Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/ZQfF82X5Ch7UBsp8qdrD76xI6r8.roa
File: ZQfF82X5Ch7UBsp8qdrD76xI6r8.roa (raw, json)
Hash identifier: txTX1HHjSKy1CtqYM165/ezSG8hqbKj9Q2UT7Xl9Eno=
Subject key identifier: 65:07:C5:F3:65:F9:0A:1E:D4:06:CA:7C:A9:DA:C3:EF:AC:48:EA:BF
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01856EF4305409BC6CAC86BD89A83CD7B87E
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/ZQfF82X5Ch7UBsp8qdrD76xI6r8.roa
Signing time: Sun 01 Jan 2023 20:09:34 +0000
ROA not before: Sun 01 Jan 2023 20:09:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/22 maxlen: 22
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:30:54:09:bc:6c:ac:86:bd:89:a8:3c:d7:b8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Jan 1 20:09:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6507c5f365f90a1ed406ca7ca9dac3efac48eabf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:03:c5:7b:27:9e:b6:c1:65:53:3e:5d:b3:
0a:e4:16:d4:4b:8d:38:10:94:c5:2e:50:06:04:79:
75:13:64:ab:00:32:1f:62:18:a8:48:47:01:9e:d3:
db:06:b3:c9:7a:f8:05:e1:30:bc:ad:03:6c:9a:5f:
d4:50:bf:3b:e3:46:32:7f:48:2e:8b:4c:f5:41:58:
d1:a9:bc:9b:93:79:16:14:43:ab:42:1d:56:18:a0:
20:49:69:93:ec:c5:ce:7c:31:0a:e3:b6:c1:34:36:
75:df:88:67:95:a9:da:32:33:8d:1b:bb:37:38:b6:
b7:e8:10:ce:54:ee:a8:ec:e1:a8:7e:cf:ad:b1:e4:
cc:4d:12:f3:43:9b:78:46:52:c2:1d:a5:bd:95:f3:
0c:06:cc:f6:8d:21:8f:8f:fe:5b:1e:f0:e9:13:56:
70:b4:36:2f:a3:55:45:e0:ae:a2:3e:79:2e:69:9e:
e4:85:4f:65:cd:36:13:84:0b:ff:e9:4e:97:ee:d2:
40:18:5e:dd:6f:d6:c2:2f:15:47:24:b6:a7:5c:b2:
35:90:57:b1:6f:38:e3:28:d0:03:d3:9a:f5:ca:6c:
59:e6:17:3f:e9:de:31:5e:c0:5a:ea:0d:ff:91:ab:
b6:93:73:ad:9c:2e:16:ab:a7:76:9f:28:60:a0:0a:
42:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:07:C5:F3:65:F9:0A:1E:D4:06:CA:7C:A9:DA:C3:EF:AC:48:EA:BF
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/ZQfF82X5Ch7UBsp8qdrD76xI6r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:3c:50:e5:51:16:a4:26:8a:a1:d7:41:1e:fc:c2:7d:40:a3:
d9:7a:a4:9f:75:c6:81:25:3e:37:92:85:3f:b5:b5:1c:a3:7a:
65:84:d4:41:9e:d4:b6:79:ce:9e:e9:47:78:7b:42:79:a6:4b:
1f:16:e3:d6:f8:e4:4d:0d:c2:52:f0:5e:3a:33:da:9a:7b:16:
36:55:b3:b9:54:a4:a6:2d:be:98:6a:df:13:f0:17:3c:05:05:
56:94:a6:e0:0c:f1:f1:2a:16:79:7c:c0:7c:6b:eb:66:7c:a7:
15:cc:04:c0:55:d3:ed:3e:b9:86:2c:8f:3a:18:aa:ae:47:65:
87:c5:82:6c:5b:37:e0:c3:13:b3:7b:8e:f8:56:36:90:62:95:
6f:c3:54:f5:9b:d5:d4:bb:d1:9e:a9:b1:c4:3d:9f:bd:1d:5f:
74:c5:4e:0b:d0:d4:22:76:73:ed:8f:ac:84:0d:9e:9c:57:c5:
34:34:cf:4a:43:f8:1b:ad:40:0d:e0:cf:35:33:a8:c9:68:73:
73:70:dc:68:95:36:43:32:bd:f2:67:39:d8:4b:e1:44:0e:78:
ec:2a:69:06:0d:c9:1e:b0:d4:88:bb:3f:e1:0d:17:3c:1f:99:
a2:66:39:99:98:4a:bc:fe:12:79:7d:7c:b1:ec:e0:d5:6c:d7:
a3:11:b4:36
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYVu9DBUCbxsrIa9iag817h+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMwMTAxMjAwOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTA3YzVmMzY1ZjkwYTFlZDQwNmNhN2NhOWRhYzNlZmFjNDhlYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvIDxXsnnrbBZVM+XbMK5BbUS404
EJTFLlAGBHl1E2SrADIfYhioSEcBntPbBrPJevgF4TC8rQNsml/UUL8740Yyf0gu
i0z1QVjRqbybk3kWFEOrQh1WGKAgSWmT7MXOfDEK47bBNDZ134hnlanaMjONG7s3
OLa36BDOVO6o7OGofs+tseTMTRLzQ5t4RlLCHaW9lfMMBsz2jSGPj/5bHvDpE1Zw
tDYvo1VF4K6iPnkuaZ7khU9lzTYThAv/6U6X7tJAGF7db9bCLxVHJLanXLI1kFex
bzjjKNAD05r1ymxZ5hc/6d4xXsBa6g3/kau2k3OtnC4Wq6d2nyhgoApCOwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFGUHxfNl+Qoe1AbKfKnaw++sSOq/MB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvWlFmRjgyWDVDaDdVQnNwOHFkckQ3NnhJNnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA2BAIAATAwAwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCkEAgACMCMD
BQMqBCfAAwUDKgluQAMFAyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG9w0BAQsF
AAOCAQEALjxQ5VEWpCaKoddBHvzCfUCj2Xqkn3XGgSU+N5KFP7W1HKN6ZYTUQZ7U
tnnOnulHeHtCeaZLHxbj1vjkTQ3CUvBeOjPamnsWNlWzuVSkpi2+mGrfE/AXPAUF
VpSm4Azx8SoWeXzAfGvrZnynFcwEwFXT7T65hiyPOhiqrkdlh8WCbFs34MMTs3uO
+FY2kGKVb8NU9ZvV1LvRnqmxxD2fvR1fdMVOC9DUInZz7Y+shA2enFfFNDTPSkP4
G61ADeDPNTOoyWhzc3DcaJU2QzK98mc52EvhRA547CppBg3JHrDUiLs/4Q0XPB+Z
omY5mZhKvP4SeX18sezg1WzXoxG0Ng==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:57 2025 by rpki-client