Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/CRrjgNdz-QzKn6RSlKxndJPzTyA.roa
File: CRrjgNdz-QzKn6RSlKxndJPzTyA.roa (raw, json)
Hash identifier: /wQPVT9bYON/0RB0CX4xE/qDTRxXkIr7OwD8gRLr3vY=
Subject key identifier: 09:1A:E3:80:D7:73:F9:0C:CA:9F:A4:52:94:AC:67:74:93:F3:4F:20
Certificate issuer: /CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Certificate serial: 0192058DC1413C8F1BBD143B7ED168AD08A4
Authority key identifier: 3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/CRrjgNdz-QzKn6RSlKxndJPzTyA.roa
Signing time: Wed 18 Sep 2024 14:33:49 +0000
ROA not before: Wed 18 Sep 2024 14:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60475
IP address blocks: 37.202.16.0/21 maxlen: 21
185.241.200.0/22 maxlen: 22
2a02:ff00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:8d:c1:41:3c:8f:1b:bd:14:3b:7e:d1:68:ad:08:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Validity
Not Before: Sep 18 14:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=091ae380d773f90cca9fa45294ac677493f34f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:45:f9:f8:ea:25:f5:ba:47:d8:1f:ee:42:b2:
23:e1:7e:7c:90:99:f6:37:6a:d2:fa:4a:a8:1c:a9:
91:2b:52:03:56:14:07:49:63:94:a1:ca:21:b7:eb:
8b:d0:f1:31:be:13:65:98:44:28:cf:b7:ce:4c:5f:
e4:6b:7f:10:9d:72:72:7b:b1:1f:d4:1c:78:90:5a:
b5:24:f8:88:e4:7f:96:4f:4c:17:75:fc:ba:85:c9:
e9:f4:4a:49:1f:00:25:b8:4f:c2:4f:e4:20:a9:80:
f9:d8:6f:b7:13:cb:6e:b9:8c:0a:40:fc:70:7c:c4:
e6:ac:88:b7:4f:46:5d:98:f0:03:75:27:30:57:21:
4e:be:c5:d7:86:49:a7:d0:63:80:12:e1:db:ff:0a:
1b:dd:e1:90:8e:1c:2c:ea:b6:72:c2:02:9c:b2:24:
23:8f:3e:4c:0d:ea:bd:ed:e6:99:21:8f:8a:d4:b9:
8f:13:46:eb:df:b5:c0:79:f5:9c:75:d3:61:bd:43:
f0:33:c1:2d:7f:5f:0f:8c:59:88:2d:3e:2c:d2:86:
c4:ff:02:4d:f6:e1:25:fc:89:ba:54:39:60:2b:9c:
a3:2b:71:33:58:9b:d8:76:a3:20:5f:3f:bf:35:c1:
66:02:f7:ae:7c:0a:dc:af:a8:5e:1b:a3:4f:59:54:
b4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1A:E3:80:D7:73:F9:0C:CA:9F:A4:52:94:AC:67:74:93:F3:4F:20
X509v3 Authority Key Identifier:
keyid:3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/CRrjgNdz-QzKn6RSlKxndJPzTyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/PzGV9HCEyLDGcNA_fue1Fs-ATFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.16.0/21
185.241.200.0/22
IPv6:
2a02:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
3f:e3:bc:39:bf:b3:2b:11:1e:da:0a:6c:81:ed:30:a6:5f:b9:
5c:e7:22:3e:45:81:eb:80:47:3b:b6:4a:0f:78:23:06:f8:f0:
5d:ef:21:16:c5:02:61:cd:27:f1:af:2c:09:c5:a5:4f:81:62:
0c:ba:2b:b2:c3:2a:7d:75:35:3f:54:4b:d7:02:4e:9f:7a:fd:
2c:e4:22:76:a8:52:8c:56:75:b7:14:44:4d:a0:54:cd:2b:15:
b2:67:36:27:28:91:26:2a:b5:6f:d1:f4:c4:0c:64:2a:f2:62:
78:9d:c6:e9:d1:be:3e:26:13:5e:75:7d:99:0f:5e:d1:74:e9:
6e:75:fc:09:ea:8b:da:7f:60:90:c4:66:34:9c:f5:0d:45:10:
b4:dc:38:89:96:95:12:10:20:15:9b:66:d4:fe:68:a0:01:6d:
11:67:69:53:00:76:2c:79:27:c7:17:36:b4:6a:8a:82:c7:27:
f7:ff:ce:03:aa:cd:c3:1e:44:77:eb:24:b5:b5:41:16:b9:da:
32:8d:dc:6b:8a:49:9c:7c:55:35:e1:d0:b8:13:a0:10:41:b5:
a2:dd:b2:44:47:fa:13:05:8a:75:01:a4:a0:60:fa:ee:4c:bd:
82:0a:3c:0a:78:9b:63:74:78:c8:06:76:6d:6d:2b:6b:36:7b:
b1:28:10:ab
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZIFjcFBPI8bvRQ7ftForQikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzE5NWY0NzA4NGM4YjBjNjcwZDAzZjdlZTdiNTE2Y2Y4
MDRjNWMwHhcNMjQwOTE4MTQzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFhZTM4MGQ3NzNmOTBjY2E5ZmE0NTI5NGFjNjc3NDkzZjM0ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkX5+Ool9bpH2B/uQrIj4X58kJn2
N2rS+kqoHKmRK1IDVhQHSWOUocoht+uL0PExvhNlmEQoz7fOTF/ka38QnXJye7Ef
1Bx4kFq1JPiI5H+WT0wXdfy6hcnp9EpJHwAluE/CT+QgqYD52G+3E8tuuYwKQPxw
fMTmrIi3T0ZdmPADdScwVyFOvsXXhkmn0GOAEuHb/wob3eGQjhws6rZywgKcsiQj
jz5MDeq97eaZIY+K1LmPE0br37XAefWcddNhvUPwM8Etf18PjFmILT4s0obE/wJN
9uEl/Im6VDlgK5yjK3EzWJvYdqMgXz+/NcFmAveufArcr6heG6NPWVS0bQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAka44DXc/kMyp+kUpSsZ3ST808gMB8GA1UdIwQY
MBaAFD8xlfRwhMiwxnDQP37ntRbPgExcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYt
NjA0Mzc4ZTcxNzNmLzEvQ1JyamdOZHotUXpLbjZSU2xLeG5kSlB6VHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYtNjA0Mzc4ZTcxNzNm
LzEvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcoQAwQC
ufHIMA0EAgACMAcDBQMqAv8AMA0GCSqGSIb3DQEBCwUAA4IBAQA/47w5v7MrER7a
CmyB7TCmX7lc5yI+RYHrgEc7tkoPeCMG+PBd7yEWxQJhzSfxrywJxaVPgWIMuiuy
wyp9dTU/VEvXAk6fev0s5CJ2qFKMVnW3FERNoFTNKxWyZzYnKJEmKrVv0fTEDGQq
8mJ4ncbp0b4+JhNedX2ZD17RdOludfwJ6ovaf2CQxGY0nPUNRRC03DiJlpUSECAV
m2bU/migAW0RZ2lTAHYseSfHFza0aoqCxyf3/84Dqs3DHkR36yS1tUEWudoyjdxr
ikmcfFU14dC4E6AQQbWi3bJER/oTBYp1AaSgYPruTL2CCjwKeJtjdHjIBnZtbStr
NnuxKBCr
-----END CERTIFICATE-----
Generated at Fri Nov 8 12:59:00 2024 by rpki-client on console-fra.rpki-client.org