Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/vaNtOpnutVocc4HgTz_qO8e3SmU.roa
File: vaNtOpnutVocc4HgTz_qO8e3SmU.roa (raw, json)
Hash identifier: AwOLJBINUPYJBx/6eszbijh/p0/4Lqqk4JbtKk+yCEw=
Subject key identifier: BD:A3:6D:3A:99:EE:B5:5A:1C:73:81:E0:4F:3F:EA:3B:C7:B7:4A:65
Certificate issuer: /CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Certificate serial: 018CB5251F53E426A6B8213659EEE2EDA1CC
Authority key identifier: 97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/vaNtOpnutVocc4HgTz_qO8e3SmU.roa
Signing time: Fri 29 Dec 2023 10:35:58 +0000
ROA not before: Fri 29 Dec 2023 10:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34534
IP address blocks: 37.44.238.0/24 maxlen: 24
37.44.236.0/24 maxlen: 24
185.157.246.0/23 maxlen: 24
2a09:ca00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:25:1f:53:e4:26:a6:b8:21:36:59:ee:e2:ed:a1:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Validity
Not Before: Dec 29 10:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bda36d3a99eeb55a1c7381e04f3fea3bc7b74a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:a7:15:48:70:3d:75:eb:61:ee:fa:1e:b7:
ea:3a:56:1a:12:19:38:77:c6:f2:06:3e:f7:df:63:
bc:42:ff:16:19:10:cd:e3:de:a0:a7:3e:20:94:f7:
02:0f:6c:e8:7f:d6:f6:6f:cf:ae:f2:77:25:23:15:
81:df:83:f6:28:75:85:cc:cd:c8:6b:68:da:09:07:
c6:ac:b3:7a:b8:7b:4e:5c:7f:bc:21:95:4d:bd:79:
36:e4:68:f8:a3:6f:eb:33:dc:ec:fa:a0:23:b8:b4:
0c:c6:5a:59:ee:ce:22:36:97:9c:ef:8b:c0:cc:b1:
83:9a:71:9f:0d:77:bd:75:38:08:b9:07:57:75:77:
8d:74:2a:67:d7:47:37:a6:4f:a9:71:f9:4c:54:c0:
85:b1:fa:ac:7a:c0:eb:bd:a6:83:85:86:83:e7:59:
2e:40:76:5e:7f:4a:11:ab:50:cc:89:76:7c:60:ec:
53:ac:a8:15:62:64:a3:7f:31:82:70:1e:d0:c4:5e:
df:29:00:bf:43:c9:da:5d:fe:ce:a5:b4:62:7b:3e:
2f:03:f1:a4:30:2a:e9:ff:53:6e:17:a4:9a:c8:ab:
a8:58:3e:86:29:f1:76:74:29:06:fd:2c:62:99:0f:
fb:ce:04:c9:3d:b1:7d:0d:56:ee:88:8e:d7:a3:12:
2e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A3:6D:3A:99:EE:B5:5A:1C:73:81:E0:4F:3F:EA:3B:C7:B7:4A:65
X509v3 Authority Key Identifier:
keyid:97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/vaNtOpnutVocc4HgTz_qO8e3SmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/l6xHtRJE70nFI3iuzSnFjPtyCJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.236.0/24
37.44.238.0/24
185.157.246.0/23
IPv6:
2a09:ca00::/48
Signature Algorithm: sha256WithRSAEncryption
