Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nzFd8xlCrvCMJQnzjRmk7ZBluTo.roa
File: nzFd8xlCrvCMJQnzjRmk7ZBluTo.roa (raw, json)
Hash identifier: FgIvQVTopyHpxBfg/92/6DXfLoBJTKxMsiVXq4ozjUU=
Subject key identifier: 9F:31:5D:F3:19:42:AE:F0:8C:25:09:F3:8D:19:A4:ED:90:65:B9:3A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195807A661A3FBBB94E4698BB3C0FDD1725
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nzFd8xlCrvCMJQnzjRmk7ZBluTo.roa
Signing time: Mon 10 Mar 2025 14:34:19 +0000
ROA not before: Mon 10 Mar 2025 14:34:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.136.0/24 maxlen: 24
5.83.139.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.83.157.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.143.0/24 maxlen: 24
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.238.0/24 maxlen: 24
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
5.231.104.0/24 maxlen: 24
5.231.254.0/24 maxlen: 24
77.90.0.0/18 maxlen: 32
77.90.15.0/24 maxlen: 24
77.90.18.0/24 maxlen: 24
77.90.47.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.5.0/24 maxlen: 24
85.93.20.0/24 maxlen: 32
85.93.31.0/24 maxlen: 24
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.106.69.0/24 maxlen: 24
89.144.0.0/18 maxlen: 32
89.144.10.0/24 maxlen: 24
89.144.11.0/24 maxlen: 24
89.144.16.0/24 maxlen: 24
89.144.21.0/24 maxlen: 24
94.103.160.0/20 maxlen: 32
94.103.164.0/24 maxlen: 24
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.144.0/24 maxlen: 24
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.13.156.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.47.143.0/24 maxlen: 24
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
217.69.167.0/24 maxlen: 24
217.69.170.0/24 maxlen: 24
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:7a:66:1a:3f:bb:b9:4e:46:98:bb:3c:0f:dd:17:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 10 14:34:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f315df31942aef08c2509f38d19a4ed9065b93a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:69:b1:23:4a:79:4b:6d:da:cd:0b:eb:15:8c:
06:0f:d5:8c:6f:b1:2b:af:52:d7:30:41:7b:f6:62:
ff:16:a1:64:cb:81:61:5f:ad:10:ce:7f:7d:1d:d4:
fb:c8:12:34:ce:95:10:43:5d:17:de:b4:4f:c1:71:
2e:08:58:e2:ca:b8:43:a8:1e:27:b5:b8:a3:46:c8:
e9:82:d0:6a:e0:37:24:c2:f1:7e:fa:32:6c:dc:aa:
61:b6:85:b2:d2:dd:d9:86:3b:95:68:a5:f8:f1:19:
b9:af:85:51:77:4f:9c:62:9b:9f:05:49:ec:44:b1:
75:11:cd:91:6e:d7:be:3e:f1:47:2f:3b:77:d0:82:
32:de:eb:e1:c8:4d:78:c5:24:f3:89:9b:c7:09:6d:
6f:9f:eb:65:1d:41:c2:82:51:17:20:9e:09:26:3b:
b3:ed:1b:74:03:24:89:fc:f0:fa:be:8c:a1:05:49:
87:da:59:60:ba:b9:86:51:1e:b9:43:46:c3:06:f1:
55:75:22:68:21:5b:ae:41:eb:54:13:a6:a4:59:3a:
79:57:28:48:94:77:01:6d:2d:10:5c:00:b1:66:d9:
5d:e1:24:84:d4:7f:80:cc:45:67:97:87:3a:4c:73:
e9:8b:a9:24:35:41:bf:9b:1f:32:38:19:48:9a:5f:
