Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/PqAYbce5ZFtorWDJm1IoXprDpjE.roa
File: PqAYbce5ZFtorWDJm1IoXprDpjE.roa (raw, json)
Hash identifier: tbDVPuUEiQGmvMdLsr4Uj3a9EoVRDD7cfOnaPg9V/Lo=
Subject key identifier: 3E:A0:18:6D:C7:B9:64:5B:68:AD:60:C9:9B:52:28:5E:9A:C3:A6:31
Certificate issuer: /CN=1d4e959200aea8fb929158b73e8c0e69a88dc5e9
Certificate serial: 01942444AC51D301A399C7197075A513C16F
Authority key identifier: 1D:4E:95:92:00:AE:A8:FB:92:91:58:B7:3E:8C:0E:69:A8:8D:C5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HU6VkgCuqPuSkVi3PowOaaiNxek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/PqAYbce5ZFtorWDJm1IoXprDpjE.roa
Signing time: Wed 01 Jan 2025 23:47:47 +0000
ROA not before: Wed 01 Jan 2025 23:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62275
IP address blocks: 5.62.72.0/21 maxlen: 24
185.40.212.0/22 maxlen: 24
185.221.72.0/22 maxlen: 24
185.234.112.0/24 maxlen: 24
193.254.12.0/22 maxlen: 24
2a01:ab40::/29 maxlen: 48
2a04:8640::/29 maxlen: 29
2a0c:8000::/29 maxlen: 29
2a0c:e2c0::/29 maxlen: 29
2a10:acc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ac:51:d3:01:a3:99:c7:19:70:75:a5:13:c1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d4e959200aea8fb929158b73e8c0e69a88dc5e9
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ea0186dc7b9645b68ad60c99b52285e9ac3a631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:51:73:d0:69:cb:ca:9c:33:e2:fa:07:ae:89:
dc:f5:74:50:53:71:7f:0a:41:1b:3a:1c:0b:ce:9a:
01:da:5d:98:8a:38:43:35:e7:2a:dc:ea:7c:5e:ec:
c6:5e:e0:9d:a7:b1:d3:42:c0:de:be:62:5a:a6:9d:
92:64:c6:3f:88:5b:02:e4:3f:93:39:be:ad:78:1c:
f8:c3:72:8a:54:82:7d:cb:19:59:95:8e:02:b9:86:
6a:cd:6c:61:31:48:f4:0a:78:b7:8a:a2:b2:cd:47:
46:40:e0:72:2e:2f:ea:6b:02:04:b8:99:fd:2c:41:
46:e4:01:19:fe:0d:6b:5b:ca:af:61:27:2c:27:e6:
45:18:5f:ad:c5:18:bf:cf:ef:a2:fd:2e:69:9d:fd:
98:ea:3f:5c:c0:dd:bb:4f:3c:5e:12:e8:81:2c:76:
0b:1d:71:38:6d:05:59:23:6f:7c:0b:3d:cf:78:77:
7c:43:18:38:eb:27:3e:84:1c:dc:58:50:a3:78:b2:
8c:61:a8:92:6b:cd:b5:e4:e3:d6:ec:18:d0:7a:20:
bd:b9:ee:31:d4:5c:0c:64:32:53:51:60:fa:a9:4b:
fb:d2:ed:ca:84:4b:b4:85:e5:15:52:3e:af:43:43:
7d:e8:eb:89:44:9a:ce:fb:06:c0:98:90:6e:5b:92:
ec:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A0:18:6D:C7:B9:64:5B:68:AD:60:C9:9B:52:28:5E:9A:C3:A6:31
X509v3 Authority Key Identifier:
keyid:1D:4E:95:92:00:AE:A8:FB:92:91:58:B7:3E:8C:0E:69:A8:8D:C5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HU6VkgCuqPuSkVi3PowOaaiNxek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/PqAYbce5ZFtorWDJm1IoXprDpjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/HU6VkgCuqPuSkVi3PowOaaiNxek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.72.0/21
185.40.212.0/22
185.221.72.0/22
