Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/z_2M5Jx5aa_-QeXQW8_d_o602UM.roa
File: z_2M5Jx5aa_-QeXQW8_d_o602UM.roa (raw, json)
Hash identifier: cUbUmKdd/HNjxLa6y08RMCpZpMnbI+vDU+6q+k+0y50=
Subject key identifier: CF:FD:8C:E4:9C:79:69:AF:FE:41:E5:D0:5B:CF:DD:FE:8E:B4:D9:43
Certificate issuer: /CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Certificate serial: 018451F9BC2B6044E20738C9AD85186FDD97
Authority key identifier: B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/z_2M5Jx5aa_-QeXQW8_d_o602UM.roa
Signing time: Mon 07 Nov 2022 12:03:51 +0000
ROA not before: Mon 07 Nov 2022 12:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198317
IP address blocks: 185.235.125.0/24 maxlen: 24
185.235.124.0/22 maxlen: 22
185.235.124.0/23 maxlen: 23
185.235.124.0/24 maxlen: 24
185.235.126.0/23 maxlen: 23
185.235.127.0/24 maxlen: 24
185.235.126.0/24 maxlen: 24
91.200.107.0/24 maxlen: 24
91.200.106.0/24 maxlen: 24
91.200.106.0/23 maxlen: 23
155.133.58.0/24 maxlen: 24
155.133.58.0/23 maxlen: 23
155.133.56.0/23 maxlen: 23
155.133.56.0/22 maxlen: 22
155.133.57.0/24 maxlen: 24
155.133.56.0/24 maxlen: 24
155.133.59.0/24 maxlen: 24
185.96.123.0/24 maxlen: 24
185.96.122.0/23 maxlen: 23
185.96.122.0/24 maxlen: 24
185.96.121.0/24 maxlen: 24
185.96.120.0/22 maxlen: 22
185.96.120.0/24 maxlen: 24
185.96.120.0/23 maxlen: 23
195.88.145.0/24 maxlen: 24
195.88.144.0/24 maxlen: 24
195.88.144.0/23 maxlen: 23
91.200.105.0/24 maxlen: 24
91.200.104.0/24 maxlen: 24
91.200.104.0/22 maxlen: 22
91.200.104.0/23 maxlen: 23
91.239.199.0/24 maxlen: 24
91.239.198.0/24 maxlen: 24
91.239.197.0/24 maxlen: 24
91.239.198.0/23 maxlen: 23
91.239.196.0/23 maxlen: 23
91.239.196.0/22 maxlen: 22
91.239.196.0/24 maxlen: 24
2a05:ffc0:c000::/34 maxlen: 34
2a05:ffc0:8000::/34 maxlen: 34
2a05:ffc0:4000::/34 maxlen: 34
2a05:ffc0::/34 maxlen: 34
2a05:ffc0:8000::/33 maxlen: 33
2a05:ffc0::/33 maxlen: 33
2a05:ffc0::/32 maxlen: 32
2a05:ffc2:c000::/34 maxlen: 34
2a05:ffc2:8000::/34 maxlen: 34
2a05:ffc2:4000::/34 maxlen: 34
2a05:ffc2::/34 maxlen: 34
2a05:ffc2::/32 maxlen: 32
2a05:ffc2:8000::/33 maxlen: 33
2a05:ffc2::/33 maxlen: 33
2a05:ffc1:8000::/33 maxlen: 33
2a05:ffc1::/33 maxlen: 33
2a05:ffc1::/32 maxlen: 32
2a05:ffc1:c000::/34 maxlen: 34
2a05:ffc1:8000::/34 maxlen: 34
2a05:ffc1:4000::/34 maxlen: 34
2a05:ffc1::/34 maxlen: 34
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:51:f9:bc:2b:60:44:e2:07:38:c9:ad:85:18:6f:dd:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Validity
Not Before: Nov 7 12:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cffd8ce49c7969affe41e5d05bcfddfe8eb4d943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:25:59:22:94:73:ec:49:32:44:ba:b1:31:95:
be:fe:c5:44:35:4c:f8:c2:a2:44:cd:4b:f3:3d:2b:
a7:0f:c7:90:6a:97:fc:69:04:eb:70:c5:17:d6:2b:
cf:08:ef:42:71:12:4c:27:c5:f1:b8:41:d9:5b:ff:
e9:b7:8a:62:0b:dd:68:9f:1f:01:7d:a6:c0:72:59:
7f:cb:11:6d:0c:2e:10:55:52:93:c0:93:77:22:e7:
3e:32:2a:d3:44:a5:68:a0:fa:62:b2:c2:8b:c5:6d:
02:5b:8d:e9:d2:50:c1:d0:a5:2c:97:7d:f1:bf:3a:
4f:c5:94:1b:9d:0b:4d:ab:cd:ed:c6:c1:ff:a8:59:
f4:b3:b1:c9:66:23:d5:1f:f0:87:c7:9d:a4:b7:1a:
