Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cvzTz2OXBB_yidJBNxcXZxwYdrY.roa
File: cvzTz2OXBB_yidJBNxcXZxwYdrY.roa (raw, json)
Hash identifier: YVNb7JT5aj8Grywf7uIQmWk7NHgm3JKfDMAhwde/BcQ=
Subject key identifier: 72:FC:D3:CF:63:97:04:1F:F2:89:D2:41:37:17:17:67:1C:18:76:B6
Certificate issuer: /CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Certificate serial: 01941F8C3407534B4B293390A5BB19FA5B35
Authority key identifier: 27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cvzTz2OXBB_yidJBNxcXZxwYdrY.roa
Signing time: Wed 01 Jan 2025 01:47:49 +0000
ROA not before: Wed 01 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15623
IP address blocks: 62.12.128.0/17 maxlen: 17
193.5.123.0/24 maxlen: 24
193.246.253.0/24 maxlen: 24
193.247.205.0/24 maxlen: 24
195.144.160.0/19 maxlen: 19
195.226.0.0/19 maxlen: 19
212.45.192.0/19 maxlen: 19
212.55.192.0/19 maxlen: 19
213.158.128.0/19 maxlen: 19
213.189.128.0/19 maxlen: 19
217.14.64.0/20 maxlen: 20
217.75.16.0/21 maxlen: 21
217.75.24.0/21 maxlen: 21
2001:8a8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:34:07:53:4b:4b:29:33:90:a5:bb:19:fa:5b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Validity
Not Before: Jan 1 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72fcd3cf6397041ff289d241371717671c1876b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ab:19:16:a3:1c:cf:60:ae:78:f0:3b:2b:dc:
fc:be:e5:e1:de:5f:7f:1b:90:a7:b7:7a:85:54:24:
74:36:cc:a6:3a:4f:98:f6:e0:93:09:c7:41:1c:4b:
09:ef:00:d3:4b:66:bc:0a:43:49:58:7e:7c:ae:03:
16:61:d8:b6:d7:8b:9c:24:2c:e3:92:18:a5:e3:19:
54:f0:de:c4:96:dd:7d:43:50:9e:a3:50:cf:e8:ce:
08:87:c4:ed:37:ad:a2:ad:2b:ae:c5:07:1a:34:f7:
a5:8c:5a:b6:dd:4a:e6:f1:93:68:91:77:e4:00:3f:
9d:78:0b:b4:de:2d:17:55:be:61:d3:aa:e2:30:db:
c6:c5:70:7a:7b:b8:21:cc:22:a3:da:eb:f0:39:97:
bd:22:45:46:14:ef:32:5d:f1:bd:26:a1:ef:91:6d:
1b:90:9a:ff:81:c1:4c:e2:02:3c:d2:07:82:1f:ec:
78:40:f0:fe:05:c1:e8:13:4c:73:da:b7:46:6b:e6:
ba:e8:1c:c6:d3:6e:9d:1a:30:ed:5f:e3:b8:9f:5d:
97:28:af:e3:99:78:d7:6c:1f:e5:2b:c7:cf:7f:62:
34:1c:0c:a2:0d:0a:12:b9:fb:36:4b:d2:34:42:f2:
5d:4d:c2:94:4d:91:e0:ce:07:60:64:ee:9c:af:ac:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FC:D3:CF:63:97:04:1F:F2:89:D2:41:37:17:17:67:1C:18:76:B6
X509v3 Authority Key Identifier:
keyid:27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/cvzTz2OXBB_yidJBNxcXZxwYdrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.12.128.0/17
193.5.123.0/24
193.246.253.0/24
193.247.205.0/24
195.144.160.0/19
195.226.0.0/19
212.45.192.0/19
212.55.192.0/19
