Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/VQHe2S-7j8SMoLbiYSjz9IrWVbc.roa
File: VQHe2S-7j8SMoLbiYSjz9IrWVbc.roa (raw, json)
Hash identifier: 4EmRDMW6ZpVFVYfLs3GRzG+ePL4wqHpJMD783K3OCFc=
Subject key identifier: 55:01:DE:D9:2F:BB:8F:C4:8C:A0:B6:E2:61:28:F3:F4:8A:D6:55:B7
Certificate issuer: /CN=4e15df688c3aeae3f685ed44b396c2198395861d
Certificate serial: 019425222ED0ED80D4FEF90253B110895CF9
Authority key identifier: 4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/VQHe2S-7j8SMoLbiYSjz9IrWVbc.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29314
IP address blocks: 31.6.128.0/18 maxlen: 18
31.6.192.0/19 maxlen: 19
31.6.218.0/24 maxlen: 24
31.42.16.0/20 maxlen: 20
37.131.128.0/19 maxlen: 19
37.190.128.0/17 maxlen: 17
62.61.32.0/19 maxlen: 19
62.141.192.0/18 maxlen: 18
80.244.128.0/19 maxlen: 19
80.245.176.0/20 maxlen: 20
81.190.0.0/16 maxlen: 16
82.115.64.0/19 maxlen: 19
83.68.64.0/19 maxlen: 19
84.38.80.0/20 maxlen: 20
85.117.0.0/19 maxlen: 19
87.116.192.0/18 maxlen: 18
89.17.224.0/19 maxlen: 19
89.228.0.0/16 maxlen: 16
89.229.0.0/16 maxlen: 16
89.230.0.0/16 maxlen: 16
89.231.0.0/16 maxlen: 16
92.42.112.0/21 maxlen: 21
93.94.184.0/21 maxlen: 21
94.78.128.0/18 maxlen: 18
94.251.128.0/17 maxlen: 17
94.251.168.0/24 maxlen: 24
95.129.224.0/21 maxlen: 21
95.174.32.0/19 maxlen: 19
176.107.112.0/21 maxlen: 21
176.221.96.0/19 maxlen: 19
185.31.184.0/22 maxlen: 22
193.43.240.0/22 maxlen: 22
193.106.76.0/22 maxlen: 22
193.200.118.0/23 maxlen: 23
194.116.132.0/23 maxlen: 23
194.149.240.0/24 maxlen: 24
195.93.134.0/23 maxlen: 23
195.93.222.0/23 maxlen: 23
213.136.224.0/19 maxlen: 19
217.70.48.0/20 maxlen: 20
217.75.48.0/20 maxlen: 20
217.144.192.0/19 maxlen: 19
217.172.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2e:d0:ed:80:d4:fe:f9:02:53:b1:10:89:5c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e15df688c3aeae3f685ed44b396c2198395861d
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5501ded92fbb8fc48ca0b6e26128f3f48ad655b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:95:c5:b0:ee:df:be:e2:eb:8b:d7:bf:9b:df:
b0:d1:40:fb:8f:77:eb:b5:07:5e:8e:8f:fb:99:20:
5c:b0:d1:5c:9e:3e:06:bb:1c:87:50:67:f0:af:30:
a5:5f:e8:42:f2:9b:68:56:8c:07:ae:f6:66:3e:5d:
63:44:af:37:a2:b9:80:2f:dc:3d:93:82:39:89:b7:
62:25:aa:c0:e3:6b:48:0b:65:ca:63:7b:44:ae:5e:
01:46:0d:c5:45:07:50:f0:ec:12:a7:34:a6:48:7c:
35:f4:d5:05:b9:74:53:42:60:d3:8c:5c:23:16:40:
53:6e:f6:07:51:df:1c:df:f8:d9:36:56:a6:71:4c:
5b:ec:9c:42:df:99:dd:0c:2b:78:23:5e:34:4c:00:
47:88:69:46:e1:92:b8:35:f1:1b:f7:16:f2:5a:06:
e2:dc:ad:59:5f:8f:e0:91:85:6a:ef:45:19:c9:92:
ee:9e:da:27:19:15:8f:2f:a0:c0:70:57:71:97:ff:
3d:2d:34:7d:c1:d5:11:e0:38:4f:7b:c2:c6:6b:d8:
f6:c2:a5:76:95:15:73:da:89:b5:4f:80:fe:70:c8:
a2:b3:7a:8e:21:2a:85:8d:fa:d3:dd:c9:40:26:3c:
af:b2:aa:bf:68:bf:af:ba:20:6f:5a:80:2c:34:e2:
84:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:01:DE:D9:2F:BB:8F:C4:8C:A0:B6:E2:61:28:F3:F4:8A:D6:55:B7
X509v3 Authority Key Identifier:
keyid:4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/VQHe2S-7j8SMoLbiYSjz9IrWVbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.128.0-31.6.223.255
31.42.16.0/20
37.131.128.0/19
