30:5d:
ee:90:cf:57:db:a8:1d:ba:bd:50:ac:6a:38:91:73:81:2a:93:
66:ee:67:31:55:0d:f0:59:c1:b0:c2:92:b5:90:3b:ea:e3:5d:
8a:57:5d:b2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYZLGieVWj2jBSNaUqqA/E0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZjgxYzM3ZTllZDI0ZDBiMjBlOTRjMTg2OTBlODhhZTRi
MzExY2EwHhcNMjMwMjEzMTQwNzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjMzZDU5ZGFmMzk3ZWQ5MmM3NTVlMDUyN2Q5ZGU1Y2Y4ZWQ3MjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrIx6i1eG3PA4B4FzplmRXWlpzI0
5A1lNBmFpvBk/ta9iin90zHtCUKYVP5ZrZjwS8mqNbO/utT+o+h9UxHEyqEMHf1i
ENVzNBT4OhryxvYeuQmot3reOK2mQP3RlsFUxCip+j3sTFb2nRof/IHbv4WStrJQ
8ww7T75ZHz+RYSq17jUmxyhPgOBSYI11sCtqqCIYRtPkQ4FAqOxf+0F3e7lnOxkI
f4gUAEsaJJJRVWb4JAHaSbEMTz9Xt7k8ZJPWw0b6Z0ImGwBaaTk3hHzPh6JQKqEY
P2yrZ/SkErGpT7HHJrTPRldpshGCcgo8Qe14HP22IHFg9TtAqXR/03XU/wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPsz1Z2vOX7ZLHVeBSfZ3lz47XKSMB8GA1UdIwQY
MBaAFAL4HDfp7STQsg6UwYaQ6IrksxHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZnY04tbnRKTkN5RHBUQmhwRG9pdVN6RWNvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMWZhMTgtYWI2YS00ODk5LWI0NzUt
OTJhMzY2MWVjMjZkLzEvMS16UFZuYTg1ZnRrc2RWNEZKOW5lWFBqdGNwSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmUvMDFmYTE4LWFiNmEtNDg5OS1iNDc1LTkyYTM2NjFlYzI2
ZC8xL0F2Z2NOLW50Sk5DeURwVEJocERvaXVTekVjby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAyUTYAME
AyXLwAMEArkEwDANBgkqhkiG9w0BAQsFAAOCAQEAHhwWyJw8cFTBFbgSLleo/53R
OXXifROpmGnsiKX/bWaSwa+M4lgQNJVAJKOjnusl3dBnXNPeqWdQGRjujfmk4ua4
50hO4N8RxC25fu1C5sziSclcJA5UONmsHj8CgrBveTpqeftfNN+ZPrTbfP07ibTt
owrp1GqEMFVz5x6wCeuFyKGib37lxbc7VExb2cvj4c+VNsJYZAACdbXsWk3S7V0H
R+moFGA9Z+D3tnRdthVNe4csAmsunPwiBzOxakLv91yvuA/l8azXaIRULP55vIj8
fwS31TBd7pDPV9uoHbq9UKxqOJFzgSqTZu5nMVUN8FnBsMKStZA76uNdilddsg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:55 2025 by rpki-client