Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/qBk8yEy6XQzjJQM_m4xKxUxOGWY.roa
File: qBk8yEy6XQzjJQM_m4xKxUxOGWY.roa (raw, json)
Hash identifier: MrQEI7rx7w7zwtpbP6zhx6P3UqAEniYO/sUrOOmnWv0=
Subject key identifier: A8:19:3C:C8:4C:BA:5D:0C:E3:25:03:3F:9B:8C:4A:C5:4C:4E:19:66
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 019425FDE6879B6C04B0AFBE171682CD1E2F
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/qBk8yEy6XQzjJQM_m4xKxUxOGWY.roa
Signing time: Thu 02 Jan 2025 07:49:44 +0000
ROA not before: Thu 02 Jan 2025 07:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3292
IP address blocks: 2.104.0.0/14 maxlen: 14
2.108.0.0/15 maxlen: 15
2.111.0.0/16 maxlen: 16
62.135.128.0/17 maxlen: 17
62.242.0.0/15 maxlen: 15
80.62.0.0/15 maxlen: 15
80.160.0.0/13 maxlen: 13
80.196.0.0/14 maxlen: 14
81.31.80.0/20 maxlen: 20
83.88.0.0/13 maxlen: 13
85.129.0.0/17 maxlen: 17
87.48.0.0/13 maxlen: 13
87.56.0.0/18 maxlen: 18
87.56.128.0/17 maxlen: 17
87.57.0.0/16 maxlen: 16
87.58.0.0/18 maxlen: 18
87.58.128.0/17 maxlen: 17
87.59.0.0/16 maxlen: 16
87.60.0.0/14 maxlen: 14
93.160.0.0/13 maxlen: 13
93.178.128.0/18 maxlen: 18
94.189.0.0/17 maxlen: 17
95.166.64.0/18 maxlen: 18
95.166.128.0/17 maxlen: 17
128.76.0.0/16 maxlen: 16
128.77.128.0/17 maxlen: 17
131.164.0.0/16 maxlen: 16
176.20.0.0/17 maxlen: 17
176.20.192.0/18 maxlen: 18
176.21.0.0/16 maxlen: 16
176.22.0.0/15 maxlen: 15
188.176.0.0/13 maxlen: 13
192.66.25.0/24 maxlen: 24
192.66.33.0/24 maxlen: 24
192.66.36.0/24 maxlen: 24
192.66.38.0/24 maxlen: 24
192.66.175.0/24 maxlen: 24
192.66.180.0/24 maxlen: 24
192.66.181.0/24 maxlen: 24
193.3.130.0/23 maxlen: 23
193.3.140.0/24 maxlen: 24
193.3.141.0/24 maxlen: 24
193.3.142.0/24 maxlen: 24
193.3.224.0/22 maxlen: 22
193.39.139.0/24 maxlen: 24
193.88.0.0/15 maxlen: 15
193.162.32.0/23 maxlen: 23
193.162.98.0/23 maxlen: 23
193.162.145.0/24 maxlen: 24
193.162.146.0/24 maxlen: 24
193.162.152.0/21 maxlen: 21
193.163.10.0/24 maxlen: 24
193.163.24.0/22 maxlen: 22
193.163.158.0/23 maxlen: 23
193.163.160.0/21 maxlen: 21
194.182.128.0/20 maxlen: 20
194.182.144.0/21 maxlen: 21
194.182.232.0/21 maxlen: 21
194.182.240.0/20 maxlen: 20
194.192.0.0/16 maxlen: 16
194.239.0.0/16 maxlen: 16
194.247.188.0/23 maxlen: 23
195.41.0.0/16 maxlen: 16
195.95.181.0/24 maxlen: 24
195.97.128.0/18 maxlen: 18
195.184.32.0/19 maxlen: 19
195.215.0.0/16 maxlen: 16
195.249.0.0/16 maxlen: 16
212.130.0.0/16 maxlen: 16
