Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/pPRc0yMrTJ7IxP8D0arIKaj8P3A.roa
File: pPRc0yMrTJ7IxP8D0arIKaj8P3A.roa (raw, json)
Hash identifier: kPG8oT/lOobxICWabfTLUsx2C/GW8C1EtUoxCQreVqY=
Subject key identifier: A4:F4:5C:D3:23:2B:4C:9E:C8:C4:FF:03:D1:AA:C8:29:A8:FC:3F:70
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CA0D4EDF4102D2C59550DFA34059594C5
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/pPRc0yMrTJ7IxP8D0arIKaj8P3A.roa
Signing time: Mon 25 Dec 2023 11:55:58 +0000
ROA not before: Mon 25 Dec 2023 11:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
37.128.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:d4:ed:f4:10:2d:2c:59:55:0d:fa:34:05:95:94:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 25 11:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4f45cd3232b4c9ec8c4ff03d1aac829a8fc3f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:55:a4:ab:2d:23:8c:22:fc:b8:2d:a4:8a:8e:
3d:85:1a:cb:c8:4c:0a:93:ff:08:31:fd:5a:b7:13:
7c:f1:62:f7:cf:b9:d8:a3:c9:ed:7b:f5:9e:7c:fe:
02:38:95:da:97:28:17:f0:52:e2:81:1f:40:91:e1:
2e:e0:a4:d0:23:85:42:85:0e:01:4a:7d:f9:e0:b8:
24:b1:89:21:03:9a:bf:c1:c4:d5:8b:fc:d7:32:af:
d0:94:01:53:e2:3d:49:4a:29:5d:06:8e:66:d2:5a:
69:ec:fa:3f:3e:b1:a9:75:83:12:1e:e6:cc:eb:5f:
04:8d:26:57:c6:ec:76:0a:9f:4c:7c:98:27:ce:8d:
25:cc:9e:29:56:00:9b:e0:ce:73:e1:c7:26:b4:49:
3c:4c:2c:2e:73:5a:fe:bd:c9:e6:fa:11:5b:1f:ab:
e5:44:44:9d:ee:3b:d6:6a:03:de:1e:35:bd:85:e0:
b0:9b:2a:df:b8:25:8b:38:6f:33:94:78:c1:25:ad:
1a:12:37:a8:58:57:c6:ca:ce:5d:0f:f7:1b:43:c0:
78:82:45:db:ed:5b:21:b7:bb:22:e4:4b:90:f0:05:
71:37:40:3f:ee:e1:8c:ba:18:ea:bd:78:21:7d:e8:
1e:ba:a4:9b:71:84:ad:55:6d:97:d9:a1:19:63:09:
56:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F4:5C:D3:23:2B:4C:9E:C8:C4:FF:03:D1:AA:C8:29:A8:FC:3F:70
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/pPRc0yMrTJ7IxP8D0arIKaj8P3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
109.111.32.0/20
176.221.16.0/21
Signature Algorithm: sha256WithRSAEncryption
39:b0:fd:1b:9b:7c:87:4b:f4:d2:f5:3f:ae:a9:97:a8:83:9b:
91:d9:5d:6b:74:c7:33:1f:6e:ed:22:c9:23:fb:9a:5d:21:ee:
95:d9:56:78:e3:6a:8b:de:4f:6e:e3:2e:cc:5e:b8:34:e1:9b:
0a:6c:ed:89:33:55:2e:11:5a:b1:45:fd:e0:0d:8e:af:5d:37:
24:4d:e3:44:c8:ce:23:1a:a3:26:e1:ab:ee:2f:14:3b:1c:7c:
7e:61:87:2b:d7:40:a1:12:e9:0c:6a:77:04:76:7f:44:85:65:
da:31:8f:96:b6:88:95:80:ee:e9:9e:2e:c9:78:33:2b:1c:2d:
74:29:d0:0b:71:cc:8d:bc:0b:ab:09:d4:28:3d:ca:cf:c6:99:
64:d4:83:15:5d:f9:3d:5a:d3:02:7a:31:e9:68:c8:a7:1d:d9:
7c:c4:d4:2a:9e:23:36:b3:a4:e9:4a:b5:2f:27:ae:09:88:e0:
b3:79:46:2d:21:02:a5:22:d0:8f:b5:01:76:87:bd:6c:20:8b:
de:42:c8:92:3a:4d:01:e7:da:b5:44:83:e0:f5:a3:6f:6e:20:
91:64:fa:a0:4d:9b:47:50:b2:ae:9f:80:f8:5b:5a:72:f6:3c:
60:54:4f:06:6a:9a:d6:40:02:ce:ed:f8:6f:9b:25:b3:08:89:
d3:0b:90:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyg1O30EC0sWVUN+jQFlZTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMjI1MTE1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGY0NWNkMzIzMmI0YzllYzhjNGZmMDNkMWFhYzgyOWE4ZmMzZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1Wkqy0jjCL8uC2kio49hRrLyEwK
k/8IMf1atxN88WL3z7nYo8nte/WefP4COJXalygX8FLigR9AkeEu4KTQI4VChQ4B
Sn354LgksYkhA5q/wcTVi/zXMq/QlAFT4j1JSildBo5m0lpp7Po/PrGpdYMSHubM
618EjSZXxux2Cp9MfJgnzo0lzJ4pVgCb4M5z4ccmtEk8TCwuc1r+vcnm+hFbH6vl
RESd7jvWagPeHjW9heCwmyrfuCWLOG8zlHjBJa0aEjeoWFfGys5dD/cbQ8B4gkXb
7Vsht7si5EuQ8AVxN0A/7uGMuhjqvXghfegeuqSbcYStVW2X2aEZYwlWswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKT0XNMjK0yeyMT/A9GqyCmo/D9wMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvcFBSYzB5TXJUSjdJeFA4RDBhcklLYWo4UDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJYD4AwQE
bW8gAwQDsN0QMA0GCSqGSIb3DQEBCwUAA4IBAQA5sP0bm3yHS/TS9T+uqZeog5uR
2V1rdMczH27tIskj+5pdIe6V2VZ442qL3k9u4y7MXrg04ZsKbO2JM1UuEVqxRf3g
DY6vXTckTeNEyM4jGqMm4avuLxQ7HHx+YYcr10ChEukMancEdn9EhWXaMY+WtoiV
gO7pni7JeDMrHC10KdALccyNvAurCdQoPcrPxplk1IMVXfk9WtMCejHpaMinHdl8
xNQqniM2s6TpSrUvJ64JiOCzeUYtIQKlItCPtQF2h71sIIveQsiSOk0B59q1RIPg
9aNvbiCRZPqgTZtHULKun4D4W1py9jxgVE8GaprWQALO7fhvmyWzCInTC5D/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:00 2025 by rpki-client