Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dXdsxXCqgiKZTaxj-ulOojd-L0M.roa
File: dXdsxXCqgiKZTaxj-ulOojd-L0M.roa (raw, json)
Hash identifier: HKGdHaEcVaZhbgmkSaYmMjFZMtqiP1cH7HG4IJngnMc=
Subject key identifier: 75:77:6C:C5:70:AA:82:22:99:4D:AC:63:FA:E9:4E:A2:37:7E:2F:43
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0191778270C69D9FD7EC1310122CD25E3C9C
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dXdsxXCqgiKZTaxj-ulOojd-L0M.roa
Signing time: Thu 22 Aug 2024 00:35:22 +0000
ROA not before: Thu 22 Aug 2024 00:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
109.111.34.0/23 maxlen: 24
109.111.40.0/22 maxlen: 24
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:77:82:70:c6:9d:9f:d7:ec:13:10:12:2c:d2:5e:3c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Aug 22 00:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75776cc570aa8222994dac63fae94ea2377e2f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:19:e4:b8:b8:52:75:b0:18:ff:f9:11:8a:09:
c9:89:85:9e:0d:96:0f:37:6b:f9:54:59:70:3b:5d:
c9:38:7f:32:7a:ea:2e:53:cc:f2:54:42:4c:3a:66:
25:33:0a:82:a2:5b:ca:09:5d:14:aa:0d:15:57:0a:
6b:bb:e6:7a:c8:2a:02:48:04:b2:1f:56:e8:27:33:
0c:9a:df:b1:95:02:4b:a5:e4:89:7e:9f:1c:21:f9:
9a:d3:de:d1:ac:ae:d8:79:67:ce:c4:91:cf:f6:49:
f5:47:18:e5:44:c3:97:c3:7c:58:8c:be:56:7c:8e:
e6:33:2b:d4:fe:9c:a6:78:69:fc:47:40:90:b3:40:
39:b9:5d:5e:2c:7b:fe:20:f5:a3:03:83:75:db:f3:
3c:bc:74:b1:46:22:2d:9f:4d:64:47:a0:5d:b0:70:
19:66:0c:27:c9:b0:85:59:c3:b1:70:fa:d3:6a:bc:
37:61:2e:02:5f:10:ba:3c:ce:64:7f:7c:b4:e3:39:
a6:5e:3a:da:6b:d7:db:d5:60:d5:4c:62:bc:8c:68:
b4:5e:9e:fa:17:09:f5:a1:20:13:6e:5a:b3:b0:6f:
aa:3d:36:21:1b:12:b4:e1:7b:f3:c0:87:58:01:57:
1a:16:81:04:4a:04:36:89:1c:3b:1b:d7:3b:4c:51:
ed:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:77:6C:C5:70:AA:82:22:99:4D:AC:63:FA:E9:4E:A2:37:7E:2F:43
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dXdsxXCqgiKZTaxj-ulOojd-L0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.0.0/20
109.111.32.0/20
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
3e:4d:5a:d5:87:1b:07:58:01:0b:c8:db:b7:da:cb:d5:7f:2b:
04:f4:04:52:91:aa:ed:b4:0a:b6:df:2a:6d:d7:a6:ab:72:14:
d4:5a:38:88:b1:b0:e3:28:b4:db:7d:1d:a8:ca:cb:ce:f3:aa:
ac:6a:05:21:c4:3f:2c:f0:7c:1e:6f:0c:b5:6c:a9:81:72:b2:
b2:a6:74:e1:4b:6b:5f:19:db:20:fb:0a:21:9f:86:45:3c:2e:
af:34:f4:c2:21:c0:26:8b:a7:d2:80:79:74:8f:bd:ca:fd:a7:
72:35:dd:b5:d7:20:6b:9e:1c:4f:96:79:74:e0:1d:bd:2c:63:
09:7a:31:23:07:ef:5c:d4:30:96:ee:6c:ce:72:db:3b:2c:a8:
14:be:db:2b:b4:05:a1:c9:e6:3d:68:0c:e1:75:1b:69:0f:7f:
b0:cc:3b:47:df:7e:81:a3:eb:ac:74:16:86:29:a1:22:b4:89:
fe:d7:be:69:4d:2c:cc:37:7b:23:46:d0:1c:60:2f:74:b3:a0:
54:8b:13:33:fd:d5:6b:70:8b:3b:8c:52:14:b3:97:3e:3f:49:
8d:50:05:b3:75:e5:e0:ed:22:e9:b4:c3:54:3b:c4:52:bf:7f:
01:ed:49:bb:73:4a:77:2f:eb:3f:63:35:ca:09:2b:a4:cb:ab:
ba:00:e7:c3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZF3gnDGnZ/X7BMQEizSXjycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwODIyMDAzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTc3NmNjNTcwYWE4MjIyOTk0ZGFjNjNmYWU5NGVhMjM3N2UyZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRnkuLhSdbAY//kRignJiYWeDZYP
N2v5VFlwO13JOH8yeuouU8zyVEJMOmYlMwqColvKCV0Uqg0VVwpru+Z6yCoCSASy
H1boJzMMmt+xlQJLpeSJfp8cIfma097RrK7YeWfOxJHP9kn1RxjlRMOXw3xYjL5W
fI7mMyvU/pymeGn8R0CQs0A5uV1eLHv+IPWjA4N12/M8vHSxRiItn01kR6BdsHAZ
ZgwnybCFWcOxcPrTarw3YS4CXxC6PM5kf3y04zmmXjraa9fb1WDVTGK8jGi0Xp76
Fwn1oSATblqzsG+qPTYhGxK04XvzwIdYAVcaFoEESgQ2iRw7G9c7TFHtNwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHV3bMVwqoIimU2sY/rpTqI3fi9DMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZFhkc3hYQ3FnaUtaVGF4ai11bE9vamQtTDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEX1IAAwQE
bW8gMAwDBAKw3RQDBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAD5NWtWHGwdYAQvI
27fay9V/KwT0BFKRqu20CrbfKm3XpqtyFNRaOIixsOMotNt9HajKy87zqqxqBSHE
PyzwfB5vDLVsqYFysrKmdOFLa18Z2yD7CiGfhkU8Lq809MIhwCaLp9KAeXSPvcr9
p3I13bXXIGueHE+WeXTgHb0sYwl6MSMH71zUMJbubM5y2zssqBS+2yu0BaHJ5j1o
DOF1G2kPf7DMO0fffoGj66x0FoYpoSK0if7XvmlNLMw3eyNG0BxgL3SzoFSLEzP9
1WtwizuMUhSzlz4/SY1QBbN15eDtIum0w1Q7xFK/fwHtSbtzSncv6z9jNcoJK6TL
q7oA58M=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:39 2025 by rpki-client