Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/zfrrSPai7VqsGqCR0vIsDss3ILs.roa
File: zfrrSPai7VqsGqCR0vIsDss3ILs.roa (raw, json)
Hash identifier: ekNLdp7eYBFrJNMwC5SKnJJD9pKoxzeOsB6pt0u/Kck=
Subject key identifier: CD:FA:EB:48:F6:A2:ED:5A:AC:1A:A0:91:D2:F2:2C:0E:CB:37:20:BB
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0194ED670AFD50CD16B87FF1BB8BF93F190C
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/zfrrSPai7VqsGqCR0vIsDss3ILs.roa
Signing time: Mon 10 Feb 2025 01:09:00 +0000
ROA not before: Mon 10 Feb 2025 01:09:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43357
IP address blocks: 45.130.20.0/22 maxlen: 32
45.147.50.0/24 maxlen: 32
45.147.51.0/24 maxlen: 32
80.66.198.0/24 maxlen: 32
92.60.40.0/24 maxlen: 24
176.113.68.0/24 maxlen: 32
176.113.69.0/24 maxlen: 32
185.184.220.0/24 maxlen: 32
185.184.222.0/24 maxlen: 32
185.194.52.0/22 maxlen: 24
185.248.85.0/24 maxlen: 24
185.254.75.0/24 maxlen: 32
194.36.25.0/24 maxlen: 24
2a03:d9c0:3000::/48 maxlen: 48
2a03:d9c0:3001::/48 maxlen: 128
2a07:fe00:1::/48 maxlen: 48
2a09:7:2007::/48 maxlen: 48
2a0b:89c1:3::/48 maxlen: 48
2a0c:59c0:18::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ed:67:0a:fd:50:cd:16:b8:7f:f1:bb:8b:f9:3f:19:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Feb 10 01:09:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdfaeb48f6a2ed5aac1aa091d2f22c0ecb3720bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:05:bc:7a:6f:44:6f:69:52:1c:ab:7d:16:11:
26:e2:e8:44:74:a5:16:12:0d:3c:ce:a3:e7:63:4c:
89:13:ba:fe:91:23:c8:80:fd:d4:ed:49:a6:ec:4b:
5c:d1:5a:85:99:ff:e2:5f:44:1d:fd:11:1b:0e:0a:
d8:d9:2c:a3:bb:d2:94:7e:42:ad:7a:7f:46:64:9a:
0b:dd:88:e2:e5:93:51:fa:3a:ae:2d:d4:c7:30:4d:
98:24:d5:ed:1f:cd:e9:aa:c6:69:be:de:ef:39:78:
74:be:dd:16:d6:2e:0e:30:24:81:94:14:ea:2c:fe:
78:fc:bf:f5:0e:84:e5:92:c3:d9:e2:8f:31:fe:5c:
2c:32:b6:eb:e6:39:15:51:79:82:7f:b8:c2:0b:3d:
0c:94:80:fe:cc:7e:ad:a4:ed:6a:c9:1a:0d:be:1a:
42:31:f7:96:82:03:fc:34:72:e9:d8:87:28:64:07:
71:23:ef:11:aa:90:45:07:26:be:55:22:82:47:4f:
a7:15:37:5f:db:0e:fe:af:1f:60:bb:f9:67:98:b1:
6e:a8:18:47:43:62:d4:fc:c5:1f:02:fb:ee:c3:0b:
2d:7f:81:84:28:b6:63:7f:b6:5b:12:4d:69:0c:d4:
c3:2b:7f:57:76:15:76:a9:71:83:eb:d4:bb:0b:df:
72:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FA:EB:48:F6:A2:ED:5A:AC:1A:A0:91:D2:F2:2C:0E:CB:37:20:BB
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/zfrrSPai7VqsGqCR0vIsDss3ILs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.20.0/22
45.147.50.0/23
80.66.198.0/24
92.60.40.0/24
