Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/dLdSEXS4_jNr4bHL9BG7W9oGuiY.roa
File: dLdSEXS4_jNr4bHL9BG7W9oGuiY.roa (raw, json)
Hash identifier: j2lBUdkWP89kcUbYluZNnx67sF2qbLVr1sm6dQSE3rQ=
Subject key identifier: 74:B7:52:11:74:B8:FE:33:6B:E1:B1:CB:F4:11:BB:5B:DA:06:BA:26
Certificate issuer: /CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Certificate serial: 01857230F2BC93F5E87D4001F56DC0D7D224
Authority key identifier: 97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/dLdSEXS4_jNr4bHL9BG7W9oGuiY.roa
Signing time: Mon 02 Jan 2023 11:14:48 +0000
ROA not before: Mon 02 Jan 2023 11:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49434
IP address blocks: 37.44.237.0/24 maxlen: 24
37.44.239.0/24 maxlen: 24
37.44.236.0/22 maxlen: 24
185.157.246.0/23 maxlen: 24
2a09:ca00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:f2:bc:93:f5:e8:7d:40:01:f5:6d:c0:d7:d2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Validity
Not Before: Jan 2 11:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74b7521174b8fe336be1b1cbf411bb5bda06ba26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ad:cd:02:df:b4:02:e9:44:7a:69:95:d2:57:
c0:bc:01:3f:4f:03:77:7d:c7:68:cb:3a:b2:f9:5d:
df:f1:c4:dc:1d:83:8c:9f:05:56:cf:0b:35:03:49:
26:ab:7c:13:ae:0e:fd:79:33:db:37:a7:fc:7e:e4:
4a:45:73:8e:ff:9e:d5:18:e0:d3:eb:74:80:e3:66:
22:cc:d0:a3:f4:ad:94:4a:78:34:59:ac:10:c6:84:
df:6f:ba:88:93:b2:05:2a:cc:3c:ff:a2:78:c5:1b:
86:7e:fd:db:32:1d:b4:d3:9d:4d:c0:38:aa:26:b0:
b9:9d:fb:26:a1:fb:71:06:d3:17:1c:00:c7:9b:d4:
38:a5:62:ae:22:d8:62:53:34:1a:d1:cf:a6:2b:e9:
13:56:69:3f:fc:4b:09:dd:53:77:20:50:ec:af:fa:
50:73:17:2c:2f:2c:ff:62:45:44:ff:97:b1:61:f9:
d0:43:89:ea:13:08:94:5b:db:24:5c:8d:81:27:6e:
eb:1a:b1:1e:11:90:24:25:a9:5f:b6:b4:ff:1b:c3:
c0:48:fc:64:a8:b8:ae:b0:91:1d:ee:83:b3:8d:9c:
27:31:7b:68:25:d0:b5:6f:3d:76:c0:cc:67:04:24:
08:0e:3b:dc:69:50:7a:91:d1:4e:4e:32:2c:03:7d:
13:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B7:52:11:74:B8:FE:33:6B:E1:B1:CB:F4:11:BB:5B:DA:06:BA:26
X509v3 Authority Key Identifier:
keyid:97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/dLdSEXS4_jNr4bHL9BG7W9oGuiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/l6xHtRJE70nFI3iuzSnFjPtyCJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.236.0/22
185.157.246.0/23
IPv6:
2a09:ca00::/29
Signature Algorithm: sha256WithRSAEncryption
4d:65:14:53:11:df:18:c4:c6:4a:ae:c9:0b:b2:5d:1d:02:57:
21:45:9c:45:03:2f:8c:74:3b:6f:a1:99:94:fc:8d:4d:28:0f:
c5:a7:32:96:d8:e1:35:ff:63:91:45:b4:0f:50:3e:b1:20:2c:
f5:67:93:d7:b5:06:d5:8e:bf:ba:c6:d8:9b:c9:05:de:d1:5a:
6d:c2:a8:65:a1:4c:73:fb:d2:18:2b:18:fa:50:63:6d:10:af:
36:e2:13:ed:82:b6:eb:97:f1:9f:61:fe:87:6b:d3:8c:af:fa:
46:dc:62:30:b6:7e:13:20:de:81:bd:06:4e:21:7c:4d:cc:fd:
0d:47:68:25:22:14:ac:26:e4:37:17:06:f0:09:67:f7:2d:ba:
71:df:70:9b:43:82:a5:7f:4f:bd:fe:9d:92:49:8e:9b:59:43:
e8:c8:e7:d7:b9:ed:ec:e9:3c:b2:cc:a8:76:2a:ae:85:4b:0d:
fd:b0:64:70:82:09:ad:3d:e7:60:6f:1d:df:87:c4:57:d2:c7:
a2:ee:58:48:24:d3:6e:6b:3b:6b:02:ec:09:01:0c:ce:91:3f:
17:f9:31:ad:2e:af:e8:56:ed:f8:c0:b0:e6:62:28:fa:2c:e7:
f0:c4:4c:a4:10:36:fb:09:4d:9d:80:f1:fa:19:3a:f9:00:cb:
41:62:07:5e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyMPK8k/XofUAB9W3A19IkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YWM0N2I1MTI0NGVmNDljNTIzNzhhZWNkMjljNThjZmI3
MjA4OWIwHhcNMjMwMTAyMTExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI3NTIxMTc0YjhmZTMzNmJlMWIxY2JmNDExYmI1YmRhMDZiYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia3NAt+0AulEemmV0lfAvAE/TwN3
fcdoyzqy+V3f8cTcHYOMnwVWzws1A0kmq3wTrg79eTPbN6f8fuRKRXOO/57VGODT
63SA42YizNCj9K2USng0WawQxoTfb7qIk7IFKsw8/6J4xRuGfv3bMh20051NwDiq
JrC5nfsmoftxBtMXHADHm9Q4pWKuIthiUzQa0c+mK+kTVmk//EsJ3VN3IFDsr/pQ
cxcsLyz/YkVE/5exYfnQQ4nqEwiUW9skXI2BJ27rGrEeEZAkJalftrT/G8PASPxk
qLiusJEd7oOzjZwnMXtoJdC1bz12wMxnBCQIDjvcaVB6kdFOTjIsA30TFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHS3UhF0uP4za+Gxy/QRu1vaBromMB8GA1UdIwQY
MBaAFJesR7USRO9JxSN4rs0pxYz7cgibMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYt
M2Y2NTY4YjU5NTg5LzEvZExkU0VYUzRfak5yNGJITDlCRzdXOW9HdWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYtM2Y2NTY4YjU5NTg5
LzEvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCJSzsAwQB
uZ32MA0EAgACMAcDBQMqCcoAMA0GCSqGSIb3DQEBCwUAA4IBAQBNZRRTEd8YxMZK
rskLsl0dAlchRZxFAy+MdDtvoZmU/I1NKA/FpzKW2OE1/2ORRbQPUD6xICz1Z5PX
tQbVjr+6xtibyQXe0VptwqhloUxz+9IYKxj6UGNtEK824hPtgrbrl/GfYf6Ha9OM
r/pG3GIwtn4TIN6BvQZOIXxNzP0NR2glIhSsJuQ3FwbwCWf3Lbpx33CbQ4Klf0+9
/p2SSY6bWUPoyOfXue3s6TyyzKh2Kq6FSw39sGRwggmtPedgbx3fh8RX0sei7lhI
JNNuaztrAuwJAQzOkT8X+TGtLq/oVu34wLDmYij6LOfwxEykEDb7CU2dgPH6GTr5
AMtBYgde
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:12 2025 by rpki-client