Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/a384PwylZQaSpFglErH4Bw8mZRo.roa
File: a384PwylZQaSpFglErH4Bw8mZRo.roa (raw, json)
Hash identifier: ZHJi7UaGRpbolCGgiayIqaZ2eMunHRfJs1Sj3vJw/sY=
Subject key identifier: 6B:7F:38:3F:0C:A5:65:06:92:A4:58:25:12:B1:F8:07:0F:26:65:1A
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0194ACA86C97BB1E6F05273B5E40C079D229
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/a384PwylZQaSpFglErH4Bw8mZRo.roa
Signing time: Tue 28 Jan 2025 11:25:06 +0000
ROA not before: Tue 28 Jan 2025 11:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8359
IP address blocks: 5.144.96.0/19 maxlen: 19
5.189.208.0/21 maxlen: 21
31.40.112.0/20 maxlen: 20
37.208.120.0/21 maxlen: 21
62.118.0.0/16 maxlen: 24
62.168.224.0/19 maxlen: 19
79.171.115.0/24 maxlen: 24
80.83.237.0/24 maxlen: 24
81.91.32.0/19 maxlen: 19
81.91.41.0/24 maxlen: 24
81.195.0.0/16 maxlen: 24
82.96.192.0/18 maxlen: 18
83.237.0.0/16 maxlen: 16
85.140.0.0/15 maxlen: 24
85.235.32.0/19 maxlen: 19
89.175.0.0/16 maxlen: 16
89.175.248.0/21 maxlen: 21
91.76.0.0/14 maxlen: 14
92.43.184.0/21 maxlen: 21
93.90.224.0/20 maxlen: 20
93.90.224.0/22 maxlen: 22
94.140.128.0/19 maxlen: 19
95.153.136.0/22 maxlen: 22
95.169.128.0/19 maxlen: 19
109.198.224.0/19 maxlen: 19
141.105.24.0/21 maxlen: 21
176.222.17.0/24 maxlen: 24
178.141.0.0/16 maxlen: 16
178.155.0.0/17 maxlen: 17
178.159.16.0/20 maxlen: 20
185.168.236.0/22 maxlen: 22
193.104.128.0/24 maxlen: 24
195.34.0.0/19 maxlen: 19
195.34.15.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.38.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
212.188.0.0/17 maxlen: 17
212.188.1.0/24 maxlen: 24
212.188.16.0/24 maxlen: 24
212.188.29.0/24 maxlen: 24
213.87.0.0/16 maxlen: 16
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.98.0/23 maxlen: 23
213.87.100.0/24 maxlen: 24
213.87.104.0/24 maxlen: 24
213.87.105.0/24 maxlen: 24
213.87.106.0/23 maxlen: 23
213.87.128.0/19 maxlen: 19
213.87.160.0/22 maxlen: 22
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
213.87.210.0/23 maxlen: 23
213.87.240.0/22 maxlen: 22
213.87.244.0/23 maxlen: 23
213.87.246.0/24 maxlen: 24
213.87.248.0/22 maxlen: 22
213.147.32.0/19 maxlen: 19
213.176.228.0/22 maxlen: 22
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
2a00:1fa0::/29 maxlen: 29
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a00:1fa1::/33 maxlen: 33
2a00:1fa2::/33 maxlen: 33
2a00:1fa3::/33 maxlen: 33
2a00:1fa3:8000::/40 maxlen: 40
2a02:28::/29 maxlen: 29
2a02:28::/32 maxlen: 32
2a02:28:1::/48 maxlen: 48
2a02:28:a::/48 maxlen: 48
2a02:29::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:a8:6c:97:bb:1e:6f:05:27:3b:5e:40:c0:79:d2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 28 11:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b7f383f0ca5650692a4582512b1f8070f26651a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:03:57:a4:f9:da:31:10:19:db:d5:fc:5d:49:
86:da:f7:cb:97:27:44:73:9d:1e:7c:b1:7d:2c:4c:
ad:de:ca:31:61:ab:4d:73:a2:69:07:22:31:50:aa:
e1:d0:6e:0b:02:07:55:04:f8:7a:e9:a0:90:63:84:
a5:cb:3e:d5:60:a5:6e:78:b2:c1:75:a4:c7:39:5d:
bc:a0:39:e8:2a:0b:7a:b6:4b:82:02:93:c8:3b:1d:
de:27:6b:d6:67:41:c5:8e:1f:cd:db:3b:31:0a:4f:
06:00:fd:9d:b4:a5:ef:c0:d9:71:83:8a:d3:76:1b:
e5:28:eb:f4:99:2c:df:6a:0c:33:82:ed:4f:e0:88:
df:f5:e4:f4:4d:e0:1b:8d:8f:5f:44:c3:9d:0a:7a:
0e:c0:e1:46:bd:c0:69:1d:b5:74:19:b2:86:f4:cc:
ef:af:ee:6e:de:85:41:aa:9a:6b:e1:f1:b8:6f:e1:
d5:22:7e:46:28:ab:b0:74:42:3d:b7:28:fc:d0:ff:
