Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/yiQVia8wiX8m4eG7mm_tZBdWbps.roa
File: yiQVia8wiX8m4eG7mm_tZBdWbps.roa (raw, json)
Hash identifier: Y1bYWGDDdEGpZ0LnyPT5EQPRizunRYw6A+5c12pq+ow=
Subject key identifier: CA:24:15:89:AF:30:89:7F:26:E1:E1:BB:9A:6F:ED:64:17:56:6E:9B
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018F6E6B4E7B03E5C415F82FF86FB5439393
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/yiQVia8wiX8m4eG7mm_tZBdWbps.roa
Signing time: Sun 12 May 2024 20:07:57 +0000
ROA not before: Sun 12 May 2024 20:07:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.128.248.0/22 maxlen: 24
95.82.0.0/20 maxlen: 20
109.111.32.0/20 maxlen: 24
109.111.44.0/22 maxlen: 24
176.221.16.0/21 maxlen: 21
176.221.24.0/22 maxlen: 24
185.65.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6e:6b:4e:7b:03:e5:c4:15:f8:2f:f8:6f:b5:43:93:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: May 12 20:07:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca241589af30897f26e1e1bb9a6fed6417566e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:0b:d3:d9:d0:e2:5d:3e:dc:c6:a4:eb:42:16:
dd:70:82:34:cd:be:53:2a:e8:12:c9:ce:8c:07:33:
04:e8:e6:f9:ad:6d:c8:08:b3:74:eb:c1:ff:ca:4f:
43:42:9e:d8:ac:30:fb:55:11:28:1c:09:50:e2:cc:
33:26:2c:05:c7:41:1a:bf:f1:d1:61:f7:5a:40:61:
76:cc:67:c5:23:16:1d:09:4d:b5:5a:88:75:2f:18:
43:2d:e5:5a:44:38:da:d9:cd:e4:5e:08:4c:3b:0b:
0f:0e:a6:e2:2b:f1:ca:c8:11:d0:11:e2:db:d2:49:
a5:60:6a:7a:25:05:3a:77:af:3b:a4:44:9c:17:9c:
d7:13:66:ba:92:f9:c0:95:f3:18:64:56:9a:d1:f5:
1b:66:62:06:c2:b4:52:d4:8c:d3:95:06:82:a5:6e:
d6:c5:16:3f:57:77:84:0b:62:8e:5c:0d:aa:dd:f2:
c6:17:c5:e9:99:8a:d4:3f:d4:90:01:e2:cb:5c:b6:
78:75:e7:e7:84:f1:ae:6b:5a:6d:84:7b:5b:8b:03:
ba:6c:4e:73:b1:72:72:0b:8f:f8:62:c6:18:33:54:
9a:ab:9a:ac:2c:e3:b4:b6:8c:48:d4:24:16:c0:58:
81:22:59:6a:3e:e8:d7:be:1b:fb:bf:37:d6:15:2e:
49:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:24:15:89:AF:30:89:7F:26:E1:E1:BB:9A:6F:ED:64:17:56:6E:9B
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/yiQVia8wiX8m4eG7mm_tZBdWbps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/22
95.82.0.0/20
109.111.32.0/20
176.221.16.0-176.221.27.255
185.65.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:f2:ec:89:15:1d:70:c8:40:0c:f6:d0:97:9e:13:2e:ee:db:
eb:c2:c9:0b:09:fd:0a:97:d3:12:8e:62:1f:2f:13:89:18:8c:
19:14:a8:2c:2d:f9:96:11:5c:83:db:09:d0:6a:90:f2:00:1b:
8d:af:82:4a:d5:42:26:24:4c:be:91:ee:2a:f1:ae:eb:a9:46:
52:52:81:7f:3b:a3:cf:ce:cb:4d:f0:e7:11:97:ff:ce:8a:80:
93:ac:5e:f9:5a:e6:df:24:ae:06:5d:b4:aa:11:7a:a3:c0:f3:
19:c8:7e:7c:24:e0:98:32:68:88:a7:3e:58:c7:f9:ee:5a:01:
9a:be:1c:34:a9:c4:2e:a2:14:9e:de:32:bc:10:b0:2f:48:f0:
c2:72:7d:ca:ac:d4:20:1c:f4:3d:6f:89:dd:5f:5a:87:38:22:
3c:0d:07:cc:de:9a:3d:2f:8f:4e:13:9f:97:2d:9d:78:22:64:
a6:0e:54:44:ec:1e:22:81:bc:2b:b5:da:f8:31:6b:88:6b:b1:
59:26:44:42:d7:ba:10:9f:f6:e0:24:cc:23:c5:06:2c:a1:3f:
20:14:8d:4f:68:cc:20:51:b4:67:f5:e9:25:54:e2:27:ad:27:
84:54:e8:8c:ff:d9:07:e3:9b:90:d7:d5:fe:3c:4c:83:38:a3:
b7:78:bd:2e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY9ua057A+XEFfgv+G+1Q5OTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNTEyMjAwNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI0MTU4OWFmMzA4OTdmMjZlMWUxYmI5YTZmZWQ2NDE3NTY2ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9AvT2dDiXT7cxqTrQhbdcII0zb5T
KugSyc6MBzME6Ob5rW3ICLN068H/yk9DQp7YrDD7VREoHAlQ4swzJiwFx0Eav/HR
YfdaQGF2zGfFIxYdCU21Woh1LxhDLeVaRDja2c3kXghMOwsPDqbiK/HKyBHQEeLb
0kmlYGp6JQU6d687pEScF5zXE2a6kvnAlfMYZFaa0fUbZmIGwrRS1IzTlQaCpW7W
xRY/V3eEC2KOXA2q3fLGF8XpmYrUP9SQAeLLXLZ4defnhPGua1pthHtbiwO6bE5z
sXJyC4/4YsYYM1Saq5qsLOO0toxI1CQWwFiBIllqPujXvhv7vzfWFS5JqQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMokFYmvMIl/JuHhu5pv7WQXVm6bMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEveWlRVmlhOHdpWDhtNGVHN21tX3RaQmRXYnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCJYD4AwQE
X1IAAwQEbW8gMAwDBASw3RADBAKw3RgDBAC5QT4wDQYJKoZIhvcNAQELBQADggEB
AKDy7IkVHXDIQAz20JeeEy7u2+vCyQsJ/QqX0xKOYh8vE4kYjBkUqCwt+ZYRXIPb
CdBqkPIAG42vgkrVQiYkTL6R7irxruupRlJSgX87o8/Oy03w5xGX/86KgJOsXvla
5t8krgZdtKoReqPA8xnIfnwk4JgyaIinPljH+e5aAZq+HDSpxC6iFJ7eMrwQsC9I
8MJyfcqs1CAc9D1vid1fWoc4IjwNB8zemj0vj04Tn5ctnXgiZKYOVETsHiKBvCu1
2vgxa4hrsVkmRELXuhCf9uAkzCPFBiyhPyAUjU9ozCBRtGf16SVU4ietJ4RU6Iz/
2Qfjm5DX1f48TIM4o7d4vS4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:37 2025 by rpki-client