Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/QAKkeXuZL_ZFLh3yXryVAC9r4uc.roa
File: QAKkeXuZL_ZFLh3yXryVAC9r4uc.roa (raw, json)
Hash identifier: UUlL1WVDgsXwZrqIFrcSXaDunz9z9QLg+VVmo+sK9RI=
Subject key identifier: 40:02:A4:79:7B:99:2F:F6:45:2E:1D:F2:5E:BC:95:00:2F:6B:E2:E7
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 019424B407DE764EA9445780F09333EE255E
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/QAKkeXuZL_ZFLh3yXryVAC9r4uc.roa
Signing time: Thu 02 Jan 2025 01:49:25 +0000
ROA not before: Thu 02 Jan 2025 01:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
5.183.77.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
45.95.185.0/24 maxlen: 24
45.95.187.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.131.0/24 maxlen: 24
147.189.132.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
185.215.224.0/24 maxlen: 24
185.215.227.0/24 maxlen: 24
2a0b:ae40:1::/48 maxlen: 48
2a0b:ae40:2::/48 maxlen: 48
2a0b:ae40:3::/48 maxlen: 48
2a0b:ae40:4::/48 maxlen: 48
2a0b:ae47:3::/48 maxlen: 48
2a0b:ae47:4::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0e:3840:2::/48 maxlen: 48
2a0e:3840:4::/48 maxlen: 48
2a0e:3840:242::/48 maxlen: 48
2a0e:3840:415::/48 maxlen: 48
2a0e:3840:801::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9981::/32 maxlen: 32
2a0f:9982::/32 maxlen: 32
2a0f:9983::/32 maxlen: 32
2a0f:9984::/32 maxlen: 32
2a0f:9985::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b4:07:de:76:4e:a9:44:57:80:f0:93:33:ee:25:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 2 01:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4002a4797b992ff6452e1df25ebc95002f6be2e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fb:61:cc:8c:d1:58:09:eb:e1:e7:99:27:b4:
b7:3a:fb:c1:24:5a:05:c2:4d:08:ad:14:29:91:3e:
9e:d1:e1:86:0b:c5:1c:7b:88:2e:e4:97:be:f7:45:
9f:1f:55:26:42:cc:c2:62:ca:ee:4f:b5:ed:3e:15:
52:4a:fe:f2:8f:b5:a3:81:2d:a6:41:6c:55:2c:80:
a9:b5:fc:6e:1e:a9:92:f0:7e:91:17:72:76:7c:92:
ea:39:86:e2:e1:f7:4c:43:d7:6c:1c:ce:29:1c:7a:
71:ea:aa:ec:56:fb:96:e8:41:4f:3a:1c:bc:2c:12:
78:77:39:3b:97:95:e5:7d:d0:8e:26:73:84:3a:13:
48:26:ca:2e:93:4f:b0:1f:a3:75:68:bd:35:c8:fb:
f8:bc:30:c2:2d:d3:70:0e:be:4c:a3:59:98:f6:9d:
1c:4a:0f:78:3f:5e:33:8d:4f:99:b4:b7:85:e7:32:
ee:72:9e:26:88:67:3c:a2:cc:7c:bd:62:31:4b:85:
1e:36:be:d4:56:21:aa:55:05:95:78:a7:77:3c:79:
e9:bf:4c:3d:d4:a8:85:83:d9:14:c5:3f:aa:42:98:
da:ee:38:f6:6a:44:9b:96:27:2e:94:20:09:f2:01:
d9:8e:8f:1c:e9:85:1a:04:2d:e7:91:e3:ee:14:38:
66:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:02:A4:79:7B:99:2F:F6:45:2E:1D:F2:5E:BC:95:00:2F:6B:E2:E7
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/QAKkeXuZL_ZFLh3yXryVAC9r4uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/23
45.14.113.0/24
45.95.185.0/24
45.95.187.0/24
147.189.128.0/24
147.189.131.0-147.189.132.255
147.189.135.0/24
176.111.217.0/24
185.215.224.0/24
185.215.227.0/24
