Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/D3ATXzKxRXoyDNpgw6wHLFYEF6c.roa
File: D3ATXzKxRXoyDNpgw6wHLFYEF6c.roa (raw, json)
Hash identifier: Fs6c4LR7rtqvPs80leVLoPn/4A9tUHXVIWo+DvGjAsk=
Subject key identifier: 0F:70:13:5F:32:B1:45:7A:32:0C:DA:60:C3:AC:07:2C:56:04:17:A7
Certificate issuer: /CN=efc34233ed96424a516e2bf9d39171b62e44b441
Certificate serial: 0191B37CBED9DD622E8CB2FB655167656AF2
Authority key identifier: EF:C3:42:33:ED:96:42:4A:51:6E:2B:F9:D3:91:71:B6:2E:44:B4:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/78NCM-2WQkpRbiv505Fxti5EtEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/D3ATXzKxRXoyDNpgw6wHLFYEF6c.roa
Signing time: Mon 02 Sep 2024 16:06:22 +0000
ROA not before: Mon 02 Sep 2024 16:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57928
IP address blocks: 37.157.8.0/21 maxlen: 24
37.157.10.0/24 maxlen: 24
37.157.11.0/24 maxlen: 24
37.157.12.0/22 maxlen: 24
193.41.95.0/24 maxlen: 24
2a00:bf40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:7c:be:d9:dd:62:2e:8c:b2:fb:65:51:67:65:6a:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efc34233ed96424a516e2bf9d39171b62e44b441
Validity
Not Before: Sep 2 16:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f70135f32b1457a320cda60c3ac072c560417a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:44:d1:ab:f7:4e:92:28:cf:c9:38:19:8f:ce:
c5:4d:07:c2:29:11:b1:5e:cf:58:52:e8:27:5e:59:
72:db:00:04:10:56:c7:cf:42:f2:72:18:94:67:67:
d3:c2:20:a4:02:42:cd:f0:10:94:1f:3c:c5:a4:c8:
cf:39:92:14:83:17:3b:90:5e:89:74:91:9e:1c:60:
7f:77:5c:01:a0:ed:39:b1:fa:bc:8a:dd:e3:cb:bd:
1c:a5:a7:aa:0b:b2:0e:af:a6:98:b7:22:08:bf:27:
c2:cf:8e:f6:83:39:56:b3:04:13:0f:c4:41:01:be:
2a:8d:ce:6e:e9:ba:d0:7e:a0:4f:81:c5:f6:c8:11:
32:29:5c:fa:43:92:98:81:02:f9:59:46:98:68:cf:
ad:4e:36:96:53:54:db:e9:87:c1:04:9c:cb:21:95:
c1:02:dc:b7:29:70:11:e4:5f:c1:12:7a:fd:b9:58:
d7:2c:fc:1b:22:f0:67:7d:6c:cd:60:44:3b:f0:bf:
4a:d0:cb:3c:51:fe:b7:d8:c4:b1:9b:f2:44:f6:3e:
a4:c9:9a:c1:6d:7b:7f:8e:ba:f1:53:e1:7d:a9:56:
97:7e:90:2f:c1:db:92:92:bc:b2:86:eb:39:f4:6a:
30:df:21:88:08:b7:5a:68:eb:66:86:3e:e9:ca:f9:
d1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:70:13:5F:32:B1:45:7A:32:0C:DA:60:C3:AC:07:2C:56:04:17:A7
X509v3 Authority Key Identifier:
keyid:EF:C3:42:33:ED:96:42:4A:51:6E:2B:F9:D3:91:71:B6:2E:44:B4:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/78NCM-2WQkpRbiv505Fxti5EtEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/D3ATXzKxRXoyDNpgw6wHLFYEF6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/78NCM-2WQkpRbiv505Fxti5EtEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.8.0/21
