Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/qmRq0nT8AUced9vBOL0NqELtGR4.roa
File: qmRq0nT8AUced9vBOL0NqELtGR4.roa (raw, json)
Hash identifier: oaWZu0SgsjdfLiw2WcN5Ite35plNpcdUa0JGc+hsxxI=
Subject key identifier: AA:64:6A:D2:74:FC:01:47:1E:77:DB:C1:38:BD:0D:A8:42:ED:19:1E
Certificate issuer: /CN=5484b53ec069e302623596fb3aa79f5d782c09f9
Certificate serial: 019427B6876764A0290B1EDCBFBF57A6132F
Authority key identifier: 54:84:B5:3E:C0:69:E3:02:62:35:96:FB:3A:A7:9F:5D:78:2C:09:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VIS1PsBp4wJiNZb7OqefXXgsCfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/qmRq0nT8AUced9vBOL0NqELtGR4.roa
Signing time: Thu 02 Jan 2025 15:51:01 +0000
ROA not before: Thu 02 Jan 2025 15:51:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34949
IP address blocks: 109.239.112.0/23 maxlen: 23
109.239.112.0/24 maxlen: 24
109.239.113.0/24 maxlen: 24
109.239.114.0/23 maxlen: 24
109.239.116.0/23 maxlen: 23
109.239.116.0/24 maxlen: 24
109.239.117.0/24 maxlen: 24
109.239.118.0/23 maxlen: 23
109.239.118.0/24 maxlen: 24
109.239.119.0/24 maxlen: 24
109.239.122.0/23 maxlen: 23
109.239.122.0/24 maxlen: 24
109.239.123.0/24 maxlen: 24
109.239.124.0/23 maxlen: 23
109.239.125.0/24 maxlen: 24
109.239.126.0/23 maxlen: 23
109.239.126.0/24 maxlen: 24
109.239.127.0/24 maxlen: 24
159.100.32.0/23 maxlen: 23
159.100.32.0/24 maxlen: 24
159.100.33.0/24 maxlen: 24
159.100.34.0/23 maxlen: 23
159.100.34.0/24 maxlen: 24
159.100.35.0/24 maxlen: 24
159.100.38.0/23 maxlen: 23
159.100.38.0/24 maxlen: 24
159.100.39.0/24 maxlen: 24
159.100.40.0/23 maxlen: 23
159.100.40.0/24 maxlen: 24
159.100.41.0/24 maxlen: 24
159.100.42.0/23 maxlen: 23
159.100.42.0/24 maxlen: 24
159.100.43.0/24 maxlen: 24
159.100.44.0/24 maxlen: 24
185.60.24.0/23 maxlen: 23
185.60.24.0/24 maxlen: 24
185.60.25.0/24 maxlen: 24
185.60.26.0/23 maxlen: 23
185.60.26.0/24 maxlen: 24
185.85.224.0/23 maxlen: 23
185.85.224.0/24 maxlen: 24
185.85.225.0/24 maxlen: 24
185.85.226.0/23 maxlen: 23
185.85.226.0/24 maxlen: 24
185.85.227.0/24 maxlen: 24
217.112.48.0/23 maxlen: 24
217.112.49.0/24 maxlen: 24
217.112.50.0/23 maxlen: 23
217.112.50.0/24 maxlen: 24
217.112.51.0/24 maxlen: 24
217.112.52.0/23 maxlen: 23
217.112.52.0/24 maxlen: 24
217.112.53.0/24 maxlen: 24
217.112.54.0/23 maxlen: 23
217.112.54.0/24 maxlen: 24
217.112.55.0/24 maxlen: 24
217.112.56.0/23 maxlen: 23
217.112.56.0/24 maxlen: 24
217.112.57.0/24 maxlen: 24
217.112.58.0/23 maxlen: 23
217.112.58.0/24 maxlen: 24
217.112.59.0/24 maxlen: 24
217.112.60.0/23 maxlen: 23
217.112.60.0/24 maxlen: 24
217.112.61.0/24 maxlen: 24
217.112.62.0/23 maxlen: 24
217.112.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:87:67:64:a0:29:0b:1e:dc:bf:bf:57:a6:13:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5484b53ec069e302623596fb3aa79f5d782c09f9
Validity
Not Before: Jan 2 15:51:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa646ad274fc01471e77dbc138bd0da842ed191e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3b:2c:ba:e9:40:93:a4:88:1c:1a:e2:26:7d:
62:24:a5:fa:11:8e:d5:4c:7f:fb:83:9d:31:82:e8:
71:90:f0:77:4a:8a:c5:55:e7:e4:aa:ae:9e:9c:0e:
af:94:bc:d0:cd:31:6c:1a:48:3e:a3:e1:1d:d7:be:
7c:3d:0f:5d:e8:34:43:a7:d8:3a:13:83:e2:16:0b:
e6:8b:a4:0f:34:cf:29:da:42:cb:4e:be:b1:4f:07:
7a:3b:12:e9:40:ed:91:14:a9:0e:d8:07:86:fc:9e:
47:ba:ab:bc:c2:14:3d:bc:84:69:02:e2:f0:cb:cd:
83:9c:e5:46:57:11:38:62:ad:a4:a3:c4:ae:4b:1d:
53:9d:7a:84:e6:17:70:0e:08:c5:c3:87:5d:7b:0a:
02:52:22:a9:0f:73:28:3e:02:06:8d:ac:67:ca:23:
