Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/696z34QMsC6_vR7KEfwUSvQdpWY.roa
File: 696z34QMsC6_vR7KEfwUSvQdpWY.roa (raw, json)
Hash identifier: yNhDUKimDD5hTy/VhafEDO3vPLqIP7iVfa9gPXqtn9I=
Subject key identifier: EB:DE:B3:DF:84:0C:B0:2E:BF:BD:1E:CA:11:FC:14:4A:F4:1D:A5:66
Certificate issuer: /CN=b7bc1adfbf362648fc635c3332f383bcbc01e774
Certificate serial: 019424B2BAB947091F1FE30B9D9D44CB86DF
Authority key identifier: B7:BC:1A:DF:BF:36:26:48:FC:63:5C:33:32:F3:83:BC:BC:01:E7:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t7wa3782Jkj8Y1wzMvODvLwB53Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/696z34QMsC6_vR7KEfwUSvQdpWY.roa
Signing time: Thu 02 Jan 2025 01:48:00 +0000
ROA not before: Thu 02 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50572
IP address blocks: 37.49.240.0/20 maxlen: 20
91.211.168.0/24 maxlen: 24
91.211.169.0/24 maxlen: 24
91.211.170.0/23 maxlen: 23
109.205.216.0/21 maxlen: 21
185.5.20.0/22 maxlen: 22
2a02:1380::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ba:b9:47:09:1f:1f:e3:0b:9d:9d:44:cb:86:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7bc1adfbf362648fc635c3332f383bcbc01e774
Validity
Not Before: Jan 2 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebdeb3df840cb02ebfbd1eca11fc144af41da566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dd:05:ca:f6:25:18:aa:fa:4d:b7:96:56:ee:
9e:10:06:dc:62:a0:6f:77:75:fa:71:74:9e:78:be:
36:51:90:ae:0c:e3:d0:b8:33:3f:fb:17:3e:81:5f:
9c:e9:32:ab:a8:85:5c:93:0f:fa:f3:ff:80:8c:03:
05:13:a8:af:3a:24:e7:1a:45:bb:11:86:c4:1f:40:
fc:a6:d7:4c:5e:8b:73:ac:ab:58:e7:dc:c2:c1:92:
59:56:d5:d8:99:ef:3f:37:83:d0:a8:82:83:ae:52:
3d:5b:fd:fa:53:87:10:f8:63:be:28:62:14:48:15:
05:8f:fd:3a:57:53:4a:35:39:72:8d:59:72:73:d1:
e9:5a:24:ca:76:70:7f:c5:57:36:4c:7f:a1:42:58:
1f:c0:33:ca:34:c2:33:7f:0a:d5:57:07:db:7c:5f:
d3:f3:16:61:27:9b:84:06:06:eb:b1:06:ec:a3:fa:
75:af:67:ce:40:89:50:14:2c:ba:5b:75:0f:d8:e9:
60:32:a2:e9:3c:d3:27:b1:54:4b:a7:d0:0c:ba:4f:
92:c9:0f:aa:ef:59:64:a2:c1:cd:38:27:68:5f:e2:
81:32:5a:30:e6:9f:8a:c1:bc:69:78:38:3c:b3:c3:
df:f4:18:bf:5c:33:9c:21:d0:1c:be:a4:ca:d6:a3:
88:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:DE:B3:DF:84:0C:B0:2E:BF:BD:1E:CA:11:FC:14:4A:F4:1D:A5:66
X509v3 Authority Key Identifier:
keyid:B7:BC:1A:DF:BF:36:26:48:FC:63:5C:33:32:F3:83:BC:BC:01:E7:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t7wa3782Jkj8Y1wzMvODvLwB53Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/696z34QMsC6_vR7KEfwUSvQdpWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/t7wa3782Jkj8Y1wzMvODvLwB53Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.240.0/20
