Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/Z5Q97jg1XfMj96-QjMHrjbS99lQ.roa
File: Z5Q97jg1XfMj96-QjMHrjbS99lQ.roa (raw, json)
Hash identifier: J635Kaow5JoE+4yM5t9dlNwrZajE6mv+pjhBj0rKq7U=
Subject key identifier: 67:94:3D:EE:38:35:5D:F3:23:F7:AF:90:8C:C1:EB:8D:B4:BD:F6:54
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 0194221F78E4E005C8C0F52E69BB6BF0B64E
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/Z5Q97jg1XfMj96-QjMHrjbS99lQ.roa
Signing time: Wed 01 Jan 2025 13:47:55 +0000
ROA not before: Wed 01 Jan 2025 13:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29177
IP address blocks: 31.216.240.0/20 maxlen: 20
31.216.240.0/22 maxlen: 22
31.216.244.0/22 maxlen: 22
31.216.248.0/22 maxlen: 22
31.216.250.0/24 maxlen: 24
31.216.252.0/22 maxlen: 22
80.86.144.0/20 maxlen: 20
80.86.144.0/22 maxlen: 22
80.86.148.0/22 maxlen: 22
80.86.152.0/22 maxlen: 22
80.86.156.0/22 maxlen: 22
185.182.196.0/22 maxlen: 22
185.182.199.0/24 maxlen: 24
188.125.96.0/19 maxlen: 19
188.125.96.0/22 maxlen: 22
188.125.100.0/22 maxlen: 22
188.125.104.0/22 maxlen: 22
188.125.108.0/22 maxlen: 22
188.125.112.0/22 maxlen: 22
188.125.116.0/22 maxlen: 22
188.125.120.0/22 maxlen: 22
188.125.124.0/22 maxlen: 22
2a03:5c00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:78:e4:e0:05:c8:c0:f5:2e:69:bb:6b:f0:b6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Jan 1 13:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67943dee38355df323f7af908cc1eb8db4bdf654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a9:f2:73:b1:fc:28:97:9d:a7:6c:90:07:7b:
ca:bc:d3:0b:e0:a0:4a:97:62:b0:92:e3:3e:b9:de:
0e:3b:00:1c:ca:ae:06:53:b3:bb:74:a3:79:11:f6:
6c:98:5b:ac:d2:a8:d4:5f:c9:9f:b1:0d:01:ca:55:
3c:ca:0c:3f:6c:ef:cc:d9:76:48:fd:2f:e7:a4:c3:
48:6b:e2:b0:41:7f:19:9f:18:9e:fb:df:2a:35:0e:
73:8f:a3:43:79:ec:75:98:12:ce:ab:ac:3a:56:02:
77:97:08:55:93:7b:18:8d:b8:b7:5c:97:24:88:74:
42:0b:dc:e7:c2:be:3f:d7:ba:82:0d:20:87:a6:0e:
03:8a:b1:a7:02:2a:bc:9d:01:03:a0:f0:ef:d8:38:
cc:a3:c6:a9:76:4a:22:5e:4e:60:5f:1e:4e:76:19:
a8:eb:24:ff:66:d7:d5:f2:e7:03:db:20:e6:8d:ad:
4d:3a:7e:76:bb:b0:f6:8b:27:56:43:37:a4:c6:6d:
a1:1e:9e:c1:8c:ce:10:d0:3f:30:01:c3:4b:fa:a2:
e8:17:b2:cb:e0:eb:3c:f0:b0:a4:d2:4f:4a:50:43:
ef:3e:6c:1e:0c:74:0c:42:ce:30:ef:e3:83:d2:90:
a7:e3:0f:ec:05:24:dd:0b:4d:16:ce:15:23:96:5b:
7f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:94:3D:EE:38:35:5D:F3:23:F7:AF:90:8C:C1:EB:8D:B4:BD:F6:54
