Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VphNh3XZk8RFvaA2wTkIPXPC4kU.roa
File: VphNh3XZk8RFvaA2wTkIPXPC4kU.roa (raw, json)
Hash identifier: 4aPjIYpYuPrlHdfg/O7PimF0C5wXgMGWN1ovUgggKcI=
Subject key identifier: 56:98:4D:87:75:D9:93:C4:45:BD:A0:36:C1:39:08:3D:73:C2:E2:45
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018FCA3D05BA8D24ED07B8A8700AE5D4D5C8
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VphNh3XZk8RFvaA2wTkIPXPC4kU.roa
Signing time: Thu 30 May 2024 16:02:27 +0000
ROA not before: Thu 30 May 2024 16:02:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
176.221.26.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ca:3d:05:ba:8d:24:ed:07:b8:a8:70:0a:e5:d4:d5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: May 30 16:02:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56984d8775d993c445bda036c139083d73c2e245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:da:49:4a:4c:b0:94:be:d4:22:5a:0a:eb:ca:
b4:47:47:07:fb:81:17:2e:d5:5b:00:9f:8c:10:73:
23:73:b4:52:a7:7a:8a:ff:0b:8c:af:d4:ff:76:48:
31:2a:9a:8d:4b:48:cb:dd:06:ed:73:fa:74:63:9f:
8e:33:bd:4a:6c:71:15:fa:b0:f4:7c:08:fb:34:9f:
0b:fe:82:d1:c7:07:f8:82:e8:35:ff:b6:6b:44:1f:
a7:fd:25:02:37:c1:3f:48:37:46:21:7b:68:88:26:
5e:c7:38:8d:e9:71:65:19:62:9a:82:61:d6:b3:47:
de:1c:1e:c7:b8:d6:b9:2c:68:d6:fe:c9:1c:ac:41:
3c:22:fc:f3:71:c5:e7:66:88:0e:8c:e8:3d:90:ba:
19:9d:d7:8f:13:f8:fc:3c:6f:55:aa:52:f1:8e:ac:
a7:62:d1:8f:98:84:e8:ab:16:52:6b:d3:cf:3c:09:
2f:13:61:78:f3:7d:31:59:60:90:65:3d:fb:98:35:
e8:e4:c9:68:02:33:b4:c5:32:38:2d:1e:12:dd:26:
d2:e8:07:28:ab:cb:b1:46:66:8b:e9:0b:0e:df:40:
d6:49:55:1f:57:be:65:30:fd:b5:6c:05:1a:3d:aa:
0f:02:25:f0:9b:d5:9b:8d:02:a2:ed:62:d4:99:52:
61:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:98:4D:87:75:D9:93:C4:45:BD:A0:36:C1:39:08:3D:73:C2:E2:45
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VphNh3XZk8RFvaA2wTkIPXPC4kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
53:59:93:bb:3f:ec:af:dc:eb:c1:75:32:b3:3f:d5:70:14:e2:
58:80:a2:17:36:6e:9d:30:fc:a5:98:3c:fb:b1:ba:97:94:d3:
2b:80:08:66:f7:6a:95:d9:a6:ef:f9:a6:c4:f0:20:b8:c3:73:
ef:5f:8d:f8:81:46:54:91:bb:b8:96:d4:f7:23:42:69:cf:68:
e4:a6:08:14:a1:03:05:de:32:c8:8e:9f:77:19:5f:7a:d7:5e:
79:a4:84:c4:d3:fb:9c:40:b7:3b:13:ec:38:81:5a:ed:b6:91:
ea:06:6a:84:74:bc:1b:90:e5:28:74:84:67:25:5e:1d:5d:8c:
a2:88:f7:d1:bd:c7:a1:c7:53:e7:71:8a:18:2b:76:73:66:d0:
85:e0:96:3e:0f:47:ab:78:fb:55:bc:cf:0f:55:7d:3b:57:0e:
81:fd:19:af:7e:db:59:d5:01:36:6d:c7:dc:76:02:f0:12:4b:
20:b8:db:c5:24:ad:b8:9a:d4:1f:b9:f1:33:27:0a:fa:f5:38:
07:54:06:91:98:9e:fa:9d:b9:1e:70:af:dd:df:06:6f:10:3b:
a5:c5:51:a4:af:02:f1:b8:61:6d:5f:b4:df:09:30:86:eb:25:
da:69:25:0d:bd:33:bb:12:82:ba:a6:97:28:88:52:d0:b1:d9:
f6:85:2f:e2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/KPQW6jSTtB7iocArl1NXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNTMwMTYwMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njk4NGQ4Nzc1ZDk5M2M0NDViZGEwMzZjMTM5MDgzZDczYzJlMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69pJSkywlL7UIloK68q0R0cH+4EX
LtVbAJ+MEHMjc7RSp3qK/wuMr9T/dkgxKpqNS0jL3Qbtc/p0Y5+OM71KbHEV+rD0
fAj7NJ8L/oLRxwf4gug1/7ZrRB+n/SUCN8E/SDdGIXtoiCZexziN6XFlGWKagmHW
s0feHB7HuNa5LGjW/skcrEE8IvzzccXnZogOjOg9kLoZndePE/j8PG9VqlLxjqyn
YtGPmIToqxZSa9PPPAkvE2F4830xWWCQZT37mDXo5MloAjO0xTI4LR4S3SbS6Aco
q8uxRmaL6QsO30DWSVUfV75lMP21bAUaPaoPAiXwm9WbjQKi7WLUmVJhrwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFaYTYd12ZPERb2gNsE5CD1zwuJFMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvVnBoTmgzWFprOFJGdmFBMndUa0lQWFBDNGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJYD4AwQE
X1IAAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAFNZk7s/
7K/c68F1MrM/1XAU4liAohc2bp0w/KWYPPuxupeU0yuACGb3apXZpu/5psTwILjD
c+9fjfiBRlSRu7iW1PcjQmnPaOSmCBShAwXeMsiOn3cZX3rXXnmkhMTT+5xAtzsT
7DiBWu22keoGaoR0vBuQ5Sh0hGclXh1djKKI99G9x6HHU+dxihgrdnNm0IXglj4P
R6t4+1W8zw9VfTtXDoH9Ga9+21nVATZtx9x2AvASSyC428Ukrbia1B+58TMnCvr1
OAdUBpGYnvqduR5wr93fBm8QO6XFUaSvAvG4YW1ftN8JMIbrJdppJQ29M7sSgrqm
lyiIUtCx2faFL+I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:31 2025 by rpki-client