Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/qV3R0UAizgijs5QCSxdT_ZxyeJU.roa
File: qV3R0UAizgijs5QCSxdT_ZxyeJU.roa (raw, json)
Hash identifier: jWqqT/TB6ljo6j5Y6hMA8Ua3/FJYmLx0V80plcSr/6o=
Subject key identifier: A9:5D:D1:D1:40:22:CE:08:A3:B3:94:02:4B:17:53:FD:9C:72:78:95
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 0194602409ACEDB8E667F4796F4283B041F5
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/qV3R0UAizgijs5QCSxdT_ZxyeJU.roa
Signing time: Mon 13 Jan 2025 14:49:22 +0000
ROA not before: Mon 13 Jan 2025 14:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24940
IP address blocks: 5.9.0.0/16 maxlen: 24
5.75.128.0/17 maxlen: 24
5.161.0.0/16 maxlen: 24
23.88.0.0/17 maxlen: 24
37.27.0.0/16 maxlen: 24
46.4.0.0/16 maxlen: 24
46.62.128.0/17 maxlen: 24
49.12.0.0/16 maxlen: 24
49.13.0.0/16 maxlen: 24
65.21.0.0/16 maxlen: 24
65.108.0.0/16 maxlen: 24
65.109.0.0/16 maxlen: 24
78.46.0.0/15 maxlen: 24
85.10.192.0/18 maxlen: 24
88.99.0.0/16 maxlen: 24
88.198.0.0/16 maxlen: 24
91.99.0.0/16 maxlen: 24
91.107.128.0/17 maxlen: 24
94.130.0.0/16 maxlen: 24
95.216.0.0/16 maxlen: 24
95.217.0.0/16 maxlen: 24
116.202.0.0/16 maxlen: 24
116.203.0.0/16 maxlen: 24
128.140.0.0/17 maxlen: 24
135.181.0.0/16 maxlen: 24
138.199.128.0/17 maxlen: 24
142.132.128.0/17 maxlen: 24
157.90.0.0/16 maxlen: 24
157.180.0.0/17 maxlen: 24
159.69.0.0/16 maxlen: 24
162.55.0.0/16 maxlen: 24
167.233.0.0/16 maxlen: 24
167.235.0.0/16 maxlen: 24
168.119.0.0/16 maxlen: 24
176.9.0.0/16 maxlen: 24
178.63.0.0/16 maxlen: 24
185.12.64.0/22 maxlen: 24
188.34.128.0/17 maxlen: 24
188.40.0.0/16 maxlen: 24
188.245.0.0/16 maxlen: 24
195.201.0.0/16 maxlen: 24
213.133.96.0/19 maxlen: 24
213.239.192.0/18 maxlen: 24
2a01:4f8::/32 maxlen: 48
2a01:4f9::/32 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:24:09:ac:ed:b8:e6:67:f4:79:6f:42:83:b0:41:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Jan 13 14:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a95dd1d14022ce08a3b394024b1753fd9c727895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6c:93:79:17:35:c6:43:bd:54:09:eb:5e:30:
53:a5:12:65:6b:80:3d:87:07:20:01:98:8f:69:be:
0c:62:92:e4:dc:c9:aa:e6:a0:fa:b1:d5:0b:b6:6e:
b2:bd:30:57:d3:47:2f:32:d8:5d:35:55:18:b1:c9:
ca:b6:a2:c0:b2:0b:8d:f2:97:94:6c:e1:4c:36:8d:
d8:fe:53:33:c2:2d:80:26:a1:4f:ba:c2:de:9d:5a:
53:e4:30:30:25:a8:8a:81:4c:13:a6:ea:61:18:82:
95:4e:79:08:da:19:ec:72:3c:b7:1c:66:33:c3:e3:
87:1d:21:a5:27:13:f2:1b:f8:c8:bc:16:67:33:ea:
f3:42:3f:01:49:df:39:89:3e:d3:97:b6:48:e0:e2:
04:1e:2c:74:8a:8c:b1:c4:f2:1b:2c:c7:0e:7e:68:
02:59:4a:65:0a:5c:d1:6d:cd:c7:54:5d:55:66:0d:
b2:60:65:b3:72:42:56:ee:51:1e:0f:ff:09:c4:79:
02:01:1a:b7:3a:d8:4e:d0:ae:9f:6d:3f:15:02:c0:
a4:b5:89:26:77:8d:97:b6:0e:ff:1d:fb:50:6a:46:
3a:2a:dd:91:77:16:ba:ec:fa:bf:69:cd:c2:16:2b:
a8:f3:29:b9:b6:36:2a:7f:f4:97:87:72:ed:e4:ba:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5D:D1:D1:40:22:CE:08:A3:B3:94:02:4B:17:53:FD:9C:72:78:95
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/qV3R0UAizgijs5QCSxdT_ZxyeJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.9.0.0/16