fa:28:51:24:1a:cb:7a:e4:18:81:97:27:2c:c1:d2:
14:39:b1:9b:9f:90:b6:a4:a3:80:29:aa:94:1e:8d:
d5:79:c8:20:62:2a:ec:7c:4f:75:03:11:d8:7d:18:
98:e7:c8:98:79:df:7c:84:90:9a:72:fc:a4:72:c0:
39:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7F:38:3F:0C:A5:65:06:92:A4:58:25:12:B1:F8:07:0F:26:65:1A
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/a384PwylZQaSpFglErH4Bw8mZRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.96.0/19
5.189.208.0/21
31.40.112.0/20
37.208.120.0/21
62.118.0.0/16
62.168.224.0/19
79.171.115.0/24
80.83.237.0/24
81.91.32.0/19
81.195.0.0/16
82.96.192.0/18
83.237.0.0/16
85.140.0.0/15
85.235.32.0/19
89.175.0.0/16
91.76.0.0/14
92.43.184.0/21
93.90.224.0/20
94.140.128.0/19
95.153.136.0/22
95.169.128.0/19
109.198.224.0/19
141.105.24.0/21
176.222.17.0/24
178.141.0.0/16
178.155.0.0/17
178.159.16.0/20
185.168.236.0/22
193.104.128.0/24
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
213.147.32.0/19
213.176.228.0/22
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
3e:55:9b:7b:79:67:f0:3e:fd:a5:12:ab:e1:e0:a8:ab:d9:4a:
57:72:61:34:0a:99:76:35:a5:f7:6e:02:9f:be:97:a6:5b:b1:
24:03:fa:79:30:92:c2:74:e9:08:6c:0a:8f:58:6e:5d:96:cb:
ee:f7:6b:c1:fa:35:8f:6d:31:95:9b:d2:36:2d:9b:59:98:38:
13:38:6b:4f:22:2c:10:39:e0:c9:07:2e:eb:b4:79:ea:cb:9d:
21:eb:4c:c9:af:28:20:e6:c9:3b:5a:06:21:8e:39:6a:f6:f6:
8e:c9:ba:11:6c:fc:dd:ea:a7:f7:cc:8d:b2:09:2e:ed:56:7d:
43:af:e0:ba:cc:5b:8a:64:9f:ea:18:15:4b:10:3b:2d:51:ec:
c8:41:96:d9:8b:1a:98:8b:20:f6:f6:c6:e1:4b:43:26:14:06:
88:ca:b6:74:0c:91:9b:e0:0c:7a:d5:5c:af:69:4b:6b:0a:99:
d9:bb:c0:8f:dd:f0:71:7c:70:ad:c6:8d:ca:4a:51:35:99:ca:
ae:76:bd:f6:63:3a:3e:8f:b7:63:16:a4:51:bf:25:96:e0:b0:
df:b4:00:7c:34:58:77:14:d9:12:40:e7:58:db:90:71:73:c9:
c3:ac:5c:6a:88:0c:53:06:7f:52:18:71:cf:84:d5:e5:d7:96:
b7:3b:35:fd
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZSsqGyXux5vBSc7XkDAedIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTI4MTEyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjdmMzgzZjBjYTU2NTA2OTJhNDU4MjUxMmIxZjgwNzBmMjY2NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngNXpPnaMRAZ29X8XUmG2vfLlydE
c50efLF9LEyt3soxYatNc6JpByIxUKrh0G4LAgdVBPh66aCQY4Slyz7VYKVueLLB
daTHOV28oDnoKgt6tkuCApPIOx3eJ2vWZ0HFjh/N2zsxCk8GAP2dtKXvwNlxg4rT
dhvlKOv0mSzfagwzgu1P4Ijf9eT0TeAbjY9fRMOdCnoOwOFGvcBpHbV0GbKG9Mzv
r+5u3oVBqppr4fG4b+HVIn5GKKuwdEI9tyj80P/6KFEkGst65BiBlycswdIUObGb
n5C2pKOAKaqUHo3VecggYirsfE91AxHYfRiY58iYed98hJCacvykcsA5SwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFGt/OD8MpWUGkqRYJRKx+AcPJmUaMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvYTM4NFB3eWxaUWFTcEZnbEVySDRCdzhtWlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgdgEAgABMIHRAwQF
BZBgAwQDBb3QAwQEHyhwAwQDJdB4AwMAPnYDBAU+qOADBABPq3MDBABQU+0DBAVR
WyADAwBRwwMEBlJgwAMDAFPtAwMBVYwDBAVV6yADAwBZrwMDAltMAwQDXCu4AwQE
XVrgAwQFXoyAAwQCX5mIAwQFX6mAAwQFbcbgAwQDjWkYAwQAsN4RAwMAso0DBAey
mwADBASynxADBAK5qOwDBADBaIADBAbDIgADBAfUvAADAwDVVwMEBdWTIAMEAtWw
5DALAwQC2Ur0AwMA2UowFAQCAAIwDgMFAyoAH6ADBQMqAgAoMA0GCSqGSIb3DQEB
CwUAA4IBAQA+VZt7eWfwPv2lEqvh4Kir2UpXcmE0Cpl2NaX3bgKfvpemW7EkA/p5
MJLCdOkIbAqPWG5dlsvu92vB+jWPbTGVm9I2LZtZmDgTOGtPIiwQOeDJBy7rtHnq
y50h60zJrygg5sk7WgYhjjlq9vaOyboRbPzd6qf3zI2yCS7tVn1Dr+C6zFuKZJ/q
GBVLEDstUezIQZbZixqYiyD29sbhS0MmFAaIyrZ0DJGb4Ax61VyvaUtrCpnZu8CP
3fBxfHCtxo3KSlE1mcqudr32Yzo+j7djFqRRvyWW4LDftAB8NFh3FNkSQOdY25Bx
c8nDrFxqiAxTBn9SGHHPhNXl15a3OzX9
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:07:40 2025 by rpki-client