Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/18oxWhArE0RhfvzLv5hZQE6tik8.roa
File: 18oxWhArE0RhfvzLv5hZQE6tik8.roa (raw, json)
Hash identifier: PaOcC02WGlDWNTRr4QEBVY28nvkxbfJiDXU25ZKRrIU=
Subject key identifier: D7:CA:31:5A:10:2B:13:44:61:7E:FC:CB:BF:98:59:40:4E:AD:8A:4F
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9AF6A3EE1807F41069EBF426D5F47
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/18oxWhArE0RhfvzLv5hZQE6tik8.roa
Signing time: Thu 02 Jan 2025 11:49:47 +0000
ROA not before: Thu 02 Jan 2025 11:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25086
IP address blocks: 62.168.224.0/20 maxlen: 20
62.168.240.0/20 maxlen: 20
81.91.32.0/20 maxlen: 20
81.91.48.0/20 maxlen: 20
85.235.32.0/20 maxlen: 20
85.235.48.0/20 maxlen: 20
93.90.228.0/22 maxlen: 22
93.90.232.0/21 maxlen: 21
94.140.132.0/23 maxlen: 23
94.140.138.0/23 maxlen: 23
94.140.144.0/23 maxlen: 23
94.140.150.0/23 maxlen: 23
95.169.128.0/20 maxlen: 20
95.169.144.0/20 maxlen: 20
109.198.224.0/20 maxlen: 20
109.198.240.0/20 maxlen: 20
141.105.24.0/22 maxlen: 22
213.176.228.0/24 maxlen: 24
213.176.229.0/24 maxlen: 24
213.176.230.0/24 maxlen: 24
213.176.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:af:6a:3e:e1:80:7f:41:06:9e:bf:42:6d:5f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7ca315a102b1344617efccbbf9859404ead8a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c2:e1:d1:b7:7b:39:77:a4:fe:57:8f:f9:e2:
74:01:38:ae:af:f3:96:16:5d:58:fc:6a:0b:30:ae:
18:51:52:13:49:f8:e4:64:38:2a:ce:40:82:1a:a8:
26:ed:56:50:73:b5:aa:b0:a3:67:8e:aa:01:c9:c1:
b1:41:17:06:31:98:b8:fb:37:9e:85:43:17:f5:96:
20:2e:c4:25:a7:11:53:81:85:15:64:67:7f:17:04:
8c:fd:9d:3d:76:4d:32:a2:0b:1b:2d:9b:bf:4d:86:
be:68:ff:f4:f3:fa:9d:3c:06:e4:cf:6f:9a:99:cc:
b9:f2:8e:4c:8a:ee:b8:6f:61:cd:0c:26:58:e1:c2:
0e:44:b2:1e:b0:76:dd:1a:1e:3c:c0:98:38:9e:6e:
a5:07:09:d8:43:75:fd:0a:50:4d:6e:a1:f6:89:9d:
fd:52:f9:89:bf:2c:a6:b2:f8:43:51:a8:ba:cc:42:
51:8a:63:4c:ef:c7:4d:a3:e0:a7:88:73:cb:e4:74:
08:84:43:f8:60:c5:37:fc:9f:18:f7:c1:08:cb:10:
f6:4c:81:d1:16:be:cf:ed:81:3b:f8:b2:0b:59:59:
f7:cf:94:be:92:9a:76:1d:c0:2a:5e:65:ad:80:11:
5a:55:bc:60:3a:ee:fe:69:e3:04:8d:32:fb:d0:d2:
39:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CA:31:5A:10:2B:13:44:61:7E:FC:CB:BF:98:59:40:4E:AD:8A:4F
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/18oxWhArE0RhfvzLv5hZQE6tik8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.168.224.0/19
