Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/A_GXnwT6rd4JrP98uYjQGeIc6-8.roa
File: A_GXnwT6rd4JrP98uYjQGeIc6-8.roa (raw, json)
Hash identifier: FHp7BUN2W2OvS7CI+tToDmDC+EDYRVc6WzdqqiwVNz0=
Subject key identifier: 03:F1:97:9F:04:FA:AD:DE:09:AC:FF:7C:B9:88:D0:19:E2:1C:EB:EF
Certificate issuer: /CN=7f65bff64d8a87977e334d89c4e38c0d1095af63
Certificate serial: 01856E8B3B27949D8A7BD18FE26613799B39
Authority key identifier: 7F:65:BF:F6:4D:8A:87:97:7E:33:4D:89:C4:E3:8C:0D:10:95:AF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2W_9k2Kh5d-M02JxOOMDRCVr2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/A_GXnwT6rd4JrP98uYjQGeIc6-8.roa
Signing time: Sun 01 Jan 2023 18:14:56 +0000
ROA not before: Sun 01 Jan 2023 18:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201730
IP address blocks: 37.221.88.0/22 maxlen: 24
194.169.252.0/24 maxlen: 24
185.138.244.0/22 maxlen: 24
185.146.148.0/22 maxlen: 24
185.78.100.0/22 maxlen: 24
185.65.92.0/22 maxlen: 24
2a03:1aa0::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:3b:27:94:9d:8a:7b:d1:8f:e2:66:13:79:9b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f65bff64d8a87977e334d89c4e38c0d1095af63
Validity
Not Before: Jan 1 18:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03f1979f04faadde09acff7cb988d019e21cebef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:37:63:09:e2:c0:a6:cd:1c:54:c7:54:1d:0b:
32:06:5a:ac:5e:9c:bb:05:fb:ef:11:f2:71:68:cf:
d3:07:d1:be:11:2d:22:be:85:34:17:8b:68:8b:12:
b0:0b:fd:08:37:e7:41:5a:66:7b:b4:dd:de:31:77:
3b:89:f3:6f:bf:c0:dc:53:52:75:fb:d2:c4:ba:af:
81:3a:c2:fb:a6:f0:9b:a9:38:01:dc:7a:6c:92:a7:
81:0c:42:53:51:36:34:61:b9:11:8d:56:1a:51:88:
6f:a1:1c:3b:31:59:26:a1:91:a0:df:43:85:03:28:
51:60:43:84:ea:98:ac:29:4b:28:bf:0b:00:84:18:
17:b4:5a:58:da:c2:48:a0:d6:c0:d0:47:00:02:08:
3a:54:33:bf:95:fe:05:1b:23:48:6c:d2:4d:b3:d6:
41:55:60:33:71:c7:37:f9:fe:9c:17:22:c1:2c:00:
82:71:a2:6b:3a:2a:17:e5:97:09:a7:bb:5b:37:a3:
33:cc:02:b1:8c:a5:88:bc:01:3b:da:f0:0a:f0:1a:
ca:08:9b:1e:f2:f1:7c:6b:3c:6c:18:0d:7b:50:9b:
f7:73:9a:49:8c:13:8a:27:9a:52:7d:0f:a7:86:dc:
23:4a:5e:43:bc:00:73:ff:68:39:47:02:8f:59:83:
24:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F1:97:9F:04:FA:AD:DE:09:AC:FF:7C:B9:88:D0:19:E2:1C:EB:EF
X509v3 Authority Key Identifier:
keyid:7F:65:BF:F6:4D:8A:87:97:7E:33:4D:89:C4:E3:8C:0D:10:95:AF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2W_9k2Kh5d-M02JxOOMDRCVr2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/A_GXnwT6rd4JrP98uYjQGeIc6-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/f2W_9k2Kh5d-M02JxOOMDRCVr2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.88.0/22
185.65.92.0/22
185.78.100.0/22
185.138.244.0/22
