Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/nZgWvG1x4NDbiEy2eI0Hn_zPY88.roa
File: nZgWvG1x4NDbiEy2eI0Hn_zPY88.roa (raw, json)
Hash identifier: HZn3KMeYsRBpA3z8toVSSDTj8Ec0lNustk6VBjgRzyE=
Subject key identifier: 9D:98:16:BC:6D:71:E0:D0:DB:88:4C:B6:78:8D:07:9F:FC:CF:63:CF
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019442F8F3D57E5C3A5CEE0913ED4F2A88A9
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/nZgWvG1x4NDbiEy2eI0Hn_zPY88.roa
Signing time: Tue 07 Jan 2025 22:53:19 +0000
ROA not before: Tue 07 Jan 2025 22:53:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 37.46.20.0/22 maxlen: 24
87.251.16.0/22 maxlen: 24
150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:42:f8:f3:d5:7e:5c:3a:5c:ee:09:13:ed:4f:2a:88:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 7 22:53:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d9816bc6d71e0d0db884cb6788d079ffccf63cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:1d:d9:1b:a3:be:ee:71:e0:1b:27:b0:be:
0b:46:ac:a5:d6:92:aa:1c:9a:b6:54:8e:2f:64:e5:
d5:3d:37:23:40:52:a5:e1:26:d1:47:6a:d4:88:99:
12:41:d8:6e:fe:b7:4e:98:9d:e6:78:bf:a6:d7:e3:
0d:44:e6:67:13:14:44:1d:d3:b1:45:59:fd:d1:5a:
d5:e1:7f:3a:67:eb:38:b7:43:ea:81:99:ca:3c:06:
0b:b4:80:59:b2:77:b1:f9:24:18:54:76:27:a8:08:
f9:ee:90:18:ee:3b:9b:7d:cb:fd:4d:6c:97:00:4c:
1f:a2:af:e8:6f:1b:7b:77:78:d4:e3:ca:f2:41:b7:
5e:9e:cb:42:39:b4:82:49:81:4d:f4:2b:dd:a7:d8:
0a:85:3e:d7:e2:aa:97:13:73:30:59:87:6b:61:e2:
b6:3c:f1:5a:e7:94:a4:7a:5b:5c:4d:b4:61:6c:32:
1e:82:57:a8:ac:a3:62:f8:2d:47:3f:62:b2:5e:f9:
8e:dc:d1:04:cf:bb:33:60:b1:4a:cc:0a:6d:9d:51:
06:77:b4:71:33:8a:38:aa:cb:b1:01:47:8e:af:65:
7f:72:30:c4:c6:d4:04:7d:b9:c4:f7:60:c6:98:56:
a9:ec:8a:37:b4:4d:35:f0:ee:b3:23:e8:a7:e2:d9:
65:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:98:16:BC:6D:71:E0:D0:DB:88:4C:B6:78:8D:07:9F:FC:CF:63:CF
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/nZgWvG1x4NDbiEy2eI0Hn_zPY88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.20.0/22
87.251.16.0/22
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
96:2d:3b:8b:24:f7:34:68:57:3a:c6:7e:e8:ef:ec:6e:9d:5b:
58:ab:93:d2:3b:81:28:73:18:fa:4d:1c:87:eb:65:43:ee:f2:
66:28:e2:5b:76:20:6f:8c:12:e5:20:81:05:d7:be:c6:c9:d5:
e5:fc:40:b3:44:5a:2b:01:1a:c1:7d:c8:2c:0b:cf:f6:bf:c8:
71:bb:67:4e:85:74:22:f0:60:39:db:d2:74:31:ef:27:be:0d:
12:34:13:8c:76:7d:38:49:aa:6a:65:55:7a:ea:a9:68:02:40:
e3:6c:78:2b:5a:e7:65:50:a5:a9:b4:cf:07:12:49:06:59:e7:
8d:41:51:1b:56:e6:6f:bd:2a:a8:26:34:c3:bf:4a:fb:c6:b1:
bd:2f:6f:63:8e:56:a1:cb:4e:96:3f:c6:4f:bd:c6:6e:f8:1f:
75:89:af:b4:a6:5d:77:1c:60:a0:9b:29:b9:f4:5d:88:60:e7:
8d:d4:c6:09:55:70:37:8b:66:8f:24:10:9a:57:fd:1e:26:ce:
a7:75:cf:3c:e1:63:eb:37:cc:06:5d:d2:c7:b5:01:60:bc:01:
ca:7f:38:dd:d2:58:6f:c6:90:be:73:57:d4:ab:73:79:bc:b1:
34:15:99:65:6c:f2:f8:9b:f1:14:00:a0:8b:32:9c:20:b6:4f:
ea:0d:4f:7c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZRC+PPVflw6XO4JE+1PKoipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTA3MjI1MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk4MTZiYzZkNzFlMGQwZGI4ODRjYjY3ODhkMDc5ZmZjY2Y2M2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF0d2Rujvu5x4BsnsL4LRqyl1pKq
HJq2VI4vZOXVPTcjQFKl4SbRR2rUiJkSQdhu/rdOmJ3meL+m1+MNROZnExREHdOx
RVn90VrV4X86Z+s4t0PqgZnKPAYLtIBZsnex+SQYVHYnqAj57pAY7jubfcv9TWyX
AEwfoq/obxt7d3jU48ryQbdenstCObSCSYFN9Cvdp9gKhT7X4qqXE3MwWYdrYeK2
PPFa55SkeltcTbRhbDIegleorKNi+C1HP2KyXvmO3NEEz7szYLFKzAptnVEGd7Rx
M4o4qsuxAUeOr2V/cjDExtQEfbnE92DGmFap7Io3tE018O6zI+in4tllMwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ2YFrxtceDQ24hMtniNB5/8z2PPMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvblpnV3ZHMXg0TkRiaUV5MmVJMEhuX3pQWTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCJS4UAwQC
V/sQAwQBlvFqMAwDBACW8XMDBACW8XQDBACW8XswDQYJKoZIhvcNAQELBQADggEB
AJYtO4sk9zRoVzrGfujv7G6dW1irk9I7gShzGPpNHIfrZUPu8mYo4lt2IG+MEuUg
gQXXvsbJ1eX8QLNEWisBGsF9yCwLz/a/yHG7Z06FdCLwYDnb0nQx7ye+DRI0E4x2
fThJqmplVXrqqWgCQONseCta52VQpam0zwcSSQZZ541BURtW5m+9KqgmNMO/SvvG
sb0vb2OOVqHLTpY/xk+9xm74H3WJr7SmXXccYKCbKbn0XYhg543UxglVcDeLZo8k
EJpX/R4mzqd1zzzhY+s3zAZd0se1AWC8Acp/ON3SWG/GkL5zV9Src3m8sTQVmWVs
8vib8RQAoIsynCC2T+oNT3w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:04 2025 by rpki-client