81.91.32.0/19
85.235.32.0/19
93.90.228.0-93.90.239.255
94.140.132.0/23
94.140.138.0/23
94.140.144.0/23
94.140.150.0/23
95.169.128.0/19
109.198.224.0/19
141.105.24.0/22
213.176.228.0/22
Signature Algorithm: sha256WithRSAEncryption
60:fd:cd:56:4e:b0:51:f6:8d:cc:ab:3e:04:19:f5:eb:17:37:
12:e9:fc:a9:8c:ab:af:ea:6e:f0:b5:37:5c:dd:59:f2:cf:47:
61:a7:02:60:ee:10:58:9a:97:d6:ad:45:b8:75:ee:0b:7e:48:
b8:0b:ce:7f:e1:01:87:67:bb:7a:05:c7:49:0d:cf:c2:fd:46:
31:76:09:01:95:68:fe:5f:cb:93:e1:29:8b:45:47:ca:57:8c:
fb:52:1a:79:ed:d6:52:90:64:cb:59:17:24:60:c0:3c:45:96:
ee:f4:b7:58:85:32:d6:43:18:aa:b1:f6:6d:cc:d8:98:06:a9:
ec:0e:a6:5b:ea:a5:ab:21:4d:17:ef:08:1c:1c:2f:f7:11:8c:
7f:8f:c8:1e:6d:b1:6e:f2:6e:6e:93:2a:73:2c:8e:1f:6e:a7:
2c:ae:d9:62:1a:c2:a6:cb:4a:a9:43:6e:0c:94:d2:09:eb:bd:
e0:f0:af:f7:c2:97:d6:be:4a:78:ad:81:d2:ed:7d:08:df:c9:
a4:a5:23:d4:64:b1:81:23:b3:68:f9:09:76:7f:54:3b:5d:23:
77:18:ba:cd:28:7a:8b:10:49:c3:66:46:50:d5:f7:80:d0:55:
d2:13:b5:a1:95:92:6a:8e:36:2d:e9:91:b5:f1:bd:2b:be:73:
df:c7:1f:c7
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZQm2a9qPuGAf0EGnr9CbV9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NhMzE1YTEwMmIxMzQ0NjE3ZWZjY2JiZjk4NTk0MDRlYWQ4YTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7MLh0bd7OXek/leP+eJ0ATiur/OW
Fl1Y/GoLMK4YUVITSfjkZDgqzkCCGqgm7VZQc7WqsKNnjqoBycGxQRcGMZi4+zee
hUMX9ZYgLsQlpxFTgYUVZGd/FwSM/Z09dk0yogsbLZu/TYa+aP/08/qdPAbkz2+a
mcy58o5Miu64b2HNDCZY4cIORLIesHbdGh48wJg4nm6lBwnYQ3X9ClBNbqH2iZ39
UvmJvyymsvhDUai6zEJRimNM78dNo+CniHPL5HQIhEP4YMU3/J8Y98EIyxD2TIHR
Fr7P7YE7+LILWVn3z5S+kpp2HcAqXmWtgBFaVbxgOu7+aeMEjTL70NI5AQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNfKMVoQKxNEYX78y7+YWUBOrYpPMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvMThveFdoQXJFMFJoZnZ6THY1aFpRRTZ0aWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQFPqjgAwQF
UVsgAwQFVesgMAwDBAJdWuQDBARdWuADBAFejIQDBAFejIoDBAFejJADBAFejJYD
BAVfqYADBAVtxuADBAKNaRgDBALVsOQwDQYJKoZIhvcNAQELBQADggEBAGD9zVZO
sFH2jcyrPgQZ9esXNxLp/KmMq6/qbvC1N1zdWfLPR2GnAmDuEFial9atRbh17gt+
SLgLzn/hAYdnu3oFx0kNz8L9RjF2CQGVaP5fy5PhKYtFR8pXjPtSGnnt1lKQZMtZ
FyRgwDxFlu70t1iFMtZDGKqx9m3M2JgGqewOplvqpashTRfvCBwcL/cRjH+PyB5t
sW7ybm6TKnMsjh9upyyu2WIawqbLSqlDbgyU0gnrveDwr/fCl9a+SnitgdLtfQjf
yaSlI9RksYEjs2j5CXZ/VDtdI3cYus0oeosQScNmRlDV94DQVdITtaGVkmqONi3p
kbXxvSu+c9/HH8c=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:32:27 2025 by rpki-client