Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/do23iDhWHm6TzjxuEzyh_jCkmgU.roa
File: do23iDhWHm6TzjxuEzyh_jCkmgU.roa (raw, json)
Hash identifier: /14dmgoeH4ovCSZ1L4wtgr9wW5fF/RCSZtlfNlv8LJk=
Subject key identifier: 76:8D:B7:88:38:56:1E:6E:93:CE:3C:6E:13:3C:A1:FE:30:A4:9A:05
Certificate issuer: /CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Certificate serial: 018CC4937B50A1A793FCDBB0624D984BD92C
Authority key identifier: 3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/do23iDhWHm6TzjxuEzyh_jCkmgU.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60475
IP address blocks: 37.202.16.0/21 maxlen: 21
37.202.22.0/23 maxlen: 23
185.241.200.0/22 maxlen: 22
2a02:ff00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7b:50:a1:a7:93:fc:db:b0:62:4d:98:4b:d9:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=768db78838561e6e93ce3c6e133ca1fe30a49a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:79:d2:61:dc:59:18:fe:29:ab:34:a0:64:e5:
6b:c4:b7:da:25:c5:cd:41:98:c6:9d:61:b8:70:cd:
a8:8e:87:40:4b:c3:52:1f:82:c5:a8:5e:45:ad:54:
f1:df:6e:78:f1:0a:b2:32:42:b4:87:08:ae:3a:80:
ec:28:4e:d7:f8:6e:01:d3:61:ee:1f:7f:89:17:30:
02:54:52:90:e8:ac:f2:30:65:78:73:46:ad:f0:cd:
c2:bf:9f:e5:57:bf:c8:46:05:b2:11:2e:6a:96:30:
0c:ec:8d:49:f8:f5:df:8d:ec:ba:21:da:6e:fa:1a:
32:ab:6f:aa:80:77:ec:18:9e:68:94:5e:ec:0a:b7:
94:7a:2d:31:ab:7e:0d:5f:14:8a:d1:69:07:32:5c:
3e:04:77:fc:07:49:85:9f:42:6d:0c:1c:7b:cf:9e:
25:3e:37:58:d1:99:60:54:ba:87:ac:59:5b:cb:4c:
d4:cb:7f:94:d1:bd:de:26:fb:05:50:2e:a9:b7:66:
0c:10:45:83:b4:0f:5a:de:02:ff:a9:eb:a1:46:d9:
15:23:f6:96:65:68:57:f5:9b:24:cd:03:cc:0c:26:
cc:6d:26:9a:f1:bb:3f:d8:ee:aa:a0:68:f0:8d:96:
51:2d:81:2e:3f:10:01:9c:48:94:50:a0:5e:f4:16:
4c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8D:B7:88:38:56:1E:6E:93:CE:3C:6E:13:3C:A1:FE:30:A4:9A:05
X509v3 Authority Key Identifier:
keyid:3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/do23iDhWHm6TzjxuEzyh_jCkmgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/PzGV9HCEyLDGcNA_fue1Fs-ATFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.16.0/21
185.241.200.0/22
IPv6:
2a02:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
39:f6:f1:21:82:62:49:73:b4:f7:9f:5d:f5:a0:43:80:8c:d3:
f9:4d:50:c8:e3:99:10:0b:e7:b3:fd:42:47:b2:2e:e6:c9:a3:
3d:0e:22:47:67:e5:0c:a2:e3:18:25:c2:ab:b8:2c:12:58:f6:
5a:5f:1a:36:63:de:1f:78:56:d1:7d:6b:e1:2c:d7:6e:c1:85:
96:12:c9:fc:eb:86:c5:22:42:99:a4:3d:a4:d4:aa:ea:70:3b:
5e:c9:59:12:96:18:b4:d5:fa:16:99:1e:e3:6d:4d:11:8a:c2:
27:4c:c8:62:3d:e9:a8:ba:7d:79:c7:bf:d7:0d:30:8e:5b:0a:
45:03:cd:49:24:a9:16:9b:7d:f7:b5:d8:94:a6:3b:de:ad:ea:
86:56:bf:fe:b3:f9:33:f4:5c:8e:e1:93:4a:9a:a1:23:b0:db:
3a:c8:3a:3e:01:4c:c2:c0:72:32:c1:9e:de:e3:b5:a7:52:d5:
b1:f8:21:ef:20:33:30:24:2a:ee:e2:ab:ac:ef:4d:b1:26:03:
27:8d:c2:ff:c2:8d:c8:1a:8d:4c:04:e5:dd:7e:c7:33:ca:a1:
c2:e7:c9:b6:82:34:62:f2:93:5a:ec:d4:7c:e6:cc:81:8a:7c:
fa:1d:fd:46:ae:ba:ce:44:81:1a:6a:7f:95:37:ae:5b:07:76:
1f:d6:6d:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEk3tQoaeT/NuwYk2YS9ksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzE5NWY0NzA4NGM4YjBjNjcwZDAzZjdlZTdiNTE2Y2Y4
MDRjNWMwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhkYjc4ODM4NTYxZTZlOTNjZTNjNmUxMzNjYTFmZTMwYTQ5YTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHnSYdxZGP4pqzSgZOVrxLfaJcXN
QZjGnWG4cM2ojodAS8NSH4LFqF5FrVTx32548QqyMkK0hwiuOoDsKE7X+G4B02Hu
H3+JFzACVFKQ6KzyMGV4c0at8M3Cv5/lV7/IRgWyES5qljAM7I1J+PXfjey6Idpu
+hoyq2+qgHfsGJ5olF7sCreUei0xq34NXxSK0WkHMlw+BHf8B0mFn0JtDBx7z54l
PjdY0ZlgVLqHrFlby0zUy3+U0b3eJvsFUC6pt2YMEEWDtA9a3gL/qeuhRtkVI/aW
ZWhX9ZskzQPMDCbMbSaa8bs/2O6qoGjwjZZRLYEuPxABnEiUUKBe9BZMqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHaNt4g4Vh5uk848bhM8of4wpJoFMB8GA1UdIwQY
MBaAFD8xlfRwhMiwxnDQP37ntRbPgExcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYt
NjA0Mzc4ZTcxNzNmLzEvZG8yM2lEaFdIbTZUemp4dUV6eWhfakNrbWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYtNjA0Mzc4ZTcxNzNm
LzEvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcoQAwQC
ufHIMA0EAgACMAcDBQMqAv8AMA0GCSqGSIb3DQEBCwUAA4IBAQA59vEhgmJJc7T3
n131oEOAjNP5TVDI45kQC+ez/UJHsi7myaM9DiJHZ+UMouMYJcKruCwSWPZaXxo2
Y94feFbRfWvhLNduwYWWEsn864bFIkKZpD2k1KrqcDteyVkSlhi01foWmR7jbU0R
isInTMhiPemoun15x7/XDTCOWwpFA81JJKkWm333tdiUpjvereqGVr/+s/kz9FyO
4ZNKmqEjsNs6yDo+AUzCwHIywZ7e47WnUtWx+CHvIDMwJCru4qus702xJgMnjcL/
wo3IGo1MBOXdfsczyqHC58m2gjRi8pNa7NR85syBinz6Hf1GrrrORIEaan+VN65b
B3Yf1m2K
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:25:45 2025 by rpki-client