Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/FUSDgc58t7U4fuucmEPuEjO5Yhg.roa
File: FUSDgc58t7U4fuucmEPuEjO5Yhg.roa (raw, json)
Hash identifier: aS1RV6Hjz0mszrBpJALZA+zpAxzsSz5luvIAMzBTdPk=
Subject key identifier: 15:44:83:81:CE:7C:B7:B5:38:7E:EB:9C:98:43:EE:12:33:B9:62:18
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0195AD6BEFB751AE093D88306FAA6D89F2BE
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/FUSDgc58t7U4fuucmEPuEjO5Yhg.roa
Signing time: Wed 19 Mar 2025 08:01:26 +0000
ROA not before: Wed 19 Mar 2025 08:01:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.176.0/22 maxlen: 22
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.100.0/23 maxlen: 23
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/19 maxlen: 19
2a01:8ca0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:6b:ef:b7:51:ae:09:3d:88:30:6f:aa:6d:89:f2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Mar 19 08:01:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15448381ce7cb7b5387eeb9c9843ee1233b96218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:71:4b:a6:b6:e1:a0:5d:8e:d7:ab:b1:c5:df:
c0:39:d8:2c:fb:1e:40:d5:91:14:fe:b1:83:0c:91:
0d:0e:5a:3c:65:9e:05:97:19:53:70:c5:04:9c:cd:
46:93:c6:1d:ce:7f:33:aa:1d:81:c7:c4:f1:c8:f9:
b3:9f:6e:82:2f:a2:8f:6d:d3:dd:a0:02:a9:ff:77:
63:c1:7b:25:f2:f2:07:83:40:21:fa:11:de:09:82:
8d:4b:95:8b:7f:45:43:a5:61:7f:72:dd:41:52:20:
51:f8:1d:ef:f2:17:44:6e:1d:8f:52:36:db:b5:8b:
8e:ed:88:18:5f:78:33:a4:8c:46:9e:20:43:96:23:
8d:4e:34:1d:40:8e:d9:03:5d:e2:20:40:3a:b5:ce:
72:6b:23:da:d7:3c:b5:1d:0e:86:22:53:88:75:58:
68:3c:87:e5:ed:0b:ea:19:38:95:2e:b3:f8:69:81:
ab:22:99:41:ac:a0:87:fd:5a:36:e2:77:48:48:79:
c3:56:3b:41:58:d3:a5:dd:9a:55:7f:f7:3b:c6:50:
2c:20:2e:26:8b:7a:1a:e7:fc:98:22:04:03:c9:c9:
a3:fc:36:12:19:bc:25:da:ae:08:a6:ee:69:5e:38:
08:41:93:56:60:8e:d7:c3:6b:65:fb:92:c2:b6:a6:
89:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:44:83:81:CE:7C:B7:B5:38:7E:EB:9C:98:43:EE:12:33:B9:62:18
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/FUSDgc58t7U4fuucmEPuEjO5Yhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0/22
176.103.184.0/24
176.106.48.0/20
176.106.100.0/23
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
71:2b:aa:88:81:7f:26:b7:15:37:b1:43:71:2c:ab:62:e1:ab:
8b:24:dd:3c:eb:5b:86:4b:bb:1e:4e:43:98:a0:9c:d5:79:99:
73:02:04:09:80:8d:da:f1:41:f1:f4:a7:3b:93:2a:a5:97:d0:
2c:93:1d:1f:07:23:d7:70:33:48:e6:9b:d6:f8:a2:4b:93:90:
77:a4:45:25:d7:df:f6:6a:8c:d5:73:9e:51:22:cb:45:46:bb:
89:d0:66:28:7c:a0:e8:46:d2:18:f3:16:4c:a4:ce:b6:e1:22:
71:15:f3:2e:b8:60:f4:ce:d7:b4:29:fe:92:2c:d0:9e:5f:46:
1c:f2:de:6b:12:86:83:15:0f:45:bd:a3:fb:a0:a1:c2:89:bf:
8e:00:1d:e8:a9:31:ce:d9:d5:97:be:c3:6e:63:d8:b1:7a:f2:
7e:93:0b:22:ce:06:98:ef:af:58:84:07:20:80:0f:57:e4:25:
50:65:fb:ba:e3:6d:3b:3e:f3:60:28:3c:18:36:33:7a:33:8b:
eb:48:13:00:9e:35:d9:ce:87:14:70:2b:cc:81:ae:41:31:50:
ac:67:df:c1:a3:c4:75:af:f0:b4:fb:b1:7b:ae:fd:d9:be:68:
65:92:30:a4:44:b3:07:67:c2:80:bb:d2:cd:ad:9d:18:3b:f4:
e6:73:f2:c2
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZWta++3Ua4JPYgwb6ptifK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMzE5MDgwMTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTQ0ODM4MWNlN2NiN2I1Mzg3ZWViOWM5ODQzZWUxMjMzYjk2MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknFLprbhoF2O16uxxd/AOdgs+x5A
1ZEU/rGDDJENDlo8ZZ4FlxlTcMUEnM1Gk8Ydzn8zqh2Bx8TxyPmzn26CL6KPbdPd
oAKp/3djwXsl8vIHg0Ah+hHeCYKNS5WLf0VDpWF/ct1BUiBR+B3v8hdEbh2PUjbb
tYuO7YgYX3gzpIxGniBDliONTjQdQI7ZA13iIEA6tc5yayPa1zy1HQ6GIlOIdVho
PIfl7QvqGTiVLrP4aYGrIplBrKCH/Vo24ndISHnDVjtBWNOl3ZpVf/c7xlAsIC4m
i3oa5/yYIgQDycmj/DYSGbwl2q4Ipu5pXjgIQZNWYI7Xw2tl+5LCtqaJvQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFBVEg4HOfLe1OH7rnJhD7hIzuWIYMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvRlVTRGdjNTh0N1U0ZnV1Y21FUHVFak81WWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdoDBAKwZ7ADBACwZ7gDBASwajADBAGwamQwDAMEBbBqoAMEA7BqsAME
AbkvCgMEArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF1W5A
MA0EAgACMAcDBQAqAYygMA0GCSqGSIb3DQEBCwUAA4IBAQBxK6qIgX8mtxU3sUNx
LKti4auLJN0861uGS7seTkOYoJzVeZlzAgQJgI3a8UHx9Kc7kyqll9Askx0fByPX
cDNI5pvW+KJLk5B3pEUl19/2aozVc55RIstFRruJ0GYofKDoRtIY8xZMpM624SJx
FfMuuGD0zte0Kf6SLNCeX0Yc8t5rEoaDFQ9FvaP7oKHCib+OAB3oqTHO2dWXvsNu
Y9ixevJ+kwsizgaY769YhAcggA9X5CVQZfu64207PvNgKDwYNjN6M4vrSBMAnjXZ
zocUcCvMga5BMVCsZ9/Bo8R1r/C0+7F7rv3ZvmhlkjCkRLMHZ8KAu9LNrZ0YO/Tm
c/LC
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:08:55 2025 by rpki-client