Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/Zx1ClAMUuD9lyG7YgRP_om-ZEYI.roa
File: Zx1ClAMUuD9lyG7YgRP_om-ZEYI.roa (raw, json)
Hash identifier: gbBcl06UfQ1+hxbFp7K2ZbQwEqAaFU9l3RdaNWVj9Fw=
Subject key identifier: 67:1D:42:94:03:14:B8:3F:65:C8:6E:D8:81:13:FF:A2:6F:99:11:82
Certificate issuer: /CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Certificate serial: 019427B66D692426AD80B238F2398098CBB0
Authority key identifier: A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/Zx1ClAMUuD9lyG7YgRP_om-ZEYI.roa
Signing time: Thu 02 Jan 2025 15:50:54 +0000
ROA not before: Thu 02 Jan 2025 15:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8473
IP address blocks: 5.150.192.0/18 maxlen: 18
37.123.128.0/18 maxlen: 18
46.59.0.0/17 maxlen: 17
62.63.192.0/18 maxlen: 18
79.136.0.0/17 maxlen: 17
81.170.128.0/17 maxlen: 17
82.196.96.0/19 maxlen: 19
85.24.128.0/17 maxlen: 17
91.132.176.0/22 maxlen: 22
94.254.0.0/17 maxlen: 17
98.128.0.0/16 maxlen: 16
109.228.128.0/18 maxlen: 18
176.10.128.0/17 maxlen: 17
178.174.128.0/17 maxlen: 17
185.9.60.0/22 maxlen: 22
185.57.4.0/22 maxlen: 22
185.90.176.0/22 maxlen: 22
195.178.160.0/19 maxlen: 19
212.85.64.0/19 maxlen: 19
212.116.64.0/19 maxlen: 19
213.80.96.0/19 maxlen: 19
213.80.120.0/24 maxlen: 24
213.80.125.0/24 maxlen: 24
213.136.32.0/19 maxlen: 19
213.164.192.0/19 maxlen: 19
217.27.160.0/19 maxlen: 19
217.27.164.0/23 maxlen: 23
217.31.160.0/19 maxlen: 19
2001:9b0::/29 maxlen: 29
2001:9b0::/32 maxlen: 32
2001:9b2::/34 maxlen: 34
2001:9b2:4000::/34 maxlen: 34
2a02:508::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:6d:69:24:26:ad:80:b2:38:f2:39:80:98:cb:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Validity
Not Before: Jan 2 15:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=671d42940314b83f65c86ed88113ffa26f991182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:57:3b:8d:ea:ff:05:ae:88:66:ea:ef:e6:9c:
ed:d0:2f:6e:64:09:87:c8:a8:4e:8c:9d:af:0d:1f:
cc:13:55:c8:05:dc:5a:36:04:3e:17:a5:92:3c:ba:
46:72:63:63:7a:af:02:25:60:93:6a:f2:43:33:97:
66:76:9e:78:de:63:1f:7b:0c:e9:32:1d:7b:6b:1c:
19:17:86:18:cf:28:4a:c1:e5:73:fa:ea:c5:e1:6a:
b8:6b:29:db:f8:c5:26:35:50:5b:95:c4:14:e2:e8:
e7:87:f9:61:46:00:a8:e7:d3:a9:70:4e:b2:62:c1:
4a:a0:02:0b:3b:ec:6d:01:85:16:ef:8f:6f:f9:c1:
de:88:51:49:8b:e5:f7:23:3c:e1:b3:e6:50:e6:57:
dd:d0:0c:e0:65:b9:97:a7:d0:ac:32:7b:8c:3b:d2:
e0:f5:f9:f3:68:aa:e3:be:3f:eb:b8:30:41:94:de:
ca:aa:84:64:fe:64:3f:6e:a8:a9:aa:ff:61:8a:67:
92:bd:98:ac:08:f7:b3:4a:24:32:15:c1:ae:ec:6f:
d2:f2:4a:33:b8:0b:13:c0:b3:b7:d7:88:f3:19:4e:
e1:a8:04:1c:a8:1a:01:fb:e7:a8:75:37:f1:98:a0:
47:df:b3:cf:3d:73:c2:7c:ef:4e:2e:45:89:75:5f:
48:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1D:42:94:03:14:B8:3F:65:C8:6E:D8:81:13:FF:A2:6F:99:11:82
X509v3 Authority Key Identifier:
keyid:A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/Zx1ClAMUuD9lyG7YgRP_om-ZEYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.192.0/18
37.123.128.0/18
46.59.0.0/17
