Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0iIPi34cWY-kBmnYbvFlS-1wYcM.roa
File: 0iIPi34cWY-kBmnYbvFlS-1wYcM.roa (raw, json)
Hash identifier: YD4vRu4JuMULGAoEozsvWzZvCIx9oA2aQRqB8EkJj9g=
Subject key identifier: D2:22:0F:8B:7E:1C:59:8F:A4:06:69:D8:6E:F1:65:4B:ED:70:61:C3
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193A9DB024CFFB0AF95CE159E84C9899F40
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0iIPi34cWY-kBmnYbvFlS-1wYcM.roa
Signing time: Mon 09 Dec 2024 05:18:42 +0000
ROA not before: Mon 09 Dec 2024 05:18:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.145.0/24 maxlen: 24
5.83.149.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.234.0/24 maxlen: 24
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
85.118.162.0/24 maxlen: 24
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.148.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a9:db:02:4c:ff:b0:af:95:ce:15:9e:84:c9:89:9f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 9 05:18:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2220f8b7e1c598fa40669d86ef1654bed7061c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:50:92:a0:90:22:c0:2f:64:c3:6c:ee:5f:ab:
d0:c7:2d:f5:22:77:fa:77:31:a3:61:7f:b0:1a:0c:
1c:00:3a:d4:c8:78:f8:bb:09:95:cc:b9:10:24:23:
e3:3d:3d:3e:9f:e2:8d:84:3f:09:cc:81:6a:85:38:
88:6c:22:c6:dd:02:40:b7:fe:85:fe:f4:73:ec:8b:
86:18:5a:d4:79:b2:df:26:b7:53:92:2b:43:27:f3:
ae:7d:cd:19:bd:6d:56:11:e0:a6:97:fe:5d:85:02:
62:69:2c:a1:15:1f:32:04:0e:aa:eb:56:85:2c:1a:
ec:d6:22:6b:66:84:9d:bb:1d:b0:15:cc:80:c3:e6:
3d:e1:d7:84:76:c3:97:2f:b7:66:da:d0:3a:fb:01:
8f:fc:7e:39:a2:9e:40:00:f4:e8:cd:52:60:e5:9c:
45:2f:08:77:c2:84:fe:4b:ad:d4:59:98:c0:aa:8e:
c2:f7:bd:40:79:c0:77:92:f8:92:4e:9b:49:36:ac:
d1:b0:06:33:31:54:79:74:5c:9f:bc:b7:b0:3b:e5:
4c:ec:66:52:0f:52:95:cd:a1:3a:f0:a1:56:0c:57:
b5:bf:1c:5f:13:b3:19:40:18:d0:94:7a:e6:b5:53:
98:58:f2:e8:67:c1:e8:0d:e8:8e:09:75:7e:c9:06:
47:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:22:0F:8B:7E:1C:59:8F:A4:06:69:D8:6E:F1:65:4B:ED:70:61:C3
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0iIPi34cWY-kBmnYbvFlS-1wYcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.234.0/23
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:f8:f6:09:74:dc:b2:73:d1:c9:d1:d3:34:ea:1a:1f:c8:22:
05:8e:55:f4:4b:01:f7:2c:b3:81:7f:f4:4b:3e:f3:04:99:a7:
0c:d1:c8:87:0e:3e:fc:b7:7a:86:46:b5:ff:76:34:1b:80:4e:
8e:0b:de:c4:39:f0:90:be:3d:da:a4:05:29:f8:69:63:8b:b7:
63:71:99:94:5d:7a:e2:fe:31:f9:6b:c2:6e:a6:2f:e8:bf:47:
ca:07:5f:10:7b:35:fa:91:b7:49:ec:ff:0f:23:80:ab:d0:d2:
8d:e5:fe:af:bd:61:9c:ee:3e:1f:da:a5:f0:4a:9f:d6:4f:cb:
61:6f:08:1b:c9:b0:31:97:56:28:a1:74:61:0f:60:af:4e:df:
bd:de:e9:28:fc:ed:90:b1:26:23:ad:70:40:b5:87:1f:40:54:
e9:02:4b:3a:38:05:da:2b:3b:83:00:45:f0:19:2e:3b:df:11:
7f:d5:c6:cf:d1:56:5c:13:d8:cb:d4:29:a7:25:27:00:2d:e0:
ad:97:49:f5:f0:b6:57:7a:c9:a1:38:00:6c:84:9c:2a:a5:d1:
03:81:8f:9e:55:b6:8d:9e:c2:ec:77:82:0b:75:2a:13:f2:0f:
8d:ca:bc:10:0e:0a:98:f4:90:3b:81:01:67:6a:b5:f3:45:68:
cc:0b:d4:d2
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZOp2wJM/7Cvlc4VnoTJiZ9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjA5MDUxODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIyMGY4YjdlMWM1OThmYTQwNjY5ZDg2ZWYxNjU0YmVkNzA2MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1CSoJAiwC9kw2zuX6vQxy31Inf6
dzGjYX+wGgwcADrUyHj4uwmVzLkQJCPjPT0+n+KNhD8JzIFqhTiIbCLG3QJAt/6F
/vRz7IuGGFrUebLfJrdTkitDJ/Oufc0ZvW1WEeCml/5dhQJiaSyhFR8yBA6q61aF
LBrs1iJrZoSdux2wFcyAw+Y94deEdsOXL7dm2tA6+wGP/H45op5AAPTozVJg5ZxF
Lwh3woT+S63UWZjAqo7C971AecB3kviSTptJNqzRsAYzMVR5dFyfvLewO+VM7GZS
D1KVzaE68KFWDFe1vxxfE7MZQBjQlHrmtVOYWPLoZ8HoDeiOCXV+yQZHfQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFNIiD4t+HFmPpAZp2G7xZUvtcGHDMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMGlJUGkzNGNXWS1rQm1uWWJ2RmxTLTF3WWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgcEEAgABMIG6AwQF
BVOAAwQCBa+AAwQABa+FMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv6AMEAQWv
6jAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQDU/NQAwQF
VV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQE
shKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoD
BQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZI
hvcNAQELBQADggEBAC749gl03LJz0cnR0zTqGh/IIgWOVfRLAfcss4F/9Es+8wSZ
pwzRyIcOPvy3eoZGtf92NBuATo4L3sQ58JC+PdqkBSn4aWOLt2NxmZRdeuL+Mflr
wm6mL+i/R8oHXxB7NfqRt0ns/w8jgKvQ0o3l/q+9YZzuPh/apfBKn9ZPy2FvCBvJ
sDGXViihdGEPYK9O373e6Sj87ZCxJiOtcEC1hx9AVOkCSzo4BdorO4MARfAZLjvf
EX/Vxs/RVlwT2MvUKaclJwAt4K2XSfXwtld6yaE4AGyEnCql0QOBj55Vto2ewux3
ggt1KhPyD43KvBAOCpj0kDuBAWdqtfNFaMwL1NI=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:22:58 2025 by rpki-client