Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/zR0PsBtiVAx0PFYplyjOMe5PEXg.roa
File: zR0PsBtiVAx0PFYplyjOMe5PEXg.roa (raw, json)
Hash identifier: Aw0iK/NFYtzgVtSGfA/Sviz3H6xTkmlQomD4WLjRrb8=
Subject key identifier: CD:1D:0F:B0:1B:62:54:0C:74:3C:56:29:97:28:CE:31:EE:4F:11:78
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 018571C2FFAF6A25F00093C7184F480DC935
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/zR0PsBtiVAx0PFYplyjOMe5PEXg.roa
Signing time: Mon 02 Jan 2023 09:14:42 +0000
ROA not before: Mon 02 Jan 2023 09:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 5.188.12.0/24 maxlen: 24
185.79.112.0/22 maxlen: 22
5.188.13.0/24 maxlen: 24
5.188.14.0/24 maxlen: 24
5.188.15.0/24 maxlen: 24
185.8.176.0/22 maxlen: 22
185.12.12.0/22 maxlen: 24
5.188.12.0/22 maxlen: 22
178.21.16.0/21 maxlen: 24
5.255.64.0/19 maxlen: 24
91.221.69.0/24 maxlen: 24
89.47.1.0/24 maxlen: 24
46.249.32.0/19 maxlen: 24
93.158.200.0/21 maxlen: 24
93.158.208.0/20 maxlen: 24
5.178.64.0/21 maxlen: 24
185.53.160.0/22 maxlen: 22
2a03:3f40::/32 maxlen: 32
2a00:1caa::/32 maxlen: 32
2a00:1ca8:77::/48 maxlen: 48
2a00:1ca8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c2:ff:af:6a:25:f0:00:93:c7:18:4f:48:0d:c9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 2 09:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd1d0fb01b62540c743c56299728ce31ee4f1178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3a:92:a8:68:c3:04:e6:17:48:d1:6b:b6:04:
8d:50:6f:08:e4:03:7c:40:28:8b:a7:9b:38:36:34:
48:ab:c7:83:f3:8a:e6:1f:05:2c:f9:2c:68:75:83:
0b:f9:a6:a2:80:f4:2e:13:4d:d6:2b:d2:3c:9c:d3:
65:c2:65:cc:49:66:57:16:3c:30:79:96:40:7c:3c:
ae:70:9d:3c:ad:d9:24:65:1b:c1:3a:10:8c:81:d6:
8f:bf:8e:03:c3:59:ae:25:e9:ad:68:e8:7b:95:d9:
e5:41:c4:42:e6:35:2e:4f:3e:b8:b9:73:94:52:44:
1b:84:6c:cf:68:2b:05:fc:67:55:c5:0b:ce:1b:55:
33:ca:5e:76:14:2a:78:9d:80:77:8d:48:22:91:52:
97:91:1e:f9:26:4b:46:14:0a:23:3d:82:2e:50:ab:
62:0e:ca:09:66:85:e7:b7:6d:23:39:02:a5:aa:ca:
2c:89:cd:14:4f:66:12:30:29:db:76:db:5f:cd:b3:
06:b3:de:56:32:47:80:d0:4b:dd:93:ec:4b:d4:09:
6c:63:c2:6e:ef:57:31:06:c9:b3:5f:42:1e:b8:87:
44:dc:a2:a4:3b:8a:c1:62:44:fe:1c:b6:e9:5b:5d:
47:71:ce:0a:f5:48:52:ef:b8:a2:a0:5a:58:f1:2f:
64:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1D:0F:B0:1B:62:54:0C:74:3C:56:29:97:28:CE:31:EE:4F:11:78
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/zR0PsBtiVAx0PFYplyjOMe5PEXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.64.0/21
5.188.12.0/22
5.255.64.0/19
46.249.32.0/19
