Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/JZWAkG_yh8yZ0p1XkBKfFhUxkzM.roa
File: JZWAkG_yh8yZ0p1XkBKfFhUxkzM.roa (raw, json)
Hash identifier: mIKN02byiiTg7X+L6VcduX+puvD396/BSgkDBnMhT70=
Subject key identifier: 25:95:80:90:6F:F2:87:CC:99:D2:9D:57:90:12:9F:16:15:31:93:33
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 01878044C230F6B4C496E7F2E0BC7572BA77
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/JZWAkG_yh8yZ0p1XkBKfFhUxkzM.roa
Signing time: Fri 14 Apr 2023 14:56:42 +0000
ROA not before: Fri 14 Apr 2023 14:56:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 46.33.64.0/19 maxlen: 24
192.16.202.0/24 maxlen: 24
194.121.52.0/22 maxlen: 22
77.67.0.0/17 maxlen: 24
134.222.0.0/16 maxlen: 16
212.222.0.0/16 maxlen: 24
212.221.0.0/17 maxlen: 24
213.251.0.0/18 maxlen: 24
185.160.40.0/22 maxlen: 22
213.254.192.0/18 maxlen: 24
62.132.114.0/23 maxlen: 23
62.132.116.0/23 maxlen: 23
62.132.132.0/23 maxlen: 23
192.129.32.0/23 maxlen: 23
192.129.36.0/24 maxlen: 24
192.129.43.0/24 maxlen: 24
192.129.44.0/24 maxlen: 24
192.129.46.0/23 maxlen: 23
192.129.48.0/23 maxlen: 23
192.129.54.0/24 maxlen: 24
62.41.160.0/24 maxlen: 24
192.129.56.0/23 maxlen: 24
62.41.80.0/22 maxlen: 24
62.41.84.0/23 maxlen: 24
62.41.102.0/24 maxlen: 24
212.115.128.0/18 maxlen: 24
213.200.64.0/18 maxlen: 18
195.143.0.0/16 maxlen: 24
141.136.96.0/20 maxlen: 20
89.149.128.0/18 maxlen: 24
87.119.64.0/18 maxlen: 24
92.71.0.0/17 maxlen: 17
192.67.190.0/23 maxlen: 23
192.67.192.0/22 maxlen: 22
192.67.196.0/24 maxlen: 24
77.77.128.0/18 maxlen: 24
62.41.16.0/21 maxlen: 24
62.132.0.0/22 maxlen: 22
62.41.24.0/22 maxlen: 24
62.132.16.0/22 maxlen: 22
62.132.24.0/23 maxlen: 23
62.41.32.0/24 maxlen: 24
62.41.37.0/24 maxlen: 24
62.132.28.0/24 maxlen: 24
92.71.128.0/18 maxlen: 18
62.132.42.0/23 maxlen: 23
62.41.56.0/21 maxlen: 24
62.41.64.0/20 maxlen: 24
192.54.104.0/24 maxlen: 24
62.41.0.0/20 maxlen: 24
2a00:1750::/32 maxlen: 32
2001:668::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:44:c2:30:f6:b4:c4:96:e7:f2:e0:bc:75:72:ba:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Apr 14 14:56:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=259580906ff287cc99d29d5790129f1615319333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:4e:64:87:25:86:1c:1f:63:cb:86:16:b3:
fd:62:e7:7b:3c:d1:0e:06:a8:4c:5a:4c:8c:b2:54:
f3:c7:7d:b4:41:00:c6:99:2a:ec:0d:92:35:ad:90:
82:d2:4f:aa:26:a8:67:83:57:68:39:45:f1:b8:55:
e7:ec:1f:0e:32:1c:11:7b:d1:0e:6e:e5:da:6c:50:
98:7e:40:49:9c:aa:97:1a:c7:3b:06:2b:17:b8:7b:
77:d9:11:2f:35:be:47:4a:00:c8:0f:6e:ac:ed:7e:
11:44:c6:47:6a:c3:e7:ed:a6:d5:8b:5d:7e:83:22:
3b:74:2b:a3:67:2e:5b:0f:a9:26:a6:cf:47:51:34:
38:3f:f8:9e:95:56:8e:b1:52:a4:56:97:26:c0:86:
15:6d:32:c2:ca:9e:bc:f7:d4:30:bd:31:a2:0f:fa:
9a:bd:fa:c8:51:64:ab:c6:7d:e6:5a:f7:c7:ff:bd:
c2:f6:2a:13:57:c3:90:ec:e0:2d:bb:29:3b:9e:41:
96:1a:5b:1e:54:fa:b0:c2:a5:e7:ab:69:7b:43:1e:
ea:88:80:c6:1a:21:aa:03:7b:06:70:c0:e5:2c:e4:
56:c1:88:02:2c:b3:f9:59:a6:42:0a:68:4a:84:57:
ef:7c:b0:c3:7e:97:1a:33:20:88:26:ed:f4:ac:aa:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:95:80:90:6F:F2:87:CC:99:D2:9D:57:90:12:9F:16:15:31:93:33
