Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dyOj77dSnda6t8uzfbW-_GnExMA.roa
File: dyOj77dSnda6t8uzfbW-_GnExMA.roa (raw, json)
Hash identifier: KjbEahsKhwBGFfNf1pEDE1UonXf+Zw0INiZDsl3EK3o=
Subject key identifier: 77:23:A3:EF:B7:52:9D:D6:BA:B7:CB:B3:7D:B5:BE:FC:69:C4:C4:C0
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01894DF2E423817C76D8A944C8B75E6E35CB
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dyOj77dSnda6t8uzfbW-_GnExMA.roa
Signing time: Thu 13 Jul 2023 06:31:51 +0000
ROA not before: Thu 13 Jul 2023 06:31:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/21 maxlen: 24
193.176.96.0/24 maxlen: 24
176.221.24.0/21 maxlen: 24
95.82.32.0/21 maxlen: 24
37.128.252.0/22 maxlen: 24
37.128.248.0/22 maxlen: 24
37.128.248.0/23 maxlen: 24
37.128.254.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4d:f2:e4:23:81:7c:76:d8:a9:44:c8:b7:5e:6e:35:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 13 06:31:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7723a3efb7529dd6bab7cbb37db5befc69c4c4c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8e:68:61:d8:ea:69:8a:6c:b4:36:c1:48:b1:
4e:ef:3f:d1:f7:0c:59:87:be:8b:dc:55:f4:5f:70:
c3:13:37:25:a2:25:83:30:a7:33:b5:e9:e7:e3:03:
34:9d:2e:55:46:c8:3a:ce:03:54:e6:16:c1:ae:8b:
e5:f5:60:c5:a2:88:7d:fd:87:b1:82:06:d6:ef:42:
0e:bb:43:78:b0:e4:02:08:3c:fc:8f:d9:68:2d:fc:
a1:e6:d5:59:f1:28:99:0e:16:d4:d6:25:63:52:4c:
5f:90:0d:6a:18:87:d3:b0:a4:0e:d2:6f:a5:bb:b9:
19:09:0b:49:2c:df:09:51:70:33:3b:ff:d1:4c:a3:
96:de:7c:52:b7:e3:a2:77:f0:02:62:84:7b:4a:41:
da:29:7b:fb:df:18:56:2d:f0:20:a2:a4:56:01:09:
fd:1f:23:23:e3:7c:7d:74:ad:5c:e2:b5:13:80:ea:
27:0a:3e:f6:60:99:3b:0d:6c:b3:08:b5:25:75:2b:
7f:73:d6:b7:62:eb:79:a0:04:14:f7:1b:0d:56:bb:
0b:7e:33:fe:3b:00:f1:e6:9f:75:a9:bf:66:b7:7d:
d2:26:6c:72:6d:16:e6:22:f1:f6:bd:c7:59:48:47:
5b:df:1a:d3:e4:77:aa:a5:ed:06:5d:cc:f0:db:51:
65:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:23:A3:EF:B7:52:9D:D6:BA:B7:CB:B3:7D:B5:BE:FC:69:C4:C4:C0
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/dyOj77dSnda6t8uzfbW-_GnExMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/21
95.82.0.0/21
95.82.32.0/21
176.221.24.0/21
193.176.96.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:81:8b:a5:2a:9a:c6:e5:44:1f:e1:27:96:a5:51:a6:c3:64:
13:39:ce:42:f0:78:81:a0:b7:05:f0:64:0a:91:13:0f:8e:e8:
43:de:82:5e:da:9b:9c:e3:2a:cc:d2:9b:d4:32:8d:a0:09:b4:
d9:7e:bc:80:99:6b:55:1b:ba:b2:05:e1:4e:80:75:09:87:e6:
31:b1:f4:01:0f:bd:c2:59:fa:1b:cb:4f:87:24:8d:96:2d:43:
ec:db:bb:e8:de:70:2c:99:f6:f6:13:b7:83:25:f2:d6:b1:b9:
0b:2a:2b:5b:29:33:f7:6e:a6:85:5e:6e:6e:71:32:fe:4d:c9:
2d:e6:2e:e8:cc:35:5d:e2:e5:52:f6:c3:40:96:6b:af:b9:39:
3a:2d:5b:86:2e:f3:52:19:a5:c7:5c:52:c4:a5:18:4c:ce:ad:
b4:1a:37:7e:5d:a8:38:f9:cc:57:3a:e7:bd:ae:3a:dd:ca:11:
3e:13:67:7c:71:ca:67:0a:de:6c:04:40:f3:96:9d:58:d8:6a:
62:96:6e:98:ed:87:48:7e:ce:6c:6c:9f:0f:19:21:28:94:e1:
14:b0:c0:8a:ad:0c:51:10:60:e6:f8:23:f7:4d:80:97:2b:6c:
b8:2b:f2:55:53:68:31:5b:d7:2d:59:da:b9:c4:3d:e3:7c:cb:
c4:ed:37:f6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlN8uQjgXx22KlEyLdebjXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwNzEzMDYzMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzIzYTNlZmI3NTI5ZGQ2YmFiN2NiYjM3ZGI1YmVmYzY5YzRjNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi45oYdjqaYpstDbBSLFO7z/R9wxZ
h76L3FX0X3DDEzcloiWDMKcztenn4wM0nS5VRsg6zgNU5hbBrovl9WDFooh9/Yex
ggbW70IOu0N4sOQCCDz8j9loLfyh5tVZ8SiZDhbU1iVjUkxfkA1qGIfTsKQO0m+l
u7kZCQtJLN8JUXAzO//RTKOW3nxSt+Oid/ACYoR7SkHaKXv73xhWLfAgoqRWAQn9
HyMj43x9dK1c4rUTgOonCj72YJk7DWyzCLUldSt/c9a3Yut5oAQU9xsNVrsLfjP+
OwDx5p91qb9mt33SJmxybRbmIvH2vcdZSEdb3xrT5Heqpe0GXczw21FlSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHcjo++3Up3WurfLs321vvxpxMTAMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZHlPajc3ZFNuZGE2dDh1emZiVy1fR25FeE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJYD4AwQD
X1IAAwQDX1IgAwQDsN0YAwQAwbBgMA0GCSqGSIb3DQEBCwUAA4IBAQBsgYulKprG
5UQf4SeWpVGmw2QTOc5C8HiBoLcF8GQKkRMPjuhD3oJe2puc4yrM0pvUMo2gCbTZ
fryAmWtVG7qyBeFOgHUJh+YxsfQBD73CWfoby0+HJI2WLUPs27vo3nAsmfb2E7eD
JfLWsbkLKitbKTP3bqaFXm5ucTL+Tckt5i7ozDVd4uVS9sNAlmuvuTk6LVuGLvNS
GaXHXFLEpRhMzq20Gjd+Xag4+cxXOue9rjrdyhE+E2d8ccpnCt5sBEDzlp1Y2Gpi
lm6Y7YdIfs5sbJ8PGSEolOEUsMCKrQxREGDm+CP3TYCXK2y4K/JVU2gxW9ctWdq5
xD3jfMvE7Tf2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:33 2025 by rpki-client