Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qN4Qo1BzKsWWFYWs8cdTwIoa0qc.roa
File: qN4Qo1BzKsWWFYWs8cdTwIoa0qc.roa (raw, json)
Hash identifier: OxTuT7tSYci51fIS7k7eUwRHoWMoiPGWJyvC72n4gPc=
Subject key identifier: A8:DE:10:A3:50:73:2A:C5:96:15:85:AC:F1:C7:53:C0:8A:1A:D2:A7
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194AD3E92B3C4658BADF5E5D2641996B485
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qN4Qo1BzKsWWFYWs8cdTwIoa0qc.roa
Signing time: Tue 28 Jan 2025 14:09:06 +0000
ROA not before: Tue 28 Jan 2025 14:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.103.164.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:3e:92:b3:c4:65:8b:ad:f5:e5:d2:64:19:96:b4:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 28 14:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8de10a350732ac5961585acf1c753c08a1ad2a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d6:22:fc:d6:3b:87:c7:07:b4:de:07:db:c5:
0c:83:1a:93:24:25:13:e6:16:14:a3:13:fd:a6:ba:
d7:f8:2f:1c:e7:d3:f5:6e:a8:2a:c9:e7:0c:52:ac:
51:be:30:39:4c:2c:d8:99:ba:51:f9:1c:df:9e:28:
5d:94:88:b6:78:f3:c5:0b:a2:fd:1e:c2:1c:4c:1b:
88:05:5b:3f:e1:82:fc:76:10:60:cb:61:d0:ca:e5:
71:49:27:60:a4:85:32:70:91:ce:a6:b1:5a:46:01:
29:23:27:b1:e0:41:f2:ec:a7:d9:9b:c5:8c:14:ff:
6a:0f:ba:85:4f:86:ea:94:03:8c:d2:a0:9c:03:88:
d8:01:69:2a:3b:2b:5e:2b:61:5a:c2:6a:05:a3:b4:
72:a7:48:83:50:b3:db:bc:70:9c:a7:75:68:cb:a6:
00:e2:bb:4a:51:97:40:4a:19:8f:f6:fc:d3:58:20:
be:5e:cd:06:7e:dd:ee:83:cb:45:39:2c:99:b9:8a:
e9:38:f7:c6:49:ca:ba:e7:81:0f:66:82:d4:cd:63:
21:3b:a3:bc:ec:f1:8b:1d:80:2b:24:70:3d:c4:60:
c9:f0:0d:45:bf:61:d2:a4:7b:00:da:24:29:dc:bf:
eb:91:2b:98:15:d0:05:ce:da:c8:9b:74:f3:fc:91:
2f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DE:10:A3:50:73:2A:C5:96:15:85:AC:F1:C7:53:C0:8A:1A:D2:A7
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qN4Qo1BzKsWWFYWs8cdTwIoa0qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
89.106.69.0/24
94.103.163.0-94.103.164.255
94.249.148.0/24
94.249.153.0/24
94.249.158.0/24
94.249.195.0/24
94.249.212.0/24
94.249.214.0/24
94.249.237.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
185.13.159.0/24
185.47.143.0/24
Signature Algorithm: sha256WithRSAEncryption
10:3a:77:87:ef:d3:3d:d3:7b:48:ef:3e:9c:07:9c:c6:9d:b5:
54:cb:bc:f4:bf:9e:5c:c3:d7:cd:c3:63:30:dc:ac:4c:e9:a0:
2a:1a:88:d2:f2:2a:43:82:35:76:40:3c:7d:32:84:7e:62:a9:
4c:d2:57:a3:45:69:ce:f2:35:d0:72:be:dc:27:d1:1d:45:1f:
10:90:11:b0:51:1e:a4:b3:f9:9a:d9:6c:1b:e2:87:ea:9e:76:
b1:14:e5:7f:74:87:39:5c:d3:78:a7:08:33:ca:eb:0d:55:19:
55:33:77:3a:07:c9:92:2c:66:f9:31:2d:06:f3:89:2d:e7:c6:
9e:4c:04:33:d8:03:7d:c0:21:4b:3c:73:96:c8:12:87:92:32:
05:c6:10:a3:ae:35:b3:c3:59:1a:25:f5:d0:2a:24:85:b9:5e:
92:5d:4e:8e:6a:b6:57:2c:50:51:c2:9c:71:84:f4:23:9b:26:
39:b2:dc:be:46:3c:af:9c:e1:d1:45:44:8b:e4:ec:05:80:b8:
96:d2:18:7d:f7:86:67:be:49:cb:49:72:07:98:7b:ee:fd:82:
f7:8c:ba:f6:00:ea:0b:35:13:69:61:6c:0b:c3:cf:6c:81:f2:
9a:1f:72:f7:83:11:b6:6a:9f:18:18:92:ce:58:b2:74:97:54:
5f:d4:73:02
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZStPpKzxGWLrfXl0mQZlrSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTI4MTQwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRlMTBhMzUwNzMyYWM1OTYxNTg1YWNmMWM3NTNjMDhhMWFkMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNYi/NY7h8cHtN4H28UMgxqTJCUT
5hYUoxP9prrX+C8c59P1bqgqyecMUqxRvjA5TCzYmbpR+RzfnihdlIi2ePPFC6L9
HsIcTBuIBVs/4YL8dhBgy2HQyuVxSSdgpIUycJHOprFaRgEpIyex4EHy7KfZm8WM
FP9qD7qFT4bqlAOM0qCcA4jYAWkqOyteK2FawmoFo7Ryp0iDULPbvHCcp3Voy6YA
4rtKUZdAShmP9vzTWCC+Xs0Gft3ug8tFOSyZuYrpOPfGScq654EPZoLUzWMhO6O8
7PGLHYArJHA9xGDJ8A1Fv2HSpHsA2iQp3L/rkSuYFdAFztrIm3Tz/JEvSQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKjeEKNQcyrFlhWFrPHHU8CKGtKnMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcU40UW8xQnpLc1dXRllXczhjZFR3SW9hMHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAAVT
gQMEAAWvigMEAE1aNgMEAFfvgwMEAFlqRTAMAwQAXmejAwQAXmekAwQAXvmUAwQA
XvmZAwQAXvmeAwQAXvnDAwQAXvnUAwQAXvnWAwQAXvntAwQAX9cgAwQAX9ciAwQA
shKQAwQAuQ2cAwQAuQ2fAwQAuS+PMA0GCSqGSIb3DQEBCwUAA4IBAQAQOneH79M9
03tI7z6cB5zGnbVUy7z0v55cw9fNw2Mw3KxM6aAqGojS8ipDgjV2QDx9MoR+YqlM
0lejRWnO8jXQcr7cJ9EdRR8QkBGwUR6ks/ma2Wwb4ofqnnaxFOV/dIc5XNN4pwgz
yusNVRlVM3c6B8mSLGb5MS0G84kt58aeTAQz2AN9wCFLPHOWyBKHkjIFxhCjrjWz
w1kaJfXQKiSFuV6SXU6OarZXLFBRwpxxhPQjmyY5sty+RjyvnOHRRUSL5OwFgLiW
0hh994ZnvknLSXIHmHvu/YL3jLr2AOoLNRNpYWwLw89sgfKaH3L3gxG2ap8YGJLO
WLJ0l1Rf1HMC
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:30:16 2025 by rpki-client