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/JZWAkG_yh8yZ0p1XkBKfFhUxkzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
77.67.0.0/17
77.77.128.0/18
87.119.64.0/18
89.149.128.0/18
92.71.0.0-92.71.191.255
134.222.0.0/16
141.136.96.0/20
185.160.40.0/22
192.16.202.0/24
192.54.104.0/24
192.67.190.0-192.67.196.255
192.129.32.0/23
192.129.36.0/24
192.129.43.0-192.129.44.255
192.129.46.0-192.129.49.255
192.129.54.0/24
192.129.56.0/23
194.121.52.0/22
195.143.0.0/16
212.115.128.0/18
212.221.0.0/17
212.222.0.0/16
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
IPv6:
2001:668::/29
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
8c:40:d3:73:97:c1:70:74:c5:68:6d:39:18:f0:65:fb:87:03:
83:4b:c6:93:15:d4:aa:01:48:1f:7d:dc:98:c7:4e:5c:ac:55:
b9:65:d9:b8:64:fe:e5:16:ea:09:bc:6e:8c:29:96:3c:1d:03:
3b:ab:d3:ac:1f:15:53:1e:36:0d:43:17:fa:dd:53:97:be:7d:
5b:1a:4b:32:f5:58:90:d3:b6:c2:d1:89:fe:88:c1:46:c8:65:
5f:8d:a1:60:16:d6:5c:3e:9b:67:e0:5f:0b:21:9b:73:90:e2:
78:68:54:dd:4d:3c:fb:ed:fc:ba:7d:63:4c:3d:5b:15:8e:02:
14:a1:16:4f:b2:50:9e:bd:28:00:7e:35:4d:7e:fa:0c:40:c8:
77:4c:4e:df:16:cb:17:6b:b8:17:7a:11:09:bf:6c:02:38:3a:
e1:b5:87:3d:bf:43:88:2b:7f:2c:01:e0:8d:71:12:45:c8:59:
19:1b:c7:17:a4:a8:f5:d9:3e:90:b2:7c:57:d5:f1:d9:3c:85:
19:70:1b:5f:04:36:d3:bd:f6:be:52:7f:81:c9:d8:91:f8:53:
0d:45:e1:9b:a5:e0:89:f6:46:82:f1:78:df:e3:78:98:d7:f2:
58:f1:33:12:c4:9b:17:14:be:d7:e9:ab:ae:80:2f:f6:a6:ab:
c0:e4:22:9f
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgISAYeARMIw9rTElufy4Lx1crp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwNDE0MTQ1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTk1ODA5MDZmZjI4N2NjOTlkMjlkNTc5MDEyOWYxNjE1MzE5MzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSZOZIclhhwfY8uGFrP9Yud7PNEO
BqhMWkyMslTzx320QQDGmSrsDZI1rZCC0k+qJqhng1doOUXxuFXn7B8OMhwRe9EO
buXabFCYfkBJnKqXGsc7BisXuHt32REvNb5HSgDID26s7X4RRMZHasPn7abVi11+
gyI7dCujZy5bD6kmps9HUTQ4P/ielVaOsVKkVpcmwIYVbTLCyp6899QwvTGiD/qa
vfrIUWSrxn3mWvfH/73C9ioTV8OQ7OAtuyk7nkGWGlseVPqwwqXnq2l7Qx7qiIDG
GiGqA3sGcMDlLORWwYgCLLP5WaZCCmhKhFfvfLDDfpcaMyCIJu30rKrSzwIDAQAB
o4IDQDCCAzwwHQYDVR0OBBYEFCWVgJBv8ofMmdKdV5ASnxYVMZMzMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvSlpXQWtHX3loOHlaMHAxWGtCS2ZGaFV4a3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVAYIKwYBBQUHAQcBAf8EggFDMIIBPzCCASUEAgABMIIB
HQMEBS4hQDALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAME
AD4pZgMEAD4poAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAMAwQBPoRy
AwQBPoR0AwQBPoSEAwQHTUMAAwQGTU2AAwQGV3dAAwQGWZWAMAsDAwBcRwMEBlxH
gAMDAIbeAwQEjYhgAwQCuaAoAwQAwBDKAwQAwDZoMAwDBAHAQ74DBADAQ8QDBAHA
gSADBADAgSQwDAMEAMCBKwMEAMCBLDAMAwQBwIEuAwQBwIEwAwQAwIE2AwQBwIE4
AwQCwnk0AwMAw48DBAbUc4ADBAfU3QADAwDU3gMEBtXIQAMEBtX7AAMEBtX+wDAU
BAIAAjAOAwUDIAEGaAMFACoAF1AwDQYJKoZIhvcNAQELBQADggEBAIxA03OXwXB0
xWhtORjwZfuHA4NLxpMV1KoBSB993JjHTlysVbll2bhk/uUW6gm8bowpljwdAzur
06wfFVMeNg1DF/rdU5e+fVsaSzL1WJDTtsLRif6IwUbIZV+NoWAW1lw+m2fgXwsh
m3OQ4nhoVN1NPPvt/Lp9Y0w9WxWOAhShFk+yUJ69KAB+NU1++gxAyHdMTt8Wyxdr
uBd6EQm/bAI4OuG1hz2/Q4grfywB4I1xEkXIWRkbxxekqPXZPpCyfFfV8dk8hRlw
G18ENtO99r5Sf4HJ2JH4Uw1F4Zul4In2RoLxeN/jeJjX8ljxMxLEmxcUvtfpq66A
L/amq8DkIp8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:34 2025 by rpki-client