213.158.128.0/19
213.189.128.0/19
217.14.64.0/20
217.75.16.0/20
IPv6:
2001:8a8::/32
Signature Algorithm: sha256WithRSAEncryption
93:2b:f3:85:17:12:00:40:25:6f:5d:9f:90:ac:ea:1d:ec:01:
52:ce:a4:31:7b:b7:ed:37:fa:9f:a3:eb:ce:84:2c:bc:c2:18:
fd:85:c9:35:6e:9e:e0:7e:de:6c:c7:3e:1f:54:ee:34:3e:31:
3d:61:c6:35:bb:52:56:8c:76:c5:a5:5e:6a:9b:f9:2e:60:47:
40:60:95:85:b9:9f:db:17:83:49:a3:d8:7e:8c:07:6a:c9:41:
ee:79:93:ba:15:d9:3d:f7:c6:e5:06:ca:e9:51:c2:32:9a:a4:
7a:73:b4:33:64:44:dc:60:8f:6f:01:2e:b5:1c:e6:7e:f2:e6:
9e:08:42:8e:24:b7:ac:57:6c:63:ec:c7:f1:cd:32:06:b0:90:
76:3b:17:45:44:a5:28:66:06:f1:3c:6a:1c:27:f9:cb:f4:fc:
83:39:7c:b7:01:55:b8:d1:4e:5a:e9:0c:f9:34:0c:0b:ae:fa:
fe:bb:cb:29:55:49:ae:61:10:c8:2c:30:48:51:1f:c7:6b:65:
26:b7:32:40:ce:dd:33:70:e5:c6:d3:66:a9:bc:23:27:45:53:
a8:a2:16:3a:7c:f6:4e:cc:47:f4:3d:08:e9:b8:10:f1:b3:2e:
69:eb:e4:27:5c:52:7c:46:45:2e:56:0e:7b:d8:7b:9b:68:93:
29:54:7a:97
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQfjDQHU0tLKTOQpbsZ+ls1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjUxODBmOWI5M2FlNzU3M2MwOGE4OTRiZDQ1MmJkNzdj
ZTU2Y2QwHhcNMjUwMTAxMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZjZDNjZjYzOTcwNDFmZjI4OWQyNDEzNzE3MTc2NzFjMTg3NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKsZFqMcz2CuePA7K9z8vuXh3l9/
G5Cnt3qFVCR0NsymOk+Y9uCTCcdBHEsJ7wDTS2a8CkNJWH58rgMWYdi214ucJCzj
khil4xlU8N7Elt19Q1Ceo1DP6M4Ih8TtN62irSuuxQcaNPeljFq23Urm8ZNokXfk
AD+deAu03i0XVb5h06riMNvGxXB6e7ghzCKj2uvwOZe9IkVGFO8yXfG9JqHvkW0b
kJr/gcFM4gI80geCH+x4QPD+BcHoE0xz2rdGa+a66BzG026dGjDtX+O4n12XKK/j
mXjXbB/lK8fPf2I0HAyiDQoSufs2S9I0QvJdTcKUTZHgzgdgZO6cr6wSoQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHL8089jlwQf8onSQTcXF2ccGHa2MB8GA1UdIwQY
MBaAFCf1GA+bk651c8CKiUvUUr13zlbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMt
MzBmZWUyN2U4NGNiLzEvY3Z6VHoyT1hCQl95aWRKQk54Y1haeHdZZHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMtMzBmZWUyN2U4NGNi
LzEvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHPgyAAwQA
wQV7AwQAwfb9AwQAwffNAwQFw5CgAwQFw+IAAwQF1C3AAwQF1DfAAwQF1Z6AAwQF
1b2AAwQE2Q5AAwQE2UsQMA0EAgACMAcDBQAgAQioMA0GCSqGSIb3DQEBCwUAA4IB
AQCTK/OFFxIAQCVvXZ+QrOod7AFSzqQxe7ftN/qfo+vOhCy8whj9hck1bp7gft5s
xz4fVO40PjE9YcY1u1JWjHbFpV5qm/kuYEdAYJWFuZ/bF4NJo9h+jAdqyUHueZO6
Fdk998blBsrpUcIymqR6c7QzZETcYI9vAS61HOZ+8uaeCEKOJLesV2xj7MfxzTIG
sJB2OxdFRKUoZgbxPGocJ/nL9PyDOXy3AVW40U5a6Qz5NAwLrvr+u8spVUmuYRDI
LDBIUR/Ha2UmtzJAzt0zcOXG02apvCMnRVOoohY6fPZOzEf0PQjpuBDxsy5p6+Qn
XFJ8RkUuVg572HubaJMpVHqX
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:43 2025 by rpki-client