Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/jMh-qCiiurhBAsNWD4sCKqpnL-0.roa
File: jMh-qCiiurhBAsNWD4sCKqpnL-0.roa (raw, json)
Hash identifier: gnaO8mB24KJ5S7Zv2VEDkvAHcPww8b+wspExOUsyuUQ=
Subject key identifier: 8C:C8:7E:A8:28:A2:BA:B8:41:02:C3:56:0F:8B:02:2A:AA:67:2F:ED
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CE3506E93513DFB4D492DCBC8C8B999A3
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/jMh-qCiiurhBAsNWD4sCKqpnL-0.roa
Signing time: Sun 07 Jan 2024 09:45:48 +0000
ROA not before: Sun 07 Jan 2024 09:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/21 maxlen: 21
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.24.0/22 maxlen: 24
176.221.20.0/22 maxlen: 24
37.128.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e3:50:6e:93:51:3d:fb:4d:49:2d:cb:c8:c8:b9:99:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 7 09:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cc87ea828a2bab84102c3560f8b022aaa672fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:16:f4:8f:a2:5d:0d:25:46:41:b9:fd:b3:aa:
a3:07:12:14:5b:3e:61:65:57:8c:b3:6f:b2:eb:b0:
0a:05:ec:5e:14:f6:f8:a0:61:ef:8b:0e:7c:40:93:
c4:15:44:dc:27:e9:00:a1:02:f5:4e:9c:56:ac:cf:
76:68:7f:05:23:ed:58:18:ec:6f:7d:cd:ae:8a:75:
d3:b3:14:e0:fd:74:15:7e:05:26:35:e6:87:e1:82:
1a:47:0d:0c:bd:9c:fe:e5:22:1b:e7:97:b5:4f:a9:
7c:20:e5:03:87:00:85:b4:84:4f:ee:48:33:ab:62:
42:15:af:15:e4:64:5d:eb:70:42:26:be:b8:b0:00:
8b:d7:4a:87:95:49:51:08:22:b2:ab:ab:b7:11:54:
38:67:80:9b:46:0c:57:d6:db:68:da:25:f1:66:b1:
a8:69:e3:ff:66:ec:1e:a5:c7:6c:4f:a5:9a:53:e1:
16:83:c0:19:5d:31:f8:ab:2a:ed:89:cf:56:3f:3b:
8e:e3:75:5e:77:fa:4b:63:ab:df:b7:9b:07:0c:da:
88:fa:ff:3d:7c:9d:85:0b:36:5a:86:5d:92:06:ca:
78:55:6b:7a:15:7e:8f:2c:13:f1:61:f1:5a:72:9e:
11:c3:7f:52:50:75:05:5f:15:8f:be:3e:86:63:72:
c7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C8:7E:A8:28:A2:BA:B8:41:02:C3:56:0F:8B:02:2A:AA:67:2F:ED
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/jMh-qCiiurhBAsNWD4sCKqpnL-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/21
109.111.32.0/20
176.221.16.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
3c:30:10:6c:45:5d:92:95:6e:d3:79:b1:dd:99:fe:ac:3b:67:
40:7f:01:d4:64:a8:56:89:c6:f3:b5:04:33:f9:59:18:85:b5:
17:09:6f:2b:a7:f1:a3:79:af:c6:45:0d:f0:94:8c:24:eb:65:
7d:81:e4:c6:7e:09:1d:2f:40:a4:2e:d8:d0:c0:dc:3f:90:30:
30:e3:9b:d1:09:0a:ab:3f:b9:c6:88:3c:f7:b5:79:e3:18:a4:
a7:fa:7c:c4:85:19:ea:bb:87:4e:66:7b:8f:4a:68:b5:95:ad:
27:41:70:f7:d5:52:06:f1:13:6b:fb:d0:2d:fb:08:f1:d7:4a:
cd:ed:31:fe:c1:0a:82:7f:87:dc:ad:5c:7a:60:01:c7:b0:e5:
73:ee:49:69:e1:54:47:5a:11:f0:77:a8:db:39:79:f3:75:38:
ed:e0:d9:2c:b8:1b:53:e4:7f:a5:03:11:a4:35:de:04:de:60:
26:25:ef:6a:11:eb:ec:e6:83:d3:f7:f8:b2:c2:3c:99:31:54:
d6:df:6a:7e:85:4c:a2:c5:89:d8:66:1b:99:30:2c:b0:04:aa:
19:d3:e7:93:6e:41:35:fe:bc:39:dc:50:45:28:17:9a:45:59:
30:d9:90:06:36:f8:a2:28:58:4c:e8:ea:51:c3:9f:39:b1:55:
b7:99:c1:01
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzjUG6TUT37TUkty8jIuZmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTA3MDk0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2M4N2VhODI4YTJiYWI4NDEwMmMzNTYwZjhiMDIyYWFhNjcyZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRb0j6JdDSVGQbn9s6qjBxIUWz5h
ZVeMs2+y67AKBexeFPb4oGHviw58QJPEFUTcJ+kAoQL1TpxWrM92aH8FI+1YGOxv
fc2uinXTsxTg/XQVfgUmNeaH4YIaRw0MvZz+5SIb55e1T6l8IOUDhwCFtIRP7kgz
q2JCFa8V5GRd63BCJr64sACL10qHlUlRCCKyq6u3EVQ4Z4CbRgxX1tto2iXxZrGo
aeP/ZuwepcdsT6WaU+EWg8AZXTH4qyrtic9WPzuO43Ved/pLY6vft5sHDNqI+v89
fJ2FCzZahl2SBsp4VWt6FX6PLBPxYfFacp4Rw39SUHUFXxWPvj6GY3LHrwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIzIfqgoorq4QQLDVg+LAiqqZy/tMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvak1oLXFDaWl1cmhCQXNOV0Q0c0NLcXBuTC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJYD4AwQD
X1IAAwQEbW8gMAwDBASw3RADBAKw3RgwDQYJKoZIhvcNAQELBQADggEBADwwEGxF
XZKVbtN5sd2Z/qw7Z0B/AdRkqFaJxvO1BDP5WRiFtRcJbyun8aN5r8ZFDfCUjCTr
ZX2B5MZ+CR0vQKQu2NDA3D+QMDDjm9EJCqs/ucaIPPe1eeMYpKf6fMSFGeq7h05m
e49KaLWVrSdBcPfVUgbxE2v70C37CPHXSs3tMf7BCoJ/h9ytXHpgAcew5XPuSWnh
VEdaEfB3qNs5efN1OO3g2Sy4G1Pkf6UDEaQ13gTeYCYl72oR6+zmg9P3+LLCPJkx
VNbfan6FTKLFidhmG5kwLLAEqhnT55NuQTX+vDncUEUoF5pFWTDZkAY2+KIoWEzo
6lHDnzmxVbeZwQE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:48 2025 by rpki-client