Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/z_xfopFJXtCVlxCTnSqjctVxBcs.roa
File: z_xfopFJXtCVlxCTnSqjctVxBcs.roa (raw, json)
Hash identifier: zQuZsfyIs36DAuMO2PB7ghmf7bBl9hvvwlHyJpCdxes=
Subject key identifier: CF:FC:5F:A2:91:49:5E:D0:95:97:10:93:9D:2A:A3:72:D5:71:05:CB
Certificate issuer: /CN=764f8daadf1d775d59d1502b573901b875513b56
Certificate serial: 01853562952A54A25CE9A9CDCD3550074B6F
Authority key identifier: 76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/z_xfopFJXtCVlxCTnSqjctVxBcs.roa
Signing time: Wed 21 Dec 2022 15:52:11 +0000
ROA not before: Wed 21 Dec 2022 15:52:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28964
IP address blocks: 178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.160.0/23 maxlen: 24
178.254.162.0/24 maxlen: 24
5.172.32.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
89.23.94.0/23 maxlen: 23
109.111.242.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
89.23.72.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:62:95:2a:54:a2:5c:e9:a9:cd:cd:35:50:07:4b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764f8daadf1d775d59d1502b573901b875513b56
Validity
Not Before: Dec 21 15:52:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cffc5fa291495ed0959710939d2aa372d57105cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:32:a4:33:67:67:3e:5b:32:71:71:8c:9d:99:
35:b9:35:3e:0a:7d:c4:1c:16:37:26:1e:2c:31:22:
80:9f:ca:a3:2e:d0:4e:f3:92:b5:31:b2:cc:5e:e6:
31:74:4e:84:f6:09:1c:dc:cd:58:2c:73:da:ff:2a:
bd:7e:1c:cf:ef:95:24:76:77:be:98:eb:dc:b6:2a:
79:2c:6d:db:0a:2e:0a:d8:42:73:f3:29:da:17:fe:
7e:41:64:aa:58:17:27:db:f2:e9:55:04:e0:29:ee:
0a:20:85:64:a4:5b:e2:19:b9:33:1d:38:d0:e4:5e:
11:80:92:b4:44:2c:c9:e6:11:de:d4:b0:3f:a0:c7:
f0:42:6a:02:7d:c3:85:c9:1b:c4:60:10:e5:38:b4:
a1:29:ad:d8:55:b5:12:cc:16:09:c9:3b:15:1d:f2:
0f:86:d9:87:8c:ed:96:30:9c:ea:94:aa:56:76:65:
b2:eb:46:c4:9a:65:cd:c4:1f:77:73:6f:aa:a1:75:
a2:18:e4:e8:dc:b8:4a:a0:d2:38:06:4e:c6:30:c8:
d3:d6:83:31:89:e4:e0:bd:ae:bf:72:60:33:95:d7:
ec:0c:44:e3:af:df:ac:04:ca:7b:15:9e:cf:7b:35:
52:25:73:c3:86:77:79:2a:cc:f5:a4:4d:4b:f0:bd:
62:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FC:5F:A2:91:49:5E:D0:95:97:10:93:9D:2A:A3:72:D5:71:05:CB
X509v3 Authority Key Identifier:
keyid:76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/z_xfopFJXtCVlxCTnSqjctVxBcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.66.0/23
89.23.72.0/23
89.23.94.0/23
109.111.241.0-109.111.242.255
109.111.247.0/24
109.111.249.0/24
109.111.251.0/24
109.111.255.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.182.0/24
