Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/qxUZWESkWfPvrh5nMLtmisJ-xm0.roa
File: qxUZWESkWfPvrh5nMLtmisJ-xm0.roa (raw, json)
Hash identifier: QiH9IyXND+kMiLoL1S1ImhCqyZcezaR+0IjNSX+Zg6I=
Subject key identifier: AB:15:19:58:44:A4:59:F3:EF:AE:1E:67:30:BB:66:8A:C2:7E:C6:6D
Certificate issuer: /CN=947121580ed02eddf4f5e5a87d37e017b32df71b
Certificate serial: 01941F8C1E94A0AE833C66C9379845899EE6
Authority key identifier: 94:71:21:58:0E:D0:2E:DD:F4:F5:E5:A8:7D:37:E0:17:B3:2D:F7:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/qxUZWESkWfPvrh5nMLtmisJ-xm0.roa
Signing time: Wed 01 Jan 2025 01:47:43 +0000
ROA not before: Wed 01 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60316
IP address blocks: 185.33.216.0/22 maxlen: 24
185.104.72.0/22 maxlen: 24
185.186.120.0/22 maxlen: 24
185.212.32.0/24 maxlen: 24
185.227.224.0/22 maxlen: 24
2a04:5a00::/29 maxlen: 32
2a06:2f80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1e:94:a0:ae:83:3c:66:c9:37:98:45:89:9e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947121580ed02eddf4f5e5a87d37e017b32df71b
Validity
Not Before: Jan 1 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab15195844a459f3efae1e6730bb668ac27ec66d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e9:a7:fb:52:66:be:52:32:c3:0e:03:35:c0:
0b:ad:a1:3c:e2:8c:5b:a5:bb:e3:e9:63:d2:7d:f7:
0e:01:d3:81:2e:4f:5d:a0:c8:eb:d1:16:e5:84:e1:
19:9a:1a:01:d6:5c:b9:06:06:77:f0:01:4f:19:33:
bc:cc:fb:f6:47:24:92:15:9d:72:2a:bf:78:64:1d:
83:5a:d6:57:0c:3a:c6:4c:06:24:32:3a:d1:28:d5:
36:fc:2e:49:a9:79:99:c8:be:af:e4:5b:57:5c:a7:
fd:b1:c4:a3:65:10:45:3b:9a:dd:89:79:36:dc:d0:
69:86:17:0f:d2:d1:fa:5b:87:ee:b5:20:22:67:db:
72:7d:11:b0:da:24:99:b6:39:f4:45:b7:bf:63:0f:
e5:72:c2:18:e8:82:a3:16:4c:5d:a6:ae:63:15:44:
1b:5b:b6:72:84:bf:96:76:80:1b:90:1e:80:e5:dc:
73:9a:3d:00:f1:e9:e6:aa:06:2b:37:89:cc:72:bc:
c7:cf:52:1a:d0:a2:31:59:2d:d5:ad:69:9b:ac:9a:
42:cb:14:4b:39:b2:9e:af:58:36:da:77:86:20:8a:
70:59:2d:82:50:9e:36:b3:cd:3f:3f:88:52:82:08:
15:70:6f:fe:27:aa:8a:2e:08:30:e1:e0:0e:83:1f:
2c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:15:19:58:44:A4:59:F3:EF:AE:1E:67:30:BB:66:8A:C2:7E:C6:6D
X509v3 Authority Key Identifier:
keyid:94:71:21:58:0E:D0:2E:DD:F4:F5:E5:A8:7D:37:E0:17:B3:2D:F7:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/qxUZWESkWfPvrh5nMLtmisJ-xm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.216.0/22
185.104.72.0/22
185.186.120.0/22
185.212.32.0/24
185.227.224.0/22
IPv6:
2a04:5a00::/29
2a06:2f80::/29
Signature Algorithm: sha256WithRSAEncryption
