Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Jt-W8A3ffiIfdOetEkIQekfWxIo.roa
File: Jt-W8A3ffiIfdOetEkIQekfWxIo.roa (raw, json)
Hash identifier: HdQIdxLjJc1dnCbTaPnawgN8mPLzzIiLWKa+suhcWyc=
Subject key identifier: 26:DF:96:F0:0D:DF:7E:22:1F:74:E7:AD:12:42:10:7A:47:D6:C4:8A
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018C5893BD37FA2EE5831ABC22AE258E4AFD
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Jt-W8A3ffiIfdOetEkIQekfWxIo.roa
Signing time: Mon 11 Dec 2023 11:12:06 +0000
ROA not before: Mon 11 Dec 2023 11:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
95.82.32.0/21 maxlen: 24
176.221.24.0/21 maxlen: 21
176.221.30.0/23 maxlen: 24
109.111.56.0/22 maxlen: 24
176.221.28.0/22 maxlen: 24
37.128.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:93:bd:37:fa:2e:e5:83:1a:bc:22:ae:25:8e:4a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 11 11:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26df96f00ddf7e221f74e7ad1242107a47d6c48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e8:bd:35:70:ec:d0:58:32:d9:63:7d:c9:05:
df:6d:0d:40:c5:5b:01:82:51:ee:93:c6:60:49:5e:
57:80:71:a7:e1:74:58:cc:46:c3:30:1b:ca:db:a4:
e6:5d:62:5f:dc:85:9f:bf:50:3a:4e:1d:a1:24:e4:
f0:b2:ae:e0:34:c4:cd:08:4e:8d:95:da:89:35:a1:
57:ab:9c:ae:8d:8b:48:90:48:b6:b1:4f:de:8e:70:
5b:c5:1d:ee:a9:29:e4:2a:31:45:7d:d6:a3:cb:b9:
f8:84:14:5a:8a:47:4f:bc:54:d1:06:eb:0d:d5:11:
87:45:db:3e:2f:74:94:c6:d9:fb:a2:4c:07:34:41:
c7:2e:d0:33:de:a6:e1:98:63:28:9a:80:e8:5b:de:
15:76:68:4f:2a:2c:20:6e:59:b0:2e:74:4d:63:d4:
85:13:0d:21:8f:28:eb:4a:e3:d9:0d:c8:9a:c4:4d:
a6:1d:08:0c:2e:52:08:4c:a6:d2:c0:65:ad:e5:47:
7d:16:ae:78:3d:6c:19:aa:af:6b:7d:52:35:de:98:
10:b7:1e:29:3b:74:4e:7a:62:86:01:ed:a3:47:7c:
46:a2:3f:5b:dc:42:3a:b0:fd:b7:7d:28:89:2d:dd:
35:0b:16:a0:b8:51:76:80:91:2a:b9:4d:7c:6e:7d:
6d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DF:96:F0:0D:DF:7E:22:1F:74:E7:AD:12:42:10:7A:47:D6:C4:8A
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Jt-W8A3ffiIfdOetEkIQekfWxIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.32.0/21
109.111.32.0/20
109.111.56.0/22
176.221.16.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:57:7c:93:aa:05:68:99:b6:23:53:a3:b4:02:97:12:a3:0f:
da:12:f3:7d:5e:6c:e5:4b:ff:11:dd:bd:3a:41:90:a8:d3:8b:
c7:6c:53:7e:e3:d0:ba:5c:62:cd:c0:17:62:01:e6:07:e8:bc:
b8:39:e8:e6:4c:9d:b5:a6:b0:a9:46:07:de:f4:36:2d:50:97:
f9:ea:77:04:09:01:11:34:44:b5:3f:c6:e3:fa:d4:7e:a3:27:
82:9a:d3:f7:01:91:52:0c:81:ea:b8:31:4f:5b:03:b1:f2:89:
16:8d:93:71:e5:8d:67:d1:75:8e:81:96:6c:10:74:c8:46:b4:
66:7d:42:4a:c1:02:e0:c1:08:87:c7:1c:92:80:f5:12:7f:7a:
96:9f:5c:5c:0f:a7:6e:91:60:99:5b:dc:d7:dc:1f:e5:4f:d3:
81:e8:8c:7c:67:96:95:c3:3d:25:93:02:7f:83:38:81:40:27:
43:0c:8f:bf:6d:83:9f:47:b8:34:d3:ca:d8:7e:9a:ba:1c:e8:
f3:b0:dd:1c:21:7c:fb:67:e7:e1:57:4e:35:af:aa:a9:94:4e:
65:10:cc:e5:28:36:19:90:e7:f0:19:9b:41:b6:49:d6:c4:b9:
bf:d6:e0:48:24:54:9a:a8:40:2b:b6:5e:73:ac:13:c8:fb:38:
cc:03:16:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxYk703+i7lgxq8Iq4ljkr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMjExMTExMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmRmOTZmMDBkZGY3ZTIyMWY3NGU3YWQxMjQyMTA3YTQ3ZDZjNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOi9NXDs0Fgy2WN9yQXfbQ1AxVsB
glHuk8ZgSV5XgHGn4XRYzEbDMBvK26TmXWJf3IWfv1A6Th2hJOTwsq7gNMTNCE6N
ldqJNaFXq5yujYtIkEi2sU/ejnBbxR3uqSnkKjFFfdajy7n4hBRaikdPvFTRBusN
1RGHRds+L3SUxtn7okwHNEHHLtAz3qbhmGMomoDoW94VdmhPKiwgblmwLnRNY9SF
Ew0hjyjrSuPZDciaxE2mHQgMLlIITKbSwGWt5Ud9Fq54PWwZqq9rfVI13pgQtx4p
O3ROemKGAe2jR3xGoj9b3EI6sP23fSiJLd01CxaguFF2gJEquU18bn1tIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCbflvAN334iH3TnrRJCEHpH1sSKMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSnQtVzhBM2ZmaUlmZE9ldEVrSVFla2ZXeElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCJYD4AwQD
X1IgAwQEbW8gAwQCbW84AwQEsN0QMA0GCSqGSIb3DQEBCwUAA4IBAQAvV3yTqgVo
mbYjU6O0ApcSow/aEvN9XmzlS/8R3b06QZCo04vHbFN+49C6XGLNwBdiAeYH6Ly4
OejmTJ21prCpRgfe9DYtUJf56ncECQERNES1P8bj+tR+oyeCmtP3AZFSDIHquDFP
WwOx8okWjZNx5Y1n0XWOgZZsEHTIRrRmfUJKwQLgwQiHxxySgPUSf3qWn1xcD6du
kWCZW9zX3B/lT9OB6Ix8Z5aVwz0lkwJ/gziBQCdDDI+/bYOfR7g008rYfpq6HOjz
sN0cIXz7Z+fhV041r6qplE5lEMzlKDYZkOfwGZtBtknWxLm/1uBIJFSaqEArtl5z
rBPI+zjMAxbs
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:12 2025 by rpki-client