193.41.95.0/24
IPv6:
2a00:bf40::/32
Signature Algorithm: sha256WithRSAEncryption
4b:45:32:13:8f:40:75:7e:1c:ce:0b:3d:48:36:18:f2:9f:69:
6e:39:92:58:35:9e:7b:b3:c5:f7:e3:e4:90:91:a9:b9:76:68:
6e:1e:07:39:44:1d:0a:82:8e:0b:97:4c:2b:33:8c:d1:41:75:
22:b3:ca:74:76:cb:1a:8a:78:17:90:a2:5c:91:5e:8e:70:28:
98:f5:7d:07:9f:7a:1c:2c:1e:2c:66:8f:56:27:09:57:f0:94:
1d:68:e5:32:f3:a0:83:63:78:30:37:97:70:ae:06:b3:9e:04:
49:3a:e8:9d:b1:56:f8:52:6a:24:c7:df:bc:b7:d3:58:a5:e8:
55:1a:d5:49:a5:71:78:38:3f:ed:db:5f:36:b8:7f:e1:07:d9:
9a:f1:15:42:8b:40:e5:59:f2:a7:cd:be:25:c7:f5:89:4e:de:
9a:2d:a0:49:93:da:11:f8:48:87:db:5c:fb:43:1c:ed:2d:c9:
15:1b:cc:89:d0:0b:60:9d:48:4d:ee:48:cf:3b:e6:22:18:c5:
9c:4d:78:eb:4d:20:74:0a:fd:91:bc:2d:d1:0d:db:b5:f5:94:
70:09:20:15:b4:f2:56:c0:55:cb:8c:b8:c3:10:d5:74:89:ac:
7e:86:b0:a8:e9:0f:f7:90:dc:0b:30:3c:df:cf:f6:2c:8e:c4:
67:fd:b8:eb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGzfL7Z3WIujLL7ZVFnZWryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYzM0MjMzZWQ5NjQyNGE1MTZlMmJmOWQzOTE3MWI2MmU0
NGI0NDEwHhcNMjQwOTAyMTYwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjcwMTM1ZjMyYjE0NTdhMzIwY2RhNjBjM2FjMDcyYzU2MDQxN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUTRq/dOkijPyTgZj87FTQfCKRGx
Xs9YUugnXlly2wAEEFbHz0LychiUZ2fTwiCkAkLN8BCUHzzFpMjPOZIUgxc7kF6J
dJGeHGB/d1wBoO05sfq8it3jy70cpaeqC7IOr6aYtyIIvyfCz472gzlWswQTD8RB
Ab4qjc5u6brQfqBPgcX2yBEyKVz6Q5KYgQL5WUaYaM+tTjaWU1Tb6YfBBJzLIZXB
Aty3KXAR5F/BEnr9uVjXLPwbIvBnfWzNYEQ78L9K0Ms8Uf632MSxm/JE9j6kyZrB
bXt/jrrxU+F9qVaXfpAvwduSkryyhus59Gow3yGICLdaaOtmhj7pyvnRYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA9wE18ysUV6MgzaYMOsByxWBBenMB8GA1UdIwQY
MBaAFO/DQjPtlkJKUW4r+dORcbYuRLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzhOQ00tMldRa3BSYml2NTA1Rnh0aTVFdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS85NjQ0MTEtZDMyNy00MTM2LWFiNDMt
MzA2OTA1ZmFmZTBlLzEvRDNBVFh6S3hSWG95RE5wZ3c2d0hMRllFRjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS85NjQ0MTEtZDMyNy00MTM2LWFiNDMtMzA2OTA1ZmFmZTBl
LzEvNzhOQ00tMldRa3BSYml2NTA1Rnh0aTVFdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJZ0IAwQA
wSlfMA0EAgACMAcDBQAqAL9AMA0GCSqGSIb3DQEBCwUAA4IBAQBLRTITj0B1fhzO
Cz1INhjyn2luOZJYNZ57s8X34+SQkam5dmhuHgc5RB0Kgo4Ll0wrM4zRQXUis8p0
dssaingXkKJckV6OcCiY9X0Hn3ocLB4sZo9WJwlX8JQdaOUy86CDY3gwN5dwrgaz
ngRJOuidsVb4Umokx9+8t9NYpehVGtVJpXF4OD/t2182uH/hB9ma8RVCi0DlWfKn
zb4lx/WJTt6aLaBJk9oR+EiH21z7QxztLckVG8yJ0AtgnUhN7kjPO+YiGMWcTXjr
TSB0Cv2RvC3RDdu19ZRwCSAVtPJWwFXLjLjDENV0iax+hrCo6Q/3kNwLMDzfz/Ys
jsRn/bjr
-----END CERTIFICATE-----
Generated at Tue Sep 24 14:45:34 2024 by rpki-client on console-fra.rpki-client.org