Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/VsrlQAQWAQeKMHsVpD3plpMdQI0.roa
File: VsrlQAQWAQeKMHsVpD3plpMdQI0.roa (raw, json)
Hash identifier: r17pASZeg8bWX2yKyVDswykGsvvL8zXbzcqg56WYdiU=
Subject key identifier: 56:CA:E5:40:04:16:01:07:8A:30:7B:15:A4:3D:E9:96:93:1D:40:8D
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 0194236A24C4F47D97B6A0CC80488C3E134C
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/VsrlQAQWAQeKMHsVpD3plpMdQI0.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5578
IP address blocks: 62.65.160.0/19 maxlen: 19
62.152.224.0/19 maxlen: 19
62.168.64.0/18 maxlen: 18
62.197.192.0/18 maxlen: 18
62.197.222.0/24 maxlen: 24
80.250.240.0/20 maxlen: 20
81.88.128.0/20 maxlen: 20
82.119.224.0/20 maxlen: 20
83.168.128.0/18 maxlen: 18
84.245.64.0/18 maxlen: 18
84.245.94.0/24 maxlen: 24
84.245.97.0/24 maxlen: 24
84.245.126.0/24 maxlen: 24
85.248.0.0/16 maxlen: 16
85.248.234.0/24 maxlen: 24
85.248.235.0/24 maxlen: 24
92.60.56.0/21 maxlen: 21
94.124.144.0/21 maxlen: 21
185.130.220.0/22 maxlen: 22
185.220.120.0/22 maxlen: 22
193.58.192.0/22 maxlen: 22
193.58.196.0/23 maxlen: 23
193.110.186.0/23 maxlen: 23
194.1.172.0/22 maxlen: 22
194.1.224.0/24 maxlen: 24
194.1.225.0/24 maxlen: 24
194.1.226.0/24 maxlen: 24
194.1.227.0/24 maxlen: 24
194.1.228.0/24 maxlen: 24
194.1.229.0/24 maxlen: 24
194.1.230.0/24 maxlen: 24
194.1.231.0/24 maxlen: 24
195.12.128.0/19 maxlen: 19
195.46.64.0/19 maxlen: 19
195.72.0.0/19 maxlen: 19
195.98.0.0/19 maxlen: 19
195.168.0.0/16 maxlen: 16
212.26.160.0/19 maxlen: 19
212.26.176.0/20 maxlen: 20
212.81.0.0/19 maxlen: 19
213.215.64.0/18 maxlen: 18
213.215.72.0/22 maxlen: 22
217.67.16.0/20 maxlen: 20
217.75.64.0/19 maxlen: 19
217.75.82.0/23 maxlen: 23
217.118.96.0/20 maxlen: 20
217.172.144.0/20 maxlen: 20
2001:1ba0::/32 maxlen: 32
2a00:1298::/32 maxlen: 32
2a02:770::/32 maxlen: 32
2a06:dbc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:24:c4:f4:7d:97:b6:a0:cc:80:48:8c:3e:13:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56cae540041601078a307b15a43de996931d408d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a5:7e:86:c7:6a:73:ec:a9:3c:da:6a:7d:81:
60:9c:13:02:98:ef:90:ff:bc:c8:86:57:e3:ef:d8:
3c:0e:05:91:e3:e8:3d:59:52:1d:2d:1b:0d:0d:60:
58:81:f0:e8:cc:ab:ff:da:c1:7e:f7:74:2c:c6:ae:
55:64:0e:cc:ac:5b:5e:bb:ba:e5:73:5d:98:02:c1:
19:9b:af:89:a2:b5:e4:c4:66:72:4c:54:49:72:2c:
3a:38:18:af:f2:50:a8:96:b0:bd:b1:36:cb:17:bd:
01:31:fc:98:cc:a1:f8:94:01:6a:7b:6d:11:38:fc:
07:07:e7:6a:dd:a7:27:5d:f2:81:3d:8d:a1:f3:7d:
a8:a2:7b:21:5c:69:45:cd:a9:6d:46:ce:25:5d:82:
be:fa:5a:cc:98:a5:16:4e:7d:b9:25:c2:b7:4a:7d:
d9:52:16:5b:cb:b9:c6:bf:ab:98:68:0a:04:37:3f:
1f:0e:ca:ec:82:fa:27:b1:04:e6:64:2a:80:76:e8:
49:a9:1a:7c:ff:73:78:d5:0a:06:5c:eb:4e:6b:5e:
05:c8:9a:d7:f4:47:fa:92:fb:64:94:01:e3:84:cc:
a0:82:60:3f:98:aa:20:49:d7:25:79:f3:9a:df:36:
78:e7:4f:cb:4e:72:27:e7:dd:17:fa:2d:a3:e4:f7:
9d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CA:E5:40:04:16:01:07:8A:30:7B:15:A4:3D:E9:96:93:1D:40:8D