5.75.128.0/17
5.161.0.0/16
23.88.0.0/17
37.27.0.0/16
46.4.0.0/16
46.62.128.0/17
49.12.0.0/15
65.21.0.0/16
65.108.0.0/15
78.46.0.0/15
85.10.192.0/18
88.99.0.0/16
88.198.0.0/16
91.99.0.0/16
91.107.128.0/17
94.130.0.0/16
95.216.0.0/15
116.202.0.0/15
128.140.0.0/17
135.181.0.0/16
138.199.128.0/17
142.132.128.0/17
157.90.0.0/16
157.180.0.0/17
159.69.0.0/16
162.55.0.0/16
167.233.0.0/16
167.235.0.0/16
168.119.0.0/16
176.9.0.0/16
178.63.0.0/16
185.12.64.0/22
188.34.128.0/17
188.40.0.0/16
188.245.0.0/16
195.201.0.0/16
213.133.96.0/19
213.239.192.0/18
IPv6:
2a01:4f8::/31
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
3f:82:e9:b5:5c:72:b7:87:10:b2:ae:75:74:5b:cc:13:a3:8e:
71:c9:4a:76:0a:e9:34:b9:9d:c8:c8:1b:b2:0b:16:5a:4c:87:
07:cb:e8:bd:47:5f:ac:a3:58:a7:f7:ac:1b:27:30:9d:9d:98:
c5:c3:9c:4b:a0:d4:f0:97:b3:fd:17:a1:bf:d7:31:6c:cf:49:
1f:3a:36:38:a2:c9:68:b9:74:6b:0b:3f:61:67:6b:d0:6f:8a:
7b:dd:14:ae:65:88:06:a0:cc:83:1a:f9:b8:28:75:33:58:f0:
79:26:f9:e4:cd:e6:31:49:23:0b:61:63:a8:02:8c:0f:4c:d7:
44:62:55:42:3e:6b:ac:a4:f6:c3:a2:59:c6:a1:33:b0:e3:c0:
e4:ee:77:e5:72:1a:67:84:5c:ee:df:44:93:42:ec:5e:cd:8e:
5f:ba:d1:e1:c7:52:3f:72:b9:df:78:3a:94:b5:7d:4c:6e:d6:
a1:d5:7c:d0:b4:cb:20:f7:57:7c:88:9d:fc:bf:b7:6f:66:35:
4d:22:dc:bd:8b:4f:e8:2f:c8:5d:01:96:69:45:d1:12:82:ee:
94:84:76:ef:a1:d5:82:bd:54:12:90:06:d3:35:d1:f6:d1:50:
72:34:3b:ee:1d:39:2b:cb:e9:cc:d9:a7:f3:a2:c4:c8:89:1e:
fa:17:d9:74
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZRgJAms7bjmZ/R5b0KDsEH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjUwMTEzMTQ0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTVkZDFkMTQwMjJjZTA4YTNiMzk0MDI0YjE3NTNmZDljNzI3ODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWyTeRc1xkO9VAnrXjBTpRJla4A9
hwcgAZiPab4MYpLk3Mmq5qD6sdULtm6yvTBX00cvMthdNVUYscnKtqLAsguN8peU
bOFMNo3Y/lMzwi2AJqFPusLenVpT5DAwJaiKgUwTpuphGIKVTnkI2hnscjy3HGYz
w+OHHSGlJxPyG/jIvBZnM+rzQj8BSd85iT7Tl7ZI4OIEHix0ioyxxPIbLMcOfmgC
WUplClzRbc3HVF1VZg2yYGWzckJW7lEeD/8JxHkCARq3OthO0K6fbT8VAsCktYkm
d42Xtg7/HftQakY6Kt2Rdxa67Pq/ac3CFiuo8ym5tjYqf/SXh3Lt5LqznwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFKld0dFAIs4Io7OUAksXU/2ccniVMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvcVYzUjBVQWl6Z2lqczVRQ1N4ZFRfWnh5ZUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwgdcEAgABMIHQAwMA
BQkDBAcFS4ADAwAFoQMEBxdYAAMDACUbAwMALgQDBAcuPoADAwExDAMDAEEVAwMB
QWwDAwFOLgMEBlUKwAMDAFhjAwMAWMYDAwBbYwMEB1trgAMDAF6CAwMBX9gDAwF0
ygMEB4CMAAMDAIe1AwQHiseAAwQHjoSAAwMAnVoDBAedtAADAwCfRQMDAKI3AwMA
p+kDAwCn6wMDAKh3AwMAsAkDAwCyPwMEArkMQAMEB7wigAMDALwoAwMAvPUDAwDD
yQMEBdWFYAMEBtXvwDAWBAIAAjAQAwUBKgEE+AMHACoBBP//ATANBgkqhkiG9w0B
AQsFAAOCAQEAP4LptVxyt4cQsq51dFvME6OOcclKdgrpNLmdyMgbsgsWWkyHB8vo
vUdfrKNYp/esGycwnZ2YxcOcS6DU8Jez/Rehv9cxbM9JHzo2OKLJaLl0aws/YWdr
0G+Ke90UrmWIBqDMgxr5uCh1M1jweSb55M3mMUkjC2FjqAKMD0zXRGJVQj5rrKT2
w6JZxqEzsOPA5O535XIaZ4Rc7t9Ek0LsXs2OX7rR4cdSP3K533g6lLV9TG7WodV8
0LTLIPdXfIid/L+3b2Y1TSLcvYtP6C/IXQGWaUXREoLulIR276HVgr1UEpAG0zXR
9tFQcjQ77h05K8vpzNmn86LEyIke+hfZdA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:32:51 2025 by rpki-client