185.234.112.0/24
193.254.12.0/22
IPv6:
2a01:ab40::/29
2a04:8640::/29
2a0c:8000::/29
2a0c:e2c0::/29
2a10:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:3d:b3:f0:ec:69:43:dc:d0:c4:8e:ec:4c:94:74:1a:89:a1:
3e:f2:c6:59:03:df:c5:d6:10:51:f2:1d:18:2d:2d:c4:8c:66:
3d:14:50:28:c0:f5:5d:3a:66:04:76:62:c2:a5:7c:39:de:03:
3f:c0:5d:68:16:f8:76:c4:20:65:cc:56:a8:b5:f8:0e:11:89:
a8:da:99:a4:59:9f:f8:b0:82:0e:92:de:9c:6e:cf:aa:24:c4:
08:c7:e4:25:b0:a3:26:49:a7:a9:20:71:96:c1:99:a8:16:8a:
ef:55:bc:cb:cc:c6:6b:02:bb:39:73:c0:1d:6d:6a:37:f1:91:
16:87:0b:bc:64:b5:38:2b:ac:e4:4b:2f:1a:c2:74:d9:04:41:
e8:8d:8b:5d:6e:fa:b1:dd:6e:b3:6f:45:72:88:21:8b:4a:43:
06:7f:05:34:5f:ce:d1:05:61:98:eb:9a:91:f0:6e:c4:3c:97:
02:5a:a3:38:98:01:22:02:14:f2:21:35:23:f0:8a:f3:1b:4e:
bc:3e:b3:57:0e:46:81:06:5c:0b:de:5b:b7:db:16:31:f1:ff:
95:99:b4:24:15:5a:10:09:14:30:c8:ae:b6:93:7f:17:2a:51:
cb:fb:5b:d7:67:ab:8c:2e:36:89:71:e2:8b:a7:72:31:7d:8f:
5e:80:7d:39
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZQkRKxR0wGjmccZcHWlE8FvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNGU5NTkyMDBhZWE4ZmI5MjkxNThiNzNlOGMwZTY5YTg4
ZGM1ZTkwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWEwMTg2ZGM3Yjk2NDViNjhhZDYwYzk5YjUyMjg1ZTlhYzNhNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFFz0GnLypwz4voHronc9XRQU3F/
CkEbOhwLzpoB2l2YijhDNecq3Op8XuzGXuCdp7HTQsDevmJapp2SZMY/iFsC5D+T
Ob6teBz4w3KKVIJ9yxlZlY4CuYZqzWxhMUj0Cni3iqKyzUdGQOByLi/qawIEuJn9
LEFG5AEZ/g1rW8qvYScsJ+ZFGF+txRi/z++i/S5pnf2Y6j9cwN27TzxeEuiBLHYL
HXE4bQVZI298Cz3PeHd8Qxg46yc+hBzcWFCjeLKMYaiSa8215OPW7BjQeiC9ue4x
1FwMZDJTUWD6qUv70u3KhEu0heUVUj6vQ0N96OuJRJrO+wbAmJBuW5LsxwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFD6gGG3HuWRbaK1gyZtSKF6aw6YxMB8GA1UdIwQY
MBaAFB1OlZIArqj7kpFYtz6MDmmojcXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFU2VmtnQ3VxUHVTa1ZpM1Bvd09hYWlOeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wNGQzNjQtNTYwZi00YjM2LThmMmEt
MmI1MzZjZjdiODI1LzEvUHFBWWJjZTVaRnRvcldESm0xSW9YcHJEcGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wNGQzNjQtNTYwZi00YjM2LThmMmEtMmI1MzZjZjdiODI1
LzEvSFU2VmtnQ3VxUHVTa1ZpM1Bvd09hYWlOeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQDBT5IAwQC
uSjUAwQCud1IAwQAuepwAwQCwf4MMCkEAgACMCMDBQMqAatAAwUDKgSGQAMFAyoM
gAADBQMqDOLAAwUDKhCswDANBgkqhkiG9w0BAQsFAAOCAQEAsD2z8OxpQ9zQxI7s
TJR0GomhPvLGWQPfxdYQUfIdGC0txIxmPRRQKMD1XTpmBHZiwqV8Od4DP8BdaBb4
dsQgZcxWqLX4DhGJqNqZpFmf+LCCDpLenG7PqiTECMfkJbCjJkmnqSBxlsGZqBaK
71W8y8zGawK7OXPAHW1qN/GRFocLvGS1OCus5EsvGsJ02QRB6I2LXW76sd1us29F
coghi0pDBn8FNF/O0QVhmOuakfBuxDyXAlqjOJgBIgIU8iE1I/CK8xtOvD6zVw5G
gQZcC95bt9sWMfH/lZm0JBVaEAkUMMiutpN/FypRy/tb12erjC42iXHii6dyMX2P
XoB9OQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:52 2025 by rpki-client