Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/vOjipAqg85QZT3klHMyxcILUS2Q.roa
File: vOjipAqg85QZT3klHMyxcILUS2Q.roa (raw, json)
Hash identifier: IiqdgNpKzlF7g7jujxnUAsM2aBswKNko3K23l+RRjVg=
Subject key identifier: BC:E8:E2:A4:0A:A0:F3:94:19:4F:79:25:1C:CC:B1:70:82:D4:4B:64
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018AB135895B656507DF642E9E37DEF539F1
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/vOjipAqg85QZT3klHMyxcILUS2Q.roa
Signing time: Wed 20 Sep 2023 06:09:50 +0000
ROA not before: Wed 20 Sep 2023 06:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399073
IP address blocks: 176.221.24.0/22 maxlen: 24
176.221.28.0/22 maxlen: 24
37.128.254.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:35:89:5b:65:65:07:df:64:2e:9e:37:de:f5:39:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Sep 20 06:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bce8e2a40aa0f394194f79251cccb17082d44b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:b0:c7:a8:d1:45:fa:2b:d1:88:bf:53:86:
4a:3b:a7:81:0f:78:05:9a:9b:a5:0a:2c:02:58:e1:
73:2a:a1:5f:2d:18:a3:fb:b3:73:4a:8b:47:bc:a6:
ba:5a:8e:c1:62:97:7c:40:d8:3b:8c:ad:4f:07:f5:
e8:b3:be:02:70:d5:2b:a5:fb:36:de:68:da:38:38:
46:8e:8e:3b:9f:33:7c:a2:95:62:f6:b3:08:34:c2:
52:6f:2b:bc:30:2e:4f:59:df:e9:b5:f0:84:2b:c6:
fa:8e:3d:8f:4d:ff:db:fb:65:fe:14:2a:47:74:43:
71:2f:08:3d:ca:9c:47:e1:6c:12:b9:c4:66:e2:8c:
a5:b8:c2:61:ad:a5:46:cd:99:4f:22:38:db:d3:ac:
36:cd:fa:be:6b:bb:df:96:01:fa:33:59:72:d6:66:
2c:89:fd:1f:76:bb:fe:c7:fd:db:f7:fb:aa:4f:cd:
43:3a:33:b0:4c:ef:8a:2b:e9:b9:62:30:9e:8d:40:
fd:8a:77:7f:d2:c5:8a:3d:6b:d7:7b:0c:36:71:23:
64:d6:f9:aa:0c:20:6e:5f:94:81:a4:ce:46:1b:32:
c3:01:37:62:ef:a7:65:ce:11:cf:48:9a:ca:db:70:
3e:d6:6f:fc:59:20:a4:9f:de:13:b8:1e:67:38:12:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E8:E2:A4:0A:A0:F3:94:19:4F:79:25:1C:CC:B1:70:82:D4:4B:64
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/vOjipAqg85QZT3klHMyxcILUS2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.254.0/23
176.221.24.0/21
Signature Algorithm: sha256WithRSAEncryption
86:46:46:4f:00:a4:5e:f2:5b:ae:84:ad:21:93:87:1a:db:9e:
1d:cc:c5:df:f3:3e:81:3e:47:f0:fe:16:97:e1:0a:99:51:f0:
2d:99:83:68:a7:fb:06:5c:81:71:d9:42:9e:21:19:71:e7:b0:
26:52:3b:d4:15:5e:93:69:72:d1:75:df:b4:f6:85:30:bb:cd:
4d:8d:e6:e6:b7:75:98:53:82:89:5b:db:f8:4f:57:01:ca:22:
14:55:56:d6:29:1b:a2:2d:3a:e3:d0:6b:77:4a:a5:29:e2:4a:
af:20:75:86:71:1f:bd:1d:19:c6:27:45:36:c7:0c:d0:33:57:
77:a8:7c:38:2e:71:d2:ae:ea:01:b4:06:ae:2e:05:10:71:e8:
3f:27:b7:b1:a8:f5:20:72:a6:be:26:96:0f:dc:0a:7c:02:96:
9f:df:21:cb:dc:ca:f3:29:14:b3:23:47:3c:b9:71:c3:87:62:
a2:eb:15:17:b2:48:f4:65:ed:f4:f8:42:76:22:b7:5f:da:01:
19:c5:f1:e4:8e:18:11:a7:db:e0:e8:20:70:f6:7d:2a:f1:dd:
42:2b:02:68:0a:33:a8:50:f1:01:cf:0c:48:9d:b4:bd:46:82:
6c:df:26:e9:d4:fa:46:d6:eb:01:92:53:95:a1:18:ce:3e:68:
3f:c9:4b:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqxNYlbZWUH32Qunjfe9TnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwOTIwMDYwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U4ZTJhNDBhYTBmMzk0MTk0Zjc5MjUxY2NjYjE3MDgyZDQ0YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUuwx6jRRfor0Yi/U4ZKO6eBD3gF
mpulCiwCWOFzKqFfLRij+7NzSotHvKa6Wo7BYpd8QNg7jK1PB/Xos74CcNUrpfs2
3mjaODhGjo47nzN8opVi9rMINMJSbyu8MC5PWd/ptfCEK8b6jj2PTf/b+2X+FCpH
dENxLwg9ypxH4WwSucRm4oyluMJhraVGzZlPIjjb06w2zfq+a7vflgH6M1ly1mYs
if0fdrv+x/3b9/uqT81DOjOwTO+KK+m5YjCejUD9ind/0sWKPWvXeww2cSNk1vmq
DCBuX5SBpM5GGzLDATdi76dlzhHPSJrK23A+1m/8WSCkn94TuB5nOBIhJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLzo4qQKoPOUGU95JRzMsXCC1EtkMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvdk9qaXBBcWc4NVFaVDNrbEhNeXhjSUxVUzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJYD+AwQD
sN0YMA0GCSqGSIb3DQEBCwUAA4IBAQCGRkZPAKRe8luuhK0hk4ca254dzMXf8z6B
Pkfw/haX4QqZUfAtmYNop/sGXIFx2UKeIRlx57AmUjvUFV6TaXLRdd+09oUwu81N
jebmt3WYU4KJW9v4T1cByiIUVVbWKRuiLTrj0Gt3SqUp4kqvIHWGcR+9HRnGJ0U2
xwzQM1d3qHw4LnHSruoBtAauLgUQceg/J7exqPUgcqa+JpYP3Ap8Apaf3yHL3Mrz
KRSzI0c8uXHDh2Ki6xUXskj0Ze30+EJ2Irdf2gEZxfHkjhgRp9vg6CBw9n0q8d1C
KwJoCjOoUPEBzwxInbS9RoJs3ybp1PpG1usBklOVoRjOPmg/yUvj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:21 2025 by rpki-client