Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/xZqL5yGQja40s_ooAipJRmptGPI.roa
File: xZqL5yGQja40s_ooAipJRmptGPI.roa (raw, json)
Hash identifier: ksGNevizqxLTl05iIdPKeQdhkbsocM2c5hfG5446C0U=
Subject key identifier: C5:9A:8B:E7:21:90:8D:AE:34:B3:FA:28:02:2A:49:46:6A:6D:18:F2
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018E977B02C3BA9493A274E9B50D588D2CEE
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/xZqL5yGQja40s_ooAipJRmptGPI.roa
Signing time: Mon 01 Apr 2024 02:26:44 +0000
ROA not before: Mon 01 Apr 2024 02:26:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
37.128.254.0/23 maxlen: 24
95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.20.0/22 maxlen: 24
176.221.20.0/23 maxlen: 24
176.221.24.0/22 maxlen: 24
185.65.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:97:7b:02:c3:ba:94:93:a2:74:e9:b5:0d:58:8d:2c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Apr 1 02:26:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c59a8be721908dae34b3fa28022a49466a6d18f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:fe:b2:91:52:a7:95:a7:5b:ce:a4:ce:6a:
22:8b:f7:2c:e6:cc:ff:79:0e:d6:f3:39:ab:ba:0c:
77:26:c1:86:88:a7:3d:7f:77:a7:aa:17:0c:cd:fb:
52:76:bc:c9:49:f0:68:dd:78:c2:3f:ab:3c:c2:90:
bb:a1:80:43:09:a5:e3:e7:bd:fe:e1:4b:95:4f:d1:
f4:9d:11:cf:b1:68:e4:9e:05:dd:0a:7f:a6:f5:9e:
8f:f7:74:47:79:8a:32:5c:92:f9:a2:57:d4:9f:fc:
cc:d9:01:e3:f2:81:aa:9d:3b:2b:4c:34:a0:39:61:
40:f6:4f:ec:15:9a:46:1d:3d:9e:ea:fe:b6:0a:f6:
04:ef:47:e3:d7:69:12:5e:9b:83:d8:90:81:b1:16:
1c:05:39:56:1b:9b:9f:f7:4a:d5:85:4d:a0:00:c0:
29:19:8e:ae:0a:c6:c2:72:17:9b:b1:b5:43:a7:89:
73:3d:43:c2:56:13:eb:46:a9:a7:9c:1e:8d:66:f2:
65:7c:5f:8e:4d:4f:a6:f7:64:d4:27:57:e4:5b:92:
ea:b0:03:20:bb:64:7d:15:27:2c:d6:e8:6b:79:57:
49:34:25:3c:6c:5e:b1:1e:56:03:1c:9f:39:1b:bc:
ed:93:01:0b:d4:1f:2c:1c:de:af:f2:1e:a8:b2:a4:
97:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9A:8B:E7:21:90:8D:AE:34:B3:FA:28:02:2A:49:46:6A:6D:18:F2
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/xZqL5yGQja40s_ooAipJRmptGPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
37.128.254.0/23
95.82.0.0/20
109.111.32.0/20
176.221.16.0-176.221.27.255
185.65.62.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:92:c3:3a:4f:3d:b9:2c:ca:02:3e:4d:2f:52:df:3a:9d:66:
48:e9:6a:a3:54:56:29:66:be:aa:44:07:b6:bb:13:57:73:7c:
36:37:58:3d:6f:44:d3:be:f4:f5:a5:37:4b:4d:3f:9c:9a:47:
4a:b0:d4:27:00:b8:a7:fc:e2:13:dd:9b:64:84:cd:03:f2:f7:
da:9c:bd:fe:bc:61:18:36:ba:ed:9a:a8:10:eb:c8:1e:02:4f:
7b:c4:7e:b1:cc:4d:58:8d:a6:fd:d8:90:ee:da:5e:f2:a0:fe:
bd:20:6c:49:63:1c:32:7a:45:e1:34:24:c8:dc:19:05:d8:84:
2b:f3:06:09:ab:0e:76:a8:dd:1e:f9:57:a4:d3:99:db:61:05:
dd:d7:f7:05:7e:70:10:76:50:7a:8e:a0:e5:85:30:26:a8:38:
11:0a:99:4d:9f:51:89:4a:e9:71:39:1b:71:30:dd:6c:cc:50:
6a:4e:1a:31:41:ba:b5:02:f0:01:b6:ca:ee:a4:b7:75:ad:34:
ec:1a:55:b5:fc:37:13:c9:5e:c9:35:47:bf:a7:ee:72:f0:b1:
52:3a:50:fd:e9:5e:a7:26:b4:b6:04:27:6c:4a:54:15:60:ef:
fa:26:e8:26:51:e7:89:88:fe:4b:72:89:74:d1:22:e9:30:9b:
88:b8:cd:a6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY6XewLDupSTonTptQ1YjSzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNDAxMDIyNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTlhOGJlNzIxOTA4ZGFlMzRiM2ZhMjgwMjJhNDk0NjZhNmQxOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdj+spFSp5WnW86kzmoii/cs5sz/
eQ7W8zmrugx3JsGGiKc9f3enqhcMzftSdrzJSfBo3XjCP6s8wpC7oYBDCaXj573+
4UuVT9H0nRHPsWjkngXdCn+m9Z6P93RHeYoyXJL5olfUn/zM2QHj8oGqnTsrTDSg
OWFA9k/sFZpGHT2e6v62CvYE70fj12kSXpuD2JCBsRYcBTlWG5uf90rVhU2gAMAp
GY6uCsbCchebsbVDp4lzPUPCVhPrRqmnnB6NZvJlfF+OTU+m92TUJ1fkW5LqsAMg
u2R9FScs1uhreVdJNCU8bF6xHlYDHJ85G7ztkwEL1B8sHN6v8h6osqSXZwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMWai+chkI2uNLP6KAIqSUZqbRjyMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEveFpxTDV5R1FqYTQwc19vb0FpcEpSbXB0R1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCJYD4AwQB
JYD+AwQEX1IAAwQEbW8gMAwDBASw3RADBAKw3RgDBAC5QT4wDQYJKoZIhvcNAQEL
BQADggEBAJ+SwzpPPbksygI+TS9S3zqdZkjpaqNUVilmvqpEB7a7E1dzfDY3WD1v
RNO+9PWlN0tNP5yaR0qw1CcAuKf84hPdm2SEzQPy99qcvf68YRg2uu2aqBDryB4C
T3vEfrHMTViNpv3YkO7aXvKg/r0gbEljHDJ6ReE0JMjcGQXYhCvzBgmrDnao3R75
V6TTmdthBd3X9wV+cBB2UHqOoOWFMCaoOBEKmU2fUYlK6XE5G3Ew3WzMUGpOGjFB
urUC8AG2yu6kt3WtNOwaVbX8NxPJXsk1R7+n7nLwsVI6UP3pXqcmtLYEJ2xKVBVg
7/om6CZR54mI/ktyiXTRIukwm4i4zaY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:34 2025 by rpki-client