Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/qWtkpWcxzcHPkJpM0DbSGvqPLMc.roa
File: qWtkpWcxzcHPkJpM0DbSGvqPLMc.roa (raw, json)
Hash identifier: L2Jwusd2s8Oy8wDnyTodX1ZVqYdMd4FW4zdBBLfM0uo=
Subject key identifier: A9:6B:64:A5:67:31:CD:C1:CF:90:9A:4C:D0:36:D2:1A:FA:8F:2C:C7
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01941FFA720304BB4D4B1F2BF12513439D6E
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/qWtkpWcxzcHPkJpM0DbSGvqPLMc.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3265
IP address blocks: 62.216.0.0/19 maxlen: 19
80.100.0.0/15 maxlen: 15
80.126.0.0/15 maxlen: 15
82.92.0.0/14 maxlen: 14
82.161.0.0/16 maxlen: 16
83.68.0.0/20 maxlen: 20
83.68.16.0/21 maxlen: 21
83.68.24.0/22 maxlen: 22
83.68.28.0/24 maxlen: 24
83.68.29.0/24 maxlen: 24
83.68.31.0/24 maxlen: 24
83.160.0.0/14 maxlen: 14
194.109.0.0/16 maxlen: 16
195.64.80.0/20 maxlen: 20
213.222.0.0/19 maxlen: 19
2001:888::/29 maxlen: 29
2001:888::/30 maxlen: 30
2001:888::/32 maxlen: 32
2001:980::/29 maxlen: 29
2001:980::/30 maxlen: 30
2001:980::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:72:03:04:bb:4d:4b:1f:2b:f1:25:13:43:9d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a96b64a56731cdc1cf909a4cd036d21afa8f2cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a9:cc:7d:27:28:69:02:97:cc:23:c2:4d:e5:
1b:17:25:41:6b:be:7a:85:28:66:36:54:71:f8:20:
42:bc:79:49:9e:b7:60:b1:c4:af:bd:66:52:f0:77:
c3:5b:17:34:52:7b:68:95:92:79:a3:6d:42:65:3c:
30:23:ab:ea:4c:87:ce:fe:f4:30:c4:e5:8c:b6:2e:
f3:38:38:24:f4:4c:14:52:0d:67:25:35:27:be:57:
b3:ae:e5:f9:76:7a:95:4f:4c:4f:56:04:f8:38:62:
b7:a5:e0:f3:c3:29:be:67:05:97:71:20:08:c5:3c:
f9:16:d3:21:41:a1:31:45:1b:6f:72:4f:36:3c:21:
db:65:eb:11:94:c2:50:58:33:71:e9:89:c9:c0:a2:
5d:76:f3:a6:f0:ed:11:d1:f7:93:e3:f5:76:b7:50:
6e:a0:31:e5:9d:55:76:e7:62:97:67:75:32:3f:57:
c6:c5:6b:50:38:05:74:10:03:49:3d:bd:9a:e7:77:
b0:26:2c:e9:c9:89:d5:76:68:fc:ef:01:50:a1:d2:
5f:63:2a:bc:eb:71:3b:cb:f8:b9:e2:07:7a:e9:16:
fb:83:29:af:04:48:2f:ca:3b:37:f5:ac:81:36:2d:
b7:97:4a:2c:55:3e:d2:20:ee:f8:9d:82:7f:20:8f:
31:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:6B:64:A5:67:31:CD:C1:CF:90:9A:4C:D0:36:D2:1A:FA:8F:2C:C7
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/qWtkpWcxzcHPkJpM0DbSGvqPLMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.0.0/19
80.100.0.0/15
80.126.0.0/15
82.92.0.0/14
