Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/62f25f-8b1b-415b-9fc8-cc935cd73632/1/6rSD7g_qe8K6KqZqqkL-N5Tz2Po.roa
File: 6rSD7g_qe8K6KqZqqkL-N5Tz2Po.roa (raw, json)
Hash identifier: f+qXxbPCW54Fvdn+IqLViujGUR732uBcWtFNMxPAlWo=
Subject key identifier: EA:B4:83:EE:0F:EA:7B:C2:BA:2A:A6:6A:AA:42:FE:37:94:F3:D8:FA
Certificate issuer: /CN=4aae42a27e7bc2cc3507efa7e3cbc29d32eea133
Certificate serial: 019427B52866825CD3318F255FB01BBF88F2
Authority key identifier: 4A:AE:42:A2:7E:7B:C2:CC:35:07:EF:A7:E3:CB:C2:9D:32:EE:A1:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sq5Con57wsw1B--n48vCnTLuoTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/62f25f-8b1b-415b-9fc8-cc935cd73632/1/6rSD7g_qe8K6KqZqqkL-N5Tz2Po.roa
Signing time: Thu 02 Jan 2025 15:49:31 +0000
ROA not before: Thu 02 Jan 2025 15:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212531
IP address blocks: 31.14.176.0/22 maxlen: 22
62.77.152.0/21 maxlen: 21
79.98.24.0/21 maxlen: 21
80.208.224.0/21 maxlen: 21
80.209.224.0/20 maxlen: 20
89.40.0.0/20 maxlen: 20
89.47.160.0/21 maxlen: 21
89.47.172.0/24 maxlen: 24
89.47.173.0/24 maxlen: 24
89.47.174.0/24 maxlen: 24
89.47.175.0/24 maxlen: 24
94.176.232.0/21 maxlen: 21
109.235.64.0/21 maxlen: 21
176.223.128.0/20 maxlen: 20
185.5.52.0/22 maxlen: 22
185.69.52.0/22 maxlen: 22
185.81.164.0/22 maxlen: 22
194.135.80.0/20 maxlen: 20
195.181.240.0/21 maxlen: 21
212.24.96.0/20 maxlen: 20
212.237.232.0/22 maxlen: 22
2a02:7b40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:28:66:82:5c:d3:31:8f:25:5f:b0:1b:bf:88:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aae42a27e7bc2cc3507efa7e3cbc29d32eea133
Validity
Not Before: Jan 2 15:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eab483ee0fea7bc2ba2aa66aaa42fe3794f3d8fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:32:66:2a:ad:05:49:be:c1:5a:94:86:e9:
e6:87:2c:3e:1b:ae:47:88:55:7a:a7:67:35:d3:39:
f9:74:21:ad:4c:a9:64:0d:b9:bb:2c:1a:31:73:80:
24:40:23:f7:c4:9e:c0:45:65:ce:09:6e:dd:09:58:
5b:05:da:5c:fa:eb:14:e1:7d:14:c7:69:86:14:f2:
6c:16:0b:00:79:af:80:0d:a4:c4:3b:fb:b3:f9:ff:
a9:86:63:92:f3:45:00:1d:10:75:4f:bd:91:ae:c6:
bb:11:86:ce:a2:c0:66:32:a5:e7:05:a8:de:36:75:
fb:4b:45:8c:5b:9f:5b:65:e1:c9:9d:98:26:12:e3:
fd:c7:7d:36:f1:d9:3f:65:b4:b1:a4:07:b5:31:ec:
a4:56:74:6e:2c:1a:bb:11:4f:17:95:89:5c:55:23:
c9:76:c7:c4:4a:95:c3:3c:89:c0:99:bc:e7:e4:ef:
f4:c4:c3:d4:e5:cc:59:37:0c:92:62:e2:c3:73:8f:
33:c9:e4:3e:0f:aa:78:9e:9f:94:38:6b:47:d0:2b:
9c:e6:f3:ad:4a:50:1e:14:7d:6d:54:ed:c6:f3:72:
08:14:62:0a:a1:73:03:00:7c:cd:6b:90:97:c4:d5:
63:24:61:33:4e:92:fe:c9:42:a7:31:78:5e:5a:3e:
47:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B4:83:EE:0F:EA:7B:C2:BA:2A:A6:6A:AA:42:FE:37:94:F3:D8:FA
X509v3 Authority Key Identifier:
keyid:4A:AE:42:A2:7E:7B:C2:CC:35:07:EF:A7:E3:CB:C2:9D:32:EE:A1:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sq5Con57wsw1B--n48vCnTLuoTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/62f25f-8b1b-415b-9fc8-cc935cd73632/1/6rSD7g_qe8K6KqZqqkL-N5Tz2Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/62f25f-8b1b-415b-9fc8-cc935cd73632/1/Sq5Con57wsw1B--n48vCnTLuoTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.176.0/22
