Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/zuk2dHPJ1ijaYpAgIljiW7pvFtM.roa
File: zuk2dHPJ1ijaYpAgIljiW7pvFtM.roa (raw, json)
Hash identifier: opJiN8WGN83XgBCl3qaNl9NqEBLs/PSiAX8TNAOHDgU=
Subject key identifier: CE:E9:36:74:73:C9:D6:28:DA:62:90:20:22:58:E2:5B:BA:6F:16:D3
Certificate issuer: /CN=7f65bff64d8a87977e334d89c4e38c0d1095af63
Certificate serial: 10B4DB
Authority key identifier: 7F:65:BF:F6:4D:8A:87:97:7E:33:4D:89:C4:E3:8C:0D:10:95:AF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2W_9k2Kh5d-M02JxOOMDRCVr2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/zuk2dHPJ1ijaYpAgIljiW7pvFtM.roa
Signing time: Tue 11 Jan 2022 19:02:36 +0000
ROA not before: Tue 11 Jan 2022 19:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201730
IP address blocks: 37.221.88.0/22 maxlen: 24
194.169.252.0/24 maxlen: 24
185.138.244.0/22 maxlen: 24
185.146.148.0/22 maxlen: 24
185.78.100.0/22 maxlen: 24
185.65.92.0/22 maxlen: 24
2a03:1aa0::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1094875 (0x10b4db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f65bff64d8a87977e334d89c4e38c0d1095af63
Validity
Not Before: Jan 11 19:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cee9367473c9d628da6290202258e25bba6f16d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f2:bb:63:10:23:0a:55:8c:e7:5d:4f:be:9b:
f8:83:a0:c9:fe:a4:c9:76:37:ac:93:2e:69:e7:e0:
9b:50:05:41:cd:b7:e4:ec:af:3b:26:bb:0c:ae:be:
8f:c7:49:c5:18:3b:ce:a0:1b:37:11:ee:63:9a:02:
c7:53:64:68:5f:e0:b0:4d:9b:7f:ec:fc:4d:e4:0a:
55:f3:1f:47:ed:dc:10:e9:01:f1:81:a0:9a:0e:39:
83:3e:6f:24:9c:0b:d9:58:d7:4d:6d:77:7e:31:6c:
91:99:a2:91:fc:66:3c:5a:5f:f0:a4:25:e0:fb:68:
38:5a:38:a2:80:01:6b:4f:0c:65:69:c8:e5:e4:47:
b1:31:86:c4:19:94:49:d4:e4:73:fe:88:88:14:04:
26:00:9a:b0:a1:4d:e3:f8:13:e1:54:64:07:a3:db:
8b:d2:64:20:b3:d6:fb:10:52:60:27:05:b3:59:60:
e4:41:5a:b6:9c:0e:9f:a6:06:ce:62:be:8a:d5:bf:
cc:53:cb:84:51:65:56:11:fa:9a:fc:93:f3:23:45:
ba:c9:28:9a:d4:c3:56:9d:94:84:24:95:e8:ce:fa:
3a:53:8f:6e:f6:86:13:2c:c8:be:4a:a1:fc:f0:e2:
93:fa:cb:de:b9:4c:ce:bd:e9:8c:ad:d0:7a:91:a9:
36:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E9:36:74:73:C9:D6:28:DA:62:90:20:22:58:E2:5B:BA:6F:16:D3
X509v3 Authority Key Identifier:
keyid:7F:65:BF:F6:4D:8A:87:97:7E:33:4D:89:C4:E3:8C:0D:10:95:AF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2W_9k2Kh5d-M02JxOOMDRCVr2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/zuk2dHPJ1ijaYpAgIljiW7pvFtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/f2W_9k2Kh5d-M02JxOOMDRCVr2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.88.0/22
185.65.92.0/22
185.78.100.0/22
185.138.244.0/22
185.146.148.0/22
194.169.252.0/24
