Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/HqbDs10urzsVBAvDFmKkb_IMAY8.roa
File: HqbDs10urzsVBAvDFmKkb_IMAY8.roa (raw, json)
Hash identifier: Tv7YhD5KDICjYpHwKFaSLO8GWpwM1+kdHwDfFKeXNdY=
Subject key identifier: 1E:A6:C3:B3:5D:2E:AF:3B:15:04:0B:C3:16:62:A4:6F:F2:0C:01:8F
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 019424B3D979C9F7154B40FD6505D267C0B4
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/HqbDs10urzsVBAvDFmKkb_IMAY8.roa
Signing time: Thu 02 Jan 2025 01:49:13 +0000
ROA not before: Thu 02 Jan 2025 01:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49685
IP address blocks: 31.3.8.0/21 maxlen: 24
31.3.96.0/21 maxlen: 24
31.223.160.0/20 maxlen: 24
37.17.208.0/20 maxlen: 24
37.34.48.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
46.226.56.0/21 maxlen: 24
78.108.128.0/20 maxlen: 24
79.170.88.0/21 maxlen: 24
80.84.224.0/19 maxlen: 24
80.84.224.0/20 maxlen: 24
80.84.240.0/20 maxlen: 24
80.246.192.0/20 maxlen: 24
80.246.207.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
81.4.84.0/22 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.4.112.0/22 maxlen: 24
81.21.136.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
83.96.128.0/17 maxlen: 24
83.96.157.0/24 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.224.0/19 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
85.10.160.0/19 maxlen: 24
85.10.172.0/22 maxlen: 24
85.10.176.0/22 maxlen: 24
85.222.224.0/21 maxlen: 24
89.31.96.0/21 maxlen: 24
91.142.240.0/20 maxlen: 24
91.189.208.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
93.191.128.0/21 maxlen: 24
94.142.208.0/21 maxlen: 24
141.138.192.0/20 maxlen: 24
141.255.176.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
171.33.128.0/24 maxlen: 24
176.74.224.0/19 maxlen: 24
178.18.80.0/20 maxlen: 24
185.3.208.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
185.21.188.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
185.89.152.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.110.172.0/22 maxlen: 24
185.110.173.0/24 maxlen: 24
185.110.200.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
193.138.204.0/22 maxlen: 24
193.242.119.0/24 maxlen: 24
194.60.207.0/24 maxlen: 24
213.187.240.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
217.149.128.0/20 maxlen: 24
2001:828::/32 maxlen: 48
2001:4cb8::/29 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2a00:c080::/32 maxlen: 48
2a02:348::/32 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2a02:348:7d::/48 maxlen: 48
2a03:4f00::/32 maxlen: 48
2a03:5700::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d9:79:c9:f7:15:4b:40:fd:65:05:d2:67:c0:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 2 01:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ea6c3b35d2eaf3b15040bc31662a46ff20c018f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:44:d7:2b:75:30:62:b7:6b:05:2a:16:37:ed:
ee:f2:fe:af:b0:23:a0:ec:3c:b5:b2:3a:7d:23:8c:
23:da:63:14:91:15:61:ca:00:1d:1d:75:16:73:2f:
d6:63:68:91:8c:10:93:4d:e5:2b:90:ed:b9:f4:dc:
34:0f:87:72:66:76:0c:a4:9e:57:51:14:05:f1:e7:
94:0a:6a:ee:ed:a1:67:c1:49:04:9c:f6:48:c5:cf:
7a:0b:71:2c:cb:06:04:da:b4:2a:b7:fe:f8:ea:34:
92:05:19:b5:51:73:ee:95:a6:0c:b8:4a:85:c2:25:
72:c2:2d:d4:3d:8e:14:0f:15:bd:a9:9c:9e:9f:c9:
59:b4:12:f2:ce:22:71:d1:ee:87:4e:75:24:ee:a9:
22:96:ec:41:10:8c:0a:c6:a7:06:4c:20:77:f9:47:
ea:17:7d:07:2a:c2:82:d8:71:22:95:84:2d:c4:9c:
87:a2:69:78:ec:7b:1a:3a:b6:7d:48:b1:11:93:cd:
02:9f:17:26:1b:1d:d3:9e:66:b1:5d:2c:af:e9:40:
