Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/QEss9zLOzbnk5Xa_0K4YXbMb5qY.roa
File: QEss9zLOzbnk5Xa_0K4YXbMb5qY.roa (raw, json)
Hash identifier: OBsJALGCyyQG7Ejkwlv6+1osaKxY665jLogVGloKmd4=
Subject key identifier: 40:4B:2C:F7:32:CE:CD:B9:E4:E5:76:BF:D0:AE:18:5D:B3:1B:E6:A6
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 0194221F3107D634A6B872DCDDF58D089653
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/QEss9zLOzbnk5Xa_0K4YXbMb5qY.roa
Signing time: Wed 01 Jan 2025 13:47:37 +0000
ROA not before: Wed 01 Jan 2025 13:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.64.0/24 maxlen: 24
217.76.65.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:27::/48 maxlen: 48
2a03:32c0:28::/48 maxlen: 48
2a03:32c0:29::/48 maxlen: 48
2a03:32c0:2a::/48 maxlen: 48
2a03:32c0:2b::/48 maxlen: 48
2a03:32c0:2c::/48 maxlen: 48
2a03:32c0:2d::/48 maxlen: 48
2a03:32c0:2e::/48 maxlen: 48
2a03:32c0:2f::/48 maxlen: 48
2a03:32c0:30::/48 maxlen: 48
2a03:32c0:31::/48 maxlen: 48
2a03:32c0:32::/48 maxlen: 48
2a03:32c0:33::/48 maxlen: 48
2a03:32c0:300a::/48 maxlen: 48
2a03:32c0:300b::/48 maxlen: 48
2a03:32c0:300c::/48 maxlen: 48
2a03:32c0:300d::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
2a03:32c0:3011::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:31:07:d6:34:a6:b8:72:dc:dd:f5:8d:08:96:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 1 13:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=404b2cf732cecdb9e4e576bfd0ae185db31be6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b0:75:b1:ca:d1:63:bd:3e:1d:52:4c:14:11:
70:b1:ef:8a:d8:b7:d9:ba:71:a0:3e:69:a1:80:b3:
62:0a:0a:b0:1d:60:8d:7e:85:b7:d8:1b:78:2b:13:
4d:07:d1:59:5d:2d:9c:5b:22:3d:da:35:dc:ac:55:
d7:99:fa:7d:9c:7e:4b:d2:f3:12:27:5f:96:b2:f1:
05:9d:b4:bb:cf:69:4b:ba:2f:d3:0e:cb:81:18:dc:
bd:83:09:c2:b9:16:4f:76:09:d5:c6:10:24:30:f6:
e3:5a:87:46:4d:13:fd:56:1f:06:73:b8:08:23:ff:
08:d8:d7:1c:04:24:1f:de:04:0d:1b:72:96:d9:35:
b8:19:c3:75:96:e8:d3:ef:91:53:d4:4a:0d:0d:a3:
ca:7c:e8:ed:bc:bd:fa:53:d3:cb:65:fb:53:21:ab:
91:a0:2f:45:86:cd:3f:e8:fb:40:e3:ac:bc:8a:d2:
e4:d6:ea:aa:58:4f:5a:96:1f:97:1b:80:b1:cf:94:
c8:ad:46:a2:e6:9a:38:5b:f9:c4:e2:15:c5:b5:11:
a4:3d:12:9c:7f:6e:d2:18:6b:7b:2a:46:18:96:c5:
21:10:94:03:5b:59:35:70:0e:db:6f:2e:ee:96:76:
07:4e:f5:3a:01:10:34:e3:f7:e0:6c:82:7e:e8:40:
a3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4B:2C:F7:32:CE:CD:B9:E4:E5:76:BF:D0:AE:18:5D:B3:1B:E6:A6
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/QEss9zLOzbnk5Xa_0K4YXbMb5qY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.64.0/23