1a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:31:5D:F3:19:42:AE:F0:8C:25:09:F3:8D:19:A4:ED:90:65:B9:3A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nzFd8xlCrvCMJQnzjRmk7ZBluTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.143.0/24
5.175.218.0/23
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.238.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.47.143.0/24
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:b9:b6:bd:8b:a5:91:a7:91:27:03:20:7c:59:b2:39:47:08:
14:36:d9:d4:c6:01:b1:d1:6e:a5:fa:39:1d:0a:74:46:7c:3c:
a2:8e:7b:c0:32:ed:89:03:f4:c0:b6:ee:1d:72:30:4e:7a:bf:
c9:03:e7:a8:e8:10:37:76:7f:5d:b9:67:0a:9f:3e:58:c7:71:
53:56:f3:17:4f:23:e3:34:49:91:c6:3a:af:6f:34:61:38:3a:
86:a8:30:36:b8:cd:21:2d:82:d8:85:8a:f2:28:20:e4:2d:67:
3f:5c:5f:70:3a:af:ab:9f:94:f4:ea:31:71:29:d6:42:dd:3a:
7c:e7:e3:d6:e0:f5:f4:99:fc:56:fd:54:1e:15:a6:78:19:12:
05:eb:72:fa:da:88:9b:00:12:9d:23:17:9a:ed:51:5f:ea:8e:
27:71:18:77:89:10:86:83:f8:fa:f4:55:f9:36:82:9f:67:13:
a3:25:11:fd:cf:f1:10:fb:a9:f6:4d:20:25:6a:1a:f5:22:58:
f4:eb:1e:51:a0:f3:04:a6:e2:5b:96:50:63:6a:40:42:cc:e2:
b4:42:c1:25:27:67:e6:25:b5:dd:51:41:3e:52:81:8d:f8:5d:
dd:a9:3e:f5:11:a2:a9:bb:38:26:ee:8d:ed:c2:34:df:ab:a3:
d7:1e:be:19
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZWAemYaP7u5TkaYuzwP3RclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzEwMTQzNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjMxNWRmMzE5NDJhZWYwOGMyNTA5ZjM4ZDE5YTRlZDkwNjViOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWmxI0p5S23azQvrFYwGD9WMb7Er
r1LXMEF79mL/FqFky4FhX60Qzn99HdT7yBI0zpUQQ10X3rRPwXEuCFjiyrhDqB4n
tbijRsjpgtBq4DckwvF++jJs3KphtoWy0t3ZhjuVaKX48Rm5r4VRd0+cYpufBUns
RLF1Ec2Rbte+PvFHLzt30IIy3uvhyE14xSTziZvHCW1vn+tlHUHCglEXIJ4JJjuz
7Rt0AySJ/PD6voyhBUmH2llgurmGUR65Q0bDBvFVdSJoIVuuQetUE6akWTp5VyhI
lHcBbS0QXACxZtld4SSE1H+AzEVnl4c6THPpi6kkNUG/mx8yOBlIml8aoQIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFJ8xXfMZQq7wjCUJ840ZpO2QZbk6MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbnpGZDh4bENydkNNSlFuempSbWs3WkJsdVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCBywQCAAEwgcQD
BAUFU4ADBAIFr4ADBAAFr4UDBAAFr48DBAEFr9owDAMEAAWv4QMEAAWv6AMEAAWv
6wMEAAWv7jAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQD
U/NQAwQFVV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQC
X9cgAwQEshKQAwQCuQ2cAwQBuS+MAwQAuS+PAwQAuXlHAwQAwRz7AwQBw24OAwQE
2UWgMDAEAgACMCoDBQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMF
AyoCL8AwDQYJKoZIhvcNAQELBQADggEBAH+5tr2LpZGnkScDIHxZsjlHCBQ22dTG
AbHRbqX6OR0KdEZ8PKKOe8Ay7YkD9MC27h1yME56v8kD56joEDd2f125ZwqfPljH
cVNW8xdPI+M0SZHGOq9vNGE4OoaoMDa4zSEtgtiFivIoIOQtZz9cX3A6r6uflPTq
MXEp1kLdOnzn49bg9fSZ/Fb9VB4VpngZEgXrcvraiJsAEp0jF5rtUV/qjidxGHeJ
EIaD+Pr0Vfk2gp9nE6MlEf3P8RD7qfZNICVqGvUiWPTrHlGg8wSm4luWUGNqQELM
4rRCwSUnZ+Yltd1RQT5SgY34Xd2pPvURoqm7OCbuje3CNN+ro9cevhk=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:15:57 2025 by rpki-client