Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/ZIja49CzE0s2C9AlBaxxTa5EnBc.roa
File: ZIja49CzE0s2C9AlBaxxTa5EnBc.roa (raw, json)
Hash identifier: Mwwwh5zbLqqLKLq4mDwCxjzrltfztiX/y2yTkp5xrGs=
Subject key identifier: 64:88:DA:E3:D0:B3:13:4B:36:0B:D0:25:05:AC:71:4D:AE:44:9C:17
Certificate issuer: /CN=6fe3491042ef31dcc6e0ad8e55cbe149dd0c3182
Certificate serial: 01941F8C3B4F32219C90EA0D10860CDD7DF2
Authority key identifier: 6F:E3:49:10:42:EF:31:DC:C6:E0:AD:8E:55:CB:E1:49:DD:0C:31:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-NJEELvMdzG4K2OVcvhSd0MMYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/ZIja49CzE0s2C9AlBaxxTa5EnBc.roa
Signing time: Wed 01 Jan 2025 01:47:51 +0000
ROA not before: Wed 01 Jan 2025 01:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47748
IP address blocks: 31.13.215.0/24 maxlen: 24
31.13.228.0/24 maxlen: 24
31.13.229.0/24 maxlen: 24
37.60.137.0/24 maxlen: 24
87.120.9.0/24 maxlen: 24
87.120.90.0/24 maxlen: 24
87.121.4.0/24 maxlen: 24
87.121.5.0/24 maxlen: 24
87.121.120.0/24 maxlen: 24
93.123.21.0/24 maxlen: 24
93.123.103.0/24 maxlen: 24
94.156.9.0/24 maxlen: 24
94.156.13.0/24 maxlen: 24
94.156.46.0/24 maxlen: 24
94.156.47.0/24 maxlen: 24
178.211.146.0/24 maxlen: 24
2a05:140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:3b:4f:32:21:9c:90:ea:0d:10:86:0c:dd:7d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe3491042ef31dcc6e0ad8e55cbe149dd0c3182
Validity
Not Before: Jan 1 01:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6488dae3d0b3134b360bd02505ac714dae449c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:7c:e4:ce:6b:43:a0:82:dd:5b:cd:ef:e7:
0e:47:87:6e:99:52:84:d4:8f:43:db:7f:30:6b:ea:
7e:fe:ee:11:b2:70:d3:e5:f0:d6:f8:5e:9c:1f:57:
17:c9:83:b6:96:c6:b5:b9:ad:7f:e6:3b:a0:e4:b3:
fd:6f:47:bc:ff:8d:3a:53:ba:33:c7:e4:06:f2:5b:
8e:73:73:8f:e2:92:2b:72:bd:51:78:55:be:7e:c8:
66:c2:35:82:fe:86:08:cd:f7:2f:04:d6:0f:05:85:
f1:3e:e2:e9:d0:66:2d:a6:90:31:f6:94:62:cd:3a:
24:d4:0c:d2:1d:f2:03:d6:c3:5f:5f:8f:19:ad:b8:
bf:76:97:e8:48:d3:38:3e:3f:22:a6:9c:04:90:9a:
b3:29:2c:f7:75:77:04:d2:70:8e:2e:13:ca:6c:db:
96:bc:20:cb:01:d6:d8:4c:e6:fd:37:f5:6d:d4:9a:
c0:80:44:85:14:06:86:89:8a:d2:ff:78:7c:ed:89:
d9:49:6f:48:2f:c2:56:34:d0:00:6e:b5:a1:c3:1a:
da:3f:bf:b6:7a:0e:95:b2:4d:8d:00:77:55:76:97:
cb:e9:ed:a1:c3:00:ff:53:0e:7d:2e:92:0f:5f:7d:
75:17:0f:92:ab:3e:40:58:9c:67:92:dc:16:b7:33:
35:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:88:DA:E3:D0:B3:13:4B:36:0B:D0:25:05:AC:71:4D:AE:44:9C:17
X509v3 Authority Key Identifier:
keyid:6F:E3:49:10:42:EF:31:DC:C6:E0:AD:8E:55:CB:E1:49:DD:0C:31:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-NJEELvMdzG4K2OVcvhSd0MMYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/ZIja49CzE0s2C9AlBaxxTa5EnBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/b-NJEELvMdzG4K2OVcvhSd0MMYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.215.0/24
