Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/d-95rAHHuBAaQPmzAEPWgdKyxFo.roa
File: d-95rAHHuBAaQPmzAEPWgdKyxFo.roa (raw, json)
Hash identifier: 9Wboo4a75LUMWjrM7p8sJusEoWoF75d1YR86Ff0lJjY=
Subject key identifier: 77:EF:79:AC:01:C7:B8:10:1A:40:F9:B3:00:43:D6:81:D2:B2:C4:5A
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019423D7FD0BBA08975C91BACEF30378328F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/d-95rAHHuBAaQPmzAEPWgdKyxFo.roa
Signing time: Wed 01 Jan 2025 21:49:05 +0000
ROA not before: Wed 01 Jan 2025 21:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199785
IP address blocks: 37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:fd:0b:ba:08:97:5c:91:ba:ce:f3:03:78:32:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 1 21:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77ef79ac01c7b8101a40f9b30043d681d2b2c45a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ac:98:d4:8a:b0:fa:df:d3:9d:08:3b:00:72:
76:7a:9c:bd:a1:8a:76:b7:bc:77:16:bc:12:30:1f:
66:b1:98:94:36:7c:d6:31:5f:00:e6:b5:e7:fa:05:
83:b1:29:a4:f5:1d:ce:03:99:db:43:61:a4:7a:46:
29:a2:38:5d:91:4b:fd:7c:ca:23:c8:b3:19:f7:9d:
d6:81:08:15:63:c2:54:55:5d:40:75:74:db:0e:03:
d4:5b:98:7e:62:7b:4a:71:79:94:03:eb:41:01:c3:
38:14:a2:ae:40:d2:63:0a:74:07:7d:5b:20:7b:dc:
3b:f5:7c:fc:f9:4e:64:ba:ab:87:39:72:2f:d8:56:
5a:f1:1e:da:40:fd:ae:9f:04:f4:cb:dc:73:2c:35:
e7:16:99:fe:0d:f2:9d:06:21:d2:dd:d1:f6:d1:08:
4f:6c:9c:1f:e9:28:cf:18:81:55:fb:37:d9:ff:cf:
2c:3f:e6:3c:0f:ca:91:35:64:c0:df:10:c8:7d:ec:
77:32:f3:2c:59:b6:1e:f7:4f:cd:1e:8c:88:2c:92:
be:c7:30:51:f6:83:c8:b0:90:d6:70:b2:ce:04:e8:
33:c0:ca:cc:fe:d6:32:6d:a6:27:74:22:96:38:65:
4b:6d:b6:66:74:32:25:c2:ad:d4:94:33:2f:8c:43:
6c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:EF:79:AC:01:C7:B8:10:1A:40:F9:B3:00:43:D6:81:D2:B2:C4:5A
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/d-95rAHHuBAaQPmzAEPWgdKyxFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/22
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
bb:1d:8a:b4:f2:fb:23:58:69:24:d4:d7:07:7f:26:31:d5:70:
3d:ac:f0:7d:39:e5:af:1a:40:27:95:06:c8:e6:cd:6e:50:07:
0a:02:56:c0:2c:8b:95:81:43:ba:8a:26:9b:54:56:93:7d:e9:
a9:1d:22:27:89:8f:3a:cf:59:01:09:ac:eb:c1:f4:52:8f:09:
76:18:cd:6d:f7:56:9b:b1:e2:28:92:c0:2a:0f:a9:90:ac:6e:
0c:5c:91:f1:87:01:64:b0:15:bd:85:bb:72:3a:af:42:e1:a5:
be:c2:cb:ee:97:16:32:d8:b0:46:b9:2a:fc:3b:93:68:9d:62:
16:92:1b:a1:ec:9c:2f:f7:19:08:2b:aa:21:c2:ae:64:b7:ad:
ab:29:37:87:b1:5d:0a:20:18:04:0b:eb:8c:3b:44:a1:1e:8b:
c8:e0:32:7b:4b:3b:5b:d7:67:c5:96:fb:3b:11:c5:46:44:b4:
bf:32:1f:2d:29:91:7e:15:5a:ae:c7:1d:36:e9:5a:a1:b3:d3:
b9:5c:c0:17:3c:24:1c:bc:be:23:7b:cf:dc:0f:5b:bb:a7:93:
58:01:06:e5:21:06:db:3c:43:af:7f:e9:d9:a4:30:20:7d:56:
e5:53:de:e8:8b:6d:0d:8e:ff:cd:45:b6:b8:2d:81:60:06:11:
e1:46:1e:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQj1/0LugiXXJG6zvMDeDKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTAxMjE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2VmNzlhYzAxYzdiODEwMWE0MGY5YjMwMDQzZDY4MWQyYjJjNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6yY1Iqw+t/TnQg7AHJ2epy9oYp2
t7x3FrwSMB9msZiUNnzWMV8A5rXn+gWDsSmk9R3OA5nbQ2GkekYpojhdkUv9fMoj
yLMZ953WgQgVY8JUVV1AdXTbDgPUW5h+YntKcXmUA+tBAcM4FKKuQNJjCnQHfVsg
e9w79Xz8+U5kuquHOXIv2FZa8R7aQP2unwT0y9xzLDXnFpn+DfKdBiHS3dH20QhP
bJwf6SjPGIFV+zfZ/88sP+Y8D8qRNWTA3xDIfex3MvMsWbYe90/NHoyILJK+xzBR
9oPIsJDWcLLOBOgzwMrM/tYybaYndCKWOGVLbbZmdDIlwq3UlDMvjENsowIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHfveawBx7gQGkD5swBD1oHSssRaMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZC05NXJBSEh1QkFhUVBtekFFUFdnZEt5eEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCJS4QMAwD
BACW8XEDBACW8XQwDQYJKoZIhvcNAQELBQADggEBALsdirTy+yNYaSTU1wd/JjHV
cD2s8H055a8aQCeVBsjmzW5QBwoCVsAsi5WBQ7qKJptUVpN96akdIieJjzrPWQEJ
rOvB9FKPCXYYzW33Vpux4iiSwCoPqZCsbgxckfGHAWSwFb2Fu3I6r0Lhpb7Cy+6X
FjLYsEa5Kvw7k2idYhaSG6HsnC/3GQgrqiHCrmS3raspN4exXQogGAQL64w7RKEe
i8jgMntLO1vXZ8WW+zsRxUZEtL8yHy0pkX4VWq7HHTbpWqGz07lcwBc8JBy8viN7
z9wPW7unk1gBBuUhBts8Q69/6dmkMCB9VuVT3uiLbQ2O/81FtrgtgWAGEeFGHmc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:37 2025 by rpki-client