Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/wZFu4QpysnhwXmeOGUITyXMUwX0.roa
File: wZFu4QpysnhwXmeOGUITyXMUwX0.roa (raw, json)
Hash identifier: QOtxU6F9cIhkUWQCjXiJMqMs2KZKsa3NYqiwbesvoyI=
Subject key identifier: C1:91:6E:E1:0A:72:B2:78:70:5E:67:8E:19:42:13:C9:73:14:C1:7D
Certificate issuer: /CN=5c9f01985a3f410f92370d6600a14ee783b044e9
Certificate serial: 0185719579FA2CBDA939AA49AC84A38F0310
Authority key identifier: 5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/wZFu4QpysnhwXmeOGUITyXMUwX0.roa
Signing time: Mon 02 Jan 2023 08:24:59 +0000
ROA not before: Mon 02 Jan 2023 08:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31242
IP address blocks: 84.205.176.0/22 maxlen: 24
89.25.128.0/17 maxlen: 24
84.205.186.0/24 maxlen: 24
119.12.28.0/22 maxlen: 24
93.179.192.0/18 maxlen: 24
193.106.244.0/22 maxlen: 24
31.172.176.0/20 maxlen: 24
213.179.72.0/22 maxlen: 24
85.14.64.0/18 maxlen: 24
188.117.128.0/18 maxlen: 24
194.150.96.0/22 maxlen: 24
91.90.176.0/20 maxlen: 24
195.242.69.0/24 maxlen: 24
2a00:13a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:79:fa:2c:bd:a9:39:aa:49:ac:84:a3:8f:03:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c9f01985a3f410f92370d6600a14ee783b044e9
Validity
Not Before: Jan 2 08:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1916ee10a72b278705e678e194213c97314c17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4b:da:62:04:71:f9:75:35:11:91:1e:ab:59:
f8:99:94:1c:79:a9:d1:63:da:bf:65:64:71:6e:81:
f5:60:8e:af:8a:3b:cf:c0:cb:76:0d:b2:6d:0f:77:
0f:d6:d0:bc:3d:28:98:aa:70:aa:38:48:6a:e3:6d:
0f:53:33:cc:e7:c3:b7:40:5d:4d:4d:06:a3:6f:1f:
a2:50:ff:dd:60:00:12:ad:c7:d2:50:7e:76:cf:a4:
1e:bd:ae:9e:fd:f9:ac:80:b0:35:a3:68:cb:60:56:
06:61:3f:1f:2c:87:33:1f:c3:21:5e:73:dc:81:5c:
43:ab:8b:e7:e8:34:44:3b:a3:21:57:44:7c:ae:e7:
3f:06:51:17:89:75:cd:ec:86:ae:15:3e:ed:69:18:
c4:e9:ee:c0:cb:d3:3d:4e:ae:43:18:70:f9:56:54:
cc:cf:d0:32:52:6d:6a:06:21:92:fa:43:33:cf:ed:
0f:bb:76:a3:1c:32:dc:0d:c9:72:cd:6d:60:7d:7e:
d9:9f:a6:9c:04:3d:d9:25:26:ba:b4:4a:21:82:ea:
8c:b6:b4:18:b4:36:e9:e4:df:3c:5e:f8:76:c4:ab:
f1:3e:97:f5:d5:2b:74:f0:e9:b6:2c:b8:06:13:5a:
b7:31:be:29:b6:0c:47:8e:c3:43:5f:fb:bf:ee:f5:
fc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:91:6E:E1:0A:72:B2:78:70:5E:67:8E:19:42:13:C9:73:14:C1:7D
X509v3 Authority Key Identifier:
keyid:5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/wZFu4QpysnhwXmeOGUITyXMUwX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/XJ8BmFo_QQ-SNw1mAKFO54OwROk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.176.0/20
84.205.176.0/22
84.205.186.0/24
85.14.64.0/18
89.25.128.0/17
91.90.176.0/20
93.179.192.0/18
119.12.28.0/22
188.117.128.0/18
193.106.244.0/22
194.150.96.0/22
