Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/LOtZpL0Lkj4xBtbbq62vqvGaBtU.roa
File: LOtZpL0Lkj4xBtbbq62vqvGaBtU.roa (raw, json)
Hash identifier: yFQxf3NmTie2ajkGFg2qGwfV8qMUBjMtbC84fATrXBE=
Subject key identifier: 2C:EB:59:A4:BD:0B:92:3E:31:06:D6:DB:AB:AD:AF:AA:F1:9A:06:D5
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018E48022996C344746C3B468D924ED02663
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/LOtZpL0Lkj4xBtbbq62vqvGaBtU.roa
Signing time: Sat 16 Mar 2024 16:04:45 +0000
ROA not before: Sat 16 Mar 2024 16:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/20 maxlen: 20
95.82.0.0/21 maxlen: 24
95.82.8.0/21 maxlen: 24
95.82.32.0/21 maxlen: 21
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
176.221.26.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:02:29:96:c3:44:74:6c:3b:46:8d:92:4e:d0:26:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Mar 16 16:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ceb59a4bd0b923e3106d6dbabadafaaf19a06d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3f:f7:6b:3a:b6:e6:a5:8d:ab:93:e3:66:4f:
ea:63:3f:47:42:18:78:a2:61:74:8f:c0:6e:7d:33:
17:16:f5:cd:2c:7c:ab:e7:ed:6a:c8:e4:17:2c:3a:
e5:91:83:e3:01:ba:f8:39:dc:d2:b8:aa:da:12:98:
0b:6b:94:7c:ff:a4:dc:ea:bb:3f:a3:3a:58:ed:43:
81:e6:c1:7b:2a:e8:5b:35:0a:c1:e7:d6:0d:4f:c7:
e7:92:c1:88:1b:c0:66:b6:88:db:a3:23:13:c8:a3:
3d:56:27:36:ba:b9:bf:ed:0c:b6:d4:58:65:9b:2f:
85:df:9c:cd:56:69:5e:80:6d:2d:32:71:61:5a:e8:
b4:2b:82:9b:31:db:07:08:33:e7:cb:7e:1c:36:d8:
2b:30:ef:27:65:6b:86:56:c7:31:98:1c:b0:c1:aa:
0f:56:23:48:55:7e:74:d7:7c:8b:27:e0:ae:1b:84:
4e:35:ff:79:20:e6:b1:e3:6e:0f:05:32:a5:6a:96:
0f:12:e2:76:64:80:db:c6:60:9d:b6:e0:4e:4e:e8:
99:37:f6:4e:97:5d:54:f1:fd:57:d8:eb:03:17:82:
fd:74:0b:3b:2d:b7:e3:6a:82:14:77:4e:08:ff:e5:
21:a2:01:c5:ba:de:5a:b5:be:4b:fe:e3:d3:3a:71:
ce:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:EB:59:A4:BD:0B:92:3E:31:06:D6:DB:AB:AD:AF:AA:F1:9A:06:D5
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/LOtZpL0Lkj4xBtbbq62vqvGaBtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
95.82.32.0/21
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
51:32:75:b2:d5:e4:0f:cc:5b:b2:65:6c:f1:17:9b:84:8a:36:
f9:b2:65:64:56:fd:d4:98:5a:ac:38:c1:cc:33:7f:df:27:20:
de:15:be:f5:ba:0c:84:03:f4:f4:5b:8e:37:a2:4c:b3:09:d6:
29:f7:fc:9c:ef:70:84:9a:b4:2d:56:45:98:0c:43:f0:08:fb:
d0:d6:ea:0d:ed:b0:43:80:2f:58:f7:f1:57:67:14:98:62:f3:
e3:e4:14:42:ad:d7:94:80:02:b2:7a:88:35:eb:df:55:d3:88:
12:a6:17:88:6a:cc:6d:e3:a3:5a:db:a0:20:7c:24:c7:03:22:
9f:5e:56:dd:e9:b1:64:fe:5d:69:ce:c5:88:aa:b3:82:da:18:
61:08:7c:f1:0c:23:4a:03:04:8b:5e:44:22:57:08:d2:e8:49:
05:8f:64:5d:56:05:1d:2c:f0:b8:2e:ea:5d:2b:56:5b:47:ec:
9c:b2:7d:a7:0a:9f:06:4a:d3:8f:96:12:7f:fc:1c:9d:27:29:
af:3b:d2:45:a8:f2:e6:f8:04:f9:14:a6:e7:f8:dd:f8:ee:e3:
b7:9d:3e:10:3a:c5:fb:53:ee:c0:05:35:eb:53:1e:93:00:cd:
87:3a:04:ee:8e:63:ed:29:91:78:0d:d8:25:40:83:de:1a:4e:
27:1d:1f:a9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY5IAimWw0R0bDtGjZJO0CZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMzE2MTYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2ViNTlhNGJkMGI5MjNlMzEwNmQ2ZGJhYmFkYWZhYWYxOWEwNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j/3azq25qWNq5PjZk/qYz9HQhh4
omF0j8BufTMXFvXNLHyr5+1qyOQXLDrlkYPjAbr4OdzSuKraEpgLa5R8/6Tc6rs/
ozpY7UOB5sF7KuhbNQrB59YNT8fnksGIG8BmtojboyMTyKM9Vic2urm/7Qy21Fhl
my+F35zNVmlegG0tMnFhWui0K4KbMdsHCDPny34cNtgrMO8nZWuGVscxmBywwaoP
ViNIVX5013yLJ+CuG4RONf95IOax424PBTKlapYPEuJ2ZIDbxmCdtuBOTuiZN/ZO
l11U8f1X2OsDF4L9dAs7LbfjaoIUd04I/+UhogHFut5atb5L/uPTOnHOrwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCzrWaS9C5I+MQbW26utr6rxmgbVMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvTE90WnBMMExrajR4QnRiYnE2MnZxdkdhQnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCJYD4AwQE
X1IAAwQDX1IgAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEB
AFEydbLV5A/MW7JlbPEXm4SKNvmyZWRW/dSYWqw4wcwzf98nIN4VvvW6DIQD9PRb
jjeiTLMJ1in3/JzvcISatC1WRZgMQ/AI+9DW6g3tsEOAL1j38VdnFJhi8+PkFEKt
15SAArJ6iDXr31XTiBKmF4hqzG3jo1rboCB8JMcDIp9eVt3psWT+XWnOxYiqs4La
GGEIfPEMI0oDBIteRCJXCNLoSQWPZF1WBR0s8Lgu6l0rVltH7JyyfacKnwZK04+W
En/8HJ0nKa870kWo8ub4BPkUpuf43fju47edPhA6xftT7sAFNetTHpMAzYc6BO6O
Y+0pkXgN2CVAg94aTicdH6k=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:58 2025 by rpki-client