Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/povcJlWiZ0wZP4LxN6amct5Ikck.roa
File: povcJlWiZ0wZP4LxN6amct5Ikck.roa (raw, json)
Hash identifier: C2DtPuqRBKGtaN/Slcat9ZzYQ/q6dicftnKTcniQj54=
Subject key identifier: A6:8B:DC:26:55:A2:67:4C:19:3F:82:F1:37:A6:A6:72:DE:48:91:C9
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018AF4DBAC6874869A379766B113EC3F5FCB
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/povcJlWiZ0wZP4LxN6amct5Ikck.roa
Signing time: Tue 03 Oct 2023 09:25:51 +0000
ROA not before: Tue 03 Oct 2023 09:25:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 95.82.0.0/21 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.24.0/22 maxlen: 24
176.221.24.0/21 maxlen: 21
176.221.28.0/22 maxlen: 24
37.128.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:db:ac:68:74:86:9a:37:97:66:b1:13:ec:3f:5f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 3 09:25:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a68bdc2655a2674c193f82f137a6a672de4891c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b1:ee:16:8c:81:7a:c6:ee:ac:5f:ae:a9:25:
aa:87:0c:02:8f:4d:e8:a7:b5:e7:9c:cd:ca:c2:ca:
fb:5d:6a:4f:17:c1:ef:cc:cf:7f:12:ff:06:43:0c:
7a:da:95:e3:1d:81:10:e0:22:a7:24:c5:89:1b:ad:
a5:22:c8:8d:46:3b:90:a8:72:39:0c:a5:de:55:e2:
62:e2:b7:97:13:01:9e:e7:51:b9:88:08:8b:e0:a1:
e3:e1:e7:01:41:cb:24:d7:8d:cb:82:c7:95:8a:1a:
19:51:e2:60:f7:71:b3:72:76:c3:01:fd:10:87:44:
c3:da:3e:5e:38:5e:59:04:94:b8:af:ce:af:e1:5a:
fb:2f:fe:eb:04:d7:17:42:4a:ee:e8:0b:39:0d:be:
9a:88:53:b1:8c:1f:db:07:7b:29:07:ee:98:e3:0b:
05:a2:82:de:9c:b9:1c:f0:73:08:c0:5b:db:ab:48:
f1:8a:8e:f9:ec:18:10:33:4b:15:d1:75:c1:50:0f:
df:8b:e6:41:51:d0:b3:c4:58:37:ba:43:5a:ad:94:
28:55:fc:23:fc:5e:96:b6:d5:b8:ee:7f:f0:a2:56:
91:52:c3:cd:32:c7:48:09:a1:c0:47:56:49:35:b2:
1e:02:1f:5d:c8:4e:c1:d6:76:7d:2f:cc:b8:e1:d2:
8b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8B:DC:26:55:A2:67:4C:19:3F:82:F1:37:A6:A6:72:DE:48:91:C9
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/povcJlWiZ0wZP4LxN6amct5Ikck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/21
176.221.16.0/20
Signature Algorithm: sha256WithRSAEncryption
57:30:30:87:3f:03:9d:9b:8b:f1:fc:92:06:58:c2:51:e4:1b:
59:96:47:f7:2b:ba:8a:63:f0:97:eb:f7:e5:63:5d:97:cf:6e:
cc:99:a4:17:a5:39:43:1c:f1:d8:dd:0d:e5:7a:b3:9b:39:06:
7b:3e:38:1d:07:85:2d:31:3f:42:a0:bd:98:95:93:45:5e:93:
fc:e5:17:77:e2:42:65:b0:f3:a9:65:5e:61:03:af:6b:f5:dd:
9a:fd:67:01:85:87:36:66:93:0d:9b:3f:63:ba:f3:b6:46:3b:
b5:01:fe:64:34:7e:50:06:ac:6f:d3:ae:70:19:0e:bd:e7:02:
bc:97:88:1c:a8:2e:70:f4:4c:2b:34:1e:e3:31:1a:b0:3d:46:
ef:7c:98:c3:4c:06:40:2e:e6:22:ec:46:2d:26:66:4e:92:59:
d8:4d:e1:cf:7a:bd:51:c9:fb:8f:70:03:01:28:3a:1f:76:1e:
b4:8d:d1:51:14:c2:4f:96:cc:af:24:c7:a7:50:a3:2f:0a:9e:
10:1e:ff:c9:77:42:7f:e5:49:3f:97:65:62:c5:d4:c4:ec:49:
f3:01:b2:36:be:c1:1d:f5:9b:ee:e4:0c:e4:87:58:5f:1b:a1:
0d:fe:c6:8b:02:20:13:9a:8b:ba:c7:38:a9:7e:98:35:25:4a:
f1:6b:04:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr026xodIaaN5dmsRPsP1/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMDAzMDkyNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhiZGMyNjU1YTI2NzRjMTkzZjgyZjEzN2E2YTY3MmRlNDg5MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7HuFoyBesburF+uqSWqhwwCj03o
p7XnnM3Kwsr7XWpPF8HvzM9/Ev8GQwx62pXjHYEQ4CKnJMWJG62lIsiNRjuQqHI5
DKXeVeJi4reXEwGe51G5iAiL4KHj4ecBQcsk143LgseVihoZUeJg93GzcnbDAf0Q
h0TD2j5eOF5ZBJS4r86v4Vr7L/7rBNcXQkru6As5Db6aiFOxjB/bB3spB+6Y4wsF
ooLenLkc8HMIwFvbq0jxio757BgQM0sV0XXBUA/fi+ZBUdCzxFg3ukNarZQoVfwj
/F6WttW47n/wolaRUsPNMsdICaHAR1ZJNbIeAh9dyE7B1nZ9L8y44dKLewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKaL3CZVomdMGT+C8TempnLeSJHJMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvcG92Y0psV2laMHdaUDRMeE42YW1jdDVJa2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJYD4AwQD
X1IAAwQEsN0QMA0GCSqGSIb3DQEBCwUAA4IBAQBXMDCHPwOdm4vx/JIGWMJR5BtZ
lkf3K7qKY/CX6/flY12Xz27MmaQXpTlDHPHY3Q3lerObOQZ7PjgdB4UtMT9CoL2Y
lZNFXpP85Rd34kJlsPOpZV5hA69r9d2a/WcBhYc2ZpMNmz9juvO2Rju1Af5kNH5Q
Bqxv065wGQ695wK8l4gcqC5w9EwrNB7jMRqwPUbvfJjDTAZALuYi7EYtJmZOklnY
TeHPer1RyfuPcAMBKDofdh60jdFRFMJPlsyvJMenUKMvCp4QHv/Jd0J/5Uk/l2Vi
xdTE7EnzAbI2vsEd9Zvu5Azkh1hfG6EN/saLAiATmou6xzipfpg1JUrxawSv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:32 2025 by rpki-client