IPv6:
2a0b:ae40:1::-2a0b:ae40:4:ffff:ffff:ffff:ffff:ffff
2a0b:ae47:3::-2a0b:ae47:4:ffff:ffff:ffff:ffff:ffff
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0e:3840:2::/48
2a0e:3840:4::/48
2a0e:3840:242::/48
2a0e:3840:415::/48
2a0e:3840:801::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
2a0f:9981::-2a0f:9985:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
67:6b:04:74:a8:d3:7c:fb:47:6b:35:51:d0:2b:74:ea:5a:5a:
cc:4a:a8:a9:da:80:1c:73:41:63:15:f9:ca:e6:26:75:ec:88:
b6:0d:a3:4a:c3:0f:34:bb:e1:d0:1e:d5:42:ea:b7:24:cb:c9:
6d:f7:b9:ca:0d:03:0e:7a:76:59:e6:a1:39:2e:87:25:ad:ed:
62:2e:9e:8a:08:b0:23:26:10:f5:b9:98:e5:31:ba:d8:86:01:
82:ea:f3:fd:5e:c3:54:bf:e6:c7:5e:3c:6a:de:6b:e6:12:93:
eb:0c:ae:ce:74:2d:85:8d:27:f7:ab:21:d3:fe:f4:6a:67:3b:
81:dd:19:99:a9:d5:5d:a0:49:2a:f7:ae:1d:4b:8e:c1:a9:ae:
df:03:1b:ea:6d:a7:42:d8:ce:2c:9f:05:5c:d6:ee:da:11:dd:
b6:49:65:5a:9f:87:74:05:38:74:96:f3:da:2a:51:0c:04:b4:
21:50:95:83:65:fe:d0:e5:1f:7e:42:da:ec:a5:46:e1:cb:3c:
81:1d:13:05:62:d5:f0:79:2e:f0:16:5a:b6:6d:81:aa:8d:ae:
37:74:35:cd:7a:0b:f3:1a:c5:ce:9c:74:a0:41:1d:c8:a8:67:
c9:bb:08:22:e2:32:c0:79:f8:e0:14:cd:47:15:67:d4:8b:0e:
61:40:da:c4
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAZQktAfedk6pRFeA8JMz7iVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjUwMTAyMDE0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDAyYTQ3OTdiOTkyZmY2NDUyZTFkZjI1ZWJjOTUwMDJmNmJlMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPthzIzRWAnr4eeZJ7S3OvvBJFoF
wk0IrRQpkT6e0eGGC8Uce4gu5Je+90WfH1UmQszCYsruT7XtPhVSSv7yj7WjgS2m
QWxVLICptfxuHqmS8H6RF3J2fJLqOYbi4fdMQ9dsHM4pHHpx6qrsVvuW6EFPOhy8
LBJ4dzk7l5XlfdCOJnOEOhNIJsouk0+wH6N1aL01yPv4vDDCLdNwDr5Mo1mY9p0c
Sg94P14zjU+ZtLeF5zLucp4miGc8osx8vWIxS4UeNr7UViGqVQWVeKd3PHnpv0w9
1KiFg9kUxT+qQpja7jj2akSbliculCAJ8gHZjo8c6YUaBC3nkePuFDhmfQIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFEACpHl7mS/2RS4d8l68lQAva+LnMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL1FBS2tlWHVaTF9aRkxoM3lYcnlWQUM5cjR1Yy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEeBggrBgEFBQcBBwEB/wSCAQ0wggEJMFAEAgABMEoD
BAECOAgDBAEFt0wDBAAtDnEDBAAtX7kDBAAtX7sDBACTvYAwDAMEAJO9gwMEAJO9
hAMEAJO9hwMEALBv2QMEALnX4AMEALnX4zCBtAQCAAIwga0wEgMHACoLrkAAAQMH
ACoLrkAABDASAwcAKguuRwADAwcAKguuRwAEAwcAKg4MgAADAwcAKg4MgAMjAwcA
Kg4MgAQDAwcAKg4MgAdDAwcAKg44QAACAwcAKg44QAAEAwcAKg44QAJCAwcAKg44
QAQVAwcAKg44QAgBAwcAKg+ZgAAGAwcAKg+ZgAGVAwcAKg+ZgAWYAwcAKg+ZgAk2
MA4DBQAqD5mBAwUBKg+ZhDANBgkqhkiG9w0BAQsFAAOCAQEAZ2sEdKjTfPtHazVR
0Ct06lpazEqoqdqAHHNBYxX5yuYmdeyItg2jSsMPNLvh0B7VQuq3JMvJbfe5yg0D
Dnp2WeahOS6HJa3tYi6eigiwIyYQ9bmY5TG62IYBgurz/V7DVL/mx148at5r5hKT
6wyuznQthY0n96sh0/70amc7gd0ZmanVXaBJKveuHUuOwamu3wMb6m2nQtjOLJ8F
XNbu2hHdtkllWp+HdAU4dJbz2ipRDAS0IVCVg2X+0OUffkLa7KVG4cs8gR0TBWLV
8Hku8BZatm2Bqo2uN3Q1zXoL8xrFzpx0oEEdyKhnybsIIuIywHn44BTNRxVn1IsO
YUDaxA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:13:24 2025 by rpki-client