Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1ZRIvPx6ETI2foVQsO3ZFFdf-oQ.roa
File: 1ZRIvPx6ETI2foVQsO3ZFFdf-oQ.roa (raw, json)
Hash identifier: QQQv2OAvFQaJgnjnMJ1dIdVL+j/mdQd3YY4yBWBOdQs=
Subject key identifier: D5:94:48:BC:FC:7A:11:32:36:7E:85:50:B0:ED:D9:14:57:5F:FA:84
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0187AD43E8B46908433BAF55F06F06A6FC65
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1ZRIvPx6ETI2foVQsO3ZFFdf-oQ.roa
Signing time: Sun 23 Apr 2023 08:38:41 +0000
ROA not before: Sun 23 Apr 2023 08:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.82.32.0/21 maxlen: 24
109.111.52.0/22 maxlen: 24
37.128.252.0/22 maxlen: 24
37.128.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ad:43:e8:b4:69:08:43:3b:af:55:f0:6f:06:a6:fc:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Apr 23 08:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d59448bcfc7a1132367e8550b0edd914575ffa84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:81:41:6f:a0:c3:7b:84:68:e6:9d:0e:ae:4f:
86:e4:ef:9d:a1:fb:fa:75:97:ed:26:c2:d5:f4:ac:
3e:3b:62:54:02:46:8f:28:66:41:7b:3c:50:7f:9d:
20:6a:ae:88:2d:9b:8d:ae:33:84:cd:81:d4:35:41:
c8:af:16:8b:d9:6d:fd:c4:60:65:a4:40:33:e6:da:
f2:40:9f:2e:6c:39:02:d5:30:97:47:04:6a:e5:6f:
5e:cd:13:66:d4:f1:40:2a:77:42:aa:13:e8:a3:e8:
39:42:c0:07:94:02:45:6a:11:7d:97:5b:62:85:60:
bb:c1:82:dd:f7:63:b0:ea:ba:f5:20:af:73:64:3d:
9c:5e:81:ce:41:4c:a3:20:21:ee:dc:8a:5c:bb:ff:
02:d9:75:3e:dc:4b:df:2a:37:5d:db:a0:7a:3d:94:
86:1a:f8:e2:fa:79:bf:19:7b:0e:80:40:70:cc:c1:
de:00:fc:bc:52:ad:a1:01:c5:dc:68:c6:6a:3a:34:
fd:91:20:53:51:8c:da:d3:71:cc:89:aa:a4:37:a3:
8c:90:62:4c:ac:e9:ae:73:cf:c9:0e:c2:55:08:89:
0b:94:56:33:06:7c:2a:21:76:4b:4f:c4:4b:c4:2c:
1d:d3:b5:e3:c0:2c:3a:38:0b:a2:24:82:ec:de:82:
75:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:94:48:BC:FC:7A:11:32:36:7E:85:50:B0:ED:D9:14:57:5F:FA:84
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1ZRIvPx6ETI2foVQsO3ZFFdf-oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/21
95.82.32.0/21
109.111.52.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:48:2d:47:df:fa:8a:2e:70:bc:a0:16:d2:ba:de:1a:28:b0:
13:74:61:67:88:a3:89:c9:65:a5:fe:bd:36:fe:65:62:b6:2b:
24:a0:7c:63:7d:db:e1:d7:ed:72:ef:6e:3b:a0:54:45:23:0f:
90:7d:4e:70:40:8f:7e:e8:7c:5c:ad:11:65:09:73:19:f5:80:
96:c1:d5:62:f7:33:fc:52:30:0f:7d:b8:45:0c:84:8e:a0:6a:
c5:6e:86:19:8c:53:12:d5:92:5c:c0:93:45:84:fc:10:d5:3a:
6a:bf:96:40:3e:f4:04:ab:d2:2f:54:58:e6:c7:f6:12:b3:14:
ac:8f:34:c7:f1:1b:4f:e9:0c:6b:a1:1e:ec:fe:cd:6d:9d:05:
cb:03:f5:87:c4:0d:49:82:83:ea:f7:ad:64:b2:39:e9:f9:5d:
77:22:6b:8a:6c:4f:ad:2d:a0:4d:99:7d:43:b0:4f:cf:39:45:
51:bc:42:14:04:b4:3d:0e:be:51:81:ad:e8:f2:18:b7:9b:1c:
fd:0e:28:5e:f4:c3:3b:c9:1d:45:0d:0f:23:8d:d0:44:69:37:
9b:f6:da:68:36:29:cd:17:a0:b5:51:70:0c:31:0a:98:d8:17:
97:30:10:54:56:5b:d5:91:be:9a:78:64:76:b5:14:df:42:7e:
63:c8:86:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYetQ+i0aQhDO69V8G8GpvxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwNDIzMDgzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk0NDhiY2ZjN2ExMTMyMzY3ZTg1NTBiMGVkZDkxNDU3NWZmYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4FBb6DDe4Ro5p0Ork+G5O+dofv6
dZftJsLV9Kw+O2JUAkaPKGZBezxQf50gaq6ILZuNrjOEzYHUNUHIrxaL2W39xGBl
pEAz5tryQJ8ubDkC1TCXRwRq5W9ezRNm1PFAKndCqhPoo+g5QsAHlAJFahF9l1ti
hWC7wYLd92Ow6rr1IK9zZD2cXoHOQUyjICHu3Ipcu/8C2XU+3EvfKjdd26B6PZSG
Gvji+nm/GXsOgEBwzMHeAPy8Uq2hAcXcaMZqOjT9kSBTUYza03HMiaqkN6OMkGJM
rOmuc8/JDsJVCIkLlFYzBnwqIXZLT8RLxCwd07XjwCw6OAuiJILs3oJ1lwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNWUSLz8ehEyNn6FULDt2RRXX/qEMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvMVpSSXZQeDZFVEkyZm9WUXNPM1pGRmRmLW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJYD4AwQD
X1IgAwQCbW80MA0GCSqGSIb3DQEBCwUAA4IBAQCeSC1H3/qKLnC8oBbSut4aKLAT
dGFniKOJyWWl/r02/mVitiskoHxjfdvh1+1y7247oFRFIw+QfU5wQI9+6HxcrRFl
CXMZ9YCWwdVi9zP8UjAPfbhFDISOoGrFboYZjFMS1ZJcwJNFhPwQ1Tpqv5ZAPvQE
q9IvVFjmx/YSsxSsjzTH8RtP6QxroR7s/s1tnQXLA/WHxA1JgoPq961ksjnp+V13
ImuKbE+tLaBNmX1DsE/POUVRvEIUBLQ9Dr5Rga3o8hi3mxz9Dihe9MM7yR1FDQ8j
jdBEaTeb9tpoNinNF6C1UXAMMQqY2BeXMBBUVlvVkb6aeGR2tRTfQn5jyIZT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:53 2025 by rpki-client