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:27::-2a03:32c0:33:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300a::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
d2:e4:af:a3:6d:94:6b:7e:a7:d4:d3:95:6f:a7:30:a0:da:f1:
8d:45:0a:9f:c1:92:bc:7b:93:83:5b:f9:9e:2a:43:cf:32:46:
c5:d3:35:44:c5:58:92:e6:b0:88:50:3e:b8:60:89:c7:7a:d4:
52:c3:1a:4e:61:cc:78:18:c0:00:e4:82:1e:7e:21:9c:6c:e7:
e4:ba:13:30:ff:11:69:ea:4e:54:f7:f7:b8:1a:c3:bd:c0:bd:
73:78:5e:08:95:77:81:3a:8a:30:06:ec:f8:4f:d7:a7:0b:e0:
6b:b4:d7:62:46:69:2b:ea:18:74:82:0f:90:02:a2:ee:30:71:
0e:16:f5:b7:c9:70:f7:74:61:48:68:78:01:07:85:a7:66:64:
ad:17:93:0d:5f:81:6a:bf:f6:f4:39:54:02:02:e6:ec:3e:f8:
d4:a5:82:61:cd:bc:e4:bc:ee:6c:0a:36:35:40:c0:92:f6:62:
e2:e3:09:5e:ff:3e:f0:b2:ef:f4:19:7f:74:96:dd:fc:a0:87:
bf:4f:eb:0e:5b:c5:f8:f8:e5:29:65:c4:b2:3b:dc:9d:34:07:
07:6c:86:6b:6c:62:e5:14:92:9c:e7:5b:e4:92:fe:eb:40:0a:
e4:fd:c4:e7:1c:5d:29:7d:1c:27:ee:32:69:21:16:c9:0e:a3:
18:2d:29:5e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZQiHzEH1jSmuHLc3fWNCJZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjUwMTAxMTM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRiMmNmNzMyY2VjZGI5ZTRlNTc2YmZkMGFlMTg1ZGIzMWJlNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbB1scrRY70+HVJMFBFwse+K2LfZ
unGgPmmhgLNiCgqwHWCNfoW32Bt4KxNNB9FZXS2cWyI92jXcrFXXmfp9nH5L0vMS
J1+WsvEFnbS7z2lLui/TDsuBGNy9gwnCuRZPdgnVxhAkMPbjWodGTRP9Vh8Gc7gI
I/8I2NccBCQf3gQNG3KW2TW4GcN1lujT75FT1EoNDaPKfOjtvL36U9PLZftTIauR
oC9Fhs0/6PtA46y8itLk1uqqWE9alh+XG4Cxz5TIrUai5po4W/nE4hXFtRGkPRKc
f27SGGt7KkYYlsUhEJQDW1k1cA7bby7ulnYHTvU6ARA04/fgbIJ+6ECjrwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFEBLLPcyzs255OV2v9CuGF2zG+amMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvUUVzczl6TE96Ym5rNVhhXzBLNFlYYk1iNXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDA6BAIAATA0AwQFVXVg
AwQCuTlIAwQB2UxAAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBW
BAIAAjBQMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGDAS
AwcAKgMywAAnAwcCKgMywAAwMBIDBwEqAzLAMAoDBwEqAzLAMBAwDQYJKoZIhvcN
AQELBQADggEBANLkr6NtlGt+p9TTlW+nMKDa8Y1FCp/Bkrx7k4Nb+Z4qQ88yRsXT
NUTFWJLmsIhQPrhgicd61FLDGk5hzHgYwADkgh5+IZxs5+S6EzD/EWnqTlT397ga
w73AvXN4XgiVd4E6ijAG7PhP16cL4Gu012JGaSvqGHSCD5ACou4wcQ4W9bfJcPd0
YUhoeAEHhadmZK0Xkw1fgWq/9vQ5VAIC5uw++NSlgmHNvOS87mwKNjVAwJL2YuLj
CV7/PvCy7/QZf3SW3fygh79P6w5bxfj45SllxLI73J00BwdshmtsYuUUkpznW+SS
/utACuT9xOccXSl9HCfuMmkhFskOoxgtKV4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:50:35 2025 by rpki-client