2001:6c8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e6:87:9b:6c:04:b0:af:be:17:16:82:cd:1e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Jan 2 07:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8193cc84cba5d0ce325033f9b8c4ac54c4e1966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:5c:ba:0e:62:0a:c7:38:d8:10:b3:a6:4a:f8:
51:2a:93:f3:7a:35:e5:0d:1e:19:4c:d9:4b:80:37:
48:0b:10:45:f8:06:93:57:e0:4b:8a:80:b3:18:1f:
e1:12:be:60:ce:a5:08:62:8d:c1:bb:ea:46:cf:95:
c6:2e:46:4a:a9:1a:05:3f:d7:78:42:56:da:ff:32:
b9:41:bf:1a:a7:fa:7f:86:02:53:6f:84:cb:ef:72:
45:1d:2e:a9:6e:e9:da:fc:15:f5:ee:d0:33:6e:b8:
ff:d2:57:e0:15:5b:40:b6:83:fb:cd:20:2c:42:fd:
d9:52:0a:ad:9a:d5:0e:ba:bb:d5:5b:ee:2c:6e:fc:
17:99:7b:16:93:c9:40:e5:8d:ba:99:a7:03:93:88:
63:ef:9b:af:95:ed:eb:1f:c3:32:3b:a6:01:15:ec:
9e:b7:56:b8:b8:49:28:f9:b8:01:c8:c5:ce:51:72:
c2:2a:a2:4c:cd:e1:7c:aa:39:25:63:a3:c1:4f:3c:
61:fb:0c:cf:ee:cb:ed:e1:a1:1c:87:c0:b9:92:b7:
3c:e9:5a:65:4c:b2:f2:81:96:4d:cf:1e:25:0b:71:
89:26:a9:f5:a7:5f:e2:ba:dc:44:fd:83:75:78:5b:
69:68:da:44:3a:fd:74:ec:c8:de:19:24:b6:7a:b5:
6e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:19:3C:C8:4C:BA:5D:0C:E3:25:03:3F:9B:8C:4A:C5:4C:4E:19:66
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/qBk8yEy6XQzjJQM_m4xKxUxOGWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.104.0.0-2.109.255.255
2.111.0.0/16
62.135.128.0/17
62.242.0.0/15
80.62.0.0/15
80.160.0.0/13
80.196.0.0/14
81.31.80.0/20
83.88.0.0/13
85.129.0.0/17
87.48.0.0-87.56.63.255
87.56.128.0-87.58.63.255
87.58.128.0-87.63.255.255
93.160.0.0/13
93.178.128.0/18
94.189.0.0/17
95.166.64.0-95.166.255.255
128.76.0.0/16
128.77.128.0/17
131.164.0.0/16
176.20.0.0/17
176.20.192.0-176.23.255.255
188.176.0.0/13
192.66.25.0/24
192.66.33.0/24
192.66.36.0/24
192.66.38.0/24
192.66.175.0/24
192.66.180.0/23
193.3.130.0/23
193.3.140.0-193.3.142.255
193.3.224.0/22
193.39.139.0/24
193.88.0.0/15
193.162.32.0/23
193.162.98.0/23
193.162.145.0-193.162.146.255
193.162.152.0/21
193.163.10.0/24
193.163.24.0/22
193.163.158.0-193.163.167.255
194.182.128.0-194.182.151.255
194.182.232.0-194.182.255.255
194.192.0.0/16
194.239.0.0/16
194.247.188.0/23
195.41.0.0/16
195.95.181.0/24
195.97.128.0/18
195.184.32.0/19
195.215.0.0/16
195.249.0.0/16
212.130.0.0/16
IPv6:
2001:6c8::/29
Signature Algorithm: sha256WithRSAEncryption
a7:45:75:ab:73:a1:64:ab:29:a9:44:d3:46:b9:0c:dc:f1:9f:
a2:13:d9:1b:0c:55:1f:b4:c4:17:2e:d5:37:37:6a:b3:0f:ef:
78:14:1b:df:e4:af:03:39:12:22:a9:21:a0:3b:e4:7f:64:f3:
