Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JerTbMIeVB-AJTAsYi-xVSyv1_Y.roa
File: JerTbMIeVB-AJTAsYi-xVSyv1_Y.roa (raw, json)
Hash identifier: 1KXdCWXpsF/TyFxo53/EwGl+qfk8aHtsZY6B0qLcovU=
Subject key identifier: 25:EA:D3:6C:C2:1E:54:1F:80:25:30:2C:62:2F:B1:55:2C:AF:D7:F6
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018F5FA71676FB8B29491B7F715C680177CA
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JerTbMIeVB-AJTAsYi-xVSyv1_Y.roa
Signing time: Thu 09 May 2024 23:18:56 +0000
ROA not before: Thu 09 May 2024 23:18:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.24.0/22 maxlen: 24
185.65.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5f:a7:16:76:fb:8b:29:49:1b:7f:71:5c:68:01:77:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: May 9 23:18:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25ead36cc21e541f8025302c622fb1552cafd7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:09:25:28:1f:58:c6:37:97:12:29:d6:3b:
83:7f:f3:dd:65:f6:69:70:17:24:ff:90:4d:61:d4:
0f:95:15:89:1a:4c:92:16:8a:63:83:dd:4c:6d:af:
88:f5:3f:e9:bf:e8:31:af:34:28:e1:27:d9:c7:fb:
78:4c:a7:fb:d8:fd:48:5b:e5:8b:38:cc:04:7c:4f:
70:0f:c4:fb:fd:60:ec:76:f3:04:7d:f5:f9:d2:56:
14:64:9c:28:fd:f1:00:bf:f9:f2:78:60:dd:e1:b8:
57:50:8e:5e:4e:ec:bb:d5:81:da:9b:22:68:62:4b:
c2:3f:c2:11:eb:f6:fd:a3:7e:35:cd:09:69:c5:a0:
95:e4:2b:ef:e2:d1:f5:9d:99:ae:cc:64:09:74:d0:
28:c1:c8:80:1c:74:e5:39:5f:9f:dd:7c:b3:4e:b7:
43:7e:fa:2a:af:95:38:b9:f5:2e:4d:0c:03:ed:2c:
c8:f8:56:1e:f8:92:d3:bc:2b:5f:87:1a:c8:e0:60:
8d:25:f4:29:f6:0a:6d:f5:16:1f:23:29:3c:cf:69:
ae:8f:53:12:9a:6e:fb:9b:44:46:5a:4c:04:fe:81:
87:46:e3:5b:e0:26:bb:c2:51:67:b9:c9:e3:08:6d:
74:04:08:7c:30:36:39:4b:88:c2:8a:03:7b:1f:db:
86:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EA:D3:6C:C2:1E:54:1F:80:25:30:2C:62:2F:B1:55:2C:AF:D7:F6
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JerTbMIeVB-AJTAsYi-xVSyv1_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
109.111.32.0/20
176.221.16.0-176.221.27.255
185.65.62.0/24
Signature Algorithm: sha256WithRSAEncryption
00:0e:1c:5c:de:36:73:41:a0:aa:bf:fb:0f:93:46:46:77:6b:
3e:f3:a2:cc:b7:24:fc:29:32:85:e0:98:75:fd:12:bb:11:dc:
68:c2:bf:89:12:45:1a:7e:5b:f7:e6:c6:af:12:39:72:5e:96:
10:8b:9a:41:e3:15:67:25:72:48:2a:c7:9e:ae:58:7b:b5:ae:
76:97:e0:f2:cc:63:3f:ee:1f:b6:d8:2f:82:f9:2e:d7:41:b7:
04:7e:e9:b0:ee:d1:30:bf:8e:b2:84:7a:10:8d:14:19:bc:32:
c2:fd:93:ac:4e:90:41:8f:a9:a8:da:a1:24:e6:ae:c2:c0:93:
a8:78:2d:52:61:c7:45:ee:08:95:f8:b4:a4:a5:f4:ff:da:56:
0c:23:39:cb:20:aa:84:db:3d:d0:f3:5a:bb:34:ee:82:83:41:
4c:8c:b1:15:51:38:c1:6b:79:fa:9e:8c:a2:f9:5b:6c:a9:fe:
bc:6c:54:3c:7d:ae:b0:e6:91:32:d9:5a:51:89:83:44:8b:85:
86:4d:a3:f1:05:46:25:86:95:a2:fa:ea:a3:37:a9:56:8e:da:
0d:99:01:36:75:68:3a:0f:2a:01:99:f9:f0:25:d4:27:72:36:
ae:b3:be:fc:48:d7:44:b4:7e:51:a9:0a:8e:ef:79:7d:e9:c7:
b9:3e:17:da
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY9fpxZ2+4spSRt/cVxoAXfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNTA5MjMxODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWVhZDM2Y2MyMWU1NDFmODAyNTMwMmM2MjJmYjE1NTJjYWZkN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudEJJSgfWMY3lxIp1juDf/PdZfZp
cBck/5BNYdQPlRWJGkySFopjg91Mba+I9T/pv+gxrzQo4SfZx/t4TKf72P1IW+WL
OMwEfE9wD8T7/WDsdvMEffX50lYUZJwo/fEAv/nyeGDd4bhXUI5eTuy71YHamyJo
YkvCP8IR6/b9o341zQlpxaCV5Cvv4tH1nZmuzGQJdNAowciAHHTlOV+f3XyzTrdD
fvoqr5U4ufUuTQwD7SzI+FYe+JLTvCtfhxrI4GCNJfQp9gpt9RYfIyk8z2muj1MS
mm77m0RGWkwE/oGHRuNb4Ca7wlFnucnjCG10BAh8MDY5S4jCigN7H9uG/wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCXq02zCHlQfgCUwLGIvsVUsr9f2MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSmVyVGJNSWVWQi1BSlRBc1lpLXhWU3l2MV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCJYD4AwQE
X1IAAwQEbW8gMAwDBASw3RADBAKw3RgDBAC5QT4wDQYJKoZIhvcNAQELBQADggEB
AAAOHFzeNnNBoKq/+w+TRkZ3az7zosy3JPwpMoXgmHX9ErsR3GjCv4kSRRp+W/fm
xq8SOXJelhCLmkHjFWclckgqx56uWHu1rnaX4PLMYz/uH7bYL4L5LtdBtwR+6bDu
0TC/jrKEehCNFBm8MsL9k6xOkEGPqajaoSTmrsLAk6h4LVJhx0XuCJX4tKSl9P/a
VgwjOcsgqoTbPdDzWrs07oKDQUyMsRVROMFrefqejKL5W2yp/rxsVDx9rrDmkTLZ
WlGJg0SLhYZNo/EFRiWGlaL66qM3qVaO2g2ZATZ1aDoPKgGZ+fAl1CdyNq6zvvxI
10S0flGpCo7veX3px7k+F9o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:03 2025 by rpki-client