Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Pfz3JlpoVP_etQ0s7hINO98OJXE.roa
File: Pfz3JlpoVP_etQ0s7hINO98OJXE.roa (raw, json)
Hash identifier: s6LVptuTXlLZ3lczO0Mb9sojND4uczM94AUUqgi0REQ=
Subject key identifier: 3D:FC:F7:26:5A:68:54:FF:DE:B5:0D:2C:EE:12:0D:3B:DF:0E:25:71
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018D9318D8CDEEF898E0DC74DDD75E99CABA
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Pfz3JlpoVP_etQ0s7hINO98OJXE.roa
Signing time: Sat 10 Feb 2024 12:58:15 +0000
ROA not before: Sat 10 Feb 2024 12:58:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/21 maxlen: 24
95.82.8.0/21 maxlen: 24
95.82.32.0/21 maxlen: 21
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:93:18:d8:cd:ee:f8:98:e0:dc:74:dd:d7:5e:99:ca:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Feb 10 12:58:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dfcf7265a6854ffdeb50d2cee120d3bdf0e2571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9e:ed:85:bc:8c:22:15:81:cd:08:f7:97:b5:
32:71:fd:b9:bd:07:50:4a:53:96:b4:99:3c:c1:b0:
24:a6:c5:13:bd:ff:14:db:48:04:b7:45:37:62:c3:
a5:4a:8d:b5:28:02:c2:f9:23:87:32:d8:58:7b:cc:
ad:da:85:e2:af:03:3c:94:d1:07:5a:a4:04:89:f8:
87:68:33:41:b3:3d:7b:1c:bf:54:1a:41:d5:11:5a:
29:26:f0:b3:41:21:91:9a:69:74:d8:c1:e8:26:d1:
fd:99:6d:5e:81:19:e7:2c:14:9e:1c:a7:2f:e0:25:
04:1b:bc:26:49:1c:72:65:d1:16:d2:f8:40:9e:32:
17:25:c8:67:dc:80:3f:f2:74:c8:25:49:ef:fe:c0:
e4:8a:97:7b:5c:fa:c7:6c:41:1f:bb:67:3d:c6:6f:
0f:02:f9:45:98:3d:34:b3:76:f9:72:6d:b9:1f:f0:
76:9d:55:fd:29:a5:0d:e4:5d:22:90:31:f3:45:b6:
0f:f9:5b:09:c7:26:f8:a8:f8:50:22:1e:13:73:d7:
8d:af:cc:0e:3f:30:2d:a3:01:74:5b:cf:30:63:99:
c2:e1:c0:16:ae:55:a0:5d:f1:c6:72:69:cf:1e:ad:
ce:f0:cb:40:77:68:1e:be:f4:6b:11:a2:0f:f6:48:
10:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:FC:F7:26:5A:68:54:FF:DE:B5:0D:2C:EE:12:0D:3B:DF:0E:25:71
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Pfz3JlpoVP_etQ0s7hINO98OJXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
95.82.32.0/21
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
5b:e5:0c:aa:f0:10:05:22:c2:36:38:31:a6:95:12:ce:b0:ee:
10:d2:ee:53:26:21:d8:74:7a:dc:a3:c7:66:45:96:f4:c5:40:
40:72:77:bf:40:9c:49:16:41:5c:df:42:47:07:e8:d4:62:0a:
23:bb:11:67:95:fe:f3:0a:40:f4:3d:a4:de:bd:e0:f1:f5:32:
6b:85:3d:7d:bc:70:5e:55:69:b3:1c:66:be:b6:c7:34:9e:70:
df:74:bb:4c:5d:05:68:91:b1:c0:5c:f8:c3:0c:5a:45:19:e0:
b0:82:1f:90:ce:2f:d9:e5:54:47:4f:8a:02:47:64:89:47:c7:
45:79:6c:21:e1:85:ad:f5:fe:e7:1f:84:62:2d:e5:2f:61:73:
11:0e:3d:f2:b4:a4:6c:13:1f:46:d1:7a:dc:0f:8d:e0:6a:b9:
66:86:11:6c:75:97:2a:54:22:e5:39:0a:f5:3d:91:0c:83:66:
a7:c3:95:cc:7a:85:db:12:64:f4:81:89:26:4c:16:15:0a:be:
01:e6:5c:fe:7b:1f:32:e0:5e:fa:1c:c4:36:bc:65:da:32:af:
a9:3d:10:c9:05:8b:a7:23:6f:91:9a:22:d1:2a:48:68:bd:c6:
60:30:22:74:cc:13:4c:a0:f0:48:64:34:0b:fa:5d:73:08:88:
9e:c5:69:50
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY2TGNjN7viY4Nx03ddemcq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMjEwMTI1ODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGZjZjcyNjVhNjg1NGZmZGViNTBkMmNlZTEyMGQzYmRmMGUyNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4J7thbyMIhWBzQj3l7Uycf25vQdQ
SlOWtJk8wbAkpsUTvf8U20gEt0U3YsOlSo21KALC+SOHMthYe8yt2oXirwM8lNEH
WqQEifiHaDNBsz17HL9UGkHVEVopJvCzQSGRmml02MHoJtH9mW1egRnnLBSeHKcv
4CUEG7wmSRxyZdEW0vhAnjIXJchn3IA/8nTIJUnv/sDkipd7XPrHbEEfu2c9xm8P
AvlFmD00s3b5cm25H/B2nVX9KaUN5F0ikDHzRbYP+VsJxyb4qPhQIh4Tc9eNr8wO
PzAtowF0W88wY5nC4cAWrlWgXfHGcmnPHq3O8MtAd2gevvRrEaIP9kgQyQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFD389yZaaFT/3rUNLO4SDTvfDiVxMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvUGZ6M0pscG9WUF9ldFEwczdoSU5POThPSlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCJYD4AwQE
X1IAAwQDX1IgAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEB
AFvlDKrwEAUiwjY4MaaVEs6w7hDS7lMmIdh0etyjx2ZFlvTFQEByd79AnEkWQVzf
QkcH6NRiCiO7EWeV/vMKQPQ9pN694PH1MmuFPX28cF5VabMcZr62xzSecN90u0xd
BWiRscBc+MMMWkUZ4LCCH5DOL9nlVEdPigJHZIlHx0V5bCHhha31/ucfhGIt5S9h
cxEOPfK0pGwTH0bRetwPjeBquWaGEWx1lypUIuU5CvU9kQyDZqfDlcx6hdsSZPSB
iSZMFhUKvgHmXP57HzLgXvocxDa8Zdoyr6k9EMkFi6cjb5GaItEqSGi9xmAwInTM
E0yg8EhkNAv6XXMIiJ7FaVA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:54 2025 by rpki-client