82.161.0.0/16
83.68.0.0-83.68.29.255
83.68.31.0/24
83.160.0.0/14
194.109.0.0/16
195.64.80.0/20
213.222.0.0/19
IPv6:
2001:888::/29
2001:980::/29
Signature Algorithm: sha256WithRSAEncryption
28:a3:3a:31:45:72:a4:64:5f:d3:31:e9:a4:2f:15:98:b1:8e:
4f:d7:96:31:ec:40:7f:17:fc:fa:b6:63:b7:4d:3a:6f:fb:f4:
91:4f:ad:66:46:38:fe:b8:ff:e4:8e:e9:1e:ba:18:41:17:88:
85:cf:e6:9c:54:bf:e6:ff:04:0c:19:ff:68:7f:68:45:07:f2:
42:ce:96:9b:5a:20:8f:dd:9e:5e:6f:47:4c:a5:23:10:fc:33:
ac:99:df:80:7e:37:47:d3:3a:b8:80:a6:43:a6:9b:e0:83:0d:
97:dc:fb:2a:13:79:42:19:d4:f0:77:68:8b:c8:40:37:80:32:
6a:4e:f9:d9:b0:26:32:ea:a2:10:c1:a9:24:d9:1d:3c:30:b6:
cc:67:f0:b4:5c:f2:da:f9:a8:a9:e9:2d:da:ac:4d:83:c9:8c:
0a:3f:b5:c5:8b:43:ce:5e:06:65:3c:e3:4e:b5:d3:c2:14:6e:
52:f1:bb:c3:17:09:69:7b:8a:11:f8:97:66:ad:79:29:3a:df:
c6:9d:53:46:4e:c8:8d:52:3b:8a:59:ea:e4:ad:a6:fa:a8:cb:
e0:56:a1:a0:89:60:78:c9:f4:57:de:60:da:43:2f:d8:e2:00:
e8:b1:89:43:a4:6b:01:00:f0:00:4f:f5:f6:0c:59:84:fa:4d:
f1:09:8a:11
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQf+nIDBLtNSx8r8SUTQ51uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTZiNjRhNTY3MzFjZGMxY2Y5MDlhNGNkMDM2ZDIxYWZhOGYyY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoanMfScoaQKXzCPCTeUbFyVBa756
hShmNlRx+CBCvHlJnrdgscSvvWZS8HfDWxc0UntolZJ5o21CZTwwI6vqTIfO/vQw
xOWMti7zODgk9EwUUg1nJTUnvlezruX5dnqVT0xPVgT4OGK3peDzwym+ZwWXcSAI
xTz5FtMhQaExRRtvck82PCHbZesRlMJQWDNx6YnJwKJddvOm8O0R0feT4/V2t1Bu
oDHlnVV252KXZ3UyP1fGxWtQOAV0EANJPb2a53ewJizpyYnVdmj87wFQodJfYyq8
63E7y/i54gd66Rb7gymvBEgvyjs39ayBNi23l0osVT7SIO74nYJ/II8xqQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFKlrZKVnMc3Bz5CaTNA20hr6jyzHMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvcVd0a3BXY3h6Y0hQa0pwTTBEYlNHdnFQTE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBJBAIAATBDAwQFPtgAAwMB
UGQDAwFQfgMDAlJcAwMAUqEwCwMDAlNEAwQBU0QcAwQAU0QfAwMCU6ADAwDCbQME
BMNAUAMEBdXeADAUBAIAAjAOAwUDIAEIiAMFAyABCYAwDQYJKoZIhvcNAQELBQAD
ggEBACijOjFFcqRkX9Mx6aQvFZixjk/XljHsQH8X/Pq2Y7dNOm/79JFPrWZGOP64
/+SO6R66GEEXiIXP5pxUv+b/BAwZ/2h/aEUH8kLOlptaII/dnl5vR0ylIxD8M6yZ
34B+N0fTOriApkOmm+CDDZfc+yoTeUIZ1PB3aIvIQDeAMmpO+dmwJjLqohDBqSTZ
HTwwtsxn8LRc8tr5qKnpLdqsTYPJjAo/tcWLQ85eBmU8406108IUblLxu8MXCWl7
ihH4l2ateSk638adU0ZOyI1SO4pZ6uStpvqoy+BWoaCJYHjJ9FfeYNpDL9jiAOix
iUOkawEA8ABP9fYMWYT6TfEJihE=
-----END CERTIFICATE-----
Generated at Sat May 3 10:04:45 2025 by rpki-client