37.190.128.0/17
62.61.32.0/19
62.141.192.0/18
80.244.128.0/19
80.245.176.0/20
81.190.0.0/16
82.115.64.0/19
83.68.64.0/19
84.38.80.0/20
85.117.0.0/19
87.116.192.0/18
89.17.224.0/19
89.228.0.0/14
92.42.112.0/21
93.94.184.0/21
94.78.128.0/18
94.251.128.0/17
95.129.224.0/21
95.174.32.0/19
176.107.112.0/21
176.221.96.0/19
185.31.184.0/22
193.43.240.0/22
193.106.76.0/22
193.200.118.0/23
194.116.132.0/23
194.149.240.0/24
195.93.134.0/23
195.93.222.0/23
213.136.224.0/19
217.70.48.0/20
217.75.48.0/20
217.144.192.0/19
217.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
35:64:92:f8:fc:dc:6a:be:d7:7e:32:99:fc:d6:12:7d:1d:ee:
93:c7:52:77:6f:61:af:d3:26:0a:c9:dc:3a:f0:fb:87:16:68:
c1:c4:68:0b:ca:ea:0e:33:cc:e6:63:a0:0a:68:05:16:a1:ef:
83:3c:17:b2:7f:be:8b:42:6f:6a:d9:a3:9a:6d:50:5d:d5:31:
48:03:1d:4f:5a:be:ed:c8:19:51:bb:ff:e7:43:d8:87:f1:88:
45:98:78:74:f0:95:20:50:95:cc:46:6e:90:ec:94:be:1f:8a:
28:44:74:12:37:f4:fb:9b:58:9c:73:d9:17:94:38:7c:b7:1d:
ff:42:30:6b:bb:40:e2:17:27:0a:e8:2d:0f:54:4e:15:ce:88:
7c:87:26:f8:d3:d1:1b:54:0d:9e:69:07:5f:c3:1e:d9:3a:f3:
79:8c:d1:42:eb:5a:a9:22:1d:70:62:13:82:76:8a:cc:97:0f:
8b:84:11:8b:d6:37:18:2e:1e:18:83:92:fa:e6:09:7a:27:a0:
34:3f:76:64:98:ad:67:25:ce:6e:5b:a5:47:45:33:d9:24:8d:
d6:f1:d5:b6:3b:4a:cb:f2:70:71:7e:83:11:f5:30:c8:d4:b0:
6f:e5:4d:4d:92:38:25:79:36:18:c5:2e:93:a9:af:35:b4:33:
96:ff:82:74
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZQlIi7Q7YDU/vkCU7EQiVz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTVkZjY4OGMzYWVhZTNmNjg1ZWQ0NGIzOTZjMjE5ODM5
NTg2MWQwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTAxZGVkOTJmYmI4ZmM0OGNhMGI2ZTI2MTI4ZjNmNDhhZDY1NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75XFsO7fvuLri9e/m9+w0UD7j3fr
tQdejo/7mSBcsNFcnj4GuxyHUGfwrzClX+hC8ptoVowHrvZmPl1jRK83ormAL9w9
k4I5ibdiJarA42tIC2XKY3tErl4BRg3FRQdQ8OwSpzSmSHw19NUFuXRTQmDTjFwj
FkBTbvYHUd8c3/jZNlamcUxb7JxC35ndDCt4I140TABHiGlG4ZK4NfEb9xbyWgbi
3K1ZX4/gkYVq70UZyZLuntonGRWPL6DAcFdxl/89LTR9wdUR4DhPe8LGa9j2wqV2
lRVz2om1T4D+cMiis3qOISqFjfrT3clAJjyvsqq/aL+vuiBvWoAsNOKE/QIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFFUB3tkvu4/EjKC24mEo8/SK1lW3MB8GA1UdIwQY
MBaAFE4V32iMOurj9oXtRLOWwhmDlYYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEt
OGE2ZTU1NDE5NmJiLzEvVlFIZTJTLTdqOFNNb0xiaVlTano5SXJXVmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEtOGE2ZTU1NDE5NmJi
LzEvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkMAwD
BAcfBoADBAUfBsADBAQfKhADBAUlg4ADBAclvoADBAU+PSADBAY+jcADBAVQ9IAD
BARQ9bADAwBRvgMEBVJzQAMEBVNEQAMEBFQmUAMEBVV1AAMEBld0wAMEBVkR4AMD
AlnkAwQDXCpwAwQDXV64AwQGXk6AAwQHXvuAAwQDX4HgAwQFX64gAwQDsGtwAwQF
sN1gAwQCuR+4AwQCwSvwAwQCwWpMAwQBwch2AwQBwnSEAwQAwpXwAwQBw12GAwQB
w13eAwQF1YjgAwQE2UYwAwQE2UswAwQF2ZDAAwQF2azgMA0GCSqGSIb3DQEBCwUA
A4IBAQA1ZJL4/Nxqvtd+Mpn81hJ9He6Tx1J3b2Gv0yYKydw68PuHFmjBxGgLyuoO
M8zmY6AKaAUWoe+DPBeyf76LQm9q2aOabVBd1TFIAx1PWr7tyBlRu//nQ9iH8YhF
mHh08JUgUJXMRm6Q7JS+H4ooRHQSN/T7m1icc9kXlDh8tx3/QjBru0DiFycK6C0P
VE4Vzoh8hyb409EbVA2eaQdfwx7ZOvN5jNFC61qpIh1wYhOCdorMlw+LhBGL1jcY
Lh4Yg5L65gl6J6A0P3ZkmK1nJc5uW6VHRTPZJI3W8dW2O0rL8nBxfoMR9TDI1LBv
5U1NkjgleTYYxS6Tqa81tDOW/4J0
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:22:03 2025 by rpki-client