Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/NOOroZsnjsQfsZH4dRjzbuju0Hk.roa
File: NOOroZsnjsQfsZH4dRjzbuju0Hk.roa (raw, json)
Hash identifier: Zg6ieQb4LhmgSd9bfRqKPOaZLXbcVzG7102ETjzQ1ro=
Subject key identifier: 34:E3:AB:A1:9B:27:8E:C4:1F:B1:91:F8:75:18:F3:6E:E8:EE:D0:79
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 0194221FCF2B478CB5D98A1B4395E8046BB8
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/NOOroZsnjsQfsZH4dRjzbuju0Hk.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58010
IP address blocks: 37.208.104.0/21 maxlen: 24
37.208.108.0/24 maxlen: 24
185.26.156.0/22 maxlen: 24
185.219.100.0/22 maxlen: 24
185.219.100.0/24 maxlen: 24
193.243.164.0/23 maxlen: 24
195.74.88.0/23 maxlen: 24
2a00:d0c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:cf:2b:47:8c:b5:d9:8a:1b:43:95:e8:04:6b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34e3aba19b278ec41fb191f87518f36ee8eed079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ea:44:48:2d:c2:49:29:4a:14:17:56:4f:c2:
81:e2:6c:2d:9a:71:c7:e1:53:ca:6d:ec:cf:86:97:
d3:bd:42:7c:7d:77:ae:19:60:a6:fc:29:0c:7b:aa:
17:77:c6:ba:eb:15:40:31:e3:b8:67:5c:f2:36:2a:
bf:68:31:2d:13:75:0c:96:8b:31:e4:14:bf:4b:2a:
13:5d:e1:ce:9e:0c:b7:a6:5a:4b:87:1f:40:8e:b1:
75:6b:ae:7b:5f:02:f5:f4:6e:b2:cb:84:77:67:04:
b9:fc:35:3a:d5:c7:dd:53:07:2c:2e:68:8b:5b:56:
94:00:c8:55:09:49:68:84:b8:8a:a1:4f:cd:80:a2:
ea:37:5b:ac:12:23:2f:57:4b:3f:10:89:bc:4d:54:
39:8a:cd:28:01:b6:dd:f5:25:0b:2f:a7:39:cc:eb:
ab:84:da:83:09:65:b2:a4:1d:bf:04:48:5a:f0:13:
32:ec:ad:3f:49:df:47:0d:61:ea:0c:d9:4e:27:ed:
eb:3d:e4:21:74:bc:db:5a:e0:a4:4d:5a:77:6a:55:
81:04:de:a7:6f:ad:5d:3e:34:de:59:20:20:96:00:
17:38:a4:38:e5:10:cb:ee:8f:7e:2a:68:8c:df:b3:
cf:d6:44:c5:97:8d:2d:55:1c:4c:ef:d2:aa:3a:24:
b3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E3:AB:A1:9B:27:8E:C4:1F:B1:91:F8:75:18:F3:6E:E8:EE:D0:79
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/NOOroZsnjsQfsZH4dRjzbuju0Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.104.0/21
185.26.156.0/22
185.219.100.0/22
193.243.164.0/23
195.74.88.0/23
IPv6:
2a00:d0c0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:2c:dd:29:10:a3:23:1c:09:df:fa:de:61:16:e0:f5:42:e9:
8e:7f:e8:40:ce:1e:a0:63:60:cb:de:b4:ba:55:89:cd:be:30:
31:b2:f8:a6:3e:e0:4c:f0:d5:61:c0:8a:3f:d3:58:03:aa:c0:
65:f2:1d:f1:4f:6e:39:2d:36:fb:20:4f:d6:13:bd:00:5f:3e:
31:a2:ee:f9:9f:b9:94:5c:3d:8d:f5:10:39:5c:36:d4:cb:79:
c1:0a:99:e7:de:85:ac:75:a1:5b:08:5f:9e:2e:95:04:c6:0d:
ca:31:42:23:6b:f3:8c:b7:c2:50:bf:7b:a4:68:bd:0e:50:55:
cb:f1:dc:a0:70:a3:e9:f7:c7:37:c2:53:32:2f:15:76:4a:80:
fd:41:ef:9d:ea:5b:29:0e:42:9d:35:01:3e:1c:b7:9c:d5:01:
34:28:38:cb:5e:5b:59:39:8a:ef:d0:1a:69:ec:5c:32:96:0a:
f4:cb:19:4e:a0:99:61:8e:c4:ff:20:ab:30:f9:6e:c0:99:15:
ab:e5:99:f9:a6:0e:b4:7d:dc:87:ba:52:6f:6b:af:75:b8:ff:
5e:cd:bc:4c:4f:d8:75:36:84:aa:1f:54:15:c8:d1:2a:f7:0c:
67:fa:e8:4c:ca:46:c8:06:9e:57:5a:a5:72:bc:9b:c7:bf:12:
c8:e3:b8:04
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQiH88rR4y12YobQ5XoBGu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGUzYWJhMTliMjc4ZWM0MWZiMTkxZjg3NTE4ZjM2ZWU4ZWVkMDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOpESC3CSSlKFBdWT8KB4mwtmnHH
4VPKbezPhpfTvUJ8fXeuGWCm/CkMe6oXd8a66xVAMeO4Z1zyNiq/aDEtE3UMlosx
5BS/SyoTXeHOngy3plpLhx9AjrF1a657XwL19G6yy4R3ZwS5/DU61cfdUwcsLmiL
W1aUAMhVCUlohLiKoU/NgKLqN1usEiMvV0s/EIm8TVQ5is0oAbbd9SULL6c5zOur
hNqDCWWypB2/BEha8BMy7K0/Sd9HDWHqDNlOJ+3rPeQhdLzbWuCkTVp3alWBBN6n
b61dPjTeWSAglgAXOKQ45RDL7o9+KmiM37PP1kTFl40tVRxM79KqOiSzWwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDTjq6GbJ47EH7GR+HUY827o7tB5MB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvTk9Pcm9ac25qc1Fmc1pINGRSanpidWp1MEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJdBoAwQC
uRqcAwQCudtkAwQBwfOkAwQBw0pYMA0EAgACMAcDBQAqANDAMA0GCSqGSIb3DQEB
CwUAA4IBAQAvLN0pEKMjHAnf+t5hFuD1QumOf+hAzh6gY2DL3rS6VYnNvjAxsvim
PuBM8NVhwIo/01gDqsBl8h3xT245LTb7IE/WE70AXz4xou75n7mUXD2N9RA5XDbU
y3nBCpnn3oWsdaFbCF+eLpUExg3KMUIja/OMt8JQv3ukaL0OUFXL8dygcKPp98c3
wlMyLxV2SoD9Qe+d6lspDkKdNQE+HLec1QE0KDjLXltZOYrv0Bpp7Fwylgr0yxlO
oJlhjsT/IKsw+W7AmRWr5Zn5pg60fdyHulJva691uP9ezbxMT9h1NoSqH1QVyNEq
9wxn+uhMykbIBp5XWqVyvJvHvxLI47gE
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:09 2025 by rpki-client