Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/vjdL_Br5Q1XcbzB11LZFu3Lw6p8.roa
File: vjdL_Br5Q1XcbzB11LZFu3Lw6p8.roa (raw, json)
Hash identifier: XkfWItMcZ5TVe7GXsG7KFlyvP/USQhyJ87BvYdyrL5s=
Subject key identifier: BE:37:4B:FC:1A:F9:43:55:DC:6F:30:75:D4:B6:45:BB:72:F0:EA:9F
Certificate issuer: /CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Certificate serial: 0186733681391CD96C36F4B20B388CAA17C9
Authority key identifier: 02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/vjdL_Br5Q1XcbzB11LZFu3Lw6p8.roa
Signing time: Tue 21 Feb 2023 09:03:17 +0000
ROA not before: Tue 21 Feb 2023 09:03:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 37.19.97.0/24 maxlen: 24
37.19.96.0/21 maxlen: 21
37.19.98.0/24 maxlen: 24
37.19.99.0/24 maxlen: 24
37.19.100.0/24 maxlen: 24
37.203.192.0/24 maxlen: 24
37.203.192.0/21 maxlen: 21
37.203.193.0/24 maxlen: 24
37.203.194.0/24 maxlen: 24
37.203.195.0/24 maxlen: 24
37.203.196.0/24 maxlen: 24
37.203.197.0/24 maxlen: 24
185.4.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:36:81:39:1c:d9:6c:36:f4:b2:0b:38:8c:aa:17:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02f81c37e9ed24d0b20e94c18690e88ae4b311ca
Validity
Not Before: Feb 21 09:03:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be374bfc1af94355dc6f3075d4b645bb72f0ea9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1c:1d:01:1a:3a:59:3f:08:79:dc:92:d5:62:
93:65:98:f4:96:40:f2:7f:20:b7:36:74:61:da:99:
34:3b:e1:2a:c9:e0:0b:73:53:1b:96:a5:e8:e9:81:
af:ad:ca:03:0d:5f:1a:db:cd:68:63:30:36:c6:e6:
15:c4:0c:f2:28:15:ff:4b:37:43:18:d3:65:7c:8c:
4e:53:2d:7d:34:9f:78:16:af:66:d9:37:f3:77:fc:
c8:48:1d:d9:7e:00:d9:ea:d1:bf:6f:15:73:b9:55:
53:ce:70:63:f8:fd:07:62:fe:49:0c:db:05:33:11:
5b:1a:c1:b3:36:b2:bf:ed:a4:06:7d:9c:4b:d0:de:
57:69:84:c7:ea:0c:13:39:e5:f9:5e:16:0e:a7:9a:
0a:f3:d1:21:31:58:a7:94:cd:91:0c:56:cd:7c:36:
b6:41:5e:4c:82:04:8f:06:f2:8c:77:56:e3:ce:02:
6a:ef:cc:a1:97:fe:66:52:b4:c0:0a:ff:19:5c:8e:
a4:1c:86:0d:26:6d:61:da:c5:5a:bc:fb:23:35:58:
1a:8c:d7:c1:e9:9d:54:19:cf:ac:22:f9:1c:c3:f5:
be:fe:da:47:2b:27:95:d5:36:59:0a:cf:2f:38:5b:
53:65:bb:ae:86:bd:20:44:a4:26:a1:b3:87:52:db:
4b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:37:4B:FC:1A:F9:43:55:DC:6F:30:75:D4:B6:45:BB:72:F0:EA:9F
X509v3 Authority Key Identifier:
keyid:02:F8:1C:37:E9:ED:24:D0:B2:0E:94:C1:86:90:E8:8A:E4:B3:11:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvgcN-ntJNCyDpTBhpDoiuSzEco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/vjdL_Br5Q1XcbzB11LZFu3Lw6p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/01fa18-ab6a-4899-b475-92a3661ec26d/1/AvgcN-ntJNCyDpTBhpDoiuSzEco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.96.0/21