5a:d2:75:1b:b9:99:40:98:1e:b7:73:a5:39:cf:04:cb:92:b8:
54:e3:4a:1b:d6:54:dd:5c:32:34:ec:9c:63:54:47:f0:75:8b:
c0:93:50:06:ce:bf:f1:b6:0e:ac:50:34:f3:67:67:3d:eb:02:
97:8a:a8:ed:d1:8c:ab:db:73:df:13:f3:90:3c:86:12:34:d6:
e7:27:7e:54:6f:7e:6d:71:45:56:9a:c0:7f:da:f3:2e:2a:c5:
61:c2:8c:0c:73:0f:74:ea:9b:2d:1b:48:f6:72:0c:28:b7:14:
1d:ed:f4:a6:0f:2b:c2:30:c4:b6:64:a0:b0:09:25:f7:91:00:
6e:f8:86:81:a5:d2:fe:c8:70:77:6a:be:c5:a8:4a:ee:83:7c:
3f:45:7a:17:73:fa:99:ac:93:72:13:3b:f4:21:dc:15:3b:a4:
b5:17:d3:1a:0c:e5:54:3c:dd:a2:5a:75:b2:d0:4b:9a:98:98:
99:93:af:91:23:c0:d5:5d:a7:72:29:f9:ae:9e:43:35:87:3d:
09:93:3e:dc:f3:46:3d:6b:04:65:4c:06:7e:53:9c:72:1f:76:
89:ad:9f:32:d4:ae:1f:b7:7f:63:b2:3b:df:ad:6e:bb:44:bb:
65:bd:fe:00:7a:e4:f5:a9:ea:48:17:20:2b:f9:69:23:25:de:
80:7d:0e:92
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYy1JR9T5CamuCE2We7i7aHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YWM0N2I1MTI0NGVmNDljNTIzNzhhZWNkMjljNThjZmI3
MjA4OWIwHhcNMjMxMjI5MTAzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGEzNmQzYTk5ZWViNTVhMWM3MzgxZTA0ZjNmZWEzYmM3Yjc0YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4ynFUhwPXXrYe76HrfqOlYaEhk4
d8byBj7332O8Qv8WGRDN496gpz4glPcCD2zof9b2b8+u8nclIxWB34P2KHWFzM3I
a2jaCQfGrLN6uHtOXH+8IZVNvXk25Gj4o2/rM9zs+qAjuLQMxlpZ7s4iNpec74vA
zLGDmnGfDXe9dTgIuQdXdXeNdCpn10c3pk+pcflMVMCFsfqsesDrvaaDhYaD51ku
QHZef0oRq1DMiXZ8YOxTrKgVYmSjfzGCcB7QxF7fKQC/Q8naXf7OpbRiez4vA/Gk
MCrp/1NuF6SayKuoWD6GKfF2dCkG/SximQ/7zgTJPbF9DVbuiI7XoxIukQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFL2jbTqZ7rVaHHOB4E8/6jvHt0plMB8GA1UdIwQY
MBaAFJesR7USRO9JxSN4rs0pxYz7cgibMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYt
M2Y2NTY4YjU5NTg5LzEvdmFOdE9wbnV0Vm9jYzRIZ1R6X3FPOGUzU21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYtM2Y2NTY4YjU5NTg5
LzEvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAJSzsAwQA
JSzuAwQBuZ32MA8EAgACMAkDBwAqCcoAAAAwDQYJKoZIhvcNAQELBQADggEBAFrS
dRu5mUCYHrdzpTnPBMuSuFTjShvWVN1cMjTsnGNUR/B1i8CTUAbOv/G2DqxQNPNn
Zz3rApeKqO3RjKvbc98T85A8hhI01ucnflRvfm1xRVaawH/a8y4qxWHCjAxzD3Tq
my0bSPZyDCi3FB3t9KYPK8IwxLZkoLAJJfeRAG74hoGl0v7IcHdqvsWoSu6DfD9F
ehdz+pmsk3ITO/Qh3BU7pLUX0xoM5VQ83aJadbLQS5qYmJmTr5EjwNVdp3Ip+a6e
QzWHPQmTPtzzRj1rBGVMBn5TnHIfdomtnzLUrh+3f2OyO9+tbrtEu2W9/gB65PWp
6kgXICv5aSMl3oB9DpI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:03 2024 by rpki-client on console-fra.rpki-client.org