Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/xfiyoFkOBahUwXfS5j53hihc9gs.roa
File: xfiyoFkOBahUwXfS5j53hihc9gs.roa (raw, json)
Hash identifier: gxiLBQOkgEJ+N32CbEOMySlvmaUBayHrinxTo8ngmCM=
Subject key identifier: C5:F8:B2:A0:59:0E:05:A8:54:C1:77:D2:E6:3E:77:86:28:5C:F6:0B
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018FB9B95737048F75C0ADBE3DA194CD8166
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/xfiyoFkOBahUwXfS5j53hihc9gs.roa
Signing time: Mon 27 May 2024 11:04:42 +0000
ROA not before: Mon 27 May 2024 11:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:b9:57:37:04:8f:75:c0:ad:be:3d:a1:94:cd:81:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: May 27 11:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5f8b2a0590e05a854c177d2e63e7786285cf60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e8:87:2b:46:c2:73:09:51:dc:66:92:00:f2:
c4:7e:d8:74:76:88:90:19:94:9b:23:08:7f:32:ef:
ce:ec:2f:14:93:c3:87:ea:d8:51:59:4b:be:ae:4b:
15:da:f6:84:67:20:8d:11:ce:39:f5:a3:82:06:90:
b5:72:a0:a5:45:ba:cd:0f:6c:18:15:a6:64:dc:1b:
86:1d:de:e8:30:09:eb:f0:04:83:a2:7c:78:33:eb:
a3:8e:66:4a:ae:85:25:d6:a8:a8:d5:65:4e:f7:bd:
95:f5:06:47:aa:41:77:93:ef:00:9e:5f:d5:17:b4:
f7:7c:fc:39:f5:1b:a6:c9:ba:ec:0f:a1:3f:3f:73:
1a:8d:3d:1e:a3:ea:77:9b:aa:42:5e:8e:48:01:38:
2c:ad:4b:1d:11:0d:72:72:44:8f:f5:4b:72:e3:6f:
88:08:87:13:72:70:cf:cf:e0:8e:58:13:27:88:04:
3a:59:bf:1b:54:49:5a:3b:69:d7:71:4a:99:37:eb:
90:94:1b:d4:20:b0:16:ae:f5:e3:93:02:30:da:83:
67:73:e9:a3:79:ed:22:ad:8e:04:45:be:d3:1c:ec:
a6:8f:19:9e:bb:d1:03:40:19:3b:1a:4b:2a:b3:88:
e5:37:a1:19:28:ba:a4:e0:fd:fc:b0:e2:db:88:09:
c5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F8:B2:A0:59:0E:05:A8:54:C1:77:D2:E6:3E:77:86:28:5C:F6:0B
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/xfiyoFkOBahUwXfS5j53hihc9gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
84.247.20.0/24
89.37.106.0/24
89.42.213.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:89:7e:6c:a4:26:1a:4d:b7:89:ce:30:1e:86:d1:43:46:27:
f5:d1:85:f6:63:88:27:fa:c0:7e:c5:3d:55:41:89:97:d0:09:
4a:48:82:80:c8:a6:fb:f9:e9:40:7b:e8:31:82:b7:8f:25:3c:
5e:3c:13:b4:9c:8a:f0:4a:21:de:64:df:4e:fa:b3:db:b6:b6:
e1:24:6a:7e:c8:b3:a9:b5:1a:a0:93:6e:62:29:7a:6c:24:25:
d3:58:77:cb:a0:75:2e:79:bf:ab:76:ae:12:eb:1d:51:aa:2a:
78:92:04:59:fc:b9:dc:50:a2:a7:27:a6:3a:31:24:f6:90:cc:
27:f6:ec:d5:27:db:8c:24:8c:fc:6d:d9:3d:33:18:be:bc:32:
6c:b6:5b:a8:44:d4:c1:53:7d:21:22:50:c7:23:6c:98:43:25:
b1:7b:26:5b:73:4a:a4:18:36:0e:aa:75:a9:88:06:a7:c7:33:
fe:d8:c9:d2:e5:13:0a:8c:82:65:28:51:35:11:ae:2b:b5:be:
1c:00:f0:e5:5d:d1:cb:41:fb:1d:71:10:e5:5d:1c:50:9a:9b:
94:e3:91:9b:d5:b4:04:03:22:80:6e:2c:5e:77:fd:c3:65:68:
d3:2f:d3:5b:a4:76:1f:0b:53:d2:a0:b5:a9:c4:02:54:c0:cf:
14:ab:e9:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+5uVc3BI91wK2+PaGUzYFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNTI3MTEwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWY4YjJhMDU5MGUwNWE4NTRjMTc3ZDJlNjNlNzc4NjI4NWNmNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+iHK0bCcwlR3GaSAPLEfth0doiQ
GZSbIwh/Mu/O7C8Uk8OH6thRWUu+rksV2vaEZyCNEc459aOCBpC1cqClRbrND2wY
FaZk3BuGHd7oMAnr8ASDonx4M+ujjmZKroUl1qio1WVO972V9QZHqkF3k+8Anl/V
F7T3fPw59RumybrsD6E/P3MajT0eo+p3m6pCXo5IATgsrUsdEQ1yckSP9Uty42+I
CIcTcnDPz+COWBMniAQ6Wb8bVElaO2nXcUqZN+uQlBvUILAWrvXjkwIw2oNnc+mj
ee0irY4ERb7THOymjxmeu9EDQBk7Gksqs4jlN6EZKLqk4P38sOLbiAnFJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMX4sqBZDgWoVMF30uY+d4YoXPYLMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEveGZpeW9Ga09CYWhVd1hmUzVqNTNoaWhjOWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJZmEAwQA
VPcUAwQAWSVqAwQAWSrVMA0GCSqGSIb3DQEBCwUAA4IBAQAeiX5spCYaTbeJzjAe
htFDRif10YX2Y4gn+sB+xT1VQYmX0AlKSIKAyKb7+elAe+gxgrePJTxePBO0nIrw
SiHeZN9O+rPbtrbhJGp+yLOptRqgk25iKXpsJCXTWHfLoHUueb+rdq4S6x1Rqip4
kgRZ/LncUKKnJ6Y6MST2kMwn9uzVJ9uMJIz8bdk9Mxi+vDJstluoRNTBU30hIlDH
I2yYQyWxeyZbc0qkGDYOqnWpiAanxzP+2MnS5RMKjIJlKFE1Ea4rtb4cAPDlXdHL
QfsdcRDlXRxQmpuU45Gb1bQEAyKAbixed/3DZWjTL9NbpHYfC1PSoLWpxAJUwM8U
q+l3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:25 2025 by rpki-client