Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/ZIjzIbrsE0fjciKS7ztFE5h_ymg.roa
File: ZIjzIbrsE0fjciKS7ztFE5h_ymg.roa (raw, json)
Hash identifier: +6uGgiN5IKj7TkRsW0EVmnIVZJJcPhtDLMp/IRECxEI=
Subject key identifier: 64:88:F3:21:BA:EC:13:47:E3:72:22:92:EF:3B:45:13:98:7F:CA:68
Certificate issuer: /CN=5c9f01985a3f410f92370d6600a14ee783b044e9
Certificate serial: 018292A8F643886F09FF778CD576938853D8
Authority key identifier: 5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/ZIjzIbrsE0fjciKS7ztFE5h_ymg.roa
Signing time: Fri 12 Aug 2022 15:25:22 +0000
ROA not before: Fri 12 Aug 2022 15:25:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31242
IP address blocks: 84.205.176.0/22 maxlen: 24
89.25.128.0/17 maxlen: 24
84.205.186.0/24 maxlen: 24
119.12.28.0/22 maxlen: 24
93.179.192.0/18 maxlen: 24
193.106.244.0/22 maxlen: 24
31.172.176.0/20 maxlen: 24
213.179.72.0/22 maxlen: 24
85.14.64.0/18 maxlen: 24
188.117.128.0/18 maxlen: 24
194.150.96.0/22 maxlen: 24
91.90.176.0/20 maxlen: 24
195.242.69.0/24 maxlen: 24
2a00:13a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:92:a8:f6:43:88:6f:09:ff:77:8c:d5:76:93:88:53:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c9f01985a3f410f92370d6600a14ee783b044e9
Validity
Not Before: Aug 12 15:25:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6488f321baec1347e3722292ef3b4513987fca68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b7:cc:fd:85:bc:f5:87:52:a7:0d:48:c0:ee:
82:78:ae:87:00:58:12:5b:83:1f:f4:3d:43:57:72:
8f:79:0d:2a:ec:a1:a0:ff:d8:d7:1f:6b:5a:77:de:
46:64:9a:6f:10:98:c2:f2:e7:60:33:66:8a:94:bb:
1e:e5:27:0f:5f:d7:a2:d9:30:2e:9a:ea:68:a7:06:
e6:30:3e:e9:55:ca:89:68:bf:63:0c:9b:f6:87:51:
35:7a:3f:7f:84:a6:4c:2a:b5:10:a5:c1:6a:dc:60:
35:2d:8f:8e:af:38:8d:ab:c6:2e:f5:82:e4:22:2a:
8f:9f:43:a4:aa:6f:ef:4c:d6:1d:3a:df:99:db:c3:
4d:d9:3d:67:63:d7:15:0f:7c:1b:27:cf:c4:e6:e0:
d4:27:cb:9e:65:91:cd:3d:5a:14:02:24:6b:72:74:
67:c6:d6:94:42:ed:db:7f:f9:a6:db:3b:d7:82:ac:
15:6b:6d:9c:b9:69:ae:ad:36:52:31:56:e3:8f:ff:
8c:00:e1:02:f8:2f:f1:1b:67:bb:28:dd:bc:a1:d4:
95:71:3f:ba:20:0a:fe:85:b8:8c:cd:74:a4:86:62:
3b:82:af:9d:21:dd:4f:ac:8a:55:ea:e5:01:8b:d3:
45:99:24:ef:71:42:d4:8a:04:f4:e3:cf:1e:68:11:
5d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:88:F3:21:BA:EC:13:47:E3:72:22:92:EF:3B:45:13:98:7F:CA:68
X509v3 Authority Key Identifier:
keyid:5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/ZIjzIbrsE0fjciKS7ztFE5h_ymg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/XJ8BmFo_QQ-SNw1mAKFO54OwROk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.176.0/20
84.205.176.0/22
84.205.186.0/24
85.14.64.0/18
89.25.128.0/17
91.90.176.0/20
93.179.192.0/18
119.12.28.0/22
188.117.128.0/18
193.106.244.0/22