IPv6:
2a03:1aa0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:f2:a6:fb:b6:5c:26:ff:71:3d:89:cf:ed:05:ad:0c:d1:a5:
7b:c3:d1:e1:5f:b2:97:5b:af:d5:50:3a:3d:bd:8b:f0:96:1d:
c8:fe:f7:72:49:59:a8:39:02:a8:86:7c:7e:ee:02:9f:39:6b:
d7:7b:4d:41:93:44:3c:f5:32:79:70:d6:a7:1e:ef:28:2c:80:
2c:e3:64:e9:8e:08:56:34:4e:67:a2:5e:fd:2e:1b:0c:4c:03:
7b:2c:2a:a3:14:0c:67:df:ac:e6:56:d4:72:8c:8f:d5:ba:24:
87:32:ac:51:43:dc:8e:28:bf:5b:a2:34:b2:fb:a6:e7:ec:e2:
17:f9:51:56:ce:b2:4b:38:d3:fa:4b:a7:b6:2a:6a:ec:31:cd:
7b:cd:4b:a6:01:83:4d:38:96:54:2c:a4:22:18:28:ac:bf:19:
c9:cb:58:bb:ef:38:0c:a1:04:9a:65:cb:f6:8c:65:36:08:3a:
d9:42:fd:2a:16:31:5f:a0:c2:f1:d6:52:62:07:e2:80:48:c4:
04:d4:97:21:3b:aa:bf:51:d9:9b:0a:c8:fe:c8:8f:5d:13:62:
f5:d3:db:67:e8:ed:91:8a:f2:b4:f3:6a:24:c3:11:58:68:f6:
29:1f:bd:fc:86:c2:da:e5:a1:8e:81:a5:5d:50:ff:ac:66:04:
d0:90:62:50
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIDELTbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdm
NjViZmY2NGQ4YTg3OTc3ZTMzNGQ4OWM0ZTM4YzBkMTA5NWFmNjMwHhcNMjIwMTEx
MTkwMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZWU5MzY3NDczYzlk
NjI4ZGE2MjkwMjAyMjU4ZTI1YmJhNmYxNmQzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlvK7YxAjClWM511Pvpv4g6DJ/qTJdjesky5p5+CbUAVBzbfk
7K87JrsMrr6Px0nFGDvOoBs3Ee5jmgLHU2RoX+CwTZt/7PxN5ApV8x9H7dwQ6QHx
gaCaDjmDPm8knAvZWNdNbXd+MWyRmaKR/GY8Wl/wpCXg+2g4WjiigAFrTwxlacjl
5EexMYbEGZRJ1ORz/oiIFAQmAJqwoU3j+BPhVGQHo9uL0mQgs9b7EFJgJwWzWWDk
QVq2nA6fpgbOYr6K1b/MU8uEUWVWEfqa/JPzI0W6ySia1MNWnZSEJJXozvo6U49u
9oYTLMi+SqH88OKT+sveuUzOvemMrdB6kak2SQIDAQABo4ICNjCCAjIwHQYDVR0O
BBYEFM7pNnRzydYo2mKQICJY4lu6bxbTMB8GA1UdIwQYMBaAFH9lv/ZNioeXfjNN
icTjjA0Qla9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZjJXXzlrMktoNWQtTTAySnhPT01EUkNWcjJNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zZC8zYTgwM2MtODcyZC00OTI3LWFmYTctMTUzNzQxNzc3MzlkLzEv
enVrMmRIUEoxaWphWXBBZ0lsamlXN3B2RnRNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8z
YTgwM2MtODcyZC00OTI3LWFmYTctMTUzNzQxNzc3MzlkLzEvZjJXXzlrMktoNWQt
TTAySnhPT01EUkNWcjJNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwG
CCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCJd1YAwQCuUFcAwQCuU5kAwQCuYr0
AwQCuZKUAwQAwqn8MA0EAgACMAcDBQAqAxqgMA0GCSqGSIb3DQEBCwUAA4IBAQBa
8qb7tlwm/3E9ic/tBa0M0aV7w9HhX7KXW6/VUDo9vYvwlh3I/vdySVmoOQKohnx+
7gKfOWvXe01Bk0Q89TJ5cNanHu8oLIAs42TpjghWNE5nol79LhsMTAN7LCqjFAxn
36zmVtRyjI/VuiSHMqxRQ9yOKL9bojSy+6bn7OIX+VFWzrJLONP6S6e2KmrsMc17
zUumAYNNOJZULKQiGCisvxnJy1i77zgMoQSaZcv2jGU2CDrZQv0qFjFfoMLx1lJi
B+KASMQE1JchO6q/UdmbCsj+yI9dE2L109tn6O2RivK082okwxFYaPYpH738hsLa
5aGOgaVdUP+sZgTQkGJQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:37 2025 by rpki-client