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/VsrlQAQWAQeKMHsVpD3plpMdQI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.160.0/19
62.152.224.0/19
62.168.64.0/18
62.197.192.0/18
80.250.240.0/20
81.88.128.0/20
82.119.224.0/20
83.168.128.0/18
84.245.64.0/18
85.248.0.0/16
92.60.56.0/21
94.124.144.0/21
185.130.220.0/22
185.220.120.0/22
193.58.192.0-193.58.197.255
193.110.186.0/23
194.1.172.0/22
194.1.224.0/21
195.12.128.0/19
195.46.64.0/19
195.72.0.0/19
195.98.0.0/19
195.168.0.0/16
212.26.160.0/19
212.81.0.0/19
213.215.64.0/18
217.67.16.0/20
217.75.64.0/19
217.118.96.0/20
217.172.144.0/20
IPv6:
2001:1ba0::/32
2a00:1298::/32
2a02:770::/32
2a06:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
46:3c:83:76:4d:fd:cb:a9:55:0f:81:3e:8b:92:89:84:be:c8:
34:73:c0:dc:28:15:6e:e7:bf:cc:6f:27:04:fa:95:f9:b6:03:
3f:85:31:56:a5:65:38:e7:62:0f:2a:9c:3e:4f:90:36:b9:a8:
a6:13:42:bb:81:59:8d:0e:fd:68:f5:5e:22:8c:7f:9c:88:71:
f8:bf:25:87:59:1d:eb:9b:30:ee:71:16:79:76:95:9b:d0:c4:
8c:7d:bb:9b:a1:a1:78:b1:39:5d:24:6a:83:f2:2d:d8:36:d2:
31:b1:ee:10:ba:e7:4b:35:c6:11:8c:95:ed:38:87:b7:af:57:
ad:93:5c:45:ca:92:55:44:5c:93:1b:14:b3:52:c4:23:4e:3a:
cd:b7:72:34:9f:2d:54:5e:5f:bf:53:f0:1d:12:d3:00:76:97:
28:24:09:78:0b:da:c3:0b:ae:81:2f:5b:c2:98:71:ba:fd:5b:
26:ac:c8:85:18:37:f9:c8:b0:ac:b9:f9:19:d2:b9:19:5f:e2:
45:cf:91:5c:6c:8d:96:cd:76:c2:c4:f9:5d:b8:df:1b:0d:67:
7a:a3:a1:43:00:0b:30:ef:e4:81:45:f8:fd:68:12:1e:a2:9d:
37:f9:c3:30:c4:42:23:72:82:f2:53:fe:88:f5:e0:b8:81:f0:
2c:9e:9b:f7
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZQjaiTE9H2XtqDMgEiMPhNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmNhZTU0MDA0MTYwMTA3OGEzMDdiMTVhNDNkZTk5NjkzMWQ0MDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06V+hsdqc+ypPNpqfYFgnBMCmO+Q
/7zIhlfj79g8DgWR4+g9WVIdLRsNDWBYgfDozKv/2sF+93Qsxq5VZA7MrFteu7rl
c12YAsEZm6+JorXkxGZyTFRJciw6OBiv8lColrC9sTbLF70BMfyYzKH4lAFqe20R
OPwHB+dq3acnXfKBPY2h832oonshXGlFzaltRs4lXYK++lrMmKUWTn25JcK3Sn3Z
UhZby7nGv6uYaAoENz8fDsrsgvonsQTmZCqAduhJqRp8/3N41QoGXOtOa14FyJrX
9Ef6kvtklAHjhMyggmA/mKogSdclefOa3zZ450/LTnIn590X+i2j5PedHwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFFbK5UAEFgEHijB7FaQ96ZaTHUCNMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvVnNybFFBUVdBUWVLTUhzVnBEM3BscE1kUUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBwQQCAAEwgboDBAU+
QaADBAU+mOADBAY+qEADBAY+xcADBARQ+vADBARRWIADBARSd+ADBAZTqIADBAZU
9UADAwBV+AMEA1w8OAMEA158kAMEArmC3AMEArnceDAMAwQGwTrAAwQBwTrEAwQB
wW66AwQCwgGsAwQDwgHgAwQFwwyAAwQFwy5AAwQFw0gAAwQFw2IAAwMAw6gDBAXU
GqADBAXUUQADBAbV10ADBATZQxADBAXZS0ADBATZdmADBATZrJAwIgQCAAIwHAMF
ACABG6ADBQAqABKYAwUAKgIHcAMFAyoG28AwDQYJKoZIhvcNAQELBQADggEBAEY8
g3ZN/cupVQ+BPouSiYS+yDRzwNwoFW7nv8xvJwT6lfm2Az+FMValZTjnYg8qnD5P
kDa5qKYTQruBWY0O/Wj1XiKMf5yIcfi/JYdZHeubMO5xFnl2lZvQxIx9u5uhoXix
OV0kaoPyLdg20jGx7hC650s1xhGMle04h7evV62TXEXKklVEXJMbFLNSxCNOOs23
cjSfLVReX79T8B0S0wB2lygkCXgL2sMLroEvW8KYcbr9WyasyIUYN/nIsKy5+RnS
uRlf4kXPkVxsjZbNdsLE+V243xsNZ3qjoUMACzDv5IFF+P1oEh6inTf5wzDEQiNy
gvJT/oj14LiB8Cyem/c=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:53 2025 by rpki-client