Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Q5gZGyzE6yUr7jq6l_Jle1wRkLs.roa
File: Q5gZGyzE6yUr7jq6l_Jle1wRkLs.roa (raw, json)
Hash identifier: SbZtXjB4sxhBhwymtpruvB1RdTaYmUS39teUhty06Wo=
Subject key identifier: 43:98:19:1B:2C:C4:EB:25:2B:EE:3A:BA:97:F2:65:7B:5C:11:90:BB
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0195199753A66341AB05B4547EAAF1C3CEA0
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Q5gZGyzE6yUr7jq6l_Jle1wRkLs.roa
Signing time: Tue 18 Feb 2025 15:05:02 +0000
ROA not before: Tue 18 Feb 2025 15:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/19 maxlen: 23
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:97:53:a6:63:41:ab:05:b4:54:7e:aa:f1:c3:ce:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Feb 18 15:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4398191b2cc4eb252bee3aba97f2657b5c1190bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:93:e3:09:62:f4:c5:fc:02:44:91:b8:d1:b0:
ac:78:3d:e1:81:62:e1:b0:71:28:33:51:f9:f0:5d:
ef:74:32:fa:e9:fe:0c:de:4b:17:59:3e:19:68:f0:
1c:f9:90:b1:28:72:c1:05:09:57:47:4c:59:01:98:
72:08:7d:d6:76:42:09:48:53:ee:51:40:50:85:ec:
32:fb:f6:c2:2f:61:7e:39:cd:7c:19:ca:3a:71:76:
d1:b6:7b:e7:11:e1:6f:b8:5a:f2:bb:77:16:d1:29:
95:a8:d9:29:b7:97:da:c4:e1:79:4d:0d:d1:e4:b5:
db:98:9e:a8:f8:42:56:b7:78:21:38:24:d9:28:12:
27:ac:7b:0e:8b:80:2d:a6:b1:1e:9d:10:23:f6:f0:
d3:df:4e:85:90:f6:f9:98:ae:6a:52:46:a2:ac:d9:
f3:e4:73:ec:2f:b8:6c:c9:1c:03:14:68:47:2c:02:
2c:7f:8a:2f:9d:57:3c:3d:3c:f9:17:d8:10:14:90:
11:4c:e0:0e:32:a4:42:74:4e:e9:d1:d4:35:38:ae:
72:7a:70:a1:50:a7:a8:22:fc:13:7a:3f:60:1f:fb:
a5:0c:51:6c:ef:81:d6:e0:d7:4f:2b:89:3b:a4:82:
76:dc:b3:8c:ee:18:18:36:af:ea:bd:01:5c:65:0f:
9f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:98:19:1B:2C:C4:EB:25:2B:EE:3A:BA:97:F2:65:7B:5C:11:90:BB
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Q5gZGyzE6yUr7jq6l_Jle1wRkLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
2b:54:f3:2b:15:71:a1:56:0e:fa:ac:52:9b:81:de:81:2e:32:
1b:4a:11:7c:45:05:91:c2:a5:bb:db:0a:1a:a3:14:64:c9:71:
8e:76:18:63:df:9f:7c:7a:43:3e:a4:80:3b:e5:63:cf:c9:67:
da:7b:c2:bb:87:78:fd:3b:b8:60:70:d8:d3:92:89:6b:a8:48:
34:93:d6:49:ed:c0:d7:46:20:30:6c:4e:e8:2c:d5:b3:80:5f:
c6:30:29:86:f4:b2:3f:59:25:b2:5d:6d:34:de:50:81:ee:95:
e3:5f:6e:a4:40:73:9b:ad:f8:99:b7:9e:87:4b:5a:bb:0a:1b:
55:4b:38:be:1e:95:90:19:76:52:09:49:c8:46:ba:67:f5:ae:
eb:d9:b3:7e:6f:e1:e0:8a:eb:15:e7:e2:9c:03:62:d5:1a:8a:
1a:a2:81:c3:e4:0c:df:f1:72:b9:4e:99:ba:39:89:7b:d0:76:
b8:04:61:72:06:40:39:da:c1:e4:aa:c6:00:32:ea:a1:09:68:
17:92:53:91:64:b7:34:9b:b7:96:99:fc:fa:1e:f8:23:16:d0:
c2:9b:50:5a:4e:6f:98:09:2b:ac:d1:3d:08:03:4e:71:85:39:
f4:a4:da:87:0a:38:31:fd:ce:2d:65:f1:f1:97:b4:29:80:b2:
06:de:9a:23
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZUZl1OmY0GrBbRUfqrxw86gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwMjE4MTUwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzk4MTkxYjJjYzRlYjI1MmJlZTNhYmE5N2YyNjU3YjVjMTE5MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pPjCWL0xfwCRJG40bCseD3hgWLh
sHEoM1H58F3vdDL66f4M3ksXWT4ZaPAc+ZCxKHLBBQlXR0xZAZhyCH3WdkIJSFPu
UUBQhewy+/bCL2F+Oc18Gco6cXbRtnvnEeFvuFryu3cW0SmVqNkpt5faxOF5TQ3R
5LXbmJ6o+EJWt3ghOCTZKBInrHsOi4AtprEenRAj9vDT306FkPb5mK5qUkairNnz
5HPsL7hsyRwDFGhHLAIsf4ovnVc8PTz5F9gQFJARTOAOMqRCdE7p0dQ1OK5yenCh
UKeoIvwTej9gH/ulDFFs74HW4NdPK4k7pIJ23LOM7hgYNq/qvQFcZQ+ftwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFEOYGRssxOslK+46upfyZXtcEZC7MB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvUTVnWkd5ekU2eVVyN2pxNmxfSmxlMXdSa0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAx8Y4AME
AyV7cAMEBC4XQAMEBU1cQAMEA1KjSAMEBlOqQAMEBFjKsAMEA1jK4AMEA1tt8AME
Bm17QAMEA7BDoAMEALBDqTAMAwQAsEOrAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAq
AiSYMA0GCSqGSIb3DQEBCwUAA4IBAQArVPMrFXGhVg76rFKbgd6BLjIbShF8RQWR
wqW72woaoxRkyXGOdhhj3598ekM+pIA75WPPyWfae8K7h3j9O7hgcNjTkolrqEg0
k9ZJ7cDXRiAwbE7oLNWzgF/GMCmG9LI/WSWyXW003lCB7pXjX26kQHObrfiZt56H
S1q7ChtVSzi+HpWQGXZSCUnIRrpn9a7r2bN+b+HgiusV5+KcA2LVGooaooHD5Azf
8XK5Tpm6OYl70Ha4BGFyBkA52sHkqsYAMuqhCWgXklORZLc0m7eWmfz6HvgjFtDC
m1BaTm+YCSus0T0IA05xhTn0pNqHCjgx/c4tZfHxl7QpgLIG3poj
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:03:48 2025 by rpki-client