Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/qYQ1PdNcrQRpVlmXKL-wjKxuq_8.roa
File: qYQ1PdNcrQRpVlmXKL-wjKxuq_8.roa (raw, json)
Hash identifier: HeJbTky97oHzCjFbCFS8DAAAJVh9zvMJccMZ7JFVLAc=
Subject key identifier: A9:84:35:3D:D3:5C:AD:04:69:56:59:97:28:BF:B0:8C:AC:6E:AB:FF
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0195A3A27D0E84EB109F5DF1306A8E2E8BC0
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/qYQ1PdNcrQRpVlmXKL-wjKxuq_8.roa
Signing time: Mon 17 Mar 2025 10:24:49 +0000
ROA not before: Mon 17 Mar 2025 10:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/19 maxlen: 23
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:a2:7d:0e:84:eb:10:9f:5d:f1:30:6a:8e:2e:8b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Mar 17 10:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a984353dd35cad046956599728bfb08cac6eabff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:33:9b:a9:fb:92:d0:c9:bf:f0:70:de:6e:51:
15:20:59:40:db:53:7a:e7:2b:69:d4:2f:3c:ea:bc:
bd:5f:2f:97:7f:d8:69:d8:61:6b:0a:36:29:aa:19:
8d:16:9e:6f:9a:68:ad:74:bc:6a:0b:d6:af:d9:82:
e9:87:84:37:80:39:e1:08:ae:1e:70:ba:66:2d:30:
57:d9:7d:ce:91:33:37:24:8f:c2:b2:ec:0f:c0:a0:
90:18:1c:d4:ff:c6:ea:f4:b4:57:6a:67:dc:14:1a:
cf:d6:e2:af:45:ae:a1:26:66:8f:e1:a7:96:83:29:
7b:5d:dc:2a:ad:4b:aa:86:52:c2:2b:4e:7d:ec:ff:
0a:e1:96:71:34:f2:ea:d1:23:01:4f:de:d9:83:02:
9c:c6:6d:0d:a4:b3:8a:13:15:87:d8:f9:ac:f3:9e:
93:af:64:85:2e:cc:34:ad:46:d2:2f:02:b7:a0:28:
10:37:6c:89:d3:26:82:5b:42:62:87:21:45:08:b1:
7f:73:e5:b4:d5:fe:dd:e0:ec:33:ed:99:95:df:96:
b0:8e:76:3f:1e:1a:e1:40:15:e4:ba:4e:51:e2:f0:
00:3c:12:41:33:57:ee:78:5d:9f:7c:d4:59:66:f1:
fb:55:46:75:c4:44:d9:4e:b3:80:d4:4e:46:f6:88:
d8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:84:35:3D:D3:5C:AD:04:69:56:59:97:28:BF:B0:8C:AC:6E:AB:FF
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/qYQ1PdNcrQRpVlmXKL-wjKxuq_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
82:3d:9f:f5:b6:5e:25:12:13:bb:38:47:90:39:2e:40:0d:9c:
e8:a1:36:25:19:b4:d5:1f:69:99:bd:b8:5b:0b:b9:60:03:ca:
b3:81:ef:3b:2d:54:b6:76:54:26:dc:9a:a7:a7:b2:33:68:6e:
a8:64:a7:55:71:e2:16:ae:5c:79:00:83:ce:76:0e:1c:63:2c:
cb:d8:2c:98:87:2c:70:e1:5b:38:2f:64:fe:71:0e:c4:9c:d2:
cf:bc:27:3d:e6:7a:0b:cf:5a:ff:fa:89:00:29:2b:bf:ca:87:
b1:ac:9a:c5:66:28:f9:7d:eb:07:6f:9b:01:4a:9c:e1:5f:52:
c5:5a:a6:a6:a0:1a:77:af:99:18:d9:16:ad:7e:bd:2f:fb:20:
f6:3a:21:11:62:3f:ed:d2:f0:5c:ed:74:8b:ed:4e:07:b6:29:
5e:de:f4:d6:df:95:ec:37:3d:dd:b5:b1:21:f3:a4:65:ea:a5:
69:01:6d:40:72:bb:81:87:d8:45:39:4c:24:50:c7:9a:4e:7a:
cc:f0:c8:a4:9b:10:b4:ac:22:e3:22:3d:dd:0c:fd:8e:ee:ee:
ac:85:24:f9:06:e5:0b:6d:ae:76:64:37:35:25:9b:9a:67:28:
ea:d3:7b:bc:e7:05:d8:04:a0:7e:5c:f2:9e:d6:fc:0d:80:bc:
a9:96:a4:af
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZWjon0OhOsQn13xMGqOLovAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwMzE3MTAyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTg0MzUzZGQzNWNhZDA0Njk1NjU5OTcyOGJmYjA4Y2FjNmVhYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzObqfuS0Mm/8HDeblEVIFlA21N6
5ytp1C886ry9Xy+Xf9hp2GFrCjYpqhmNFp5vmmitdLxqC9av2YLph4Q3gDnhCK4e
cLpmLTBX2X3OkTM3JI/CsuwPwKCQGBzU/8bq9LRXamfcFBrP1uKvRa6hJmaP4aeW
gyl7XdwqrUuqhlLCK0597P8K4ZZxNPLq0SMBT97ZgwKcxm0NpLOKExWH2Pms856T
r2SFLsw0rUbSLwK3oCgQN2yJ0yaCW0JihyFFCLF/c+W01f7d4Owz7ZmV35awjnY/
HhrhQBXkuk5R4vAAPBJBM1fueF2ffNRZZvH7VUZ1xETZTrOA1E5G9ojYHQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFKmENT3TXK0EaVZZlyi/sIysbqv/MB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvcVlRMVBkTmNyUVJwVmxtWEtMLXdqS3h1cV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAx8Y4AME
AyV7cAMEBC4XQAMEBU1cQAMEA1KjSAMEBlOqQAMEBFjKsAMEA1jK4AMEA1tt8AME
Bm17QAMEA7BDoAMEALBDqTAMAwQAsEOrAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAq
AiSYMA0GCSqGSIb3DQEBCwUAA4IBAQCCPZ/1tl4lEhO7OEeQOS5ADZzooTYlGbTV
H2mZvbhbC7lgA8qzge87LVS2dlQm3Jqnp7IzaG6oZKdVceIWrlx5AIPOdg4cYyzL
2CyYhyxw4Vs4L2T+cQ7EnNLPvCc95noLz1r/+okAKSu/yoexrJrFZij5fesHb5sB
SpzhX1LFWqamoBp3r5kY2Ratfr0v+yD2OiERYj/t0vBc7XSL7U4Htile3vTW35Xs
Nz3dtbEh86Rl6qVpAW1AcruBh9hFOUwkUMeaTnrM8MikmxC0rCLjIj3dDP2O7u6s
hST5BuULba52ZDc1JZuaZyjq03u85wXYBKB+XPKe1vwNgLyplqSv
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:08:47 2025 by rpki-client