12:a3:1c:f3:04:16:71:1a:48:04:b1:66:0b:b9:f8:
7b:0b:19:fe:1e:e3:06:9a:69:86:af:ed:a6:4a:00:
2e:ef:aa:8b:0a:4d:99:63:91:80:79:b8:fe:49:1a:
b1:34:fe:7f:57:0b:3b:6a:4a:84:b1:80:ae:b7:15:
1f:eb:e1:3c:ca:e5:df:a1:9a:4b:fd:bd:e0:d3:8d:
c5:46:a4:db:3c:8d:1b:ad:b4:3f:52:42:fe:21:bc:
6f:f0:de:26:df:e4:6f:c6:fc:af:b1:ce:a9:60:8e:
cd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FD:8C:E4:9C:79:69:AF:FE:41:E5:D0:5B:CF:DD:FE:8E:B4:D9:43
X509v3 Authority Key Identifier:
keyid:B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/z_2M5Jx5aa_-QeXQW8_d_o602UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.104.0/22
91.239.196.0/22
155.133.56.0/22
185.96.120.0/22
185.235.124.0/22
195.88.144.0/23
IPv6:
2a05:ffc0::-2a05:ffc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:b3:66:f1:02:fd:11:56:d6:33:2a:bb:e3:0f:13:d2:eb:b5:
40:35:bb:7f:0f:57:78:29:e0:34:73:af:7d:b0:15:5f:9f:c7:
89:44:c2:6e:85:c4:6a:4b:45:9a:56:db:4b:e4:99:2d:e2:33:
6c:57:d1:79:b9:39:2e:ff:51:07:aa:37:74:c4:c7:57:e2:28:
3d:b2:a8:82:47:42:8c:6c:20:04:c9:86:fa:01:44:34:b8:f5:
e2:43:e8:97:13:86:0a:09:9a:d4:40:8c:bc:94:f9:4d:36:0b:
61:3d:bb:4c:95:63:cf:00:53:f1:88:08:2e:36:a3:06:cf:02:
b5:9a:2d:7e:77:97:fb:99:3d:e4:13:4d:b2:7f:bf:8d:0c:0b:
d4:e4:ab:56:c8:b4:ba:cf:46:45:4b:c4:e5:09:e6:5e:a1:3f:
1b:0f:52:7f:49:8f:98:d0:a8:f8:56:70:93:9f:4d:0a:51:44:
b6:db:96:2b:2d:c1:6f:3b:aa:54:39:14:7b:8b:e3:e3:4c:7b:
d1:41:87:ad:3b:40:94:ac:87:d8:8d:08:cb:0a:86:f1:b4:c2:
7e:d0:d1:3f:79:7a:9c:dd:24:6e:44:e3:22:4a:a7:dd:68:74:
3a:e7:95:70:7f:70:dd:e7:dc:a1:fd:a7:90:80:a7:f1:31:38:
47:08:75:b2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYRR+bwrYETiBzjJrYUYb92XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWY1NTYwZDc5ZjA0YTkyZDdhMTUwZjNlZDhkYTQzMDhh
YmVhMzMwHhcNMjIxMTA3MTIwMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZkOGNlNDljNzk2OWFmZmU0MWU1ZDA1YmNmZGRmZThlYjRkOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSVZIpRz7EkyRLqxMZW+/sVENUz4
wqJEzUvzPSunD8eQapf8aQTrcMUX1ivPCO9CcRJMJ8XxuEHZW//pt4piC91onx8B
fabAcll/yxFtDC4QVVKTwJN3Iuc+MirTRKVooPpissKLxW0CW43p0lDB0KUsl33x
vzpPxZQbnQtNq83txsH/qFn0s7HJZiPVH/CHx52ktxoSoxzzBBZxGkgEsWYLufh7
Cxn+HuMGmmmGr+2mSgAu76qLCk2ZY5GAebj+SRqxNP5/Vws7akqEsYCutxUf6+E8
yuXfoZpL/b3g043FRqTbPI0brbQ/UkL+Ibxv8N4m3+Rvxvyvsc6pYI7N6QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM/9jOSceWmv/kHl0FvP3f6OtNlDMB8GA1UdIwQY
MBaAFLRfVWDXnwSpLXoVDz7Y2kMIq+ozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2Njkt
YzMyMjI0NzRlZWYxLzEvel8yTTVKeDVhYV8tUWVYUVc4X2RfbzYwMlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2NjktYzMyMjI0NzRlZWYx
LzEvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQCW8hoAwQC
W+/EAwQCm4U4AwQCuWB4AwQCuet8AwQBw1iQMBYEAgACMBAwDgMFBioF/8ADBQAq
Bf/CMA0GCSqGSIb3DQEBCwUAA4IBAQCns2bxAv0RVtYzKrvjDxPS67VANbt/D1d4
KeA0c699sBVfn8eJRMJuhcRqS0WaVttL5Jkt4jNsV9F5uTku/1EHqjd0xMdX4ig9
sqiCR0KMbCAEyYb6AUQ0uPXiQ+iXE4YKCZrUQIy8lPlNNgthPbtMlWPPAFPxiAgu
NqMGzwK1mi1+d5f7mT3kE02yf7+NDAvU5KtWyLS6z0ZFS8TlCeZeoT8bD1J/SY+Y
0Kj4VnCTn00KUUS225YrLcFvO6pUORR7i+PjTHvRQYetO0CUrIfYjQjLCobxtMJ+
0NE/eXqc3SRuROMiSqfdaHQ655Vwf3Dd59yh/aeQgKfxMThHCHWy
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:25 2025 by rpki-client