Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/Z_tZfp3tLF8gzazyFzmtqysCtRk.roa
File: Z_tZfp3tLF8gzazyFzmtqysCtRk.roa (raw, json)
Hash identifier: Eyco+5+gNTj50HJZOyvcfeLYqqEZcDtp0qsbhdA0hnU=
Subject key identifier: 67:FB:59:7E:9D:ED:2C:5F:20:CD:AC:F2:17:39:AD:AB:2B:02:B5:19
Certificate issuer: /CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Certificate serial: 013C8697
Authority key identifier: CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/Z_tZfp3tLF8gzazyFzmtqysCtRk.roa
Signing time: Wed 20 Apr 2022 11:35:44 +0000
ROA not before: Wed 20 Apr 2022 11:35:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60672
IP address blocks: 94.126.41.0/24 maxlen: 24
94.126.44.0/24 maxlen: 24
94.126.44.0/23 maxlen: 24
94.126.42.0/24 maxlen: 24
94.126.46.0/24 maxlen: 24
94.126.45.0/24 maxlen: 24
178.18.118.0/24 maxlen: 24
178.18.123.0/24 maxlen: 24
178.18.122.0/24 maxlen: 24
193.193.162.0/23 maxlen: 24
178.18.121.0/24 maxlen: 24
178.18.120.0/22 maxlen: 24
178.18.120.0/24 maxlen: 24
31.28.64.0/24 maxlen: 24
31.28.66.0/24 maxlen: 24
31.28.69.0/24 maxlen: 24
31.28.71.0/24 maxlen: 24
31.28.73.0/24 maxlen: 24
31.28.76.0/22 maxlen: 24
31.28.74.0/24 maxlen: 24
31.28.87.0/24 maxlen: 24
31.28.88.0/21 maxlen: 24
193.192.2.0/23 maxlen: 24
31.24.104.0/21 maxlen: 24
2a01:8000:4::/48 maxlen: 48
2a01:8000::/48 maxlen: 48
2a01:8000:1ffb::/48 maxlen: 48
2a01:8000:5::/48 maxlen: 48
2a10:6740::/32 maxlen: 32
2a01:8000::/32 maxlen: 32
2a01:8000:1ffd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20743831 (0x13c8697)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Validity
Not Before: Apr 20 11:35:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67fb597e9ded2c5f20cdacf21739adab2b02b519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9e:62:e6:72:30:80:85:2b:dc:76:e0:a5:c3:
8e:87:5c:38:7c:c6:c6:21:61:66:5f:44:fc:e6:54:
38:42:32:9d:d9:8d:ef:ea:7d:b5:ca:9b:60:78:f8:
ec:6b:8e:8d:37:7f:95:39:1a:f9:5c:6b:20:c4:20:
2a:58:3a:1d:0c:81:5b:ee:75:85:cf:90:4a:08:07:
c6:72:1d:8b:02:86:a6:2e:7e:86:42:24:91:cd:f6:
5e:7b:d3:53:53:95:46:ab:d3:6a:77:ca:ed:dd:e9:
50:49:82:37:28:8f:6f:12:07:35:00:ee:ca:5f:e0:
69:88:38:b8:00:3b:c4:8f:46:f8:aa:c6:b5:9d:97:
55:dc:d9:44:92:0f:f5:a9:0c:f2:ad:dd:d3:0c:b6:
3d:d5:22:64:7e:63:ff:9c:4f:bb:61:f8:71:70:ea:
a6:d6:45:08:56:04:74:29:f7:9c:ac:8c:3b:13:e6:
b7:2c:de:f0:d1:54:92:76:ad:f3:b4:8a:f4:c7:8d:
39:80:3c:85:8d:91:10:89:7e:fd:38:9b:fa:0e:16:
b3:45:fd:32:a2:71:50:93:22:42:7c:c0:c9:09:30:
9f:ed:0a:dc:27:26:07:4b:d7:78:61:f4:a8:90:9b:
89:97:07:83:ce:5e:e0:c2:3e:24:25:92:ac:57:79:
3e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FB:59:7E:9D:ED:2C:5F:20:CD:AC:F2:17:39:AD:AB:2B:02:B5:19
X509v3 Authority Key Identifier:
keyid:CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/Z_tZfp3tLF8gzazyFzmtqysCtRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/yvJIiCS3FKHzDCyAn722hXVlK0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.104.0/21
31.28.64.0/24
31.28.66.0/24
31.28.69.0/24
