Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/L3ZGNHnhgVbtJA6v9_KfCLPdQu4.roa
File: L3ZGNHnhgVbtJA6v9_KfCLPdQu4.roa (raw, json)
Hash identifier: tRfv/CcITA5fhGSfuor8bEI1B/6QYSwrTAH88Vxz5+8=
Subject key identifier: 2F:76:46:34:79:E1:81:56:ED:24:0E:AF:F7:F2:9F:08:B3:DD:42:EE
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 019423D6AB3D5D3BEA389CCD43A60386B4FB
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/L3ZGNHnhgVbtJA6v9_KfCLPdQu4.roa
Signing time: Wed 01 Jan 2025 21:47:38 +0000
ROA not before: Wed 01 Jan 2025 21:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 37.58.128.0/17 maxlen: 24
91.206.156.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
185.15.128.0/22 maxlen: 24
194.177.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ab:3d:5d:3b:ea:38:9c:cd:43:a6:03:86:b4:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 1 21:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f76463479e18156ed240eaff7f29f08b3dd42ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f1:05:07:20:08:16:fd:0b:51:f2:d9:1a:9f:
74:a4:df:5f:21:f6:ac:02:1d:c0:c0:7d:3e:bf:53:
61:64:d8:d2:fe:ef:25:f8:98:8a:92:ad:65:2d:86:
d7:a6:20:18:12:07:a3:3b:39:2b:2e:22:74:bf:41:
61:ca:4c:0e:b1:dd:34:a5:c1:fe:02:c6:9e:fb:66:
c3:e3:ae:36:70:46:54:eb:bf:12:20:31:e7:91:32:
c1:e3:c2:26:0d:0b:0f:70:12:ea:33:83:25:10:46:
9f:09:5b:ae:e7:52:58:d3:c9:b9:55:e3:fd:97:ed:
8d:47:44:61:c8:35:f0:84:4c:41:86:78:9e:aa:0f:
0b:84:e1:ff:72:2a:ef:40:55:eb:bf:c4:33:59:91:
d5:46:30:94:1e:35:30:17:37:d8:31:da:c3:27:53:
45:a6:f0:12:6d:6c:4d:a7:65:e9:40:57:4b:97:36:
fc:2e:30:96:cf:32:3c:d6:83:90:0a:68:8f:4a:54:
b7:05:ac:a7:3a:c9:c8:b8:6d:3b:43:db:a9:9e:18:
29:77:08:fb:08:80:ee:d7:29:ea:52:7f:44:42:ca:
b9:44:65:03:ed:a1:f7:0e:cf:1e:b9:c1:27:63:f0:
72:79:d0:98:ea:f3:69:eb:fa:9d:38:ae:cd:b5:c4:
87:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:76:46:34:79:E1:81:56:ED:24:0E:AF:F7:F2:9F:08:B3:DD:42:EE
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/L3ZGNHnhgVbtJA6v9_KfCLPdQu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.128.0/17
91.206.156.0/23
91.229.230.0/23
185.15.128.0/22
194.177.32.0/19
Signature Algorithm: sha256WithRSAEncryption
31:78:6f:02:62:c0:13:c4:4b:e2:14:35:36:1e:42:22:d6:89:
38:77:f6:bc:cd:4b:81:87:10:73:35:42:14:a1:b6:2c:6f:c0:
9f:46:19:27:86:2a:50:40:ee:3c:92:37:e2:86:72:36:cf:f7:
a0:42:93:cf:38:ee:43:4f:fb:35:a2:aa:34:0c:62:df:0c:b7:
42:cb:7f:f0:cb:05:07:0a:f5:82:fb:f3:02:a2:98:f5:a2:a3:
0c:35:b3:5b:6d:df:85:95:d9:61:45:25:da:bf:ed:83:27:73:
af:8d:86:37:a0:a7:5b:b9:6a:4f:c6:35:ad:6f:39:ae:d2:b7:
96:3b:bb:c4:7e:96:a3:ec:b3:b3:44:a3:ea:1b:9e:9b:2b:7a:
7c:ac:89:28:cc:5a:b9:24:3c:c1:cf:e1:5a:ed:54:e5:07:a6:
7f:ac:f7:32:1b:c0:4f:48:3b:c0:b2:9e:92:d6:cb:a7:89:f3:
5d:31:bd:be:7c:a5:14:a9:de:48:48:89:a5:a5:f1:60:41:40:
e0:aa:80:3b:5e:ff:1d:54:f2:90:29:f3:d8:87:93:9b:7c:9f:
67:93:45:c8:5c:15:ba:25:61:41:d8:03:e7:db:0d:c7:0d:80:
60:52:82:76:f2:1a:09:d2:15:e2:9c:52:86:be:92:41:88:2e:
05:87:81:68
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQj1qs9XTvqOJzNQ6YDhrT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjUwMTAxMjE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjc2NDYzNDc5ZTE4MTU2ZWQyNDBlYWZmN2YyOWYwOGIzZGQ0MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/EFByAIFv0LUfLZGp90pN9fIfas
Ah3AwH0+v1NhZNjS/u8l+JiKkq1lLYbXpiAYEgejOzkrLiJ0v0FhykwOsd00pcH+
Asae+2bD4642cEZU678SIDHnkTLB48ImDQsPcBLqM4MlEEafCVuu51JY08m5VeP9
l+2NR0RhyDXwhExBhnieqg8LhOH/cirvQFXrv8QzWZHVRjCUHjUwFzfYMdrDJ1NF
pvASbWxNp2XpQFdLlzb8LjCWzzI81oOQCmiPSlS3BaynOsnIuG07Q9upnhgpdwj7
CIDu1ynqUn9EQsq5RGUD7aH3Ds8eucEnY/ByedCY6vNp6/qdOK7NtcSHfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC92RjR54YFW7SQOr/fynwiz3ULuMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvTDNaR05IbmhnVmJ0SkE2djlfS2ZDTFBkUXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHJTqAAwQB
W86cAwQBW+XmAwQCuQ+AAwQFwrEgMA0GCSqGSIb3DQEBCwUAA4IBAQAxeG8CYsAT
xEviFDU2HkIi1ok4d/a8zUuBhxBzNUIUobYsb8CfRhknhipQQO48kjfihnI2z/eg
QpPPOO5DT/s1oqo0DGLfDLdCy3/wywUHCvWC+/MCopj1oqMMNbNbbd+FldlhRSXa
v+2DJ3OvjYY3oKdbuWpPxjWtbzmu0reWO7vEfpaj7LOzRKPqG56bK3p8rIkozFq5
JDzBz+Fa7VTlB6Z/rPcyG8BPSDvAsp6S1sunifNdMb2+fKUUqd5ISImlpfFgQUDg
qoA7Xv8dVPKQKfPYh5ObfJ9nk0XIXBW6JWFB2APn2w3HDYBgUoJ28hoJ0hXinFKG
vpJBiC4Fh4Fo
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:52:55 2025 by rpki-client