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/Z5Q97jg1XfMj96-QjMHrjbS99lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.240.0/20
80.86.144.0/20
185.182.196.0/22
188.125.96.0/19
IPv6:
2a03:5c00::/32
Signature Algorithm: sha256WithRSAEncryption
28:c2:ec:0e:a3:61:ed:10:c7:17:f9:e5:40:95:e1:58:97:a8:
6e:82:01:68:f5:24:b2:4d:6f:6a:4e:20:13:fb:a4:64:75:0b:
41:38:9c:98:b0:59:bc:e4:4d:17:40:9b:4e:50:0e:1f:89:0c:
3e:e2:47:00:30:60:d6:cd:8c:d6:f6:cb:8d:e8:35:cc:52:ce:
5c:bc:3d:0b:8f:84:80:5e:1a:d2:b4:df:47:1d:68:3d:1c:61:
a8:a7:4a:29:7b:27:d5:c7:ef:73:e3:6c:4b:c0:64:e1:d3:4e:
d1:bc:d7:0b:18:53:b8:4b:10:23:ee:9f:8b:c5:c7:fa:0a:27:
50:dc:16:ad:b4:95:a6:08:8e:c9:6e:dc:62:2e:1f:08:2d:ee:
1e:db:23:d9:5f:20:e1:54:89:63:a1:05:c9:fa:01:b6:1d:33:
4e:cc:6e:32:e2:91:94:1d:d6:be:ca:76:14:06:b1:65:58:43:
7b:09:b0:47:af:8d:bb:86:18:83:fd:cf:f9:49:4a:a7:8c:51:
a8:6f:a2:8c:ab:8b:ce:46:b4:26:ec:8e:61:1c:af:51:c8:6b:
28:63:9e:d1:35:b8:e0:c0:13:2c:80:c0:f4:a2:b9:d6:ca:1f:
92:49:21:6b:06:b0:d2:74:2c:19:40:eb:50:f7:25:ac:dd:87:
c9:4b:4e:66
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQiH3jk4AXIwPUuabtr8LZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjUwMTAxMTM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk0M2RlZTM4MzU1ZGYzMjNmN2FmOTA4Y2MxZWI4ZGI0YmRmNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAranyc7H8KJedp2yQB3vKvNML4KBK
l2KwkuM+ud4OOwAcyq4GU7O7dKN5EfZsmFus0qjUX8mfsQ0BylU8ygw/bO/M2XZI
/S/npMNIa+KwQX8Znxie+98qNQ5zj6NDeex1mBLOq6w6VgJ3lwhVk3sYjbi3XJck
iHRCC9znwr4/17qCDSCHpg4DirGnAiq8nQEDoPDv2DjMo8apdkoiXk5gXx5Odhmo
6yT/ZtfV8ucD2yDmja1NOn52u7D2iydWQzekxm2hHp7BjM4Q0D8wAcNL+qLoF7LL
4Os88LCk0k9KUEPvPmweDHQMQs4w7+OD0pCn4w/sBSTdC00WzhUjllt/XQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGeUPe44NV3zI/evkIzB6420vfZUMB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvWjVROTdqZzFYZk1qOTYtUWpNSHJqYlM5OWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEH9jwAwQE
UFaQAwQCubbEAwQFvH1gMA0EAgACMAcDBQAqA1wAMA0GCSqGSIb3DQEBCwUAA4IB
AQAowuwOo2HtEMcX+eVAleFYl6huggFo9SSyTW9qTiAT+6RkdQtBOJyYsFm85E0X
QJtOUA4fiQw+4kcAMGDWzYzW9suN6DXMUs5cvD0Lj4SAXhrStN9HHWg9HGGop0op
eyfVx+9z42xLwGTh007RvNcLGFO4SxAj7p+Lxcf6CidQ3BattJWmCI7JbtxiLh8I
Le4e2yPZXyDhVIljoQXJ+gG2HTNOzG4y4pGUHda+ynYUBrFlWEN7CbBHr427hhiD
/c/5SUqnjFGob6KMq4vORrQm7I5hHK9RyGsoY57RNbjgwBMsgMD0ornWyh+SSSFr
BrDSdCwZQOtQ9yWs3YfJS05m
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:04 2025 by rpki-client on console.sobornost.net