Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/rzrW1TWZL4bnPJ-nB128HmDlFaY.roa
File: rzrW1TWZL4bnPJ-nB128HmDlFaY.roa (raw, json)
Hash identifier: jgoKQgRuGI4ln2b618FpeT2y9vZl1AD1XL8CqPtrGN8=
Subject key identifier: AF:3A:D6:D5:35:99:2F:86:E7:3C:9F:A7:07:5D:BC:1E:60:E5:15:A6
Certificate issuer: /CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Certificate serial: 01941FFA82733A25AB6020B106FE45C547B8
Authority key identifier: 34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/rzrW1TWZL4bnPJ-nB128HmDlFaY.roa
Signing time: Wed 01 Jan 2025 03:48:18 +0000
ROA not before: Wed 01 Jan 2025 03:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8449
IP address blocks: 5.57.8.0/21 maxlen: 24
31.192.248.0/21 maxlen: 24
31.192.249.0/24 maxlen: 24
77.95.56.0/21 maxlen: 24
94.143.192.0/21 maxlen: 24
185.54.252.0/22 maxlen: 24
212.42.96.0/19 maxlen: 24
2a00:7160::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:82:73:3a:25:ab:60:20:b1:06:fe:45:c5:47:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Validity
Not Before: Jan 1 03:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af3ad6d535992f86e73c9fa7075dbc1e60e515a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:dc:3c:b0:48:0c:02:40:90:8e:db:bb:ef:df:
68:c7:5c:f5:53:c3:0c:2a:03:4f:3d:48:a6:29:59:
99:79:0b:32:a5:f1:37:1e:d8:92:79:cb:bb:fb:9c:
b8:7d:c1:45:50:d3:f9:0d:79:7d:63:51:6d:8e:5d:
a5:f3:d5:14:ec:61:0f:87:82:d6:11:a3:ec:b3:4b:
30:41:31:d3:28:17:29:ac:b1:37:04:80:8b:eb:0a:
cb:98:60:c2:08:b5:80:6a:5f:45:0d:c9:26:8f:d4:
27:ac:db:45:33:fb:ca:e8:01:c0:b8:31:b9:51:e8:
dd:cd:b0:38:cb:69:be:c2:c1:63:25:a6:66:e8:83:
66:03:21:32:b5:33:96:92:51:db:a1:7a:37:74:80:
73:34:d5:4c:5a:4d:10:84:d0:ac:9b:31:35:d0:ec:
c0:5b:b1:79:7b:27:bd:d9:da:26:41:15:72:5d:40:
cc:14:a0:3d:09:9e:a9:eb:35:17:ed:fc:c8:26:86:
db:59:57:bc:67:29:5e:3f:3c:4e:74:b4:ac:ff:1e:
c2:d4:29:4b:81:a2:52:62:b6:3f:b6:ec:42:df:68:
fc:f2:c2:e9:c8:4e:8e:94:09:2a:80:61:98:e9:44:
f8:e2:99:23:43:73:22:66:cd:bb:d2:5e:f4:ee:d9:
ca:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3A:D6:D5:35:99:2F:86:E7:3C:9F:A7:07:5D:BC:1E:60:E5:15:A6
X509v3 Authority Key Identifier:
keyid:34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/rzrW1TWZL4bnPJ-nB128HmDlFaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/NAd7QemIc-fwb7HfP105xyGxND8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.8.0/21
31.192.248.0/21
77.95.56.0/21
94.143.192.0/21
185.54.252.0/22
212.42.96.0/19
IPv6:
2a00:7160::/32
Signature Algorithm: sha256WithRSAEncryption