2b:2a:f8:54:87:40:4c:96:b1:04:d6:cf:c1:d8:1a:ed:24:87:
14:0e:3a:0e:e9:c4:a7:c4:be:cc:88:20:dd:05:07:c8:75:88:
66:5e:fe:a9:3a:07:32:ef:49:6b:ae:c7:a9:61:9e:f7:1c:10:
ae:7f:86:20:46:36:31:8c:36:b1:5f:bb:bf:37:81:dd:92:7d:
0c:dc:09:a3:83:cb:b2:33:22:32:5f:c1:a3:df:82:3b:a2:a8:
4d:0c:d5:af:ac:8c:e6:48:5d:5c:2d:3f:d7:73:c8:87:41:f7:
c1:06:22:18:bf:39:04:da:05:c4:38:0f:7c:16:73:e2:23:21:
a7:10:c0:e2:31:40:e1:ab:88:d0:db:f9:ac:4b:8c:7c:47:78:
83:97:bc:6c:3f:22:f0:ce:ab:5c:49:61:7b:05:7c:19:a4:cc:
73:ff:e9:b5:02:ef:3c:da:7a:ac:29:7a:77:5e:a0:39:85:37:
ac:5b:ed:bf:30:ad:11:8b:16:df:68:88:ed:5e:36:a5:e5:ae:
8b:f2:ce:32:e4:53:c6:f9:8d:6e:35:87:bc:8f:8e:2f:6b:04:
9f:47:6e:29:b7:95:c3:ff:c1:a0:b9:b1:7f:97:00:9a:3f:fb:
49:16:62:72:2a:08:46:d9:1b:27:9c:91:cf:4d:60:68:89:fb:
66:b6:09:fe
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQfjB6UoK6DPGbJN5hFiZ7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzEyMTU4MGVkMDJlZGRmNGY1ZTVhODdkMzdlMDE3YjMy
ZGY3MWIwHhcNMjUwMTAxMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjE1MTk1ODQ0YTQ1OWYzZWZhZTFlNjczMGJiNjY4YWMyN2VjNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+mn+1JmvlIyww4DNcALraE84oxb
pbvj6WPSffcOAdOBLk9doMjr0RblhOEZmhoB1ly5BgZ38AFPGTO8zPv2RySSFZ1y
Kr94ZB2DWtZXDDrGTAYkMjrRKNU2/C5JqXmZyL6v5FtXXKf9scSjZRBFO5rdiXk2
3NBphhcP0tH6W4futSAiZ9tyfRGw2iSZtjn0Rbe/Yw/lcsIY6IKjFkxdpq5jFUQb
W7ZyhL+WdoAbkB6A5dxzmj0A8enmqgYrN4nMcrzHz1Ia0KIxWS3VrWmbrJpCyxRL
ObKer1g22neGIIpwWS2CUJ42s80/P4hSgggVcG/+J6qKLggw4eAOgx8sgQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKsVGVhEpFnz764eZzC7ZorCfsZtMB8GA1UdIwQY
MBaAFJRxIVgO0C7d9PXlqH034BezLfcbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhFaFdBN1FMdDMwOWVXb2ZUZmdGN010OXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83OWM1YmItNjE5ZC00YmViLTg2NDkt
YTJmNDI1NjAwZGIzLzEvcXhVWldFU2tXZlB2cmg1bk1MdG1pc0oteG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS83OWM1YmItNjE5ZC00YmViLTg2NDktYTJmNDI1NjAwZGIz
LzEvbEhFaFdBN1FMdDMwOWVXb2ZUZmdGN010OXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCuSHYAwQC
uWhIAwQCubp4AwQAudQgAwQCuePgMBQEAgACMA4DBQMqBFoAAwUDKgYvgDANBgkq
hkiG9w0BAQsFAAOCAQEAKyr4VIdATJaxBNbPwdga7SSHFA46DunEp8S+zIgg3QUH
yHWIZl7+qToHMu9Ja67HqWGe9xwQrn+GIEY2MYw2sV+7vzeB3ZJ9DNwJo4PLsjMi
Ml/Bo9+CO6KoTQzVr6yM5khdXC0/13PIh0H3wQYiGL85BNoFxDgPfBZz4iMhpxDA
4jFA4auI0Nv5rEuMfEd4g5e8bD8i8M6rXElhewV8GaTMc//ptQLvPNp6rCl6d16g
OYU3rFvtvzCtEYsW32iI7V42peWui/LOMuRTxvmNbjWHvI+OL2sEn0duKbeVw//B
oLmxf5cAmj/7SRZicioIRtkbJ5yRz01gaIn7ZrYJ/g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:30 2025 by rpki-client