Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/PaK_PNwUUgVAOon_z3LrkfGdsp4.roa
File: PaK_PNwUUgVAOon_z3LrkfGdsp4.roa (raw, json)
Hash identifier: kg1JYua+YHsvCRR0UzZSJMvHCZfDB/fD2/R6xrmo088=
Subject key identifier: 3D:A2:BF:3C:DC:14:52:05:40:3A:89:FF:CF:72:EB:91:F1:9D:B2:9E
Certificate issuer: /CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Certificate serial: 906103
Authority key identifier: 02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/PaK_PNwUUgVAOon_z3LrkfGdsp4.roa
Signing time: Tue 22 Feb 2022 08:01:33 +0000
ROA not before: Tue 22 Feb 2022 08:01:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 37.203.192.0/21 maxlen: 21
37.203.198.0/23 maxlen: 24
37.19.96.0/21 maxlen: 21
37.19.96.0/24 maxlen: 24
37.19.101.0/24 maxlen: 24
37.19.102.0/23 maxlen: 24
185.4.192.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9462019 (0x906103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Validity
Not Before: Feb 22 08:01:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3da2bf3cdc145205403a89ffcf72eb91f19db29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:70:8e:b6:a8:19:33:5e:45:99:a7:33:0d:a7:
7d:82:54:28:f2:dd:d2:e4:55:4d:a8:64:bf:83:ca:
04:03:91:77:62:c7:1e:a0:99:67:1b:be:80:ff:af:
64:27:0a:ae:2f:64:d0:e8:07:70:4d:5a:d7:9c:fd:
57:fb:5c:ed:4a:c6:97:da:c4:5f:b1:93:da:b2:7e:
d0:9d:8f:0d:26:96:94:53:89:a5:9f:fb:5c:7b:b9:
97:e9:6d:54:2c:82:08:23:e2:11:68:bc:15:a7:9e:
70:39:5a:fe:e0:c3:77:df:06:61:89:97:c8:29:70:
26:06:f1:eb:45:d7:42:1c:dc:00:f4:c8:f8:82:22:
b5:79:fa:70:35:60:e9:1f:6d:68:d6:40:18:a3:5b:
a1:a0:51:21:0d:49:ca:8d:47:5f:80:a1:c1:4c:34:
a1:a4:9c:60:32:53:ac:1d:97:a1:6e:76:b8:c3:13:
6f:82:76:cf:b5:95:e1:8d:7a:b0:7d:db:9b:a5:31:
10:ac:dd:36:4c:94:a8:e7:36:e4:d3:cc:1e:c2:f8:
30:4c:12:a4:c6:83:5f:ec:88:40:35:dd:ed:82:88:
ba:eb:e6:b9:63:7f:fb:3b:7c:4b:c8:00:b5:06:8c:
47:c0:78:e8:1c:6e:43:b7:b5:64:36:86:fc:8f:b1:
1e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A2:BF:3C:DC:14:52:05:40:3A:89:FF:CF:72:EB:91:F1:9D:B2:9E
X509v3 Authority Key Identifier:
keyid:02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/PaK_PNwUUgVAOon_z3LrkfGdsp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/AvgcN-ntJNCyDpTBhpDoiuSzEco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.96.0/21
37.203.192.0/21
185.4.192.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:f9:e1:76:d1:da:e4:bb:c6:f5:c5:a2:34:04:73:4c:eb:51:
d1:a2:83:11:64:f1:0a:b4:db:92:3a:ca:cc:44:0f:f8:1f:e1:
4a:2a:95:8a:50:14:fd:dc:48:cf:fe:20:a0:df:df:6c:9d:31:
77:2c:ed:17:2b:d9:0a:23:35:5c:88:d0:76:86:60:26:0d:3a:
e7:3f:70:61:07:29:72:4e:5d:89:a0:ea:db:b9:a3:d0:5c:3d:
4d:4b:c7:6b:99:90:ba:cf:40:04:38:ad:99:48:87:5d:c8:bb:
50:28:93:26:c6:f2:93:bd:b0:17:e8:fd:a9:4c:da:fe:31:9c:
88:fc:c8:62:17:8c:6b:e2:19:bb:36:f3:71:8f:2b:d5:cb:f2:
9c:d3:81:bf:f4:3b:8d:da:13:b5:c1:ec:aa:2d:a7:ec:22:00:
15:35:33:78:b1:c8:33:30:cc:45:ff:6e:00:03:cb:84:92:8c:
3f:95:9a:94:77:ff:13:c7:f2:4a:5f:d0:65:29:24:87:89:67:
0d:07:df:23:a7:c1:c2:87:a2:51:10:c0:15:63:f0:28:14:79:
1d:b7:a5:87:3c:7d:3c:92:09:f2:d2:81:7b:f5:14:88:d2:4b:
28:1e:a6:bd:06:0b:74:0c:ef:69:50:b9:ff:e0:48:94:1f:32:
c5:ec:c8:88
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAJBhAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmY4MWMzN2U5ZWQyNGQwYjIwZTk0YzE4NjkwZTg4YWU0YjMxMWNhMB4XDTIyMDIy
MjA4MDEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2RhMmJmM2NkYzE0
NTIwNTQwM2E4OWZmY2Y3MmViOTFmMTlkYjI5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFwjraoGTNeRZmnMw2nfYJUKPLd0uRVTahkv4PKBAORd2LH
HqCZZxu+gP+vZCcKri9k0OgHcE1a15z9V/tc7UrGl9rEX7GT2rJ+0J2PDSaWlFOJ
pZ/7XHu5l+ltVCyCCCPiEWi8FaeecDla/uDDd98GYYmXyClwJgbx60XXQhzcAPTI
+IIitXn6cDVg6R9taNZAGKNboaBRIQ1Jyo1HX4ChwUw0oaScYDJTrB2XoW52uMMT
b4J2z7WV4Y16sH3bm6UxEKzdNkyUqOc25NPMHsL4MEwSpMaDX+yIQDXd7YKIuuvm
uWN/+zt8S8gAtQaMR8B46BxuQ7e1ZDaG/I+xHjMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ9or883BRSBUA6if/PcuuR8Z2ynjAfBgNVHSMEGDAWgBQC+Bw36e0k0LIO
lMGGkOiK5LMRyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0F2Z2NOLW50Sk5DeURwVEJocERvaXVTekVjby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvMDFmYTE4LWFiNmEtNDg5OS1iNDc1LTkyYTM2NjFlYzI2ZC8x
L1BhS19QTndVVWdWQU9vbl96M0xya2ZHZHNwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
MDFmYTE4LWFiNmEtNDg5OS1iNDc1LTkyYTM2NjFlYzI2ZC8xL0F2Z2NOLW50Sk5D
eURwVEJocERvaXVTekVjby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAyUTYAMEAyXLwAMEArkEwDANBgkq
hkiG9w0BAQsFAAOCAQEAn/nhdtHa5LvG9cWiNARzTOtR0aKDEWTxCrTbkjrKzEQP
+B/hSiqVilAU/dxIz/4goN/fbJ0xdyztFyvZCiM1XIjQdoZgJg065z9wYQcpck5d
iaDq27mj0Fw9TUvHa5mQus9ABDitmUiHXci7UCiTJsbyk72wF+j9qUza/jGciPzI
YheMa+IZuzbzcY8r1cvynNOBv/Q7jdoTtcHsqi2n7CIAFTUzeLHIMzDMRf9uAAPL
hJKMP5WalHf/E8fySl/QZSkkh4lnDQffI6fBwoeiURDAFWPwKBR5Hbelhzx9PJIJ
8tKBe/UUiNJLKB6mvQYLdAzvaVC5/+BIlB8yxezIiA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:29:16 2025 by rpki-client