31.28.71.0/24
31.28.73.0-31.28.74.255
31.28.76.0/22
31.28.87.0-31.28.95.255
94.126.41.0-94.126.42.255
94.126.44.0-94.126.46.255
178.18.118.0/24
178.18.120.0/22
193.192.2.0/23
193.193.162.0/23
IPv6:
2a01:8000::/32
2a10:6740::/32
Signature Algorithm: sha256WithRSAEncryption
92:4d:f9:d0:9e:5e:14:d9:86:0e:34:a2:3f:b3:2b:45:a2:de:
b9:14:c2:d9:7a:e0:73:d8:46:24:84:af:a0:8d:f6:f4:5f:4b:
af:92:59:0b:d0:c4:db:29:b0:dd:21:80:51:ea:63:b6:0b:ff:
69:a1:1f:f7:90:ca:e3:c2:28:d7:aa:11:57:10:ec:41:b7:5f:
6a:43:cb:bd:17:34:2a:08:7c:bd:9a:8a:73:b4:0f:a5:73:8e:
4f:c2:9f:80:c6:0a:16:36:9f:c0:19:a2:3d:41:2d:2d:17:77:
89:35:96:15:f2:32:fc:ff:82:7e:d5:4f:19:a1:48:92:e2:38:
c8:2e:ed:5f:a2:29:3f:33:ed:46:03:c6:4c:e2:19:3c:fd:fd:
bb:82:c2:0f:d2:f1:9f:0b:cc:55:87:a9:3c:0c:94:5e:f0:76:
81:c6:2b:57:b1:8d:5f:8f:41:46:1c:8f:16:4a:e9:51:d9:ee:
00:2a:9b:0b:cc:5f:d1:de:94:b5:e9:92:ff:65:84:6f:50:d7:
0d:12:3e:0e:4e:18:61:aa:88:ad:3f:ee:37:bd:62:7a:85:63:
1a:11:91:e0:08:3a:a2:86:5a:94:8e:10:f0:7f:c1:f8:34:5c:
fe:e2:c9:85:97:1a:e8:8e:2e:78:45:39:31:f9:b6:53:77:e6:
56:3b:64:68
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIEATyGlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWYyNDg4ODI0YjcxNGExZjMwYzJjODA5ZmJkYjY4NTc1NjUyYjRhMB4XDTIyMDQy
MDExMzU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdmYjU5N2U5ZGVk
MmM1ZjIwY2RhY2YyMTczOWFkYWIyYjAyYjUxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJieYuZyMICFK9x24KXDjodcOHzGxiFhZl9E/OZUOEIyndmN
7+p9tcqbYHj47GuOjTd/lTka+VxrIMQgKlg6HQyBW+51hc+QSggHxnIdiwKGpi5+
hkIkkc32XnvTU1OVRqvTanfK7d3pUEmCNyiPbxIHNQDuyl/gaYg4uAA7xI9G+KrG
tZ2XVdzZRJIP9akM8q3d0wy2PdUiZH5j/5xPu2H4cXDqptZFCFYEdCn3nKyMOxPm
tyze8NFUknat87SK9MeNOYA8hY2REIl+/Tib+g4Ws0X9MqJxUJMiQnzAyQkwn+0K
3CcmB0vXeGH0qJCbiZcHg85e4MI+JCWSrFd5Pj8CAwEAAaOCApAwggKMMB0GA1Ud
DgQWBBRn+1l+ne0sXyDNrPIXOa2rKwK1GTAfBgNVHSMEGDAWgBTK8kiIJLcUofMM
LICfvbaFdWUrSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l2SklpQ1MzRktIekRDeUFuNzIyaFhWbEswby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2E5MzZjLWQ2ZTItNGNjMS05ZTRiLWQyMzdhOWU2YWIxNC8x
L1pfdFpmcDN0TEY4Z3phenlGem10cXlzQ3RSay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2E5MzZjLWQ2ZTItNGNjMS05ZTRiLWQyMzdhOWU2YWIxNC8xL3l2SklpQ1MzRktI
ekRDeUFuNzIyaFhWbEswby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
pQYIKwYBBQUHAQcBAf8EgZUwgZIwegQCAAEwdAMEAx8YaAMEAB8cQAMEAB8cQgME
AB8cRQMEAB8cRzAMAwQAHxxJAwQAHxxKAwQCHxxMMAwDBAAfHFcDBAUfHEAwDAME
AF5+KQMEAF5+KjAMAwQCXn4sAwQAXn4uAwQAshJ2AwQCshJ4AwQBwcACAwQBwcGi
MBQEAgACMA4DBQAqAYAAAwUAKhBnQDANBgkqhkiG9w0BAQsFAAOCAQEAkk350J5e
FNmGDjSiP7MrRaLeuRTC2Xrgc9hGJISvoI329F9Lr5JZC9DE2ymw3SGAUepjtgv/
aaEf95DK48Io16oRVxDsQbdfakPLvRc0Kgh8vZqKc7QPpXOOT8KfgMYKFjafwBmi
PUEtLRd3iTWWFfIy/P+CftVPGaFIkuI4yC7tX6IpPzPtRgPGTOIZPP39u4LCD9Lx
nwvMVYepPAyUXvB2gcYrV7GNX49BRhyPFkrpUdnuACqbC8xf0d6UtemS/2WEb1DX
DRI+Dk4YYaqIrT/uN71ieoVjGhGR4Ag6ooZalI4Q8H/B+DRc/uLJhZca6I4ueEU5
Mfm2U3fmVjtkaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:49 2024 by rpki-client on console-fra.rpki-client.org