62.77.152.0/21
79.98.24.0/21
80.208.224.0/21
80.209.224.0/20
89.40.0.0/20
89.47.160.0/21
89.47.172.0/22
94.176.232.0/21
109.235.64.0/21
176.223.128.0/20
185.5.52.0/22
185.69.52.0/22
185.81.164.0/22
194.135.80.0/20
195.181.240.0/21
212.24.96.0/20
212.237.232.0/22
IPv6:
2a02:7b40::/32
Signature Algorithm: sha256WithRSAEncryption
3f:b8:4f:cd:ad:ca:68:98:00:c5:51:06:b3:a9:94:32:10:3d:
d0:8d:10:b7:59:2a:6f:7a:2c:86:b4:30:7f:dd:4a:f5:80:a4:
fe:cf:89:14:a5:3e:14:00:77:c3:60:21:89:13:40:e9:cd:48:
fa:e3:68:60:7a:a2:f5:c0:52:d6:f3:b0:70:13:82:6d:fd:82:
9f:77:08:22:4a:d2:c8:e4:57:76:f5:f8:4c:9a:6c:83:c1:bc:
ff:cf:67:22:12:7e:d8:71:00:60:90:b3:b8:3b:ba:09:9a:f0:
e4:90:dc:68:2b:5f:95:00:6c:f4:4c:04:a7:bd:e3:51:3e:d2:
b7:05:c9:0d:30:a7:6f:33:29:d0:4d:42:56:1d:0d:9c:82:73:
1c:63:6b:90:a7:dd:29:64:e7:78:d2:bc:e4:29:be:e8:ff:43:
32:6b:90:fc:3e:2e:08:1c:c3:bd:d2:af:12:a2:ea:07:93:9b:
c6:9a:2a:61:4c:24:e3:fb:ee:58:e1:a2:b0:e4:07:24:d6:42:
d9:12:9b:36:f2:d6:90:b2:b9:84:53:89:64:b9:bd:d8:58:02:
6d:72:ce:2e:19:89:5c:14:a3:25:10:8b:e4:f0:ab:80:95:65:
55:b0:c6:1d:6b:a3:65:45:ed:ce:c1:9f:71:f9:b9:d8:1f:ea:
86:40:bf:ee
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZQntShmglzTMY8lX7Abv4jyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWU0MmEyN2U3YmMyY2MzNTA3ZWZhN2UzY2JjMjlkMzJl
ZWExMzMwHhcNMjUwMTAyMTU0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWI0ODNlZTBmZWE3YmMyYmEyYWE2NmFhYTQyZmUzNzk0ZjNkOGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxwyZiqtBUm+wVqUhunmhyw+G65H
iFV6p2c10zn5dCGtTKlkDbm7LBoxc4AkQCP3xJ7ARWXOCW7dCVhbBdpc+usU4X0U
x2mGFPJsFgsAea+ADaTEO/uz+f+phmOS80UAHRB1T72Rrsa7EYbOosBmMqXnBaje
NnX7S0WMW59bZeHJnZgmEuP9x3028dk/ZbSxpAe1MeykVnRuLBq7EU8XlYlcVSPJ
dsfESpXDPInAmbzn5O/0xMPU5cxZNwySYuLDc48zyeQ+D6p4np+UOGtH0Cuc5vOt
SlAeFH1tVO3G83IIFGIKoXMDAHzNa5CXxNVjJGEzTpL+yUKnMXheWj5H9QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFOq0g+4P6nvCuiqmaqpC/jeU89j6MB8GA1UdIwQY
MBaAFEquQqJ+e8LMNQfvp+PLwp0y7qEzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3E1Q29uNTd3c3cxQi0tbjQ4dkNuVEx1b1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82MmYyNWYtOGIxYi00MTViLTlmYzgt
Y2M5MzVjZDczNjMyLzEvNnJTRDdnX3FlOEs2S3FacXFrTC1ONVR6MlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82MmYyNWYtOGIxYi00MTViLTlmYzgtY2M5MzVjZDczNjMy
LzEvU3E1Q29uNTd3c3cxQi0tbjQ4dkNuVEx1b1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQCHw6w
AwQDPk2YAwQDT2IYAwQDUNDgAwQEUNHgAwQEWSgAAwQDWS+gAwQCWS+sAwQDXrDo
AwQDbetAAwQEsN+AAwQCuQU0AwQCuUU0AwQCuVGkAwQEwodQAwQDw7XwAwQE1Bhg
AwQC1O3oMA0EAgACMAcDBQAqAntAMA0GCSqGSIb3DQEBCwUAA4IBAQA/uE/Nrcpo
mADFUQazqZQyED3QjRC3WSpveiyGtDB/3Ur1gKT+z4kUpT4UAHfDYCGJE0DpzUj6
42hgeqL1wFLW87BwE4Jt/YKfdwgiStLI5Fd29fhMmmyDwbz/z2ciEn7YcQBgkLO4
O7oJmvDkkNxoK1+VAGz0TASnveNRPtK3BckNMKdvMynQTUJWHQ2cgnMcY2uQp90p
ZOd40rzkKb7o/0Mya5D8Pi4IHMO90q8SouoHk5vGmiphTCTj++5Y4aKw5Ack1kLZ
Eps28taQsrmEU4lkub3YWAJtcs4uGYlcFKMlEIvk8KuAlWVVsMYda6NlRe3OwZ9x
+bnYH+qGQL/u
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:30:50 2025 by rpki-client