176.113.68.0/23
185.184.220.0/24
185.184.222.0/24
185.194.52.0/22
185.248.85.0/24
185.254.75.0/24
194.36.25.0/24
IPv6:
2a03:d9c0:3000::/47
2a07:fe00:1::/48
2a09:7:2007::/48
2a0b:89c1:3::/48
2a0c:59c0:18::/48
Signature Algorithm: sha256WithRSAEncryption
17:d9:8b:84:7b:06:a9:f3:08:97:ce:f7:b5:5e:8c:d9:9a:2a:
91:45:91:7d:77:06:3f:b3:ad:42:fb:4a:63:d8:2b:d6:43:b9:
04:a2:5c:97:7c:6f:34:fc:60:26:87:17:37:71:94:6f:95:07:
1f:d9:a7:52:61:a1:23:14:b5:bb:50:3c:4f:41:cc:f9:70:d3:
ef:66:53:71:60:24:98:8b:8d:99:a1:22:3a:6f:c2:b8:5b:71:
d1:5a:b7:a8:83:0d:04:e7:34:4e:0f:03:43:6b:e2:8a:f8:1c:
c3:f5:da:7b:f8:4b:7d:60:54:5f:bf:2e:87:d3:20:d7:ac:cb:
80:5c:fd:d6:8c:42:eb:a7:26:7a:f8:9a:b6:0b:60:1b:60:97:
5f:a5:ad:36:65:83:dc:5c:bd:70:29:72:c6:d3:f1:83:ad:57:
f9:24:43:4d:fa:b6:44:2c:fc:63:48:34:82:d4:66:86:5c:5a:
55:b5:7d:ac:a8:50:08:e1:34:aa:95:60:93:91:d1:b7:f2:07:
dc:4e:7f:d2:fd:be:d8:af:07:34:ed:28:b4:88:2c:69:c6:81:
f9:6c:53:41:cd:87:4b:65:c2:73:d4:9f:74:39:a0:66:02:5e:
22:5d:5a:10:99:ad:92:ee:e1:d5:02:6f:7a:37:cd:2d:50:4d:
7f:c6:27:d4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZTtZwr9UM0WuH/xu4v5PxkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMjEwMDEwOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGZhZWI0OGY2YTJlZDVhYWMxYWEwOTFkMmYyMmMwZWNiMzcyMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQW8em9Eb2lSHKt9FhEm4uhEdKUW
Eg08zqPnY0yJE7r+kSPIgP3U7Umm7Etc0VqFmf/iX0Qd/REbDgrY2Syju9KUfkKt
en9GZJoL3Yji5ZNR+jquLdTHME2YJNXtH83pqsZpvt7vOXh0vt0W1i4OMCSBlBTq
LP54/L/1DoTlksPZ4o8x/lwsMrbr5jkVUXmCf7jCCz0MlID+zH6tpO1qyRoNvhpC
MfeWggP8NHLp2IcoZAdxI+8RqpBFBya+VSKCR0+nFTdf2w7+rx9gu/lnmLFuqBhH
Q2LU/MUfAvvuwwstf4GEKLZjf7ZbEk1pDNTDK39XdhV2qXGD69S7C99y3QIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFM3660j2ou1arBqgkdLyLA7LNyC7MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvemZyclNQYWk3VnFzR3FDUjB2SXNEc3MzSUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MEgEAgABMEIDBAItghQD
BAEtkzIDBABQQsYDBABcPCgDBAGwcUQDBAC5uNwDBAC5uN4DBAK5wjQDBAC5+FUD
BAC5/ksDBADCJBkwMwQCAAIwLQMHASoD2cAwAAMHACoH/gAAAQMHACoJAAcgBwMH
ACoLicEAAwMHACoMWcAAGDANBgkqhkiG9w0BAQsFAAOCAQEAF9mLhHsGqfMIl873
tV6M2ZoqkUWRfXcGP7OtQvtKY9gr1kO5BKJcl3xvNPxgJocXN3GUb5UHH9mnUmGh
IxS1u1A8T0HM+XDT72ZTcWAkmIuNmaEiOm/CuFtx0Vq3qIMNBOc0Tg8DQ2viivgc
w/Xae/hLfWBUX78uh9Mg16zLgFz91oxC66cmeviatgtgG2CXX6WtNmWD3Fy9cCly
xtPxg61X+SRDTfq2RCz8Y0g0gtRmhlxaVbV9rKhQCOE0qpVgk5HRt/IH3E5/0v2+
2K8HNO0otIgsacaB+WxTQc2HS2XCc9SfdDmgZgJeIl1aEJmtku7h1QJvejfNLVBN
f8Yn1A==
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:38:46 2025 by rpki-client