Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/7oQqrfh7BN7oJSHpsDGcw04pJFY.roa
File: 7oQqrfh7BN7oJSHpsDGcw04pJFY.roa (raw, json)
Hash identifier: 5f0rSOXe01/GsuwkGCAZWhs9BAiV366IbMg5bRqSf/Q=
Subject key identifier: EE:84:2A:AD:F8:7B:04:DE:E8:25:21:E9:B0:31:9C:C3:4E:29:24:56
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 018940D3D465652AB9A27151EB7D6F1B735D
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/7oQqrfh7BN7oJSHpsDGcw04pJFY.roa
Signing time: Mon 10 Jul 2023 17:22:51 +0000
ROA not before: Mon 10 Jul 2023 17:22:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13213
IP address blocks: 176.67.160.0/20 maxlen: 24
185.7.224.0/22 maxlen: 24
176.67.169.0/24 maxlen: 24
109.123.64.0/18 maxlen: 24
83.170.64.0/18 maxlen: 24
82.163.72.0/21 maxlen: 24
88.202.224.0/21 maxlen: 24
77.92.64.0/19 maxlen: 24
31.24.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
46.23.64.0/20 maxlen: 24
37.123.114.0/23 maxlen: 24
46.23.74.0/24 maxlen: 24
88.202.176.0/20 maxlen: 24
2a02:2498:8000::/40 maxlen: 40
2a02:2498::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:d3:d4:65:65:2a:b9:a2:71:51:eb:7d:6f:1b:73:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Jul 10 17:22:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee842aadf87b04dee82521e9b0319cc34e292456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f6:24:a0:1f:1f:4a:bb:bc:d1:25:c3:20:fc:
97:b6:ad:4e:a8:4a:91:f3:ec:56:d9:33:f7:4f:3e:
18:d5:be:a9:29:46:68:19:b4:0b:7b:f3:45:9b:e4:
60:17:29:80:92:0a:21:b2:b1:82:7d:1c:c4:1d:e1:
f4:b2:40:a7:dc:09:31:95:e7:6f:a0:3f:a6:95:5f:
81:c2:2e:ab:a4:9e:71:b5:9e:e7:fb:37:5b:c0:45:
e0:36:3a:82:1b:c9:39:97:4c:1b:c0:b0:0c:63:a3:
e4:36:d6:cc:5d:d0:dd:45:75:cf:98:e6:08:0b:e7:
1e:40:53:f2:41:e0:72:94:15:c8:2e:4e:30:a9:60:
a7:6e:1e:c7:11:e7:d5:3e:f0:a4:03:18:b7:c4:77:
ac:0c:4e:eb:e1:4a:32:cf:b1:5e:b5:00:16:5b:ee:
e5:8d:7a:1d:b6:c8:84:c5:e3:4d:d5:c0:33:2f:7e:
d0:96:bd:86:47:a8:3a:df:7c:09:ef:7e:66:1f:51:
0e:f2:d9:fb:d5:89:80:22:2f:87:81:84:aa:16:11:
29:fb:a8:87:ae:da:c3:06:d9:bc:4e:26:dd:48:dc:
64:2a:d3:a6:2b:e8:e8:4f:26:c4:fc:36:c3:a8:74:
84:c4:fa:3b:92:6b:d1:2d:65:13:c1:d2:c9:f1:9a:
1e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:84:2A:AD:F8:7B:04:DE:E8:25:21:E9:B0:31:9C:C3:4E:29:24:56
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/7oQqrfh7BN7oJSHpsDGcw04pJFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/20
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
91:50:6b:72:b4:d9:7c:66:ab:4a:9f:62:07:91:cd:de:7e:85:
a9:d0:66:1f:da:62:4d:54:94:29:3e:6d:cd:9f:9a:39:9a:08:
0f:d9:9f:e3:fc:82:99:a3:32:bc:56:2b:9b:7c:4a:20:09:63:
43:a8:8d:7e:06:9e:43:69:28:f5:29:e7:2d:2d:3f:53:d8:37:
70:19:d9:1f:6e:0d:d2:75:75:25:48:fe:fb:0c:ab:ab:75:1b:
03:b2:31:ff:08:f9:0a:0b:7e:12:a8:1a:90:08:e8:0b:c6:f0:
57:73:d3:fb:bd:26:96:7b:3d:0a:e8:b4:60:9f:ac:eb:d3:65:
ac:36:5d:a4:51:64:cf:9c:81:ea:fd:54:0b:52:36:d3:04:e7:
fc:e7:9d:8c:ac:44:1f:5b:a9:dd:38:49:82:3a:ce:ce:0a:cb:
ee:5f:51:7f:f0:56:dc:7f:42:76:51:23:2a:6d:ec:c8:05:0d:
f8:a9:56:f7:6e:8f:0f:51:0f:55:01:a5:d1:7c:82:a6:02:3a:
08:31:93:d6:95:b8:7f:61:25:04:e9:7d:f0:20:e5:f1:03:89:
41:5f:9f:93:aa:ec:ba:c5:a3:69:07:d8:58:7e:23:cc:9b:48:
e9:9b:00:93:f0:b5:c2:01:e4:c8:5f:d5:f3:95:29:b8:eb:7d:
10:f9:c6:8a
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYlA09RlZSq5onFR631vG3NdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjMwNzEwMTcyMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg0MmFhZGY4N2IwNGRlZTgyNTIxZTliMDMxOWNjMzRlMjkyNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/YkoB8fSru80SXDIPyXtq1OqEqR
8+xW2TP3Tz4Y1b6pKUZoGbQLe/NFm+RgFymAkgohsrGCfRzEHeH0skCn3Akxledv
oD+mlV+Bwi6rpJ5xtZ7n+zdbwEXgNjqCG8k5l0wbwLAMY6PkNtbMXdDdRXXPmOYI
C+ceQFPyQeBylBXILk4wqWCnbh7HEefVPvCkAxi3xHesDE7r4Uoyz7FetQAWW+7l
jXodtsiExeNN1cAzL37Qlr2GR6g633wJ735mH1EO8tn71YmAIi+HgYSqFhEp+6iH
rtrDBtm8TibdSNxkKtOmK+joTybE/DbDqHSExPo7kmvRLWUTwdLJ8ZoejwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFO6EKq34ewTe6CUh6bAxnMNOKSRWMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvN29RcXJmaDdCTjdvSlNIcHNER2N3MDRwSkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDHxjgAwQD
JXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23wAwQG
bXtAAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAqAiSYMA0GCSqGSIb3DQEBCwUAA4IB
AQCRUGtytNl8ZqtKn2IHkc3efoWp0GYf2mJNVJQpPm3Nn5o5mggP2Z/j/IKZozK8
ViubfEogCWNDqI1+Bp5DaSj1KectLT9T2DdwGdkfbg3SdXUlSP77DKurdRsDsjH/
CPkKC34SqBqQCOgLxvBXc9P7vSaWez0K6LRgn6zr02WsNl2kUWTPnIHq/VQLUjbT
BOf8552MrEQfW6ndOEmCOs7OCsvuX1F/8Fbcf0J2USMqbezIBQ34qVb3bo8PUQ9V
AaXRfIKmAjoIMZPWlbh/YSUE6X3wIOXxA4lBX5+Tquy6xaNpB9hYfiPMm0jpmwCT
8LXCAeTIX9XzlSm4630Q+caK
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:17:08 2025 by rpki-client