Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AAe3vljOuGvSTlsJqoO9Wu7Oq1w.roa
File: AAe3vljOuGvSTlsJqoO9Wu7Oq1w.roa (raw, json)
Hash identifier: IQO0MooKWp9Cz+PJ2FkCg771QrVH8K5fHfuexh0B0Rk=
Subject key identifier: 00:07:B7:BE:58:CE:B8:6B:D2:4E:5B:09:AA:83:BD:5A:EE:CE:AB:5C
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01942068111F015FA304270FA4B5CDFA2CEB
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AAe3vljOuGvSTlsJqoO9Wu7Oq1w.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47376
IP address blocks: 103.215.220.0/22 maxlen: 22
103.215.220.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
185.221.239.0/24 maxlen: 24
195.28.11.0/24 maxlen: 24
195.234.191.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
195.238.247.0/24 maxlen: 24
2a05:63c0::/29 maxlen: 29
2a05:63c0::/30 maxlen: 30
2a05:63c0::/48 maxlen: 48
2a0f:c040::/29 maxlen: 29
2a10:ef04:1001::/48 maxlen: 48
2a10:ef04:1002::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:11:1f:01:5f:a3:04:27:0f:a4:b5:cd:fa:2c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0007b7be58ceb86bd24e5b09aa83bd5aeeceab5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:71:82:3b:62:a6:76:63:f5:52:1e:21:a9:
5f:43:c0:e4:28:44:58:1f:79:6d:de:57:ca:51:08:
dd:1c:8b:c7:54:63:10:40:60:67:00:20:67:3d:3a:
8c:b6:42:3a:3c:79:15:60:0e:73:53:5d:d4:9f:3a:
03:13:35:09:5c:72:44:ed:a8:73:60:0f:d6:77:48:
66:95:79:d9:22:b5:25:bd:b1:e0:1f:be:0a:e4:7a:
cf:00:27:6f:ac:db:f1:4a:f2:48:2e:0e:8c:68:5d:
d9:e5:43:15:be:c0:6c:41:cb:9b:72:dd:ea:25:ab:
b6:aa:72:1c:dd:88:ee:bf:af:6d:bd:0a:16:91:6a:
aa:d4:b2:b5:8f:25:f2:2b:ed:1b:2b:23:cb:93:dc:
56:d8:33:9a:12:9c:4d:c1:c5:c8:7e:9a:9e:71:a3:
75:32:fa:4a:81:c1:ab:92:1a:aa:5a:8e:2c:6a:9a:
16:7d:54:0a:47:22:53:f9:ed:47:52:bf:ce:09:c0:
bd:88:c5:be:70:c0:e5:56:ef:f8:61:88:76:4d:91:
1d:eb:80:01:3d:b4:40:e6:e1:fa:56:5a:bd:b6:c8:
bd:45:f0:8c:3c:c7:2c:c2:f6:f9:9b:a3:7c:62:07:
fc:97:f5:05:4c:e3:86:f5:74:bd:9a:32:f8:5d:3a:
cd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:07:B7:BE:58:CE:B8:6B:D2:4E:5B:09:AA:83:BD:5A:EE:CE:AB:5C
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AAe3vljOuGvSTlsJqoO9Wu7Oq1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
185.221.239.0/24
195.28.11.0/24
195.234.191.0/24
195.238.231.0/24
195.238.240.0/24
195.238.247.0/24
IPv6:
2a05:63c0::/29
2a0f:c040::/29
2a10:ef04:1001::-2a10:ef04:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:3a:ee:d5:9b:fc:1c:bc:3a:7f:1c:f5:ce:49:4f:47:38:1d:
33:33:d2:cb:3a:a7:23:16:ca:4f:b0:d7:c7:88:d8:1b:b4:ec:
98:88:59:68:cc:e1:17:39:10:cd:8d:89:37:e6:ce:a4:3a:d8:
d6:05:c0:e0:51:10:8a:48:e4:08:70:2c:3e:9b:3c:41:37:ef:
32:97:fe:93:97:3d:c9:b8:0a:13:1c:fa:8d:c1:b6:0e:c5:ff:
ef:fb:ce:df:18:72:94:9a:b6:73:9f:ec:7a:77:8e:c3:f2:82:
24:53:48:e9:d0:e7:70:8c:39:fd:cc:41:26:bf:ca:b2:9b:d1:
31:ab:39:5f:4c:7b:bf:eb:65:87:2d:fa:82:03:27:f5:91:f1:
75:e3:fa:71:b6:c5:33:ed:0c:25:93:75:26:a1:d9:d1:5d:c3:
50:36:16:e9:cf:7e:ce:e4:e8:09:ad:ae:07:99:a8:48:ad:bf:
8e:3e:fb:bb:4d:d1:84:62:b4:61:b1:3a:3a:45:f5:17:81:1a:
d3:a8:2d:4e:08:05:c6:bc:20:ec:40:11:8d:f2:e9:59:e8:d0:
80:8a:3d:da:3a:f6:18:17:7d:35:6e:27:24:b6:aa:2a:db:32:
72:30:5e:41:ff:45:a1:56:59:e9:a3:75:46:d0:e7:b5:f5:4f:
9e:51:db:7f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQgaBEfAV+jBCcPpLXN+izrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA3YjdiZTU4Y2ViODZiZDI0ZTViMDlhYTgzYmQ1YWVlY2VhYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvllxgjtipnZj9VIeIalfQ8DkKERY
H3lt3lfKUQjdHIvHVGMQQGBnACBnPTqMtkI6PHkVYA5zU13UnzoDEzUJXHJE7ahz
YA/Wd0hmlXnZIrUlvbHgH74K5HrPACdvrNvxSvJILg6MaF3Z5UMVvsBsQcubct3q
Jau2qnIc3Yjuv69tvQoWkWqq1LK1jyXyK+0bKyPLk9xW2DOaEpxNwcXIfpqecaN1
MvpKgcGrkhqqWo4sapoWfVQKRyJT+e1HUr/OCcC9iMW+cMDlVu/4YYh2TZEd64AB
PbRA5uH6Vlq9tsi9RfCMPMcswvb5m6N8Ygf8l/UFTOOG9XS9mjL4XTrNlwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAAHt75Yzrhr0k5bCaqDvVruzqtcMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvQUFlM3Zsak91R3ZTVGxzSnFvTzlXdTdPcTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAwBAIAATAqAwQCZ9fcAwQA
ud3vAwQAwxwLAwQAw+q/AwQAw+7nAwQAw+7wAwQAw+73MCgEAgACMCIDBQMqBWPA
AwUDKg/AQDASAwcAKhDvBBABAwcAKhDvBBACMA0GCSqGSIb3DQEBCwUAA4IBAQCS
Ou7Vm/wcvDp/HPXOSU9HOB0zM9LLOqcjFspPsNfHiNgbtOyYiFlozOEXORDNjYk3
5s6kOtjWBcDgURCKSOQIcCw+mzxBN+8yl/6Tlz3JuAoTHPqNwbYOxf/v+87fGHKU
mrZzn+x6d47D8oIkU0jp0OdwjDn9zEEmv8qym9ExqzlfTHu/62WHLfqCAyf1kfF1
4/pxtsUz7Qwlk3UmodnRXcNQNhbpz37O5OgJra4HmahIrb+OPvu7TdGEYrRhsTo6
RfUXgRrTqC1OCAXGvCDsQBGN8ulZ6NCAij3aOvYYF301bicktqoq2zJyMF5B/0Wh
Vlnpo3VG0Oe19U+eUdt/
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:48 2025 by rpki-client