Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/3RF21_ECpL5M_wnxKo1LaLxJwIk.roa
File: 3RF21_ECpL5M_wnxKo1LaLxJwIk.roa (raw, json)
Hash identifier: DwVXHnFiU49l5hw1O5O7YFwPLdE2x6EWi17vCjDfMV4=
Subject key identifier: DD:11:76:D7:F1:02:A4:BE:4C:FF:09:F1:2A:8D:4B:68:BC:49:C0:89
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 01942369763186A751A708E7316D2CF7B6B1
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/3RF21_ECpL5M_wnxKo1LaLxJwIk.roa
Signing time: Wed 01 Jan 2025 19:48:21 +0000
ROA not before: Wed 01 Jan 2025 19:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34704
IP address blocks: 37.208.48.0/24 maxlen: 24
37.208.49.0/24 maxlen: 24
37.208.50.0/24 maxlen: 24
37.208.51.0/24 maxlen: 24
37.208.52.0/24 maxlen: 24
37.208.53.0/24 maxlen: 24
37.208.54.0/24 maxlen: 24
37.208.55.0/24 maxlen: 24
93.174.32.0/24 maxlen: 24
93.174.33.0/24 maxlen: 24
93.174.34.0/24 maxlen: 24
93.174.35.0/24 maxlen: 24
93.174.36.0/24 maxlen: 24
93.174.37.0/24 maxlen: 24
93.174.39.0/24 maxlen: 24
213.232.80.0/24 maxlen: 24
213.232.81.0/24 maxlen: 24
213.232.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:76:31:86:a7:51:a7:08:e7:31:6d:2c:f7:b6:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Jan 1 19:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd1176d7f102a4be4cff09f12a8d4b68bc49c089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:b1:54:83:4b:cb:bf:6d:53:ea:78:d7:0b:
d7:f8:3d:a4:40:f6:fc:3c:99:d4:32:56:9e:7e:90:
90:89:64:57:0e:fb:a8:12:8e:ba:eb:f1:2d:02:df:
2d:da:49:d7:8b:43:48:c7:19:7b:c2:9c:58:66:4c:
48:aa:42:2e:ac:a3:47:64:a3:09:3a:5f:9d:c3:ce:
7b:fc:d3:75:1e:09:6e:b6:2b:9b:6c:99:40:fa:5a:
0e:f2:f0:b1:28:29:10:09:76:63:e6:95:89:26:f2:
6a:ed:c4:54:94:6d:83:8d:0f:5f:27:d2:78:6e:22:
b2:d3:19:58:a6:15:14:ab:65:91:1b:c2:53:92:a2:
53:4b:a0:c1:fd:0d:3f:2a:a9:3e:5f:68:ee:c1:f9:
2f:52:e9:b0:48:da:a9:63:aa:2e:e9:92:11:c1:5d:
fc:f1:06:af:6f:5f:f4:ca:7e:e7:52:23:39:35:58:
4d:ad:ec:f6:51:0d:14:ff:cf:73:9f:3d:1f:c7:58:
ee:05:c2:2a:e6:62:c4:e0:da:dc:b8:d2:92:b8:11:
52:d0:ec:f6:a4:49:a6:f1:b9:b6:9a:57:5c:ff:b3:
55:92:c5:33:9f:fb:f7:e1:17:54:c2:84:ca:87:8d:
fb:a2:a0:d1:6e:40:1f:b2:0f:02:eb:da:02:f3:77:
1a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:11:76:D7:F1:02:A4:BE:4C:FF:09:F1:2A:8D:4B:68:BC:49:C0:89
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/3RF21_ECpL5M_wnxKo1LaLxJwIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.48.0/21
93.174.32.0-93.174.37.255
93.174.39.0/24
213.232.80.0-213.232.82.255
Signature Algorithm: sha256WithRSAEncryption
8a:d0:b9:14:1c:8d:5e:31:cd:79:6e:a0:33:46:c5:06:75:fe:
a4:2d:32:77:a4:d6:b0:35:41:1f:a9:ab:57:60:21:a2:66:22:
04:8c:06:8d:0e:80:c2:50:6e:75:f7:be:cd:74:27:87:66:96:
42:b5:29:ed:17:33:0e:9f:2e:55:20:be:40:ee:48:4c:43:b9:
2f:2a:5a:2f:19:75:c2:94:1b:32:6e:b6:b1:ab:89:39:85:e7:
a0:14:a5:ee:e9:18:cd:60:2f:a4:d1:10:ab:c2:ec:a9:71:c6:
29:07:c5:5d:ea:61:69:ef:e8:53:95:73:e4:66:bd:db:dd:be:
e1:38:35:9d:bc:e0:62:cd:ca:7a:62:5b:f7:90:04:cc:23:38:
f8:20:9f:1b:89:35:b0:06:d3:08:dd:d8:80:04:d7:79:96:b2:
60:91:35:62:6e:18:54:b4:96:c7:aa:14:76:95:f9:30:2d:2d:
f4:fe:cc:e6:a8:4b:67:d1:88:17:c9:69:cc:22:94:c1:eb:be:
dd:27:f6:e1:02:73:ad:2d:9a:42:ff:09:66:1b:55:9c:4c:b6:
3d:a6:90:18:53:17:72:c8:14:3a:1c:07:56:77:92:73:49:5c:
39:5c:f6:89:22:b7:0d:ef:77:19:d8:a3:bc:3a:06:71:bb:14:
43:a3:49:46
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQjaXYxhqdRpwjnMW0s97axMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjUwMTAxMTk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDExNzZkN2YxMDJhNGJlNGNmZjA5ZjEyYThkNGI2OGJjNDljMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1mxVINLy79tU+p41wvX+D2kQPb8
PJnUMlaefpCQiWRXDvuoEo666/EtAt8t2knXi0NIxxl7wpxYZkxIqkIurKNHZKMJ
Ol+dw857/NN1HglutiubbJlA+loO8vCxKCkQCXZj5pWJJvJq7cRUlG2DjQ9fJ9J4
biKy0xlYphUUq2WRG8JTkqJTS6DB/Q0/Kqk+X2juwfkvUumwSNqpY6ou6ZIRwV38
8Qavb1/0yn7nUiM5NVhNrez2UQ0U/89znz0fx1juBcIq5mLE4NrcuNKSuBFS0Oz2
pEmm8bm2mldc/7NVksUzn/v34RdUwoTKh437oqDRbkAfsg8C69oC83caGQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFN0RdtfxAqS+TP8J8SqNS2i8ScCJMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEvM1JGMjFfRUNwTDVNX3dueEtvMUxhTHhKd0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQDJdAwMAwD
BAVdriADBAFdriQDBABdricwDAMEBNXoUAMEANXoUjANBgkqhkiG9w0BAQsFAAOC
AQEAitC5FByNXjHNeW6gM0bFBnX+pC0yd6TWsDVBH6mrV2AhomYiBIwGjQ6AwlBu
dfe+zXQnh2aWQrUp7RczDp8uVSC+QO5ITEO5LypaLxl1wpQbMm62sauJOYXnoBSl
7ukYzWAvpNEQq8LsqXHGKQfFXephae/oU5Vz5Ga9292+4Tg1nbzgYs3KemJb95AE
zCM4+CCfG4k1sAbTCN3YgATXeZayYJE1Ym4YVLSWx6oUdpX5MC0t9P7M5qhLZ9GI
F8lpzCKUweu+3Sf24QJzrS2aQv8JZhtVnEy2PaaQGFMXcsgUOhwHVneSc0lcOVz2
iSK3De93GdijvDoGcbsUQ6NJRg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net