44:56:0d:bd:e6:9d:24:d4:39:23:aa:48:69:a3:29:
53:9c:09:c3:e5:4a:15:67:f7:6c:41:11:25:49:c9:
e9:a7:ed:42:de:09:ab:82:ca:99:47:eb:3e:00:91:
12:ef:ca:7c:78:80:ef:2a:38:9e:5e:64:4d:37:93:
21:92:cc:7e:ad:b3:d3:e8:3f:7d:3a:4c:db:ba:de:
b3:03:bd:50:2a:f7:fe:9c:d1:2a:00:46:61:b4:93:
93:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:64:6A:D2:74:FC:01:47:1E:77:DB:C1:38:BD:0D:A8:42:ED:19:1E
X509v3 Authority Key Identifier:
keyid:54:84:B5:3E:C0:69:E3:02:62:35:96:FB:3A:A7:9F:5D:78:2C:09:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VIS1PsBp4wJiNZb7OqefXXgsCfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/qmRq0nT8AUced9vBOL0NqELtGR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/VIS1PsBp4wJiNZb7OqefXXgsCfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.239.112.0/21
109.239.122.0-109.239.127.255
159.100.32.0/22
159.100.38.0-159.100.44.255
185.60.24.0/22
185.85.224.0/22
217.112.48.0/20
Signature Algorithm: sha256WithRSAEncryption
64:3b:dc:bb:aa:41:3a:33:df:3d:42:43:22:17:6a:ea:5d:1a:
2d:22:46:17:d5:24:25:d8:3c:cd:b0:e2:08:0e:22:43:ff:e2:
df:a8:d0:4a:64:2d:64:1b:fc:90:5a:73:11:96:e0:65:b5:5f:
f1:ee:0d:b0:45:ff:b8:80:8d:b9:a2:f6:52:7e:9f:3b:0c:e9:
69:ea:c9:72:a1:5c:51:3b:c5:19:31:3e:d1:6d:01:12:4a:59:
2b:00:a0:d6:ec:58:84:63:42:e7:40:d5:4e:ff:71:cb:77:05:
02:2d:86:91:a5:2c:97:e7:39:d7:e7:97:8f:f8:f0:d8:fe:c3:
53:e4:05:e5:ca:ce:83:91:6b:8b:e0:8b:02:66:b9:a7:d3:5b:
d9:10:eb:4a:78:22:0f:f4:07:87:4b:18:24:05:0f:15:fd:cf:
39:54:fa:a6:ad:e4:20:8f:67:61:c1:9f:5a:28:48:10:f4:f8:
6b:4b:ee:b2:d6:92:7e:80:95:d4:ed:34:d0:26:7b:af:9f:11:
bb:d0:b7:90:34:71:e4:78:95:b7:8f:a2:18:65:a1:ca:0b:bd:
b1:ef:16:71:83:77:7b:76:a4:dc:01:b8:0a:75:72:ad:2a:70:
6c:28:c1:5f:2b:1c:07:24:9e:d4:ef:c4:87:11:15:18:54:8e:
11:6c:62:0c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQntodnZKApCx7cv79XphMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ODRiNTNlYzA2OWUzMDI2MjM1OTZmYjNhYTc5ZjVkNzgy
YzA5ZjkwHhcNMjUwMTAyMTU1MTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTY0NmFkMjc0ZmMwMTQ3MWU3N2RiYzEzOGJkMGRhODQyZWQxOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTssuulAk6SIHBriJn1iJKX6EY7V
TH/7g50xguhxkPB3SorFVefkqq6enA6vlLzQzTFsGkg+o+Ed1758PQ9d6DRDp9g6
E4PiFgvmi6QPNM8p2kLLTr6xTwd6OxLpQO2RFKkO2AeG/J5Huqu8whQ9vIRpAuLw
y82DnOVGVxE4Yq2ko8SuSx1TnXqE5hdwDgjFw4ddewoCUiKpD3MoPgIGjaxnyiNE
Vg295p0k1DkjqkhpoylTnAnD5UoVZ/dsQRElScnpp+1C3gmrgsqZR+s+AJES78p8
eIDvKjieXmRNN5Mhksx+rbPT6D99Okzbut6zA71QKvf+nNEqAEZhtJOTRwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKpkatJ0/AFHHnfbwTi9DahC7RkeMB8GA1UdIwQY
MBaAFFSEtT7AaeMCYjWW+zqnn114LAn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVklTMVBzQnA0d0ppTlpiN09xZWZYWGdzQ2ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jYTYxOGMtMzVjZS00ZDMxLWJiODkt
Y2U4ZGQ2ODk4YjI3LzEvcW1ScTBuVDhBVWNlZDl2Qk9MME5xRUx0R1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jYTYxOGMtMzVjZS00ZDMxLWJiODktY2U4ZGQ2ODk4YjI3
LzEvVklTMVBzQnA0d0ppTlpiN09xZWZYWGdzQ2ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDbe9wMAwD
BAFt73oDBAdt7wADBAKfZCAwDAMEAZ9kJgMEAJ9kLAMEArk8GAMEArlV4AMEBNlw
MDANBgkqhkiG9w0BAQsFAAOCAQEAZDvcu6pBOjPfPUJDIhdq6l0aLSJGF9UkJdg8
zbDiCA4iQ//i36jQSmQtZBv8kFpzEZbgZbVf8e4NsEX/uICNuaL2Un6fOwzpaerJ
cqFcUTvFGTE+0W0BEkpZKwCg1uxYhGNC50DVTv9xy3cFAi2GkaUsl+c51+eXj/jw
2P7DU+QF5crOg5Fri+CLAma5p9Nb2RDrSngiD/QHh0sYJAUPFf3POVT6pq3kII9n
YcGfWihIEPT4a0vustaSfoCV1O000CZ7r58Ru9C3kDRx5HiVt4+iGGWhygu9se8W
cYN3e3ak3AG4CnVyrSpwbCjBXyscBySe1O/EhxEVGFSOEWxiDA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:09:54 2025 by rpki-client