31.13.228.0/23
37.60.137.0/24
87.120.9.0/24
87.120.90.0/24
87.121.4.0/23
87.121.120.0/24
93.123.21.0/24
93.123.103.0/24
94.156.9.0/24
94.156.13.0/24
94.156.46.0/23
178.211.146.0/24
IPv6:
2a05:140::/29
Signature Algorithm: sha256WithRSAEncryption
48:36:fb:e0:43:d3:24:52:93:6f:0f:86:f5:59:80:64:e2:12:
37:4e:25:a2:8e:69:a7:5d:79:ca:7a:78:04:94:5d:30:4a:0c:
ac:37:c4:35:cf:f0:47:99:91:18:e1:8c:57:ec:e7:9f:d5:9b:
3b:a6:0b:47:58:6c:16:0a:03:18:b1:bb:b2:a2:4f:7f:54:a5:
98:91:1c:45:3f:d0:73:cb:cd:14:43:d5:ec:84:e1:26:98:d1:
ff:a8:04:0b:e1:a2:1d:5a:b5:c3:23:6e:51:4e:9a:5a:1f:4a:
28:bd:5e:1e:16:89:fe:98:cb:89:d7:5a:f1:02:70:d2:0b:45:
99:c7:77:19:c2:a9:14:62:66:a5:c7:1c:9f:7d:9b:13:30:39:
6d:ac:cf:cd:cc:0a:fb:95:eb:1e:dc:40:c7:32:9b:0c:93:1c:
a6:da:fe:90:2d:dd:b4:0b:fd:e0:26:0c:15:ad:55:d8:de:f3:
38:1a:b1:35:1a:07:f7:1e:d2:02:d3:3b:02:a3:d2:e2:0c:25:
d2:31:73:89:0c:ae:5f:cf:88:c2:64:ab:5c:78:28:0d:0b:66:
7b:31:c6:89:13:a7:2a:f9:99:0f:e6:cd:0c:ae:28:53:9a:a4:
36:c6:b0:c3:77:9e:f9:95:60:d4:50:42:44:e4:5f:48:8a:d1:
10:91:90:ac
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZQfjDtPMiGckOoNEIYM3X3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTM0OTEwNDJlZjMxZGNjNmUwYWQ4ZTU1Y2JlMTQ5ZGQw
YzMxODIwHhcNMjUwMTAxMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg4ZGFlM2QwYjMxMzRiMzYwYmQwMjUwNWFjNzE0ZGFlNDQ5YzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVt85M5rQ6CC3VvN7+cOR4dumVKE
1I9D238wa+p+/u4RsnDT5fDW+F6cH1cXyYO2lsa1ua1/5jug5LP9b0e8/406U7oz
x+QG8luOc3OP4pIrcr1ReFW+fshmwjWC/oYIzfcvBNYPBYXxPuLp0GYtppAx9pRi
zTok1AzSHfID1sNfX48Zrbi/dpfoSNM4Pj8ippwEkJqzKSz3dXcE0nCOLhPKbNuW
vCDLAdbYTOb9N/Vt1JrAgESFFAaGiYrS/3h87YnZSW9IL8JWNNAAbrWhwxraP7+2
eg6Vsk2NAHdVdpfL6e2hwwD/Uw59LpIPX311Fw+Sqz5AWJxnktwWtzM1VQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFGSI2uPQsxNLNgvQJQWscU2uRJwXMB8GA1UdIwQY
MBaAFG/jSRBC7zHcxuCtjlXL4UndDDGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1OSkVFTHZNZHpHNEsyT1ZjdmhTZDBNTVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9mODliZjAtM2Q2Zi00YjRkLWJmNDIt
Yzc4YmQyMjhhOTFkLzEvWklqYTQ5Q3pFMHMyQzlBbEJheHhUYTVFbkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9mODliZjAtM2Q2Zi00YjRkLWJmNDItYzc4YmQyMjhhOTFk
LzEvYi1OSkVFTHZNZHpHNEsyT1ZjdmhTZDBNTVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQAHw3XAwQB
Hw3kAwQAJTyJAwQAV3gJAwQAV3haAwQBV3kEAwQAV3l4AwQAXXsVAwQAXXtnAwQA
XpwJAwQAXpwNAwQBXpwuAwQAstOSMA0EAgACMAcDBQMqBQFAMA0GCSqGSIb3DQEB
CwUAA4IBAQBINvvgQ9MkUpNvD4b1WYBk4hI3TiWijmmnXXnKengElF0wSgysN8Q1
z/BHmZEY4YxX7Oef1Zs7pgtHWGwWCgMYsbuyok9/VKWYkRxFP9Bzy80UQ9XshOEm
mNH/qAQL4aIdWrXDI25RTppaH0oovV4eFon+mMuJ11rxAnDSC0WZx3cZwqkUYmal
xxyffZsTMDltrM/NzAr7lese3EDHMpsMkxym2v6QLd20C/3gJgwVrVXY3vM4GrE1
Ggf3HtIC0zsCo9LiDCXSMXOJDK5fz4jCZKtceCgNC2Z7McaJE6cq+ZkP5s0MrihT
mqQ2xrDDd575lWDUUEJE5F9IitEQkZCs
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:20 2025 by rpki-client