78:b3:f0:68:b1:a3:a5:89:18:62:37:ed:d0:ab:47:
e6:88:ee:a0:c5:5c:00:19:12:12:8f:fd:3f:f8:06:
71:b8:dd:7a:13:2d:ed:b1:21:41:da:1d:e1:a9:a0:
8e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A6:C3:B3:5D:2E:AF:3B:15:04:0B:C3:16:62:A4:6F:F2:0C:01:8F
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/HqbDs10urzsVBAvDFmKkb_IMAY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
37.34.48.0/21
37.230.96.0/21
46.226.56.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.189.208.0/22
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
94.142.208.0/21
141.138.192.0/20
141.255.176.0/22
171.33.128.0/21
176.74.224.0/19
178.18.80.0/20
185.3.208.0/22
185.15.248.0/22
185.21.188.0/22
185.65.52.0/22
185.89.152.0/22
185.95.68.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.138.204.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a00:c080::/32
2a02:348::/32
2a03:4f00::/32
2a03:5700::/32
Signature Algorithm: sha256WithRSAEncryption
6f:52:e7:85:25:d0:d0:4c:53:27:76:da:5e:47:19:ca:fc:a8:
b3:6f:48:d6:ed:b1:a8:4e:0a:f5:7a:a0:ba:a0:08:50:5c:8a:
fd:8d:1f:f5:08:e3:b1:6e:be:5b:a9:76:5b:26:0a:6e:c4:eb:
a9:cc:33:c8:bb:9f:24:76:fc:34:6a:a5:3d:9e:ea:e0:92:d2:
f9:ab:9a:8a:4c:e9:0f:3c:0e:8d:ff:b1:7b:0b:47:a4:3d:6d:
f0:e7:f7:f5:2a:0d:00:ee:23:a4:9b:1a:88:7d:d9:23:9c:04:
37:74:59:d6:20:a6:7e:2e:83:45:7f:67:82:7e:1b:ab:9c:f3:
d9:fd:88:bf:1e:f9:95:28:d2:31:72:56:1a:2c:60:b5:3e:7d:
f8:17:fc:a7:f2:dc:04:d6:3f:86:9d:ee:b8:5b:89:50:af:b4:
bc:dd:5a:fa:7d:59:30:f0:24:cd:8c:56:bb:a3:41:b2:f2:c1:
18:77:20:86:76:25:50:8d:cd:77:d2:8d:37:7a:e4:a1:79:10:
7a:7b:ac:6d:7c:d8:6c:ac:22:22:db:7a:94:a8:ec:9c:79:b2:
ca:84:19:9f:e3:39:45:3b:0b:30:0e:98:cf:3d:c3:62:aa:09:
36:8e:bc:e7:c8:91:e8:cc:c9:4b:b4:9d:c3:dd:f6:1b:bf:89:
41:32:1e:eb
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZQks9l5yfcVS0D9ZQXSZ8C0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwMTAyMDE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE2YzNiMzVkMmVhZjNiMTUwNDBiYzMxNjYyYTQ2ZmYyMGMwMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ETXK3UwYrdrBSoWN+3u8v6vsCOg
7Dy1sjp9I4wj2mMUkRVhygAdHXUWcy/WY2iRjBCTTeUrkO259Nw0D4dyZnYMpJ5X
URQF8eeUCmru7aFnwUkEnPZIxc96C3EsywYE2rQqt/746jSSBRm1UXPulaYMuEqF
wiVywi3UPY4UDxW9qZyen8lZtBLyziJx0e6HTnUk7qkiluxBEIwKxqcGTCB3+Ufq
F30HKsKC2HEilYQtxJyHoml47HsaOrZ9SLERk80CnxcmGx3TnmaxXSyv6UB4s/Bo
saOliRhiN+3Qq0fmiO6gxVwAGRISj/0/+AZxuN16Ey3tsSFB2h3hqaCOUwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFB6mw7NdLq87FQQLwxZipG/yDAGPMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvSHFiRHMxMHVyenNWQkF2REZtS2tiX0lNQVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCASQEAgABMIIB
HAMEAx8DCAMEAx8DYAMEBB/foAMEBCUR0AMEAyUiMAMEAyXmYAMEAy7iOAMEBE5s
gAMEA0+qWAMEBVBU4AMEBFD2wAMEBFD/8DAMAwQGUQRAAwQCUQRgAwQDUQRwAwQD
URWIAwQEUR4gAwQHU2CAAwQFVQqgAwQDVd7gAwQDWR9gAwQEW47wAwQCW73QAwQC
W80gAwQAW9iiAwQDXb+AAwQDXo7QAwQEjYrAAwQCjf+wAwQDqyGAAwQFsErgAwQE
shJQAwQCuQPQAwQCuQ/4AwQCuRW8AwQCuUE0AwQCuVmYAwQCuV9EAwQCuW6sAwQC
uW7IAwQCwV2sAwQCwYrMAwQAwfJ3AwQAwjzPAwQD1bvwAwQE2RXwAwQE2ZWAMDAE
AgACMCoDBQAgAQgoAwUDIAFMuAMFACoAwIADBQAqAgNIAwUAKgNPAAMFACoDVwAw
DQYJKoZIhvcNAQELBQADggEBAG9S54Ul0NBMUyd22l5HGcr8qLNvSNbtsahOCvV6
oLqgCFBciv2NH/UI47FuvlupdlsmCm7E66nMM8i7nyR2/DRqpT2e6uCS0vmrmopM
6Q88Do3/sXsLR6Q9bfDn9/UqDQDuI6SbGoh92SOcBDd0WdYgpn4ug0V/Z4J+G6uc
89n9iL8e+ZUo0jFyVhosYLU+ffgX/Kfy3ATWP4ad7rhbiVCvtLzdWvp9WTDwJM2M
VrujQbLywRh3IIZ2JVCNzXfSjTd65KF5EHp7rG182GysIiLbepSo7Jx5ssqEGZ/j
OUU7CzAOmM89w2KqCTaOvOfIkejMyUu0ncPd9hu/iUEyHus=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:47:45 2025 by rpki-client