Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/GQpZM-fB0ZkxzCRMqCw0f9N7tyU.roa
File: GQpZM-fB0ZkxzCRMqCw0f9N7tyU.roa (raw, json)
Hash identifier: KTppITpJ7wsyB8SXrbAMqiKKxUwVykbBRMICRs5VO4A=
Subject key identifier: 19:0A:59:33:E7:C1:D1:99:31:CC:24:4C:A8:2C:34:7F:D3:7B:B7:25
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0194F5AADAD3A74AD973627CFC11604C6605
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/GQpZM-fB0ZkxzCRMqCw0f9N7tyU.roa
Signing time: Tue 11 Feb 2025 15:40:02 +0000
ROA not before: Tue 11 Feb 2025 15:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15626
IP address blocks: 171.33.241.0/24 maxlen: 24
185.253.0.0/24 maxlen: 24
195.28.182.0/23 maxlen: 23
2001:67c:2f6c::/48 maxlen: 48
2a0a:8c46::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f5:aa:da:d3:a7:4a:d9:73:62:7c:fc:11:60:4c:66:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Feb 11 15:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=190a5933e7c1d19931cc244ca82c347fd37bb725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:8e:71:b7:eb:0f:10:b1:da:44:3a:6b:dd:
fa:c7:fe:17:5d:28:61:12:e1:b5:de:e5:a3:99:fd:
30:fc:e2:75:35:99:ac:b9:53:c6:54:cc:99:5a:3d:
15:75:ae:51:71:95:9c:43:64:f0:86:87:eb:d8:68:
e8:fb:91:40:da:5a:73:31:ed:e6:05:e7:43:b8:d3:
77:ec:58:15:c0:a6:94:18:1b:bb:e3:c0:59:78:ee:
15:d3:d1:31:d2:d7:3d:04:fb:ba:a0:9f:7f:f9:2c:
5f:23:aa:85:ac:82:e2:2c:98:20:90:f4:1b:50:df:
32:64:66:f5:d5:89:17:e7:4c:1b:b8:b5:28:62:79:
ee:d0:77:d3:38:69:88:c2:16:81:d3:2d:cb:45:0b:
aa:06:5b:a7:1e:fc:01:12:a3:95:14:e6:44:cd:bd:
08:43:ca:9e:f4:e7:15:da:ea:ca:3e:d0:d7:c3:7b:
ed:ae:24:74:b2:85:99:58:d4:1c:5f:28:16:1b:54:
e5:78:cb:4a:3e:85:b0:36:11:67:cd:2f:71:08:56:
ef:d4:6f:1e:85:d8:5d:a0:31:dd:58:0d:82:f7:7d:
d0:46:e8:b8:03:f7:c1:14:98:2b:69:41:70:2d:9b:
1e:9d:aa:94:31:a7:f3:05:ae:ac:6d:b4:27:e1:1c:
97:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0A:59:33:E7:C1:D1:99:31:CC:24:4C:A8:2C:34:7F:D3:7B:B7:25
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/GQpZM-fB0ZkxzCRMqCw0f9N7tyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.241.0/24
185.253.0.0/24
195.28.182.0/23
IPv6:
2001:67c:2f6c::/48
2a0a:8c46::/32
Signature Algorithm: sha256WithRSAEncryption
3d:ff:2e:0a:06:e7:3c:5b:da:29:89:e1:72:43:e2:e7:bb:7e:
f0:ad:d5:13:db:de:e2:8f:8a:cb:9a:17:30:f0:30:98:76:f9:
41:36:02:03:54:ab:19:e4:f6:7d:f8:35:5a:a5:77:e9:07:31:
fa:ec:0c:a5:b2:11:72:bc:e7:26:b3:e3:fb:ec:72:97:92:6a:
81:a2:83:a5:f7:95:74:6f:23:ce:af:56:f8:7b:8a:cb:9b:a2:
69:ec:50:18:72:c9:6a:0e:8f:ae:16:82:48:13:d2:a3:4a:5e:
b3:c6:23:5d:b8:af:e8:43:e0:c1:1f:45:6e:8b:67:ec:01:2a:
06:d7:c7:fb:d5:17:47:0f:66:50:1f:44:88:24:a5:e3:a1:3a:
48:fe:c1:b1:a7:39:95:3c:fb:b7:be:65:c1:9e:53:02:e1:80:
fc:01:a0:aa:bf:c3:a4:48:dc:8e:34:5b:bb:8d:be:04:c7:3f:
e9:8b:f3:75:86:83:1a:6b:85:ed:ab:f8:14:ee:21:01:7e:66:
e4:5e:13:a8:1b:80:eb:92:6e:4c:c1:f6:d1:10:48:b5:30:a1:
e9:00:a3:d8:31:70:b0:1e:df:90:0a:fd:21:12:06:43:50:be:
17:9e:7a:c1:79:5a:b5:15:df:b8:61:6e:8b:eb:9c:c5:ad:5b:
bf:45:24:7c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZT1qtrTp0rZc2J8/BFgTGYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjUwMjExMTU0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBhNTkzM2U3YzFkMTk5MzFjYzI0NGNhODJjMzQ3ZmQzN2JiNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPaOcbfrDxCx2kQ6a936x/4XXShh
EuG13uWjmf0w/OJ1NZmsuVPGVMyZWj0Vda5RcZWcQ2Twhofr2Gjo+5FA2lpzMe3m
BedDuNN37FgVwKaUGBu748BZeO4V09Ex0tc9BPu6oJ9/+SxfI6qFrILiLJggkPQb
UN8yZGb11YkX50wbuLUoYnnu0HfTOGmIwhaB0y3LRQuqBlunHvwBEqOVFOZEzb0I
Q8qe9OcV2urKPtDXw3vtriR0soWZWNQcXygWG1TleMtKPoWwNhFnzS9xCFbv1G8e
hdhdoDHdWA2C933QRui4A/fBFJgraUFwLZsenaqUMafzBa6sbbQn4RyX6QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBkKWTPnwdGZMcwkTKgsNH/Te7clMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvR1FwWk0tZkIwWmt4ekNSTXFDdzBmOU43dHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQAqyHxAwQA
uf0AAwQBwxy2MBYEAgACMBADBwAgAQZ8L2wDBQAqCoxGMA0GCSqGSIb3DQEBCwUA
A4IBAQA9/y4KBuc8W9opieFyQ+Lnu37wrdUT297ij4rLmhcw8DCYdvlBNgIDVKsZ
5PZ9+DVapXfpBzH67AylshFyvOcms+P77HKXkmqBooOl95V0byPOr1b4e4rLm6Jp
7FAYcslqDo+uFoJIE9KjSl6zxiNduK/oQ+DBH0Vui2fsASoG18f71RdHD2ZQH0SI
JKXjoTpI/sGxpzmVPPu3vmXBnlMC4YD8AaCqv8OkSNyONFu7jb4Exz/pi/N1hoMa
a4Xtq/gU7iEBfmbkXhOoG4Drkm5MwfbREEi1MKHpAKPYMXCwHt+QCv0hEgZDUL4X
nnrBeVq1Fd+4YW6L65zFrVu/RSR8
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:37:17 2025 by rpki-client