185.157.45.0-185.157.47.255
Signature Algorithm: sha256WithRSAEncryption
14:dc:87:74:cc:75:a0:d8:de:d7:38:90:cd:e8:4d:bb:37:57:
df:ef:d4:32:86:75:f9:6e:a4:b3:95:16:95:ce:59:7e:37:aa:
0e:7c:d8:06:69:0d:dc:6c:a7:f1:d8:e0:5f:b4:5f:9a:e9:5c:
81:2b:05:2f:4d:07:c0:ba:2d:3c:1f:1f:82:e5:46:c6:e4:43:
c5:68:e2:db:07:47:9e:e7:a2:49:d3:97:69:a6:98:c7:0b:0f:
18:41:69:67:0f:61:31:d5:fe:6a:78:45:6f:aa:d9:ec:5e:e5:
7f:e3:3f:84:58:68:22:eb:ab:27:69:90:25:ff:12:58:d7:f2:
a3:f9:26:2a:73:91:1f:6e:2a:d0:ea:1d:cf:f4:76:d9:2d:a6:
55:01:7c:d6:aa:fb:1a:63:19:f8:86:f5:f7:e4:44:ae:6d:88:
a3:0d:96:49:06:85:74:49:2f:6f:62:01:6a:33:f1:cc:d9:59:
e3:bc:bd:ab:d6:24:2c:15:3a:f9:7b:fa:76:2b:d8:ae:38:17:
8e:48:b6:79:61:7b:17:0c:7a:67:cc:7d:de:5c:2d:d0:b4:e3:
c9:8d:cd:ce:6e:27:60:f7:a7:51:81:a2:d2:d5:00:07:5b:ec:
11:c9:db:44:b2:6e:28:70:68:4d:06:4e:aa:2d:7c:1a:fd:81:
7c:82:b2:cc
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYU1YpUqVKJc6anNzTVQB0tvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NGY4ZGFhZGYxZDc3NWQ1OWQxNTAyYjU3MzkwMWI4NzU1
MTNiNTYwHhcNMjIxMjIxMTU1MjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZjNWZhMjkxNDk1ZWQwOTU5NzEwOTM5ZDJhYTM3MmQ1NzEwNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizKkM2dnPlsycXGMnZk1uTU+Cn3E
HBY3Jh4sMSKAn8qjLtBO85K1MbLMXuYxdE6E9gkc3M1YLHPa/yq9fhzP75Ukdne+
mOvctip5LG3bCi4K2EJz8ynaF/5+QWSqWBcn2/LpVQTgKe4KIIVkpFviGbkzHTjQ
5F4RgJK0RCzJ5hHe1LA/oMfwQmoCfcOFyRvEYBDlOLShKa3YVbUSzBYJyTsVHfIP
htmHjO2WMJzqlKpWdmWy60bEmmXNxB93c2+qoXWiGOTo3LhKoNI4Bk7GMMjT1oMx
ieTgva6/cmAzldfsDETjr9+sBMp7FZ7PezVSJXPDhnd5Ksz1pE1L8L1i5wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFM/8X6KRSV7QlZcQk50qo3LVcQXLMB8GA1UdIwQY
MBaAFHZPjarfHXddWdFQK1c5Abh1UTtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODIt
YmZiMmI4ODE1ZTQ5LzEvel94Zm9wRkpYdENWbHhDVG5TcWpjdFZ4QmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODItYmZiMmI4ODE1ZTQ5
LzEvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
rCADBABZF0ADBAFZF0IDBAFZF0gDBAFZF14wDAMEAG1v8QMEAG1v8gMEAG1v9wME
AG1v+QMEAG1v+wMEAG1v/zAMAwQFsv6gAwQAsv6iAwQAsv6kAwQBsv6mMAwDBACy
/q0DBACy/q4DBACy/rIDBACy/rYwDAMEALmdLQMEBLmdIDANBgkqhkiG9w0BAQsF
AAOCAQEAFNyHdMx1oNje1ziQzehNuzdX3+/UMoZ1+W6ks5UWlc5ZfjeqDnzYBmkN
3Gyn8djgX7RfmulcgSsFL00HwLotPB8fguVGxuRDxWji2wdHnueiSdOXaaaYxwsP
GEFpZw9hMdX+anhFb6rZ7F7lf+M/hFhoIuurJ2mQJf8SWNfyo/kmKnORH24q0Ood
z/R22S2mVQF81qr7GmMZ+Ib19+RErm2Iow2WSQaFdEkvb2IBajPxzNlZ47y9q9Yk
LBU6+Xv6divYrjgXjki2eWF7Fwx6Z8x93lwt0LTjyY3Nzm4nYPenUYGi0tUAB1vs
EcnbRLJuKHBoTQZOqi18Gv2BfIKyzA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:46:51 2025 by rpki-client