73:af:12:87:1a:0b:12:48:6e:45:9e:c4:ae:ee:7c:85:f5:72:
a3:18:45:75:2d:88:44:2a:b4:53:02:b2:c9:b0:98:eb:a5:fa:
b6:eb:88:2c:c0:3c:9a:d7:df:19:78:27:e0:a1:51:77:d9:c0:
d6:e6:8a:61:22:b6:a7:b4:b2:ab:f2:78:ad:21:6c:f3:71:62:
b2:35:8a:6a:09:d2:0d:60:b2:af:80:4d:be:60:b8:a0:ef:12:
dd:79:03:31:29:82:ba:77:3e:fa:7d:f9:fb:71:a6:3e:66:a3:
c1:e4:a3:2e:62:b2:62:26:e2:e8:53:19:f0:5c:10:06:a7:6d:
c4:69:5e:67:8b:45:1b:27:7c:a7:95:36:00:80:db:c3:6e:4f:
1e:36:dd:ce:1b:2e:46:f1:44:c7:81:87:93:46:b4:36:8c:c4:
c4:9b:c7:39:d7:b1:14:87:e3:bb:38:60:60:59:f0:0f:77:46:
dd:c5:66:5b:3c:3e:07:eb:1f:3f:8f:c5:b4:56:72:b6:99:31:
12:b7:08:21:95:b1:23:d0:1d:e4:64:5c:50:f4:8c:6a:19:86:
1a:6c:37:60:02:fb:c9:0d:fc:01:3c:13:93:8e:51:7e:a2:4a:
dd:80:af:b9:00:3f:3f:eb:4f:9a:fc:c7:72:e5:69:02:b1:a9:
c3:38:f7:97
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQf+oJzOiWrYCCxBv5FxUe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDc3YjQxZTk4ODczZTdmMDZmYjFkZjNmNWQzOWM3MjFi
MTM0M2YwHhcNMjUwMTAxMDM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjNhZDZkNTM1OTkyZjg2ZTczYzlmYTcwNzVkYmMxZTYwZTUxNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtw8sEgMAkCQjtu7799ox1z1U8MM
KgNPPUimKVmZeQsypfE3HtiSecu7+5y4fcFFUNP5DXl9Y1Ftjl2l89UU7GEPh4LW
EaPss0swQTHTKBcprLE3BICL6wrLmGDCCLWAal9FDckmj9QnrNtFM/vK6AHAuDG5
UejdzbA4y2m+wsFjJaZm6INmAyEytTOWklHboXo3dIBzNNVMWk0QhNCsmzE10OzA
W7F5eye92domQRVyXUDMFKA9CZ6p6zUX7fzIJobbWVe8ZylePzxOdLSs/x7C1ClL
gaJSYrY/tuxC32j88sLpyE6OlAkqgGGY6UT44pkjQ3MiZs270l707tnKhQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFK861tU1mS+G5zyfpwddvB5g5RWmMB8GA1UdIwQY
MBaAFDQHe0HpiHPn8G+x3z9dOcchsTQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFkN1FlbUljLWZ3YjdIZlAxMDV4eUd4TkQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC80NDg4MDAtODI5ZS00YjdhLTkyYzQt
Y2I3Y2JjYTdjMWUwLzEvcnpyVzFUV1pMNGJuUEotbkIxMjhIbURsRmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC80NDg4MDAtODI5ZS00YjdhLTkyYzQtY2I3Y2JjYTdjMWUw
LzEvTkFkN1FlbUljLWZ3YjdIZlAxMDV4eUd4TkQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBTkIAwQD
H8D4AwQDTV84AwQDXo/AAwQCuTb8AwQF1CpgMA0EAgACMAcDBQAqAHFgMA0GCSqG
SIb3DQEBCwUAA4IBAQBzrxKHGgsSSG5FnsSu7nyF9XKjGEV1LYhEKrRTArLJsJjr
pfq264gswDya198ZeCfgoVF32cDW5ophIrantLKr8nitIWzzcWKyNYpqCdINYLKv
gE2+YLig7xLdeQMxKYK6dz76ffn7caY+ZqPB5KMuYrJiJuLoUxnwXBAGp23EaV5n
i0UbJ3ynlTYAgNvDbk8eNt3OGy5G8UTHgYeTRrQ2jMTEm8c517EUh+O7OGBgWfAP
d0bdxWZbPD4H6x8/j8W0VnK2mTEStwghlbEj0B3kZFxQ9IxqGYYabDdgAvvJDfwB
PBOTjlF+okrdgK+5AD8/60+a/Mdy5WkCsanDOPeX
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:55 2025 by rpki-client