Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/4sQRqg1wVxHplQEORYtm00xrQVY.roa
File: 4sQRqg1wVxHplQEORYtm00xrQVY.roa (raw, json)
Hash identifier: J3w9Mg25j1wb94v36vArE3YS5FJrYK6v8WsTSNDodH0=
Subject key identifier: E2:C4:11:AA:0D:70:57:11:E9:95:01:0E:45:8B:66:D3:4C:6B:41:56
Certificate issuer: /CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Certificate serial: 019424B3EB4CAC03D256E125EFEB14EB65CD
Authority key identifier: 53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/4sQRqg1wVxHplQEORYtm00xrQVY.roa
Signing time: Thu 02 Jan 2025 01:49:18 +0000
ROA not before: Thu 02 Jan 2025 01:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60349
IP address blocks: 194.38.36.0/22 maxlen: 23
194.38.36.0/24 maxlen: 24
194.38.37.0/24 maxlen: 24
194.38.38.0/24 maxlen: 24
194.38.39.0/24 maxlen: 24
2a09:6d40::/31 maxlen: 31
2a09:6d40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:eb:4c:ac:03:d2:56:e1:25:ef:eb:14:eb:65:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Validity
Not Before: Jan 2 01:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2c411aa0d705711e995010e458b66d34c6b4156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:1c:19:5a:ac:1a:a8:81:fb:64:37:76:22:
aa:7c:03:58:93:d7:cc:70:80:5e:e8:3f:af:2d:91:
d9:ac:b7:77:3e:e7:01:f9:c2:b6:86:1d:e4:f4:18:
1d:d6:bf:9e:6e:81:11:38:eb:d2:26:0a:c1:dd:a3:
bf:fc:e7:b4:e5:2f:e3:4f:3a:46:36:41:7f:e9:12:
cc:1c:e3:db:5d:69:53:4f:86:a4:79:55:4a:13:89:
ff:a4:b9:97:48:09:84:1a:46:d1:ca:bd:f0:31:46:
b4:85:dc:52:48:e4:d1:bf:37:21:e2:c0:d9:6d:52:
0a:fb:0d:3b:7d:b5:70:a8:c4:82:15:5d:26:f3:ed:
9a:f1:b2:f6:61:da:d6:91:2c:6b:07:f3:2d:8f:a9:
c4:a7:b3:b7:17:cb:c9:a3:ed:cf:b1:58:2a:cd:c7:
53:e5:01:dd:f4:fb:78:4b:04:ad:a2:90:ed:bf:0e:
1c:47:66:56:86:72:aa:56:90:6b:af:2f:0f:c2:a0:
ed:e4:a0:87:17:e6:8a:88:74:f6:4d:27:93:8a:34:
19:8c:12:4d:48:74:2c:d5:cf:a7:76:c2:8e:b5:0b:
cd:9e:31:5b:b6:67:50:ed:ae:93:02:cf:ca:a5:2f:
b6:8e:42:7e:8d:3d:a1:63:10:fd:50:28:4e:0c:22:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C4:11:AA:0D:70:57:11:E9:95:01:0E:45:8B:66:D3:4C:6B:41:56
X509v3 Authority Key Identifier:
keyid:53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/4sQRqg1wVxHplQEORYtm00xrQVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.36.0/22
IPv6:
2a09:6d40::/31
Signature Algorithm: sha256WithRSAEncryption
a6:a8:23:89:41:9c:8d:eb:b3:2b:18:cc:b3:54:83:de:5e:ed:
9d:66:b6:4c:cd:6a:7b:a6:1f:26:c2:56:fd:d8:1c:15:d8:24:
1d:fb:cb:1e:ba:3b:8f:b8:07:61:8b:ed:f6:b6:fc:61:ee:b7:
ab:f6:e8:35:36:d3:b4:0e:7b:11:86:4e:5c:91:9d:12:21:de:
a4:57:50:c9:3a:b4:10:9c:96:8b:67:ec:8d:89:0e:ff:02:8d:
da:1e:73:2d:bc:73:f1:02:39:4f:f4:5f:b5:6b:38:2e:0b:e4:
32:04:ec:e3:8f:8c:2a:ce:1e:18:fb:46:42:dc:e7:71:54:87:
f8:bc:9b:3e:cb:84:d8:b4:72:8d:e9:13:8c:4b:80:4b:32:57:
3c:5d:c1:1f:99:89:92:f4:14:b0:c5:fb:d7:a0:2b:fa:64:c6:
8d:a5:85:d4:90:1a:37:7e:b8:a9:82:2c:91:9d:85:df:9b:53:
bb:ca:be:36:a1:6a:2f:ea:b9:6b:b6:51:42:6e:5f:bc:94:77:
7e:09:bf:e4:d9:77:c1:b2:04:14:21:2f:35:d6:53:04:a2:8e:
32:af:1a:92:13:3c:53:c6:c6:6e:ef:29:0b:41:67:b7:ca:1a:
2a:0d:c9:06:cb:3d:4e:3f:7a:87:91:37:bc:a6:d3:c7:e0:87:
23:8a:38:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks+tMrAPSVuEl7+sU62XNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjM1OTA4MDlkMTg3ZjdiMzYxZmIyNGNkNDNmOTNmNjY0
YjIwYjMwHhcNMjUwMTAyMDE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmM0MTFhYTBkNzA1NzExZTk5NTAxMGU0NThiNjZkMzRjNmI0MTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dMcGVqsGqiB+2Q3diKqfANYk9fM
cIBe6D+vLZHZrLd3PucB+cK2hh3k9Bgd1r+eboEROOvSJgrB3aO//Oe05S/jTzpG
NkF/6RLMHOPbXWlTT4akeVVKE4n/pLmXSAmEGkbRyr3wMUa0hdxSSOTRvzch4sDZ
bVIK+w07fbVwqMSCFV0m8+2a8bL2YdrWkSxrB/Mtj6nEp7O3F8vJo+3PsVgqzcdT
5QHd9Pt4SwStopDtvw4cR2ZWhnKqVpBrry8PwqDt5KCHF+aKiHT2TSeTijQZjBJN
SHQs1c+ndsKOtQvNnjFbtmdQ7a6TAs/KpS+2jkJ+jT2hYxD9UChODCJzzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOLEEaoNcFcR6ZUBDkWLZtNMa0FWMB8GA1UdIwQY
MBaAFFPzWQgJ0Yf3s2H7JM1D+T9mSyCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2Mt
YTc3NmZlZGU5OTA1LzEvNHNRUnFnMXdWeEhwbFFFT1JZdG0wMHhyUVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2MtYTc3NmZlZGU5OTA1
LzEvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiYkMA0E
AgACMAcDBQEqCW1AMA0GCSqGSIb3DQEBCwUAA4IBAQCmqCOJQZyN67MrGMyzVIPe
Xu2dZrZMzWp7ph8mwlb92BwV2CQd+8seujuPuAdhi+32tvxh7rer9ug1NtO0DnsR
hk5ckZ0SId6kV1DJOrQQnJaLZ+yNiQ7/Ao3aHnMtvHPxAjlP9F+1azguC+QyBOzj
j4wqzh4Y+0ZC3OdxVIf4vJs+y4TYtHKN6ROMS4BLMlc8XcEfmYmS9BSwxfvXoCv6
ZMaNpYXUkBo3fripgiyRnYXfm1O7yr42oWov6rlrtlFCbl+8lHd+Cb/k2XfBsgQU
IS811lMEoo4yrxqSEzxTxsZu7ykLQWe3yhoqDckGyz1OP3qHkTe8ptPH4IcjijjM
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:51 2025 by rpki-client