89.47.1.0/24
91.221.69.0/24
93.158.200.0-93.158.223.255
178.21.16.0/21
185.8.176.0/22
185.12.12.0/22
185.53.160.0/22
185.79.112.0/22
IPv6:
2a00:1ca8::/32
2a00:1caa::/32
2a03:3f40::/32
Signature Algorithm: sha256WithRSAEncryption
51:68:c1:b7:0b:24:68:d9:d1:70:30:0b:c8:5f:cf:e9:d2:b3:
5d:d4:a9:b7:f4:22:97:eb:07:e9:27:06:cd:01:c8:2d:9d:57:
41:05:ea:7d:c4:28:9a:96:03:a4:d6:5a:62:86:47:6e:3f:ba:
2e:fa:0a:fe:82:77:95:71:c5:13:6b:da:63:d1:d2:67:89:9a:
6e:44:43:94:6f:aa:48:97:e1:54:8b:1d:cb:85:66:d1:00:4f:
5b:cb:83:0f:b0:0a:11:ae:9e:55:67:f0:5c:30:65:e4:7b:78:
06:cb:68:ac:0d:85:3d:a6:66:71:e9:3e:8e:49:d0:b4:4b:21:
f4:f8:58:c6:80:b2:6b:60:6e:54:ac:7d:e7:7b:de:dc:4a:0a:
ac:2a:81:8f:9f:f5:96:81:96:11:a1:0f:72:9c:c4:1c:1e:de:
ac:8c:55:71:ee:9b:41:1a:d2:2a:7c:48:63:31:88:7a:9c:e2:
18:93:2b:29:0f:ef:b2:d4:58:4b:e0:d5:6c:35:b6:8d:a7:c2:
ab:ea:8f:37:be:47:2f:5d:fb:5d:a5:b7:c9:ed:8d:24:64:92:
fd:64:ff:12:9b:b2:a9:87:5a:68:f4:e5:06:19:52:31:36:ba:
a0:83:9d:86:26:30:d8:97:79:61:22:bb:e2:24:be:4f:2d:2e:
d6:b2:bb:47
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYVxwv+vaiXwAJPHGE9IDck1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjMwMTAyMDkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDFkMGZiMDFiNjI1NDBjNzQzYzU2Mjk5NzI4Y2UzMWVlNGYxMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDqSqGjDBOYXSNFrtgSNUG8I5AN8
QCiLp5s4NjRIq8eD84rmHwUs+SxodYML+aaigPQuE03WK9I8nNNlwmXMSWZXFjww
eZZAfDyucJ08rdkkZRvBOhCMgdaPv44Dw1muJemtaOh7ldnlQcRC5jUuTz64uXOU
UkQbhGzPaCsF/GdVxQvOG1Uzyl52FCp4nYB3jUgikVKXkR75JktGFAojPYIuUKti
DsoJZoXnt20jOQKlqsosic0UT2YSMCnbdttfzbMGs95WMkeA0Evdk+xL1AlsY8Ju
71cxBsmzX0IeuIdE3KKkO4rBYkT+HLbpW11Hcc4K9UhS77iioFpY8S9k3wIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFM0dD7AbYlQMdDxWKZcozjHuTxF4MB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvelIwUHNCdGlWQXgwUEZZcGx5ak9NZTVQRVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwVgQCAAEwUAMEAwWyQAME
AgW8DAMEBQX/QAMEBS75IAMEAFkvAQMEAFvdRTAMAwQDXZ7IAwQFXZ7AAwQDshUQ
AwQCuQiwAwQCuQwMAwQCuTWgAwQCuU9wMBsEAgACMBUDBQAqAByoAwUAKgAcqgMF
ACoDP0AwDQYJKoZIhvcNAQELBQADggEBAFFowbcLJGjZ0XAwC8hfz+nSs13Uqbf0
IpfrB+knBs0ByC2dV0EF6n3EKJqWA6TWWmKGR24/ui76Cv6Cd5VxxRNr2mPR0meJ
mm5EQ5RvqkiX4VSLHcuFZtEAT1vLgw+wChGunlVn8FwwZeR7eAbLaKwNhT2mZnHp
Po5J0LRLIfT4WMaAsmtgblSsfed73txKCqwqgY+f9ZaBlhGhD3KcxBwe3qyMVXHu
m0Ea0ip8SGMxiHqc4hiTKykP77LUWEvg1Ww1to2nwqvqjze+Ry9d+12lt8ntjSRk
kv1k/xKbsqmHWmj05QYZUjE2uqCDnYYmMNiXeWEiu+Ikvk8tLtayu0c=
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:32:06 2025 by rpki-client