Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/4HXz2cq97kpay42l_ZTVSkZj__A.roa
File: 4HXz2cq97kpay42l_ZTVSkZj__A.roa (raw, json)
Hash identifier: +VOYWhzzF7R36XwWlXLwKg2vKxq0zxlH8ei0p+RDNEs=
Subject key identifier: E0:75:F3:D9:CA:BD:EE:4A:5A:CB:8D:A5:FD:94:D5:4A:46:63:FF:F0
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184C82FC32AF43DD1E7374088FD801F60AB
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/4HXz2cq97kpay42l_ZTVSkZj__A.roa
Signing time: Wed 30 Nov 2022 10:58:03 +0000
ROA not before: Wed 30 Nov 2022 10:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:2f:c3:2a:f4:3d:d1:e7:37:40:88:fd:80:1f:60:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 30 10:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e075f3d9cabdee4a5acb8da5fd94d54a4663fff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9f:f3:3d:89:9d:77:ec:b8:9e:d5:7e:56:e2:
14:50:e2:d0:e7:4a:7c:6c:12:d0:4b:ac:41:7d:4b:
74:3a:73:cf:33:3b:45:18:13:86:d6:9a:3f:b0:fe:
1a:30:7f:2a:ca:ca:87:02:69:c8:46:e0:55:02:4f:
ae:d1:c1:0f:76:a0:1b:e7:c1:20:42:bf:e0:dc:f4:
e3:9f:4f:72:ea:94:81:7f:20:03:80:ba:43:ad:42:
1d:2b:a0:c8:fd:cd:be:2f:12:74:82:df:f3:3f:b7:
cc:0b:18:55:63:04:0d:fd:45:fb:2d:2a:37:9c:4f:
be:fd:e5:8d:a3:fd:8d:a2:c1:ae:e5:5d:8f:b2:de:
08:dc:19:32:1d:46:44:e1:bc:ac:f4:01:74:e0:f4:
24:74:6a:05:df:ca:0e:4f:06:58:ae:c8:ff:86:4b:
ad:9e:4a:7e:b0:ee:b4:38:54:9c:7d:c1:ce:3e:90:
ae:e2:e0:69:b9:66:ac:05:7d:44:c1:22:c3:20:df:
45:1d:23:c1:27:cf:2d:ec:4f:ac:dd:67:62:69:03:
f4:71:05:7d:aa:a8:58:f3:7d:67:b3:14:59:ac:d3:
f6:7d:43:c8:d3:54:04:57:27:02:23:06:32:69:72:
8d:16:58:9a:fc:de:dd:eb:c3:70:05:f1:0f:5f:81:
33:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:75:F3:D9:CA:BD:EE:4A:5A:CB:8D:A5:FD:94:D5:4A:46:63:FF:F0
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/4HXz2cq97kpay42l_ZTVSkZj__A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
Signature Algorithm: sha256WithRSAEncryption
41:be:f2:6e:fb:c0:45:a2:e3:dd:9c:52:09:ae:57:e0:37:ac:
08:ff:64:6a:2c:05:60:60:a6:a6:d5:0e:85:98:90:b7:cc:d6:
ca:2f:51:3d:c5:70:ca:78:6d:39:fa:f0:56:7c:c5:00:08:d2:
38:4a:e2:9e:27:d0:32:6d:4e:73:3c:db:fd:5c:5d:bd:eb:17:
17:5a:89:f9:97:30:ea:a3:b5:3f:ed:39:81:8a:e2:34:6f:90:
43:b0:41:c0:4d:7d:97:99:f8:56:c8:52:6c:f9:3c:b7:36:5f:
68:62:2a:ea:59:c6:c7:a4:4c:15:8e:68:bc:44:47:d1:79:f3:
fb:be:16:a6:5e:5a:53:87:d8:8a:fa:08:f4:8b:27:4a:e2:b5:
07:0e:ae:41:3f:94:a5:20:c6:15:0a:fb:e3:3e:a9:b9:96:9a:
76:c6:82:94:15:4d:5d:31:c1:a6:70:04:48:88:88:94:ba:9e:
3a:51:45:65:0c:a4:ca:18:28:ab:a8:79:0a:be:d4:fd:43:25:
a0:09:7f:c3:67:8d:46:48:93:24:0c:8e:db:b2:95:6f:92:9e:
34:7c:72:c6:d8:f2:40:e0:83:6a:ac:97:95:31:5b:22:48:54:
d0:9e:f6:da:d5:26:21:13:dc:ee:45:f8:89:10:28:26:62:cd:
90:05:cd:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTIL8Mq9D3R5zdAiP2AH2CrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTMwMTA1ODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDc1ZjNkOWNhYmRlZTRhNWFjYjhkYTVmZDk0ZDU0YTQ2NjNmZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ/zPYmdd+y4ntV+VuIUUOLQ50p8
bBLQS6xBfUt0OnPPMztFGBOG1po/sP4aMH8qysqHAmnIRuBVAk+u0cEPdqAb58Eg
Qr/g3PTjn09y6pSBfyADgLpDrUIdK6DI/c2+LxJ0gt/zP7fMCxhVYwQN/UX7LSo3
nE++/eWNo/2NosGu5V2Pst4I3BkyHUZE4bys9AF04PQkdGoF38oOTwZYrsj/hkut
nkp+sO60OFScfcHOPpCu4uBpuWasBX1EwSLDIN9FHSPBJ88t7E+s3WdiaQP0cQV9
qqhY831nsxRZrNP2fUPI01QEVycCIwYyaXKNFlia/N7d68NwBfEPX4Ez4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOB189nKve5KWsuNpf2U1UpGY//wMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvNEhYejJjcTk3a3BheTQybF9aVFZTa1pqX19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJYDIMA0G
CSqGSIb3DQEBCwUAA4IBAQBBvvJu+8BFouPdnFIJrlfgN6wI/2RqLAVgYKam1Q6F
mJC3zNbKL1E9xXDKeG05+vBWfMUACNI4SuKeJ9AybU5zPNv9XF296xcXWon5lzDq
o7U/7TmBiuI0b5BDsEHATX2XmfhWyFJs+Ty3Nl9oYirqWcbHpEwVjmi8REfRefP7
vhamXlpTh9iK+gj0iydK4rUHDq5BP5SlIMYVCvvjPqm5lpp2xoKUFU1dMcGmcARI
iIiUup46UUVlDKTKGCirqHkKvtT9QyWgCX/DZ41GSJMkDI7bspVvkp40fHLG2PJA
4INqrJeVMVsiSFTQnvba1SYhE9zuRfiJECgmYs2QBc0h
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:17 2025 by rpki-client