Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/aWYx61iz9IbtS6sPz_tNd3xbxx8.roa
File: aWYx61iz9IbtS6sPz_tNd3xbxx8.roa (raw, json)
Hash identifier: Vkm3fql6kXuhTrnhNHZglrgURgNEXcNWhe7x92KisVo=
Subject key identifier: 69:66:31:EB:58:B3:F4:86:ED:4B:AB:0F:CF:FB:4D:77:7C:5B:C7:1F
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 019424454EC534EC121D28A87676C8BAC6AA
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/aWYx61iz9IbtS6sPz_tNd3xbxx8.roa
Signing time: Wed 01 Jan 2025 23:48:29 +0000
ROA not before: Wed 01 Jan 2025 23:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 46.235.10.0/24 maxlen: 32
46.235.11.0/24 maxlen: 32
178.210.160.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.169.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
178.210.180.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:4e:c5:34:ec:12:1d:28:a8:76:76:c8:ba:c6:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Jan 1 23:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=696631eb58b3f486ed4bab0fcffb4d777c5bc71f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e1:0a:49:5a:2b:2f:aa:d7:5b:92:12:a9:37:
26:13:8b:bf:17:58:f2:6e:f5:fb:85:6f:6d:fc:2f:
57:28:6b:23:41:f0:06:57:f4:d5:2a:19:b7:24:f5:
8f:0a:6c:92:b3:c5:eb:82:c1:93:bd:2b:09:5c:c9:
aa:4e:92:42:16:40:cd:ce:e3:2d:04:bf:0a:d0:24:
4d:b2:b0:03:65:11:4c:9f:82:09:ea:c8:e5:6a:b2:
a8:e0:d4:b5:b9:e0:64:6c:75:05:df:be:cb:05:5d:
66:01:5b:54:b3:41:f8:ff:02:a7:18:53:06:7d:fe:
c8:90:ff:7f:0e:8b:b8:1c:80:d2:c3:bc:e5:da:97:
2b:0c:55:b6:21:ee:2e:93:97:49:25:7a:4f:8f:5a:
41:4a:21:3e:c3:3b:c3:4a:61:63:25:7d:ef:ed:cb:
4c:95:87:c2:3c:a7:e0:61:93:68:b6:e2:3c:cb:cc:
06:b9:75:3a:ca:44:9e:89:3c:c9:38:78:5e:f0:48:
c9:99:ed:f8:2b:a8:8c:b7:d3:52:60:6c:f7:31:b0:
5a:84:2c:5e:d3:bd:c9:a6:44:64:9d:47:35:ea:10:
3e:69:d1:a2:d2:9c:62:22:31:a4:97:26:1a:f9:3d:
20:0a:11:2a:65:46:30:43:0c:b4:f6:48:b9:25:ab:
41:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:66:31:EB:58:B3:F4:86:ED:4B:AB:0F:CF:FB:4D:77:7C:5B:C7:1F
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/aWYx61iz9IbtS6sPz_tNd3xbxx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.10.0/23
178.210.160.0-178.210.166.255
178.210.168.0-178.210.178.255
178.210.180.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:a7:75:d0:e7:d2:10:a9:3f:35:69:9d:ae:26:b6:91:56:2a:
0e:f0:17:24:8d:cd:7c:66:e0:85:88:57:5f:04:32:9d:11:60:
f7:fc:8e:74:25:b7:b5:58:37:cb:d8:c7:a8:ca:5c:1c:48:ac:
77:37:16:70:cb:b4:f8:77:3e:78:58:c0:4c:e9:e6:a0:b1:b1:
be:61:29:c0:b1:c1:97:82:00:38:82:c7:95:f2:1e:98:d6:ac:
59:a2:6e:0b:c3:4a:ec:04:7b:69:35:39:11:32:2e:db:9d:c0:
66:95:25:39:78:79:35:18:ad:31:c7:6c:cd:d4:72:7d:e9:78:
fb:72:e7:85:76:84:ba:2f:c4:76:94:d6:47:61:57:43:b2:5e:
6d:83:80:5c:40:81:fe:24:dc:79:b2:e2:b7:8e:70:14:aa:0f:
d9:06:fa:66:1a:bb:ef:00:2f:2c:55:51:9b:4e:85:5a:8f:9e:
41:b4:b5:a7:1d:4c:c9:f4:14:0b:50:58:2f:cf:b3:99:84:2d:
52:e3:71:fc:28:fc:7c:a3:df:d6:85:5c:64:79:bb:0a:ea:9e:
ea:50:34:a7:0c:55:46:47:25:35:88:77:b2:f4:1f:6a:86:63:
42:17:44:d7:06:d9:77:eb:74:81:6a:d6:ed:72:bf:36:77:4c:
c2:af:f8:89
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQkRU7FNOwSHSiodnbIusaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjUwMTAxMjM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY2MzFlYjU4YjNmNDg2ZWQ0YmFiMGZjZmZiNGQ3NzdjNWJjNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeEKSVorL6rXW5ISqTcmE4u/F1jy
bvX7hW9t/C9XKGsjQfAGV/TVKhm3JPWPCmySs8XrgsGTvSsJXMmqTpJCFkDNzuMt
BL8K0CRNsrADZRFMn4IJ6sjlarKo4NS1ueBkbHUF377LBV1mAVtUs0H4/wKnGFMG
ff7IkP9/Dou4HIDSw7zl2pcrDFW2Ie4uk5dJJXpPj1pBSiE+wzvDSmFjJX3v7ctM
lYfCPKfgYZNotuI8y8wGuXU6ykSeiTzJOHhe8EjJme34K6iMt9NSYGz3MbBahCxe
073JpkRknUc16hA+adGi0pxiIjGklyYa+T0gChEqZUYwQwy09ki5JatBJwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGlmMetYs/SG7UurD8/7TXd8W8cfMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvYVdZeDYxaXo5SWJ0UzZzUHpfdE5kM3hieHg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBLusKMAwD
BAWy0qADBACy0qYwDAMEA7LSqAMEALLSsgMEALLStDANBgkqhkiG9w0BAQsFAAOC
AQEAxqd10OfSEKk/NWmdria2kVYqDvAXJI3NfGbghYhXXwQynRFg9/yOdCW3tVg3
y9jHqMpcHEisdzcWcMu0+Hc+eFjATOnmoLGxvmEpwLHBl4IAOILHlfIemNasWaJu
C8NK7AR7aTU5ETIu253AZpUlOXh5NRitMcdszdRyfel4+3LnhXaEui/EdpTWR2FX
Q7JebYOAXECB/iTcebLit45wFKoP2Qb6Zhq77wAvLFVRm06FWo+eQbS1px1MyfQU
C1BYL8+zmYQtUuNx/Cj8fKPf1oVcZHm7Cuqe6lA0pwxVRkclNYh3svQfaoZjQhdE
1wbZd+t0gWrW7XK/NndMwq/4iQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:29 2025 by rpki-client