Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/6_YrxkY0-A0TZfT_BBHTv8KNyEc.roa
File: 6_YrxkY0-A0TZfT_BBHTv8KNyEc.roa (raw, json)
Hash identifier: I6SrqFdtjK9UNRGr856BTMXFHAHInTO2lS59/VXIK8I=
Subject key identifier: EB:F6:2B:C6:46:34:F8:0D:13:65:F4:FF:04:11:D3:BF:C2:8D:C8:47
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018EA86782C9D13E4D30BAF0EA35793B0A57
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/6_YrxkY0-A0TZfT_BBHTv8KNyEc.roa
Signing time: Thu 04 Apr 2024 09:18:59 +0000
ROA not before: Thu 04 Apr 2024 09:18:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
37.128.254.0/23 maxlen: 24
95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.20.0/22 maxlen: 24
176.221.20.0/23 maxlen: 24
176.221.24.0/22 maxlen: 24
185.65.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:67:82:c9:d1:3e:4d:30:ba:f0:ea:35:79:3b:0a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Apr 4 09:18:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebf62bc64634f80d1365f4ff0411d3bfc28dc847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:58:e2:42:ce:97:bc:4b:0e:5d:97:7b:e5:70:
33:6d:ec:25:fe:cd:c5:57:7b:3e:e6:44:b0:6c:89:
1f:34:84:51:47:c5:24:68:80:d0:30:cc:ae:ce:92:
a6:a3:7d:c4:41:56:21:2c:7a:81:ce:2b:64:00:6d:
97:fe:82:41:4c:b2:cb:2c:b8:bf:40:87:be:fa:0d:
4c:a3:ab:f9:db:f6:1b:00:42:0e:fa:b1:90:14:a8:
3d:db:49:dc:9e:d9:a6:d1:ad:76:0c:cc:51:c4:e3:
55:4b:c0:1a:3b:b9:24:f8:d9:aa:c0:fe:58:7b:4c:
c4:93:ff:ec:07:d2:57:c7:f7:fc:8a:a4:9c:80:5f:
26:45:b5:fb:7d:78:10:78:e3:6d:01:7b:44:3c:8e:
da:73:a5:76:58:7b:35:4d:34:60:17:ce:93:f6:6f:
b7:f1:fb:1e:ef:30:a6:64:d3:d1:0d:fa:97:e0:cd:
e2:3a:bf:e9:f4:b4:4f:32:bc:fa:a5:4e:7e:8c:ab:
7d:75:a3:ba:4a:ad:e1:4a:8e:a2:6b:82:e1:35:7a:
83:87:71:fe:26:9d:3d:38:a8:3e:bd:15:0a:2d:dd:
06:4b:e8:8f:5d:b0:66:eb:6e:5e:d6:ea:30:c7:d9:
27:39:47:b8:69:c0:1a:9b:b4:f2:30:72:e4:a0:d8:
80:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F6:2B:C6:46:34:F8:0D:13:65:F4:FF:04:11:D3:BF:C2:8D:C8:47
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/6_YrxkY0-A0TZfT_BBHTv8KNyEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
37.128.254.0/23
95.82.0.0/20
109.111.32.0/20
176.221.16.0-176.221.27.255
185.65.62.0/24
Signature Algorithm: sha256WithRSAEncryption
23:b6:84:27:d3:4d:0a:3a:88:f1:76:02:ba:aa:39:d2:92:f3:
d1:71:03:3a:a1:29:22:13:73:30:61:e1:3e:5a:6e:04:fe:12:
39:d4:33:c2:84:51:7a:a9:ca:40:56:b3:52:f5:06:b3:d6:6f:
0e:81:d1:41:a3:75:aa:4e:25:4d:05:72:3d:ac:f4:56:7e:07:
1a:0b:ee:6d:8d:da:cb:46:3e:22:fa:73:8a:f4:d7:55:9c:5b:
61:50:b3:4b:2d:5e:19:16:c8:40:46:8c:c4:60:ea:ab:92:2a:
dd:da:f0:f2:ff:6b:60:68:03:40:3e:83:1b:38:8c:b7:80:3c:
b2:9a:e9:65:5b:5c:7c:4e:4b:b0:7e:72:fe:63:1c:d9:fb:93:
80:25:e7:06:64:55:b2:42:7f:33:2f:73:8c:de:a3:5f:45:2f:
e8:a3:39:bb:b4:cb:62:8b:7e:23:b6:ff:12:7b:73:2d:ee:46:
f6:c0:e5:97:86:d7:d9:06:89:f3:d5:41:e7:1c:08:97:2a:32:
6d:74:f3:82:63:ed:fe:84:7c:04:ec:72:c3:f3:42:5a:b5:d2:
fc:41:4e:b3:e9:8c:51:99:3d:ee:f5:70:05:18:b3:51:f1:01:
3b:5a:92:a5:3d:b4:c9:ea:ba:8c:1c:49:86:5e:56:3b:89:b3:
30:81:93:dd
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY6oZ4LJ0T5NMLrw6jV5OwpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNDA0MDkxODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmY2MmJjNjQ2MzRmODBkMTM2NWY0ZmYwNDExZDNiZmMyOGRjODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1jiQs6XvEsOXZd75XAzbewl/s3F
V3s+5kSwbIkfNIRRR8UkaIDQMMyuzpKmo33EQVYhLHqBzitkAG2X/oJBTLLLLLi/
QIe++g1Mo6v52/YbAEIO+rGQFKg920ncntmm0a12DMxRxONVS8AaO7kk+NmqwP5Y
e0zEk//sB9JXx/f8iqScgF8mRbX7fXgQeONtAXtEPI7ac6V2WHs1TTRgF86T9m+3
8fse7zCmZNPRDfqX4M3iOr/p9LRPMrz6pU5+jKt9daO6Sq3hSo6ia4LhNXqDh3H+
Jp09OKg+vRUKLd0GS+iPXbBm625e1uowx9knOUe4acAam7TyMHLkoNiAZQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOv2K8ZGNPgNE2X0/wQR07/CjchHMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvNl9ZcnhrWTAtQTBUWmZUX0JCSFR2OEtOeUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCJYD4AwQB
JYD+AwQEX1IAAwQEbW8gMAwDBASw3RADBAKw3RgDBAC5QT4wDQYJKoZIhvcNAQEL
BQADggEBACO2hCfTTQo6iPF2ArqqOdKS89FxAzqhKSITczBh4T5abgT+EjnUM8KE
UXqpykBWs1L1BrPWbw6B0UGjdapOJU0Fcj2s9FZ+BxoL7m2N2stGPiL6c4r011Wc
W2FQs0stXhkWyEBGjMRg6quSKt3a8PL/a2BoA0A+gxs4jLeAPLKa6WVbXHxOS7B+
cv5jHNn7k4Al5wZkVbJCfzMvc4zeo19FL+ijObu0y2KLfiO2/xJ7cy3uRvbA5ZeG
19kGifPVQeccCJcqMm1084Jj7f6EfATscsPzQlq10vxBTrPpjFGZPe71cAUYs1Hx
ATtakqU9tMnquowcSYZeVjuJszCBk90=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:43 2025 by rpki-client