08:cb:53:77:1a:eb:66:16:aa:82:43:c4:d8:14:49:b5:b4:88:
df:f1:d0:b9:86:95:6a:3f:63:cb:7d:e8:f3:36:57:a1:0c:5d:
0f:0c:19:84:b8:43:ea:ca:1e:11:4b:88:7f:2d:e2:2f:b9:b8:
63:f6:56:d3:b5:dd:05:5e:89:c9:7b:0e:8b:64:d9:d6:25:81:
5d:d0:ce:28:35:61:c1:1f:aa:28:b7:18:e9:33:87:0d:b9:d9:
6e:57:38:7c:63:e4:4b:d1:c3:d6:a7:13:d3:ff:6e:36:db:1d:
fc:fd:e0:dc:bc:07:c9:fb:ee:f7:8d:d4:6e:00:56:ac:34:73:
4b:e4:1c:a2:35:df:6b:5d:61:7d:99:cc:83:41:b5:e2:39:34:
9f:97:22:95:a1:1b:a7:d6:23:82:ca:d0:25:4b:a9:1f:ad:11:
ef:3e:28:ab:cc:77:64:e4:30:ea:3a:4f:2c:54:7c:69:c8:af:
2c:b1:b8:32:4a:fa:d7:52:3f:b9:ec:ef:2f:2a:f5:8c:af:1d:
87:71:5b:ec
-----BEGIN CERTIFICATE-----
MIIGjjCCBXagAwIBAgISAZQl/eaHm2wEsK++FxaCzR4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjUwMTAyMDc0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE5M2NjODRjYmE1ZDBjZTMyNTAzM2Y5YjhjNGFjNTRjNGUxOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Vy6DmIKxzjYELOmSvhRKpPzejXl
DR4ZTNlLgDdICxBF+AaTV+BLioCzGB/hEr5gzqUIYo3Bu+pGz5XGLkZKqRoFP9d4
Qlba/zK5Qb8ap/p/hgJTb4TL73JFHS6pbuna/BX17tAzbrj/0lfgFVtAtoP7zSAs
Qv3ZUgqtmtUOurvVW+4sbvwXmXsWk8lA5Y26macDk4hj75uvle3rH8MyO6YBFeye
t1a4uEko+bgByMXOUXLCKqJMzeF8qjklY6PBTzxh+wzP7svt4aEch8C5krc86Vpl
TLLygZZNzx4lC3GJJqn1p1/iutxE/YN1eFtpaNpEOv107MjeGSS2erVuqQIDAQAB
o4IDmjCCA5YwHQYDVR0OBBYEFKgZPMhMul0M4yUDP5uMSsVMThlmMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvcUJrOHlFeTZYUXpqSlFNX200eEt4VXhPR1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrgYIKwYBBQUHAQcBAf8EggGdMIIBmTCCAYYEAgABMIIB
fjAKAwMDAmgDAwECbAMDAAJvAwQHPoeAAwMBPvIDAwFQPgMDA1CgAwMCUMQDBARR
H1ADAwNTWAMEB1WBADALAwMEVzADBAZXOAAwDAMEB1c4gAMEBlc6ADALAwQHVzqA
AwMGVwADAwNdoAMEBl2ygAMEB169ADALAwQGX6ZAAwMAX6YDAwCATAMEB4BNgAMD
AIOkAwQHsBQAMAsDBAawFMADAwOwEAMDA7ywAwQAwEIZAwQAwEIhAwQAwEIkAwQA
wEImAwQAwEKvAwQBwEK0AwQBwQOCMAwDBALBA4wDBADBA44DBALBA+ADBADBJ4sD
AwHBWAMEAcGiIAMEAcGiYjAMAwQAwaKRAwQAwaKSAwQDwaKYAwQAwaMKAwQCwaMY
MAwDBAHBo54DBAPBo6AwDAMEB8K2gAMEA8K2kDALAwQDwrboAwMAwrYDAwDCwAMD
AMLvAwQBwve8AwMAwykDBADDX7UDBAbDYYADBAXDuCADAwDD1wMDAMP5AwMA1IIw
DQQCAAIwBwMFAyABBsgwDQYJKoZIhvcNAQELBQADggEBAKdFdatzoWSrKalE00a5
DNzxn6IT2RsMVR+0xBcu1Tc3arMP73gUG9/krwM5EiKpIaA75H9k8wjLU3ca62YW
qoJDxNgUSbW0iN/x0LmGlWo/Y8t96PM2V6EMXQ8MGYS4Q+rKHhFLiH8t4i+5uGP2
VtO13QVeicl7Dotk2dYlgV3Qzig1YcEfqii3GOkzhw252W5XOHxj5EvRw9anE9P/
bjbbHfz94Ny8B8n77veN1G4AVqw0c0vkHKI132tdYX2ZzINBteI5NJ+XIpWhG6fW
I4LK0CVLqR+tEe8+KKvMd2TkMOo6TyxUfGnIryyxuDJK+tdSP7ns7y8q9YyvHYdx
W+w=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:18 2025 by rpki-client