62.63.192.0/18
79.136.0.0/17
81.170.128.0/17
82.196.96.0/19
85.24.128.0/17
91.132.176.0/22
94.254.0.0/17
98.128.0.0/16
109.228.128.0/18
176.10.128.0/17
178.174.128.0/17
185.9.60.0/22
185.57.4.0/22
185.90.176.0/22
195.178.160.0/19
212.85.64.0/19
212.116.64.0/19
213.80.96.0/19
213.136.32.0/19
213.164.192.0/19
217.27.160.0/19
217.31.160.0/19
IPv6:
2001:9b0::/29
2a02:508::/29
Signature Algorithm: sha256WithRSAEncryption
45:5d:bd:0c:0c:11:f2:82:2c:58:0e:a2:3a:93:85:4a:c0:44:
27:b7:d5:28:fe:64:0a:a3:1a:d3:76:0c:ea:5f:e0:0e:66:34:
44:e5:30:c4:6c:f3:63:d3:77:90:2b:99:97:48:13:be:6b:81:
14:ba:2c:d8:32:ab:6c:38:64:27:75:d4:9e:1c:e4:ec:1d:f5:
29:14:08:34:bc:76:e2:14:c5:d5:b0:8c:82:5d:6b:dc:46:f6:
68:18:d3:2d:d4:01:b3:5f:3c:1a:5f:d5:17:18:76:35:18:30:
d8:66:29:94:63:a2:be:7b:4e:ac:91:68:e9:33:c1:41:9a:b6:
bb:35:5b:95:4b:b8:24:65:2f:a8:c1:f0:44:e6:e6:73:14:85:
13:01:ca:e4:85:dc:bd:21:9a:58:68:1c:6f:78:89:bc:bc:87:
50:11:b2:f9:84:89:ac:39:ae:cc:c0:6a:6b:65:df:82:06:2e:
7b:63:f8:66:32:a5:c5:d0:bd:33:9c:01:6d:ae:bf:db:76:0a:
9b:4b:24:97:fc:b8:f2:4d:f3:05:49:29:f6:1f:a4:1f:1d:af:
28:51:85:6b:fd:a6:5b:1e:0f:b4:c7:99:43:61:94:3e:c7:ab:
7a:97:5c:97:c4:01:c0:9e:a8:ea:3a:ee:b5:b2:25:ef:2a:b1:
fc:86:cc:34
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZQntm1pJCatgLI48jmAmMuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjJmMjI5ZWRjMmYzMTRhMmZhNWVmMGQ3YWYxZGRkYjQ5
OWVhMzEwHhcNMjUwMTAyMTU1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFkNDI5NDAzMTRiODNmNjVjODZlZDg4MTEzZmZhMjZmOTkxMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFc7jer/Ba6IZurv5pzt0C9uZAmH
yKhOjJ2vDR/ME1XIBdxaNgQ+F6WSPLpGcmNjeq8CJWCTavJDM5dmdp543mMfewzp
Mh17axwZF4YYzyhKweVz+urF4Wq4aynb+MUmNVBblcQU4ujnh/lhRgCo59OpcE6y
YsFKoAILO+xtAYUW749v+cHeiFFJi+X3Izzhs+ZQ5lfd0AzgZbmXp9CsMnuMO9Lg
9fnzaKrjvj/ruDBBlN7KqoRk/mQ/bqipqv9himeSvZisCPezSiQyFcGu7G/S8koz
uAsTwLO314jzGU7hqAQcqBoB++eodTfxmKBH37PPPXPCfO9OLkWJdV9IxwIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFGcdQpQDFLg/Zchu2IET/6JvmRGCMB8GA1UdIwQY
MBaAFKMi8intwvMUovpe8NevHd20meoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgt
NjVmODI0N2ZmYTkxLzEvWngxQ2xBTVV1RDlseUc3WWdSUF9vbS1aRVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgtNjVmODI0N2ZmYTkx
LzEvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBnAQCAAEwgZUDBAYF
lsADBAYle4ADBAcuOwADBAY+P8ADBAdPiAADBAdRqoADBAVSxGADBAdVGIADBAJb
hLADBAde/gADAwBigAMEBm3kgAMEB7AKgAMEB7KugAMEArkJPAMEArk5BAMEArla
sAMEBcOyoAMEBdRVQAMEBdR0QAMEBdVQYAMEBdWIIAMEBdWkwAMEBdkboAMEBdkf
oDAUBAIAAjAOAwUDIAEJsAMFAyoCBQgwDQYJKoZIhvcNAQELBQADggEBAEVdvQwM
EfKCLFgOojqThUrARCe31Sj+ZAqjGtN2DOpf4A5mNETlMMRs82PTd5ArmZdIE75r
gRS6LNgyq2w4ZCd11J4c5Owd9SkUCDS8duIUxdWwjIJda9xG9mgY0y3UAbNfPBpf
1RcYdjUYMNhmKZRjor57TqyRaOkzwUGatrs1W5VLuCRlL6jB8ETm5nMUhRMByuSF
3L0hmlhoHG94iby8h1ARsvmEiaw5rszAamtl34IGLntj+GYypcXQvTOcAW2uv9t2
CptLJJf8uPJN8wVJKfYfpB8dryhRhWv9plseD7THmUNhlD7Hq3qXXJfEAcCeqOo6
7rWyJe8qsfyGzDQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:07:12 2025 by rpki-client