Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/9zg6zzryzRE_5pPhzN2U-e5xwlg.roa
File: 9zg6zzryzRE_5pPhzN2U-e5xwlg.roa (raw, json)
Hash identifier: pdAv67n4SQaO9xddQ4dIE/lpavsU5g+9eaPvVku2Wkw=
Subject key identifier: F7:38:3A:CF:3A:F2:CD:11:3F:E6:93:E1:CC:DD:94:F9:EE:71:C2:58
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 0190FF74D2E9F2C4E03A7EA2A27104ABCABC
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/9zg6zzryzRE_5pPhzN2U-e5xwlg.roa
Signing time: Mon 29 Jul 2024 17:06:04 +0000
ROA not before: Mon 29 Jul 2024 17:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 84.18.0.0/19 maxlen: 24
92.60.160.0/20 maxlen: 24
92.60.170.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
185.66.60.0/22 maxlen: 24
185.66.60.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
195.5.64.0/19 maxlen: 24
212.49.128.0/18 maxlen: 24
212.59.192.0/19 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 24
212.66.164.0/22 maxlen: 24
212.66.168.0/21 maxlen: 24
212.66.176.0/20 maxlen: 24
212.163.0.0/16 maxlen: 24
213.9.128.0/17 maxlen: 24
213.192.192.0/18 maxlen: 24
2001:ac0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ff:74:d2:e9:f2:c4:e0:3a:7e:a2:a2:71:04:ab:ca:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jul 29 17:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7383acf3af2cd113fe693e1ccdd94f9ee71c258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ff:65:b4:c1:09:37:75:18:45:a3:f1:8c:70:
0d:ee:2e:39:03:42:d2:05:d6:65:ab:c5:f2:62:5e:
de:7f:22:f7:18:d9:cb:43:21:29:40:0c:4e:b0:0f:
d7:bb:9c:82:fb:70:30:41:9a:90:81:97:fd:a2:ce:
50:69:36:91:2b:90:ca:8b:d7:60:b7:e3:ab:e0:48:
cb:3e:d0:1e:c2:27:b0:d3:63:43:2a:ea:a7:97:a8:
3d:a3:08:76:85:ee:2f:ce:15:49:22:4e:9b:35:bf:
fd:63:4e:a7:6c:21:74:35:47:e5:91:31:40:74:d6:
65:d5:df:f2:bc:56:0c:fa:bc:c1:35:68:74:d4:b9:
93:65:36:e8:17:a7:70:15:1a:75:0c:37:a1:25:b4:
68:b3:94:54:ab:7e:95:87:87:fa:d1:56:07:36:95:
f7:a8:6e:dd:dd:cd:72:ed:27:95:6c:3c:90:11:fb:
61:39:1c:2a:8a:39:9b:e8:43:e3:a4:e2:b9:13:d4:
29:28:4b:66:71:04:8e:9a:83:32:7e:27:1a:64:b8:
30:cc:94:68:1f:7a:25:4f:cb:f5:48:c0:72:0a:fb:
32:f9:2d:4c:0a:95:50:01:65:b7:48:71:11:3b:42:
bf:29:2d:fa:ce:1b:60:3f:93:16:8f:b2:32:af:c3:
fc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:38:3A:CF:3A:F2:CD:11:3F:E6:93:E1:CC:DD:94:F9:EE:71:C2:58
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/9zg6zzryzRE_5pPhzN2U-e5xwlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
195.5.64.0/19
212.49.128.0/18
212.59.192.0/19
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:cf:79:01:17:08:6b:8a:bd:9b:18:54:8f:50:d5:40:75:05:
71:73:47:e0:d3:52:2a:ed:a1:dc:47:04:53:9f:e3:6a:ee:01:
2f:77:ba:88:f3:2c:2a:41:be:aa:2c:1e:f3:98:a9:32:4d:4c:
09:47:81:0a:e0:f6:b7:7c:2e:62:04:bd:40:4c:e0:0a:7a:38:
ca:e9:73:a4:f9:ff:f7:3b:36:56:93:8b:f2:ed:94:68:dd:c7:
f8:45:9d:56:86:83:47:e3:02:7a:49:1d:e6:2e:3d:53:ee:41:
a1:85:3b:37:6a:11:fe:86:0b:64:40:f2:64:5e:d2:e7:48:83:
ce:e4:48:1c:f5:ae:13:5c:41:4f:49:b1:fa:50:63:23:a7:d7:
e1:fb:9a:3c:40:7b:a7:f1:a4:2e:b0:db:35:41:3d:95:0e:66:
43:d8:90:93:79:85:e7:c5:79:27:cb:92:19:de:f6:73:61:10:
5c:47:be:a8:d3:8a:6f:1b:00:3b:6c:69:b5:14:56:d3:b2:72:
3b:20:90:a4:bc:67:ef:19:51:bc:55:4a:76:c6:1e:95:9a:d0:
a7:17:8b:a4:20:05:1b:8e:70:db:ad:fd:6d:e0:c0:90:a6:ce:
84:89:be:55:87:76:86:90:37:5d:f8:be:35:af:8e:95:a2:19:
b6:d5:05:38
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZD/dNLp8sTgOn6ionEEq8q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwNzI5MTcwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzM4M2FjZjNhZjJjZDExM2ZlNjkzZTFjY2RkOTRmOWVlNzFjMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/9ltMEJN3UYRaPxjHAN7i45A0LS
BdZlq8XyYl7efyL3GNnLQyEpQAxOsA/Xu5yC+3AwQZqQgZf9os5QaTaRK5DKi9dg
t+Or4EjLPtAewiew02NDKuqnl6g9owh2he4vzhVJIk6bNb/9Y06nbCF0NUflkTFA
dNZl1d/yvFYM+rzBNWh01LmTZTboF6dwFRp1DDehJbRos5RUq36Vh4f60VYHNpX3
qG7d3c1y7SeVbDyQEfthORwqijmb6EPjpOK5E9QpKEtmcQSOmoMyficaZLgwzJRo
H3olT8v1SMByCvsy+S1MCpVQAWW3SHERO0K/KS36zhtgP5MWj7Iyr8P8PwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFPc4Os868s0RP+aT4czdlPnuccJYMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvOXpnNnp6cnl6UkVfNXBQaHpOMlUtZTV4d2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBJBAIAATBDAwQFVBIAAwQE
XDygAwQCuUI8AwQFwwVAAwQG1DGAAwQF1DvAMAwDBADUQqEDBAbUQoADAwDUowME
B9UJgAMEBtXAwDANBAIAAjAHAwUDIAEKwDANBgkqhkiG9w0BAQsFAAOCAQEAas95
ARcIa4q9mxhUj1DVQHUFcXNH4NNSKu2h3EcEU5/jau4BL3e6iPMsKkG+qiwe85ip
Mk1MCUeBCuD2t3wuYgS9QEzgCno4yulzpPn/9zs2VpOL8u2UaN3H+EWdVoaDR+MC
ekkd5i49U+5BoYU7N2oR/oYLZEDyZF7S50iDzuRIHPWuE1xBT0mx+lBjI6fX4fua
PEB7p/GkLrDbNUE9lQ5mQ9iQk3mF58V5J8uSGd72c2EQXEe+qNOKbxsAO2xptRRW
07JyOyCQpLxn7xlRvFVKdsYelZrQpxeLpCAFG45w2639beDAkKbOhIm+VYd2hpA3
Xfi+Na+OlaIZttUFOA==
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:23:57 2024 by rpki-client on console-ams.rpki-client.org