194.150.96.0/22
195.242.69.0/24
213.179.72.0/22
IPv6:
2a00:13a0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:3a:af:4f:11:14:68:62:d3:ab:7d:15:f3:45:5e:ac:1d:dd:
e7:41:cf:69:5d:fa:77:c5:ad:71:ff:29:3e:4e:56:6d:22:23:
19:2e:9a:a0:9e:a4:1a:f6:7f:45:ce:fa:58:66:b9:a8:e2:0e:
97:3d:0b:b9:b5:59:24:4b:b3:a1:b6:52:73:7b:cb:6b:65:59:
be:08:a0:9a:f6:65:30:8b:57:c1:6b:61:98:5b:b8:60:48:d4:
39:fa:22:11:9d:14:e5:ee:03:4c:0a:c4:4b:96:da:53:38:3a:
e0:67:e2:c6:26:3e:ff:7d:00:b7:12:c5:bc:d9:c7:31:d2:c3:
8d:a8:d8:58:53:77:0e:73:b7:99:51:28:0f:2f:0d:79:eb:54:
3f:fb:63:75:dc:df:e0:f4:09:3e:ef:45:d3:f1:5c:24:77:4c:
07:5a:1a:e6:7b:97:e1:6a:16:34:e8:66:dd:1a:bb:00:7a:51:
d7:90:e5:8d:4d:36:2f:b9:0a:cc:46:f2:9e:27:0c:30:22:0a:
50:bd:44:86:4f:60:b3:bb:f6:59:41:e3:0a:32:89:fc:c3:1c:
b5:fa:57:6b:7d:e7:47:6e:1a:8b:11:21:1d:56:6e:23:cb:47:
91:01:35:26:33:59:02:08:fb:10:c2:c5:53:b2:a5:c2:77:43:
59:bd:fa:18
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYKSqPZDiG8J/3eM1XaTiFPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjOWYwMTk4NWEzZjQxMGY5MjM3MGQ2NjAwYTE0ZWU3ODNi
MDQ0ZTkwHhcNMjIwODEyMTUyNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg4ZjMyMWJhZWMxMzQ3ZTM3MjIyOTJlZjNiNDUxMzk4N2ZjYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbfM/YW89YdSpw1IwO6CeK6HAFgS
W4Mf9D1DV3KPeQ0q7KGg/9jXH2tad95GZJpvEJjC8udgM2aKlLse5ScPX9ei2TAu
mupopwbmMD7pVcqJaL9jDJv2h1E1ej9/hKZMKrUQpcFq3GA1LY+OrziNq8Yu9YLk
IiqPn0Okqm/vTNYdOt+Z28NN2T1nY9cVD3wbJ8/E5uDUJ8ueZZHNPVoUAiRrcnRn
xtaUQu3bf/mm2zvXgqwVa22cuWmurTZSMVbjj/+MAOEC+C/xG2e7KN28odSVcT+6
IAr+hbiMzXSkhmI7gq+dId1PrIpV6uUBi9NFmSTvcULUigT0488eaBFdMQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFGSI8yG67BNH43Iiku87RROYf8poMB8GA1UdIwQY
MBaAFFyfAZhaP0EPkjcNZgChTueDsETpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEo4Qm1Gb19RUS1TTncxbUFLRk81NE93Uk9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83OWZiMDAtOGQ1MS00NzEyLTkyOWEt
OGNmYjJlNzNmNzBkLzEvWklqeklicnNFMGZqY2lLUzd6dEZFNWhfeW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83OWZiMDAtOGQ1MS00NzEyLTkyOWEtOGNmYjJlNzNmNzBk
LzEvWEo4Qm1Gb19RUS1TTncxbUFLRk81NE93Uk9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQEH6ywAwQC
VM2wAwQAVM26AwQGVQ5AAwQHWRmAAwQEW1qwAwQGXbPAAwQCdwwcAwQGvHWAAwQC
wWr0AwQCwpZgAwQAw/JFAwQC1bNIMA0EAgACMAcDBQAqABOgMA0GCSqGSIb3DQEB
CwUAA4IBAQAfOq9PERRoYtOrfRXzRV6sHd3nQc9pXfp3xa1x/yk+TlZtIiMZLpqg
nqQa9n9FzvpYZrmo4g6XPQu5tVkkS7OhtlJze8trZVm+CKCa9mUwi1fBa2GYW7hg
SNQ5+iIRnRTl7gNMCsRLltpTODrgZ+LGJj7/fQC3EsW82ccx0sONqNhYU3cOc7eZ
USgPLw1561Q/+2N13N/g9Ak+70XT8Vwkd0wHWhrme5fhahY06GbdGrsAelHXkOWN
TTYvuQrMRvKeJwwwIgpQvUSGT2Czu/ZZQeMKMon8wxy1+ldrfedHbhqLESEdVm4j
y0eRATUmM1kCCPsQwsVTsqXCd0NZvfoY
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:44 2025 by rpki-client