195.242.69.0/24
213.179.72.0/22
IPv6:
2a00:13a0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:6c:58:44:79:f5:65:07:71:39:5a:fe:ca:46:ba:9f:3b:7a:
1e:76:17:d4:52:77:3d:68:bd:ab:cf:3f:b9:2e:4b:1b:34:86:
a4:ce:35:9a:dc:20:7c:b4:f5:46:6c:81:9b:6a:2f:93:54:e0:
86:65:9a:60:08:99:41:81:22:17:cc:82:aa:ab:b7:38:ac:1a:
bd:2b:18:ef:51:5f:e0:3e:c1:e4:c8:de:02:03:bd:cd:f5:87:
64:3c:92:e4:00:51:4d:d5:0f:8e:8a:57:e9:9e:1e:6f:34:95:
49:ef:a4:f3:0b:9c:a5:34:b8:8d:24:59:a0:7f:d8:71:6d:13:
16:48:e1:de:b1:6e:4c:a8:46:70:33:3c:8d:23:fe:73:93:3d:
2f:d4:eb:ad:36:ce:ec:97:e9:23:d1:90:0e:05:e6:8d:b6:76:
08:1f:65:54:86:e9:ee:ce:0a:cd:a8:3e:aa:29:b8:b6:4f:ef:
be:d5:9f:be:6e:4f:f6:00:76:ab:91:c9:9e:0c:f4:62:36:37:
67:c2:e4:72:0e:36:d5:ef:a2:c9:1d:f3:44:fc:39:f2:96:6c:
18:c1:48:a3:ef:d6:fe:c5:16:3d:69:63:50:bc:68:90:60:95:
1c:3c:90:d9:90:24:2f:fe:d9:18:22:7d:bc:7d:b0:ba:ce:dd:
b1:73:ff:5e
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYVxlXn6LL2pOapJrISjjwMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjOWYwMTk4NWEzZjQxMGY5MjM3MGQ2NjAwYTE0ZWU3ODNi
MDQ0ZTkwHhcNMjMwMTAyMDgyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTkxNmVlMTBhNzJiMjc4NzA1ZTY3OGUxOTQyMTNjOTczMTRjMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikvaYgRx+XU1EZEeq1n4mZQceanR
Y9q/ZWRxboH1YI6vijvPwMt2DbJtD3cP1tC8PSiYqnCqOEhq420PUzPM58O3QF1N
TQajbx+iUP/dYAASrcfSUH52z6Qeva6e/fmsgLA1o2jLYFYGYT8fLIczH8MhXnPc
gVxDq4vn6DREO6MhV0R8ruc/BlEXiXXN7IauFT7taRjE6e7Ay9M9Tq5DGHD5VlTM
z9AyUm1qBiGS+kMzz+0Pu3ajHDLcDclyzW1gfX7Zn6acBD3ZJSa6tEohguqMtrQY
tDbp5N88Xvh2xKvxPpf11St08Om2LLgGE1q3Mb4ptgxHjsNDX/u/7vX8nwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFMGRbuEKcrJ4cF5njhlCE8lzFMF9MB8GA1UdIwQY
MBaAFFyfAZhaP0EPkjcNZgChTueDsETpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEo4Qm1Gb19RUS1TTncxbUFLRk81NE93Uk9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83OWZiMDAtOGQ1MS00NzEyLTkyOWEt
OGNmYjJlNzNmNzBkLzEvd1pGdTRRcHlzbmh3WG1lT0dVSVR5WE1Vd1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83OWZiMDAtOGQ1MS00NzEyLTkyOWEtOGNmYjJlNzNmNzBk
LzEvWEo4Qm1Gb19RUS1TTncxbUFLRk81NE93Uk9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQEH6ywAwQC
VM2wAwQAVM26AwQGVQ5AAwQHWRmAAwQEW1qwAwQGXbPAAwQCdwwcAwQGvHWAAwQC
wWr0AwQCwpZgAwQAw/JFAwQC1bNIMA0EAgACMAcDBQAqABOgMA0GCSqGSIb3DQEB
CwUAA4IBAQCPbFhEefVlB3E5Wv7KRrqfO3oedhfUUnc9aL2rzz+5LksbNIakzjWa
3CB8tPVGbIGbai+TVOCGZZpgCJlBgSIXzIKqq7c4rBq9KxjvUV/gPsHkyN4CA73N
9YdkPJLkAFFN1Q+Oilfpnh5vNJVJ76TzC5ylNLiNJFmgf9hxbRMWSOHesW5MqEZw
MzyNI/5zkz0v1OutNs7sl+kj0ZAOBeaNtnYIH2VUhunuzgrNqD6qKbi2T+++1Z++
bk/2AHarkcmeDPRiNjdnwuRyDjbV76LJHfNE/DnylmwYwUij79b+xRY9aWNQvGiQ
YJUcPJDZkCQv/tkYIn28fbC6zt2xc/9e
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:42 2025 by rpki-client