Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZhGqPed6SV6VAReQbOcjGPAzA1Q.roa
File: ZhGqPed6SV6VAReQbOcjGPAzA1Q.roa (raw, json)
Hash identifier: xH/osf1WigfOpLrGb41BH70+VN1iR3FXURtuUX2+ETg=
Subject key identifier: 66:11:AA:3D:E7:7A:49:5E:95:01:17:90:6C:E7:23:18:F0:33:03:54
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019424453353BF382720811D7575B4254F75
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZhGqPed6SV6VAReQbOcjGPAzA1Q.roa
Signing time: Wed 01 Jan 2025 23:48:22 +0000
ROA not before: Wed 01 Jan 2025 23:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
31.222.243.0/24 maxlen: 24
31.222.250.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
45.147.168.0/22 maxlen: 22
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.56.36.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.202.106.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.96.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
212.18.122.0/24 maxlen: 24
212.52.4.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:33:53:bf:38:27:20:81:1d:75:75:b4:25:4f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6611aa3de77a495e950117906ce72318f0330354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d4:db:d8:94:dc:1b:fa:0d:cb:4d:f2:8b:6e:
d8:58:30:26:af:9a:37:db:d9:cc:c2:fe:85:03:b2:
22:48:47:e7:40:01:2f:f9:c5:ea:40:82:30:39:f5:
fb:c8:ef:56:3c:15:87:cc:e5:1c:37:2f:da:7b:82:
ea:6b:67:a0:d3:f2:02:1b:1e:56:3e:d1:2f:6b:d3:
45:dc:dc:fb:0c:41:5e:af:a0:16:08:74:4d:a4:2b:
91:ca:d1:8b:5e:05:9a:2c:38:d9:c7:08:79:31:04:
16:b6:08:1b:ef:4d:97:65:d5:ae:51:33:d0:c0:ea:
b7:a2:be:d4:33:47:ab:c3:eb:c2:b7:30:15:bf:41:
57:09:1a:8d:02:82:1c:66:5a:57:0f:f7:d1:34:5e:
3d:0e:13:b7:10:db:eb:14:ff:9b:04:b8:36:00:ed:
c0:e5:00:5f:da:a6:8e:86:4d:0f:b7:2c:d8:eb:78:
9f:cd:fd:c8:c1:cc:de:57:fc:53:99:d9:56:47:03:
14:ae:a4:23:e1:5b:a1:2c:02:a7:c4:7f:3a:06:16:
c9:cd:dd:20:e5:1d:13:87:c0:01:66:02:5a:9d:4e:
ac:a1:76:d4:ed:7f:25:60:53:f0:30:2c:17:35:3f:
d5:3c:3f:ea:61:99:a6:7b:aa:b1:07:2e:af:65:93:
0f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:11:AA:3D:E7:7A:49:5E:95:01:17:90:6C:E7:23:18:F0:33:03:54
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZhGqPed6SV6VAReQbOcjGPAzA1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
31.222.243.0/24
31.222.250.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
45.89.68.0/24
45.89.71.0/24
45.147.168.0/22
91.188.220.0/24
94.158.188.0/24
176.56.35.0-176.56.36.255
176.124.34.0/24
185.202.106.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.96.150.0/24
195.225.96.0/24
212.18.100.0/24
212.18.122.0/24
212.52.4.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
46:a3:0f:d0:53:08:f2:3f:ad:03:ea:e0:29:13:2c:3f:a4:f8:
d6:e0:9b:19:da:ff:a7:13:75:57:4a:51:09:49:b4:04:e4:f4:
db:90:70:26:40:0a:ae:df:01:2a:c0:68:b8:7c:7d:a6:2c:49:
5d:a7:02:22:52:7a:80:e5:c6:98:81:82:02:63:df:2c:0b:9e:
a0:31:63:f7:7e:18:76:45:c4:a0:df:bd:58:b9:fd:18:8a:e5:
3a:93:39:91:02:0e:86:73:87:2b:b1:01:35:06:41:5b:62:fa:
e1:93:f8:e6:23:cb:9b:fe:68:1a:91:50:bf:37:37:bb:b5:2c:
9f:19:7e:f7:6d:51:fe:4b:2c:76:69:0f:1a:74:6e:d8:e1:23:
a0:4e:6a:30:a0:b3:0c:4f:ba:ee:48:3a:8d:ad:46:3d:6a:ca:
1d:dd:bb:a2:fc:82:2d:97:1a:ea:ae:e6:f6:e9:9b:5f:51:50:
d5:67:dc:bf:7e:42:31:d6:15:b3:7d:24:35:1f:67:5c:2c:f5:
48:b0:34:51:5f:97:d6:1a:a4:0d:f1:48:14:3b:59:cf:c8:e6:
58:03:da:71:c5:56:21:14:a0:e7:df:8e:5d:00:60:9d:dc:e0:
99:53:06:a7:22:47:84:f1:18:6e:01:43:db:60:a1:f0:ed:ce:
7d:26:c4:e1
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZQkRTNTvzgnIIEddXW0JU91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjExYWEzZGU3N2E0OTVlOTUwMTE3OTA2Y2U3MjMxOGYwMzMwMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9Tb2JTcG/oNy03yi27YWDAmr5o3
29nMwv6FA7IiSEfnQAEv+cXqQIIwOfX7yO9WPBWHzOUcNy/ae4Lqa2eg0/ICGx5W
PtEva9NF3Nz7DEFer6AWCHRNpCuRytGLXgWaLDjZxwh5MQQWtggb702XZdWuUTPQ
wOq3or7UM0erw+vCtzAVv0FXCRqNAoIcZlpXD/fRNF49DhO3ENvrFP+bBLg2AO3A
5QBf2qaOhk0PtyzY63ifzf3IwczeV/xTmdlWRwMUrqQj4VuhLAKnxH86BhbJzd0g
5R0Th8ABZgJanU6soXbU7X8lYFPwMCwXNT/VPD/qYZmme6qxBy6vZZMPIQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFGYRqj3neklelQEXkGznIxjwMwNUMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvWmhHcVBlZDZTVjZWQVJlUWJPY2pHUEF6QTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAC
OzADBAAf3vADBAAf3vMDBAAf3voDBAAl3VADBAAtCxYDBAAtDt0DBAAtWUQDBAAt
WUcDBAItk6gDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnKagME
ALnUcAMEALnqCAMEALxfRwMEAMEDEgMEAMHJcgMEAMIg8AMEAMMSGgMEAMNFlAME
AMNFlgMEAMNglgMEAMPhYAMEANQSZAMEANQSegMEANQ0BAMEANVtzjANBgkqhkiG
9w0BAQsFAAOCAQEARqMP0FMI8j+tA+rgKRMsP6T41uCbGdr/pxN1V0pRCUm0BOT0
25BwJkAKrt8BKsBouHx9pixJXacCIlJ6gOXGmIGCAmPfLAueoDFj934YdkXEoN+9
WLn9GIrlOpM5kQIOhnOHK7EBNQZBW2L64ZP45iPLm/5oGpFQvzc3u7Usnxl+921R
/kssdmkPGnRu2OEjoE5qMKCzDE+67kg6ja1GPWrKHd27ovyCLZca6q7m9umbX1FQ
1Wfcv35CMdYVs30kNR9nXCz1SLA0UV+X1hqkDfFIFDtZz8jmWAPaccVWIRSg59+O
XQBgndzgmVMGpyJHhPEYbgFD22Ch8O3OfSbE4Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:37:56 2025 by rpki-client