185.146.148.0/22
194.169.252.0/24
IPv6:
2a03:1aa0::/32
Signature Algorithm: sha256WithRSAEncryption
84:33:31:74:fe:62:4f:8a:94:cf:32:82:9d:7a:fd:5a:67:07:
90:34:7a:91:31:88:82:8d:68:f0:9c:df:d6:d5:f7:99:75:97:
97:0d:af:5f:65:6b:13:25:05:a6:bd:97:09:95:85:42:26:49:
5c:df:46:81:cb:45:b9:81:57:f0:04:14:af:3f:d5:19:1e:9f:
60:4f:aa:ac:f4:19:5b:f8:23:3d:9c:e1:55:dd:14:e4:54:4f:
2c:79:af:53:28:91:6f:78:15:ba:cb:41:42:d8:35:b9:0c:62:
4d:55:b4:93:e9:51:ea:23:99:15:f9:2f:92:40:00:6c:ca:9d:
8c:2e:03:be:26:07:87:f8:ca:d9:17:db:07:95:a9:58:a4:bb:
cd:7b:59:16:d3:ab:c5:7e:40:b4:8b:2e:7a:e6:ae:54:1c:46:
a0:5e:ba:8c:32:05:89:fd:6a:2c:8d:24:51:e7:be:f1:13:cc:
84:5b:2c:bb:8f:3d:92:eb:30:7e:43:87:3d:af:f7:37:7d:8c:
37:c5:a5:33:56:00:4f:9f:85:a5:43:79:e1:2e:6c:a3:11:79:
0a:a9:13:0a:ea:e9:34:c3:27:c6:18:0d:69:51:36:1f:5d:ee:
22:96:38:97:f5:f2:81:db:df:bd:46:cb:a3:3a:0c:58:fc:b9:
36:72:1c:3d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVuizsnlJ2Ke9GP4mYTeZs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNjViZmY2NGQ4YTg3OTc3ZTMzNGQ4OWM0ZTM4YzBkMTA5
NWFmNjMwHhcNMjMwMTAxMTgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2YxOTc5ZjA0ZmFhZGRlMDlhY2ZmN2NiOTg4ZDAxOWUyMWNlYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzdjCeLAps0cVMdUHQsyBlqsXpy7
BfvvEfJxaM/TB9G+ES0ivoU0F4toixKwC/0IN+dBWmZ7tN3eMXc7ifNvv8DcU1J1
+9LEuq+BOsL7pvCbqTgB3HpskqeBDEJTUTY0YbkRjVYaUYhvoRw7MVkmoZGg30OF
AyhRYEOE6pisKUsovwsAhBgXtFpY2sJIoNbA0EcAAgg6VDO/lf4FGyNIbNJNs9ZB
VWAzccc3+f6cFyLBLACCcaJrOioX5ZcJp7tbN6MzzAKxjKWIvAE72vAK8BrKCJse
8vF8azxsGA17UJv3c5pJjBOKJ5pSfQ+nhtwjSl5DvABz/2g5RwKPWYMkdQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAPxl58E+q3eCaz/fLmI0BniHOvvMB8GA1UdIwQY
MBaAFH9lv/ZNioeXfjNNicTjjA0Qla9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjJXXzlrMktoNWQtTTAySnhPT01EUkNWcjJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zYTgwM2MtODcyZC00OTI3LWFmYTct
MTUzNzQxNzc3MzlkLzEvQV9HWG53VDZyZDRKclA5OHVZalFHZUljNi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zYTgwM2MtODcyZC00OTI3LWFmYTctMTUzNzQxNzc3Mzlk
LzEvZjJXXzlrMktoNWQtTTAySnhPT01EUkNWcjJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCJd1YAwQC
uUFcAwQCuU5kAwQCuYr0AwQCuZKUAwQAwqn8MA0EAgACMAcDBQAqAxqgMA0GCSqG
SIb3DQEBCwUAA4IBAQCEMzF0/mJPipTPMoKdev1aZweQNHqRMYiCjWjwnN/W1feZ
dZeXDa9fZWsTJQWmvZcJlYVCJklc30aBy0W5gVfwBBSvP9UZHp9gT6qs9Blb+CM9
nOFV3RTkVE8sea9TKJFveBW6y0FC2DW5DGJNVbST6VHqI5kV+S+SQABsyp2MLgO+
JgeH+MrZF9sHlalYpLvNe1kW06vFfkC0iy565q5UHEagXrqMMgWJ/WosjSRR577x
E8yEWyy7jz2S6zB+Q4c9r/c3fYw3xaUzVgBPn4WlQ3nhLmyjEXkKqRMK6uk0wyfG
GA1pUTYfXe4iljiX9fKB29+9RsujOgxY/Lk2chw9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:21 2024 by rpki-client on console-ams.rpki-client.org