Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/YIqE3YfhJwT1M_Q6lX3XBbb3ZGQ.roa
File: YIqE3YfhJwT1M_Q6lX3XBbb3ZGQ.roa (raw, json)
Hash identifier: ZHJnUes4rfjHek0gvsD2larGvJna2wKJKdXGtJVkEn4=
Subject key identifier: 60:8A:84:DD:87:E1:27:04:F5:33:F4:3A:95:7D:D7:05:B6:F7:64:64
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CE83888E5145A774DF23143490B137C11
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/YIqE3YfhJwT1M_Q6lX3XBbb3ZGQ.roa
Signing time: Mon 08 Jan 2024 08:37:48 +0000
ROA not before: Mon 08 Jan 2024 08:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.82.8.0/21 maxlen: 24
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.24.0/22 maxlen: 24
176.221.20.0/22 maxlen: 24
37.128.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:38:88:e5:14:5a:77:4d:f2:31:43:49:0b:13:7c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 8 08:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=608a84dd87e12704f533f43a957dd705b6f76464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:99:96:53:ba:8f:bf:60:2c:95:b8:de:22:e7:
e4:c4:2d:a1:35:09:a3:38:93:6b:0d:1e:99:6c:20:
1e:e4:cf:55:3f:46:9f:91:e2:12:83:26:84:b5:2e:
de:19:49:82:2b:e0:ef:05:bd:09:30:4a:4c:70:07:
57:1e:fa:58:f1:44:d8:c8:66:2f:7d:6c:a9:56:1c:
20:e7:74:91:65:81:30:8f:39:44:db:cd:8c:09:f7:
26:2c:b8:db:fc:1b:1f:fe:1c:07:1d:15:9a:f9:80:
98:6b:c4:20:98:2b:21:51:9d:03:cc:a4:86:f0:d0:
3f:e8:af:7a:9b:2a:f9:1f:75:9d:ce:90:83:85:c1:
7f:3d:6c:67:6e:a6:ce:83:ba:39:6e:18:9b:97:56:
d4:10:2a:27:d1:b3:d3:be:7f:78:63:66:bf:af:59:
9f:d9:8e:0f:f3:c6:23:72:24:18:6a:4f:da:47:2b:
d2:6b:dd:58:9e:2d:2f:4e:1f:14:4b:4d:c1:b5:86:
d6:17:f4:53:22:fd:01:29:c8:bd:93:a6:1a:c3:61:
52:ad:96:fd:97:3e:41:5a:b7:4f:28:c0:18:0b:f3:
f6:78:64:57:ef:b5:8d:db:72:7b:8c:41:c1:2b:b7:
de:73:29:64:72:49:c7:85:3e:a5:85:f1:83:f8:db:
44:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8A:84:DD:87:E1:27:04:F5:33:F4:3A:95:7D:D7:05:B6:F7:64:64
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/YIqE3YfhJwT1M_Q6lX3XBbb3ZGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.8.0/21
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
26:9d:12:5d:6d:9a:c3:45:59:7a:b5:09:73:7f:d5:6e:e4:60:
e8:7c:7c:2c:e9:e2:e5:af:17:42:38:76:a0:4e:12:da:9c:19:
dd:89:50:45:97:6f:ff:e9:fe:9c:b9:a5:78:d9:7a:aa:db:0f:
e2:61:94:93:1f:a2:f5:15:5d:2f:0b:c0:a1:b5:fe:44:15:74:
ef:ae:34:d9:06:d3:34:23:c5:28:ca:ec:9c:15:73:31:ed:c3:
f6:24:af:f9:90:da:0d:d9:3e:83:5f:6c:08:4e:86:85:49:54:
3b:63:45:ea:f4:4f:38:6b:9f:f3:63:51:ef:5e:15:bb:43:fb:
12:76:8f:f9:c8:2d:46:2f:b0:64:ab:7f:0b:b3:ae:57:22:65:
00:61:71:f3:6b:c8:64:fd:d2:da:99:98:9d:03:6c:92:e3:b1:
24:9c:6f:1a:5c:76:b6:db:3f:a9:4a:cc:ac:66:6b:2c:54:65:
86:6b:3f:45:5f:4c:ac:73:de:19:65:a5:93:e9:86:d1:cb:6b:
65:84:17:54:04:a8:be:4f:1e:93:a9:fc:54:59:a7:4f:d1:22:
98:d2:6e:48:48:5c:3a:f2:1a:5d:ac:3a:5a:1c:93:01:9f:cf:
02:c7:08:2a:1b:8c:4b:76:b2:83:9c:92:bb:02:64:5a:77:65:
a0:da:5b:e1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzoOIjlFFp3TfIxQ0kLE3wRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTA4MDgzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhhODRkZDg3ZTEyNzA0ZjUzM2Y0M2E5NTdkZDcwNWI2Zjc2NDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppmWU7qPv2AslbjeIufkxC2hNQmj
OJNrDR6ZbCAe5M9VP0afkeISgyaEtS7eGUmCK+DvBb0JMEpMcAdXHvpY8UTYyGYv
fWypVhwg53SRZYEwjzlE282MCfcmLLjb/Bsf/hwHHRWa+YCYa8QgmCshUZ0DzKSG
8NA/6K96myr5H3WdzpCDhcF/PWxnbqbOg7o5bhibl1bUECon0bPTvn94Y2a/r1mf
2Y4P88YjciQYak/aRyvSa91Yni0vTh8US03BtYbWF/RTIv0BKci9k6Yaw2FSrZb9
lz5BWrdPKMAYC/P2eGRX77WN23J7jEHBK7fecylkcknHhT6lhfGD+NtEjQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGCKhN2H4ScE9TP0OpV91wW292RkMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvWUlxRTNZZmhKd1QxTV9RNmxYM1hCYmIzWkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJYD4AwQD
X1IIAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEBACadEl1t
msNFWXq1CXN/1W7kYOh8fCzp4uWvF0I4dqBOEtqcGd2JUEWXb//p/py5pXjZeqrb
D+JhlJMfovUVXS8LwKG1/kQVdO+uNNkG0zQjxSjK7JwVczHtw/Ykr/mQ2g3ZPoNf
bAhOhoVJVDtjRer0Tzhrn/NjUe9eFbtD+xJ2j/nILUYvsGSrfwuzrlciZQBhcfNr
yGT90tqZmJ0DbJLjsSScbxpcdrbbP6lKzKxmayxUZYZrP0VfTKxz3hllpZPphtHL
a2WEF1QEqL5PHpOp/FRZp0/RIpjSbkhIXDryGl2sOlockwGfzwLHCCobjEt2soOc
krsCZFp3ZaDaW+E=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:18 2025 by rpki-client