37.203.192.0/21
185.4.192.0/22
Signature Algorithm: sha256WithRSAEncryption
37:93:e0:2c:f0:22:62:c8:98:23:e5:4f:75:94:f3:f6:50:ee:
09:38:05:7f:e4:8b:de:8a:53:c6:54:de:4a:34:8b:e7:f2:ba:
cd:b7:0f:6f:86:ae:1d:f4:28:32:bc:2c:eb:87:ff:33:df:9e:
81:1d:09:ad:7c:ec:b7:09:22:45:12:21:a6:43:1b:6e:1a:1e:
33:96:05:31:d8:fa:80:90:0e:6f:7b:79:21:fa:97:02:31:7c:
64:4e:4c:2a:9c:3d:c9:ed:97:9a:c8:c8:e1:5d:bb:e6:29:2f:
66:1a:f5:84:d7:39:a1:ff:a6:4a:66:47:6d:a3:85:06:7e:89:
28:24:f6:37:f2:7c:0d:bb:3d:e0:4d:a7:cf:24:f5:c1:3c:42:
b2:af:10:82:3a:8c:a0:8e:b3:f0:57:b3:5d:84:69:9b:be:d9:
c3:ce:1d:ff:d4:32:a7:91:e5:3d:c1:72:e5:5b:ad:5b:a7:d3:
83:6a:85:b6:c2:66:5f:ec:97:8d:90:79:ca:fe:b4:24:dc:be:
4d:2b:18:c3:b4:f9:8b:7f:6d:3c:13:75:7e:44:38:cf:d0:37:
17:a3:55:30:6f:09:0b:ec:9e:c2:22:4f:53:55:7b:86:7a:86:
78:97:77:9e:e9:5e:f2:cf:fa:23:39:a3:5c:ba:99:68:c0:35:
af:86:1d:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZzNoE5HNlsNvSyCziMqhfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZjgxYzM3ZTllZDI0ZDBiMjBlOTRjMTg2OTBlODhhZTRi
MzExY2EwHhcNMjMwMjIxMDkwMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTM3NGJmYzFhZjk0MzU1ZGM2ZjMwNzVkNGI2NDViYjcyZjBlYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BwdARo6WT8IedyS1WKTZZj0lkDy
fyC3NnRh2pk0O+EqyeALc1MblqXo6YGvrcoDDV8a281oYzA2xuYVxAzyKBX/SzdD
GNNlfIxOUy19NJ94Fq9m2Tfzd/zISB3ZfgDZ6tG/bxVzuVVTznBj+P0HYv5JDNsF
MxFbGsGzNrK/7aQGfZxL0N5XaYTH6gwTOeX5XhYOp5oK89EhMVinlM2RDFbNfDa2
QV5MggSPBvKMd1bjzgJq78yhl/5mUrTACv8ZXI6kHIYNJm1h2sVavPsjNVgajNfB
6Z1UGc+sIvkcw/W+/tpHKyeV1TZZCs8vOFtTZbuuhr0gRKQmobOHUttLOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL43S/wa+UNV3G8wddS2Rbty8OqfMB8GA1UdIwQY
MBaAFAL4HDfp7STQsg6UwYaQ6IrksxHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZnY04tbnRKTkN5RHBUQmhwRG9pdVN6RWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMWZhMTgtYWI2YS00ODk5LWI0NzUt
OTJhMzY2MWVjMjZkLzEvdmpkTF9CcjVRMVhjYnpCMTFMWkZ1M0x3NnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMWZhMTgtYWI2YS00ODk5LWI0NzUtOTJhMzY2MWVjMjZk
LzEvQXZnY04tbnRKTkN5RHBUQmhwRG9pdVN6RWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJRNgAwQD
JcvAAwQCuQTAMA0GCSqGSIb3DQEBCwUAA4IBAQA3k+As8CJiyJgj5U91lPP2UO4J
OAV/5IveilPGVN5KNIvn8rrNtw9vhq4d9CgyvCzrh/8z356BHQmtfOy3CSJFEiGm
QxtuGh4zlgUx2PqAkA5ve3kh+pcCMXxkTkwqnD3J7ZeayMjhXbvmKS9mGvWE1zmh
/6ZKZkdto4UGfokoJPY38nwNuz3gTafPJPXBPEKyrxCCOoygjrPwV7NdhGmbvtnD
zh3/1DKnkeU9wXLlW61bp9ODaoW2wmZf7JeNkHnK/rQk3L5NKxjDtPmLf208E3V+
RDjP0DcXo1UwbwkL7J7CIk9TVXuGeoZ4l3ee6V7yz/ojOaNcuplowDWvhh2a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:51 2024 by rpki-client on console-ams.rpki-client.org