91.211.168.0/22
109.205.216.0/21
185.5.20.0/22
IPv6:
2a02:1380::/32
Signature Algorithm: sha256WithRSAEncryption
72:9d:7a:57:bc:83:85:6c:14:6a:9a:96:7a:ac:ed:7f:c3:e2:
f9:47:7b:8e:fb:6a:ce:56:f9:0f:27:9c:b5:70:4f:44:02:b8:
b9:cf:21:51:62:3c:60:9e:05:4a:03:bf:0f:ed:60:0d:fb:0b:
2b:63:e1:b4:a7:0a:2c:2d:3b:64:ef:3b:a2:de:1b:04:c9:7d:
12:79:a6:12:ba:5d:7e:bf:66:2e:b9:1f:46:e0:41:f8:96:e3:
d9:98:4f:a9:9c:db:59:dc:ac:2c:08:ad:e6:f2:80:71:77:c8:
80:d6:f9:8c:21:fe:59:41:d1:21:7f:85:7a:fe:4c:68:43:1f:
3f:18:bc:76:3a:4a:67:76:7c:ea:c5:44:fc:5e:8b:7e:9b:43:
8d:c1:08:8b:c0:3d:af:a7:ad:89:76:dd:65:28:64:c0:e7:2e:
1c:e2:39:91:c6:89:f7:c0:13:6a:24:8b:e6:83:b2:66:40:48:
94:d3:3c:da:cb:fe:6b:6a:b1:95:2f:3a:91:e4:e0:20:37:29:
c2:e5:d9:16:06:94:ab:91:25:85:15:7a:2e:27:5a:07:40:31:
01:65:00:d3:3e:9b:9f:73:18:e2:c7:9b:ba:49:ad:61:fd:80:
42:93:2b:14:f4:ac:ca:77:4b:a5:72:54:6e:50:f5:71:97:42:
e9:f2:9d:e3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQksrq5RwkfH+MLnZ1Ey4bfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YmMxYWRmYmYzNjI2NDhmYzYzNWMzMzMyZjM4M2JjYmMw
MWU3NzQwHhcNMjUwMTAyMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmRlYjNkZjg0MGNiMDJlYmZiZDFlY2ExMWZjMTQ0YWY0MWRhNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt0FyvYlGKr6TbeWVu6eEAbcYqBv
d3X6cXSeeL42UZCuDOPQuDM/+xc+gV+c6TKrqIVckw/68/+AjAMFE6ivOiTnGkW7
EYbEH0D8ptdMXotzrKtY59zCwZJZVtXYme8/N4PQqIKDrlI9W/36U4cQ+GO+KGIU
SBUFj/06V1NKNTlyjVlyc9HpWiTKdnB/xVc2TH+hQlgfwDPKNMIzfwrVVwfbfF/T
8xZhJ5uEBgbrsQbso/p1r2fOQIlQFCy6W3UP2OlgMqLpPNMnsVRLp9AMuk+SyQ+q
71lkosHNOCdoX+KBMlow5p+KwbxpeDg8s8Pf9Bi/XDOcIdAcvqTK1qOIvQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOves9+EDLAuv70eyhH8FEr0HaVmMB8GA1UdIwQY
MBaAFLe8Gt+/NiZI/GNcMzLzg7y8Aed0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDd3YTM3ODJKa2o4WTF3ek12T0R2THdCNTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xYzlkYzctNzhhNS00ZDhhLWIxODUt
ZmQ2MDZiMDZhMDFhLzEvNjk2ejM0UU1zQzZfdlI3S0Vmd1VTdlFkcFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xYzlkYzctNzhhNS00ZDhhLWIxODUtZmQ2MDZiMDZhMDFh
LzEvdDd3YTM3ODJKa2o4WTF3ek12T0R2THdCNTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJTHwAwQC
W9OoAwQDbc3YAwQCuQUUMA0EAgACMAcDBQAqAhOAMA0GCSqGSIb3DQEBCwUAA4IB
AQBynXpXvIOFbBRqmpZ6rO1/w+L5R3uO+2rOVvkPJ5y1cE9EAri5zyFRYjxgngVK
A78P7WAN+wsrY+G0pwosLTtk7zui3hsEyX0SeaYSul1+v2YuuR9G4EH4luPZmE+p
nNtZ3KwsCK3m8oBxd8iA1vmMIf5ZQdEhf4V6/kxoQx8/GLx2OkpndnzqxUT8Xot+
m0ONwQiLwD2vp62Jdt1lKGTA5y4c4jmRxon3wBNqJIvmg7JmQEiU0zzay/5rarGV
LzqR5OAgNynC5dkWBpSrkSWFFXouJ1oHQDEBZQDTPpufcxjix5u6Sa1h/YBCkysU
9KzKd0ulclRuUPVxl0Lp8p3j
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:19 2025 by rpki-client