Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/TabXQHbfiz-Mnr0_RvjH-dH0EnY.roa
File: TabXQHbfiz-Mnr0_RvjH-dH0EnY.roa (raw, json)
Hash identifier: m6LAv4HY4YLqNs/ikPIXQmri4uK36afqS4hgYtB6vRI=
Subject key identifier: 4D:A6:D7:40:76:DF:8B:3F:8C:9E:BD:3F:46:F8:C7:F9:D1:F4:12:76
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019073AAE7AD8040B092CB534B9B4A4EC3E0
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/TabXQHbfiz-Mnr0_RvjH-dH0EnY.roa
Signing time: Tue 02 Jul 2024 13:38:18 +0000
ROA not before: Tue 02 Jul 2024 13:38:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
109.111.34.0/23 maxlen: 24
109.111.40.0/22 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
176.221.26.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:aa:e7:ad:80:40:b0:92:cb:53:4b:9b:4a:4e:c3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 2 13:38:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4da6d74076df8b3f8c9ebd3f46f8c7f9d1f41276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8f:ad:4c:13:1d:21:da:e9:fb:c8:e4:22:bf:
a2:53:a6:1c:d6:86:18:c8:5b:3a:c2:bd:00:e3:17:
b9:73:3d:ce:16:aa:b6:df:8c:16:be:4b:f9:26:4e:
d4:f4:da:3c:e5:b0:33:43:3b:70:2a:fd:48:6c:dc:
e2:49:2f:58:f3:81:fe:03:59:d2:14:22:62:62:76:
33:8d:d7:12:e8:d3:80:37:c3:d1:08:30:0c:b9:75:
46:f0:14:06:cd:ae:bb:ad:de:2b:72:23:a9:ae:cf:
80:52:c6:16:ca:03:64:db:7f:56:36:cb:ef:b5:12:
f1:f2:82:3d:dd:0f:49:30:58:c3:71:6d:2e:8a:05:
e9:94:f8:03:7a:9e:55:c5:5d:12:af:07:58:94:9e:
07:6c:75:ef:79:41:07:b6:cb:2b:b0:c2:58:52:df:
96:08:d1:be:9f:0d:44:fd:13:89:d5:a7:40:bf:a2:
45:62:1f:54:03:d5:12:04:d9:28:36:22:13:4e:69:
89:54:55:f5:8b:be:49:49:cc:0c:6a:c2:e1:47:11:
b2:5f:70:fb:3f:61:e2:3d:c7:c9:17:45:ec:50:dc:
5b:c4:0b:1b:8a:63:e8:77:92:cf:1b:28:2e:90:08:
e8:d7:6c:20:2c:74:d7:ef:b7:e4:15:a1:02:f1:cd:
b6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A6:D7:40:76:DF:8B:3F:8C:9E:BD:3F:46:F8:C7:F9:D1:F4:12:76
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/TabXQHbfiz-Mnr0_RvjH-dH0EnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
32:ef:d0:52:de:2c:0e:c1:0d:4d:9a:22:69:84:06:06:a4:6a:
e7:89:81:79:9d:7d:2c:8e:13:8d:18:3b:1b:4b:28:1e:b4:06:
9b:7e:10:17:c8:0e:16:8d:11:d3:98:60:a1:ee:5b:88:be:2e:
44:e1:3d:fe:f9:e2:83:b9:1a:a6:87:41:2b:2c:11:5a:a5:48:
c0:57:64:5e:26:bb:dc:c1:53:8e:34:56:5e:24:63:b4:01:98:
5d:e0:21:45:0b:92:b6:e4:1c:3a:22:62:e2:14:0b:05:ef:ca:
60:0e:82:72:7f:28:76:d1:de:0c:c7:40:4c:72:fd:e2:1a:f5:
9f:b0:98:d7:45:13:59:17:f2:4d:3d:8b:cd:16:90:99:f3:f0:
55:64:90:b0:7f:1b:57:54:b0:11:26:0c:92:d6:ff:11:6d:dc:
d1:04:5e:e7:c8:cb:74:81:d7:77:b7:23:73:0c:4f:ea:c8:a7:
8a:26:e7:6f:38:80:a3:9d:bf:eb:06:45:74:46:ff:2a:bd:3f:
af:d5:54:15:2f:8d:d5:04:cb:a3:7e:dc:c5:5e:b0:4c:70:f4:
bc:42:c8:8b:74:36:ec:7f:ef:bb:df:6a:2f:7d:94:df:79:10:
bf:66:d6:78:28:ce:39:1c:3c:80:a8:c4:fd:90:61:e4:d6:02:
b1:d1:4f:3a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZBzquetgECwkstTS5tKTsPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNzAyMTMzODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGE2ZDc0MDc2ZGY4YjNmOGM5ZWJkM2Y0NmY4YzdmOWQxZjQxMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4+tTBMdIdrp+8jkIr+iU6Yc1oYY
yFs6wr0A4xe5cz3OFqq234wWvkv5Jk7U9No85bAzQztwKv1IbNziSS9Y84H+A1nS
FCJiYnYzjdcS6NOAN8PRCDAMuXVG8BQGza67rd4rciOprs+AUsYWygNk239WNsvv
tRLx8oI93Q9JMFjDcW0uigXplPgDep5VxV0SrwdYlJ4HbHXveUEHtssrsMJYUt+W
CNG+nw1E/ROJ1adAv6JFYh9UA9USBNkoNiITTmmJVFX1i75JScwMasLhRxGyX3D7
P2HiPcfJF0XsUNxbxAsbimPod5LPGygukAjo12wgLHTX77fkFaEC8c22vQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFE2m10B234s/jJ69P0b4x/nR9BJ2MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvVGFiWFFIYmZpei1NbnIwX1J2akgtZEgwRW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJYD4AwQE
X1IAAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEBADLv0FLe
LA7BDU2aImmEBgakaueJgXmdfSyOE40YOxtLKB60Bpt+EBfIDhaNEdOYYKHuW4i+
LkThPf754oO5GqaHQSssEVqlSMBXZF4mu9zBU440Vl4kY7QBmF3gIUULkrbkHDoi
YuIUCwXvymAOgnJ/KHbR3gzHQExy/eIa9Z+wmNdFE1kX8k09i80WkJnz8FVkkLB/
G1dUsBEmDJLW/xFt3NEEXufIy3SB13e3I3MMT+rIp4om5284gKOdv+sGRXRG/yq9
P6/VVBUvjdUEy6N+3MVesExw9LxCyIt0Nux/77vfai99lN95EL9m1ngozjkcPICo
xP2QYeTWArHRTzo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:42 2025 by rpki-client