Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/FQZJKcGLqFZ2YlNSu_wj1cAb0Kw.roa
File: FQZJKcGLqFZ2YlNSu_wj1cAb0Kw.roa (raw, json)
Hash identifier: QqNSuWUN8Raow5cCihSFJTlWSjyhDgGDf5A4PPHmNpw=
Subject key identifier: 15:06:49:29:C1:8B:A8:56:76:62:53:52:BB:FC:23:D5:C0:1B:D0:AC
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195382DD599BCD1631258F6C8E1CC159B6F
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/FQZJKcGLqFZ2YlNSu_wj1cAb0Kw.roa
Signing time: Mon 24 Feb 2025 13:38:02 +0000
ROA not before: Mon 24 Feb 2025 13:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.148.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.83.159.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.15.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.69.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.30.0/24 maxlen: 24
89.144.31.0/24 maxlen: 24
89.144.33.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.143.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:2d:d5:99:bc:d1:63:12:58:f6:c8:e1:cc:15:9b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 24 13:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15064929c18ba85676625352bbfc23d5c01bd0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8c:2a:20:0d:ab:b2:05:f0:0c:ac:b1:7d:46:
95:3a:56:d5:22:31:f3:76:08:09:f4:32:cb:a0:77:
f9:5b:3d:57:44:a7:30:76:b5:44:e5:cc:5d:66:57:
fb:c7:09:b9:18:d7:5d:cc:67:2b:e4:4e:8e:a3:a7:
64:f7:00:30:92:54:34:94:33:81:45:20:eb:0d:6d:
01:b1:4f:71:e9:f5:54:ea:c6:58:42:dd:de:c7:d4:
7c:02:d8:ba:84:56:f8:a5:ae:a4:9f:20:80:c0:05:
22:41:a0:e0:0a:98:9d:4a:c4:e0:ac:85:1e:0c:8d:
f6:f4:11:56:55:44:0f:ec:64:11:23:64:fe:0d:f3:
5b:92:3e:9e:d4:86:70:2f:b2:ed:72:0d:86:82:79:
1d:6c:7a:76:fe:e1:ee:5d:ee:17:49:68:b1:ce:db:
62:23:f3:e8:58:1d:1a:87:e1:3c:d9:3b:2f:a0:f9:
00:ca:db:4d:a5:1a:49:69:bc:e5:ef:ea:04:d1:3b:
59:99:f5:20:75:07:56:f9:cb:b3:95:f5:27:ef:6a:
c1:45:36:c5:6b:66:3b:42:1d:e0:6e:38:c5:46:17:
5b:f4:a4:61:33:13:c8:b1:aa:0b:a2:08:17:5d:85:
77:79:02:9e:6a:9c:81:7e:92:ef:78:34:e3:4d:3c:
5b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:06:49:29:C1:8B:A8:56:76:62:53:52:BB:FC:23:D5:C0:1B:D0:AC
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/FQZJKcGLqFZ2YlNSu_wj1cAb0Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0/23
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.47.143.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
71:2f:f0:9e:f7:95:f5:fc:0a:1e:57:1b:f1:4c:91:96:b0:52:
b9:72:cc:3e:ee:d2:fb:de:41:a1:bf:54:64:e3:16:1b:05:ba:
67:58:fd:78:b6:1d:36:de:f8:e8:44:b3:f5:b1:06:23:ec:6d:
d8:17:d5:28:26:ed:dc:8d:10:4f:9d:74:44:80:30:ef:52:0a:
d2:42:cf:4c:68:a8:2f:15:b8:00:fb:ab:39:84:d0:69:ed:e4:
f3:57:55:e8:48:3d:92:e8:94:30:f6:6c:48:d0:72:5a:58:fe:
d0:a8:af:53:f7:45:3a:a0:e3:02:bd:f7:42:e0:a5:e9:d5:14:
14:57:77:fb:6f:f2:b5:47:fb:7d:5f:38:a2:1e:61:8d:97:66:
4d:5e:dc:bf:b4:32:f8:71:78:15:b0:63:95:39:d8:65:36:f0:
53:84:2a:5c:4a:fe:ff:45:e8:a0:a8:81:5b:18:7c:f4:f1:a3:
b2:10:46:89:7b:f7:f5:78:8f:f3:c8:28:62:a1:f7:fd:3d:7e:
1e:c5:8f:1e:0c:a1:e3:bb:e6:79:7f:3e:a8:16:b3:ac:0d:75:
d9:09:4e:31:d7:e1:d3:00:c2:c4:c3:93:19:bb:2a:7d:1c:ef:
18:d8:51:68:d2:44:fb:d4:ba:7f:08:f8:69:d1:a7:a1:c6:0f:
66:3e:bd:0e
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZU4LdWZvNFjElj2yOHMFZtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjI0MTMzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA2NDkyOWMxOGJhODU2NzY2MjUzNTJiYmZjMjNkNWMwMWJkMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYwqIA2rsgXwDKyxfUaVOlbVIjHz
dggJ9DLLoHf5Wz1XRKcwdrVE5cxdZlf7xwm5GNddzGcr5E6Oo6dk9wAwklQ0lDOB
RSDrDW0BsU9x6fVU6sZYQt3ex9R8Ati6hFb4pa6knyCAwAUiQaDgCpidSsTgrIUe
DI329BFWVUQP7GQRI2T+DfNbkj6e1IZwL7Ltcg2GgnkdbHp2/uHuXe4XSWixztti
I/PoWB0ah+E82TsvoPkAyttNpRpJabzl7+oE0TtZmfUgdQdW+cuzlfUn72rBRTbF
a2Y7Qh3gbjjFRhdb9KRhMxPIsaoLoggXXYV3eQKeapyBfpLveDTjTTxbBwIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFBUGSSnBi6hWdmJTUrv8I9XAG9CsMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRlFaSktjR0xxRloyWWxOU3Vfd2oxY0FiMEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgb8EAgABMIG4AwQF
BVOAAwQCBa+AAwQABa+FAwQBBa/aMAwDBAAFr+EDBAAFr+gDBAAFr+swDAMEBAWv
8AMEAAWv9DALAwQABa/7AwMEBaADAwEF5gMEBk1aAAMEA1PzUAMEBVVdAAMEA1V2
oAMEA1fvgAMEBVlqQAMEBlmQAAMEBF5noAMEB175gAMEAl/XIAMEBLISkAMEArkN
nAMEAbkvjAMEALkvjwMEALl5RwMEAMEc+wMEAcNuDgMEBNlFoDAwBAIAAjAqAwUD
KgAS2AMFAyoAGdADBQAqAM3AAwUDKgG9QAMFAyoCB6ADBQMqAi/AMA0GCSqGSIb3
DQEBCwUAA4IBAQBxL/Ce95X1/AoeVxvxTJGWsFK5csw+7tL73kGhv1Rk4xYbBbpn
WP14th023vjoRLP1sQYj7G3YF9UoJu3cjRBPnXREgDDvUgrSQs9MaKgvFbgA+6s5
hNBp7eTzV1XoSD2S6JQw9mxI0HJaWP7QqK9T90U6oOMCvfdC4KXp1RQUV3f7b/K1
R/t9XziiHmGNl2ZNXty/tDL4cXgVsGOVOdhlNvBThCpcSv7/ReigqIFbGHz08aOy
EEaJe/f1eI/zyChioff9PX4exY8eDKHju+Z5fz6oFrOsDXXZCU4x1+HTAMLEw5MZ
uyp9HO8Y2FFo0kT71Lp/CPhp0aehxg9mPr0O
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:20 2025 by rpki-client