Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/sT81zhS3StkvfLmn1OQrlYd_t_g.roa
File: sT81zhS3StkvfLmn1OQrlYd_t_g.roa (raw, json)
Hash identifier: EDjn/3t0UKvfvwF57UDthrEGWrDixD4ALztUBE6e0n4=
Subject key identifier: B1:3F:35:CE:14:B7:4A:D9:2F:7C:B9:A7:D4:E4:2B:95:87:7F:B7:F8
Certificate issuer: /CN=6327607563493337687ad69ce1064e636265be3f
Certificate serial: 018CC348DDE37E7706AEE092E4F4A9F5F8CE
Authority key identifier: 63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/sT81zhS3StkvfLmn1OQrlYd_t_g.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60485
IP address blocks: 37.203.209.0/24 maxlen: 24
5.157.38.0/24 maxlen: 24
91.108.183.0/24 maxlen: 24
5.157.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:dd:e3:7e:77:06:ae:e0:92:e4:f4:a9:f5:f8:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6327607563493337687ad69ce1064e636265be3f
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b13f35ce14b74ad92f7cb9a7d4e42b95877fb7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1e:39:fe:ed:be:a1:4d:4a:f4:ab:4e:7f:08:
b5:3a:33:14:ef:df:af:80:48:b9:ba:d0:0c:71:bc:
49:f0:a3:a7:72:f0:0b:29:25:9e:3b:a1:2b:dc:a8:
88:4b:2d:55:99:ed:d0:e8:aa:30:2a:28:b2:1f:00:
eb:eb:1f:bc:cd:d7:73:d9:ec:a9:98:15:d3:9f:5d:
70:4f:9a:03:9c:89:ed:48:84:8c:eb:cd:0a:03:f0:
46:9d:54:a7:0f:1c:d5:52:11:24:06:4f:6d:97:97:
fb:ae:0f:da:2f:5e:7b:2b:6c:6d:78:e1:c2:49:bd:
ea:b0:7a:93:5b:9d:9c:5d:50:b4:ee:29:23:ca:a4:
06:c4:a9:13:88:89:fa:42:3f:f1:f2:b1:71:32:6a:
b0:d3:34:da:06:5a:69:bc:58:8b:b0:94:46:f7:ee:
98:5d:7a:65:7e:77:66:21:72:0c:04:92:0f:54:3c:
ad:1b:af:cb:db:ae:a0:8b:ba:42:ab:6f:41:ad:a5:
f2:37:9b:14:24:34:25:0d:2f:ff:23:b1:fe:f3:3c:
4b:48:ed:cd:9f:4d:80:29:bb:cc:0c:46:9f:e2:80:
c3:c5:19:85:99:2d:86:d2:7a:85:c4:e9:8a:8f:dd:
ed:5c:52:a5:40:83:04:b8:ab:5c:f2:27:8c:a0:9d:
18:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3F:35:CE:14:B7:4A:D9:2F:7C:B9:A7:D4:E4:2B:95:87:7F:B7:F8
X509v3 Authority Key Identifier:
keyid:63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/sT81zhS3StkvfLmn1OQrlYd_t_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YydgdWNJMzdoetac4QZOY2Jlvj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.38.0/24
5.157.57.0/24
37.203.209.0/24
91.108.183.0/24
Signature Algorithm: sha256WithRSAEncryption
72:fc:58:6f:d1:5b:af:c4:8e:bc:1a:db:ae:37:59:9d:f2:43:
4e:0d:fc:31:14:d5:91:3a:ed:98:d5:37:83:53:51:64:ec:ea:
2a:69:01:98:6c:f0:07:3e:b7:1e:a1:af:bc:e2:a8:0c:5b:49:
b2:a8:12:3f:7a:61:e7:40:1c:73:88:5a:ec:e2:d7:8d:b3:72:
33:82:15:59:f9:e4:f7:30:19:10:6f:b7:45:37:04:fd:a0:c1:
67:69:e8:e0:7b:ca:90:7a:ee:71:48:70:e9:6b:9e:08:8e:53:
6c:73:2c:23:b0:9a:97:f4:f1:f1:5d:34:53:e9:68:98:83:9f:
f8:5c:d6:ca:ec:20:d9:76:df:25:6f:cd:94:ba:45:15:ab:8e:
de:f5:8a:2b:eb:7d:ed:62:6b:9e:3c:8f:bb:d5:e3:e2:a9:05:
74:76:04:c0:ed:b2:e6:8a:fd:60:72:0d:44:96:44:e2:fc:bc:
6c:aa:1a:74:45:51:45:ac:53:91:01:72:5f:b5:c1:0b:2e:0d:
ab:b5:28:8a:be:4f:1c:99:cd:d2:71:8a:8b:33:ff:e0:d1:33:
55:a8:ba:0d:0c:38:80:72:77:43:4d:a4:41:51:16:63:d4:c1:
f2:ce:4d:02:6a:e6:a9:24:37:a8:16:1e:0f:c5:cc:94:65:20:
92:a8:93:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSN3jfncGruCS5PSp9fjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMjc2MDc1NjM0OTMzMzc2ODdhZDY5Y2UxMDY0ZTYzNjI2
NWJlM2YwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTNmMzVjZTE0Yjc0YWQ5MmY3Y2I5YTdkNGU0MmI5NTg3N2ZiN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnx45/u2+oU1K9KtOfwi1OjMU79+v
gEi5utAMcbxJ8KOncvALKSWeO6Er3KiISy1Vme3Q6KowKiiyHwDr6x+8zddz2eyp
mBXTn11wT5oDnIntSISM680KA/BGnVSnDxzVUhEkBk9tl5f7rg/aL157K2xteOHC
Sb3qsHqTW52cXVC07ikjyqQGxKkTiIn6Qj/x8rFxMmqw0zTaBlppvFiLsJRG9+6Y
XXplfndmIXIMBJIPVDytG6/L266gi7pCq29BraXyN5sUJDQlDS//I7H+8zxLSO3N
n02AKbvMDEaf4oDDxRmFmS2G0nqFxOmKj93tXFKlQIMEuKtc8ieMoJ0Y8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLE/Nc4Ut0rZL3y5p9TkK5WHf7f4MB8GA1UdIwQY
MBaAFGMnYHVjSTM3aHrWnOEGTmNiZb4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODct
ZmM5MDkzZmVkYjFiLzEvc1Q4MXpoUzNTdGt2ZkxtbjFPUXJsWWRfdF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODctZmM5MDkzZmVkYjFi
LzEvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZ0mAwQA
BZ05AwQAJcvRAwQAW2y3MA0GCSqGSIb3DQEBCwUAA4IBAQBy/Fhv0VuvxI68Gtuu
N1md8kNODfwxFNWROu2Y1TeDU1Fk7OoqaQGYbPAHPrceoa+84qgMW0myqBI/emHn
QBxziFrs4teNs3IzghVZ+eT3MBkQb7dFNwT9oMFnaejge8qQeu5xSHDpa54IjlNs
cywjsJqX9PHxXTRT6WiYg5/4XNbK7CDZdt8lb82UukUVq47e9Yor633tYmuePI+7
1ePiqQV0dgTA7bLmiv1gcg1ElkTi/Lxsqhp0RVFFrFORAXJftcELLg2rtSiKvk8c
mc3ScYqLM//g0TNVqLoNDDiAcndDTaRBURZj1MHyzk0CauapJDeoFh4PxcyUZSCS
qJPE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:22 2024 by rpki-client on console-ams.rpki-client.org