Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Aqr_lArCLbDM3RyAuSDVBv4E-fo.roa
File: Aqr_lArCLbDM3RyAuSDVBv4E-fo.roa (raw, json)
Hash identifier: Ol5Mc1rAulIjYGiA+pzZLQqxNPDn1db75DCKjthQlq0=
Subject key identifier: 02:AA:FF:94:0A:C2:2D:B0:CC:DD:1C:80:B9:20:D5:06:FE:04:F9:FA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194E1E7A0C54CEB50375C32D14BBD988126
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Aqr_lArCLbDM3RyAuSDVBv4E-fo.roa
Signing time: Fri 07 Feb 2025 19:34:00 +0000
ROA not before: Fri 07 Feb 2025 19:34:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e1:e7:a0:c5:4c:eb:50:37:5c:32:d1:4b:bd:98:81:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 7 19:34:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02aaff940ac22db0ccdd1c80b920d506fe04f9fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f9:b4:36:37:13:01:7b:ce:cb:db:1b:2d:0b:
9f:52:f2:ba:3d:81:ae:8c:1f:53:f8:8b:8c:51:d5:
f9:f1:01:c8:db:a9:5a:b3:6f:05:2a:4f:f7:a9:f5:
76:87:c8:00:96:a4:f6:9f:73:df:b0:1c:30:50:fb:
f3:2e:19:47:c8:1a:9c:07:60:af:94:cf:18:00:1b:
2f:fd:c3:6e:27:cb:c0:21:20:e8:e5:46:4a:f6:fa:
93:d9:b5:0e:97:6e:30:4c:28:64:b4:b7:61:74:9b:
d9:58:28:6c:b7:6b:a1:60:5a:4b:1e:00:b5:99:cb:
b9:83:f7:d0:75:4d:e2:fc:8a:08:49:00:f9:98:e3:
79:28:48:1e:68:b6:de:ca:b5:7a:a0:37:d2:0b:04:
4a:f9:9e:f0:a8:83:10:3e:ad:81:aa:53:69:75:ab:
4b:d5:af:45:b3:1d:04:9f:90:1e:87:f1:c9:2d:93:
f3:04:74:a9:2c:d7:a6:16:3b:13:50:e3:0c:20:23:
15:9e:70:04:59:9f:82:78:bd:bc:e6:3c:1d:b2:ad:
02:00:b7:42:00:bc:3e:e5:e0:ff:21:37:41:ae:af:
ab:0b:28:4d:63:ca:35:27:d9:0e:2e:8d:b7:2c:97:
2c:f0:e7:ac:61:f2:ce:77:22:31:89:61:c6:81:e5:
9b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AA:FF:94:0A:C2:2D:B0:CC:DD:1C:80:B9:20:D5:06:FE:04:F9:FA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Aqr_lArCLbDM3RyAuSDVBv4E-fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.30.0/23
163.5.34.0/24
163.5.46.0/24
163.5.59.0/24
163.5.73.0/24
163.5.111.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.212.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0-163.5.242.255
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:47:a3:a5:d6:8d:1b:05:80:91:29:46:0d:97:5e:67:e8:cc:
62:92:1e:db:71:91:62:75:46:b4:57:fb:91:68:50:4a:a7:d6:
e8:fc:c7:4d:98:07:06:83:26:d7:ea:94:d7:ef:18:45:ab:d5:
55:75:c2:82:bf:ad:2b:a2:0d:b7:3d:fd:b4:13:1d:08:bc:9e:
ba:00:a7:33:83:1e:a1:21:b4:2e:ba:3e:21:95:54:56:b2:ea:
09:80:7e:42:33:7e:38:c2:b2:31:99:ee:f4:fc:c4:46:de:3a:
d0:b3:c1:0d:d4:d5:37:86:9e:49:f3:59:98:de:df:0e:0c:3f:
c0:24:c1:a8:84:02:dd:12:19:1b:75:3d:a0:f8:4a:3d:eb:de:
42:92:ac:d4:89:4f:f8:ff:ca:27:96:c0:82:1e:4a:cf:ce:5f:
76:b8:37:9b:a9:af:fb:c1:d3:ff:ee:ad:e7:b2:a0:8f:8f:96:
f5:3a:0e:65:08:bf:da:0c:50:ac:ac:08:d2:09:22:89:d2:c6:
fd:4b:56:ab:0b:7f:78:6f:4d:33:c9:ba:00:68:4f:6c:c2:19:
60:de:46:61:9b:9b:8e:06:d8:2a:84:2b:1b:a6:8f:08:9b:32:
0d:a2:11:91:d0:8d:9f:62:89:26:ed:39:d4:34:b1:bf:b1:5d:
1a:51:88:31
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZTh56DFTOtQN1wy0Uu9mIEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMjA3MTkzNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFhZmY5NDBhYzIyZGIwY2NkZDFjODBiOTIwZDUwNmZlMDRmOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfm0NjcTAXvOy9sbLQufUvK6PYGu
jB9T+IuMUdX58QHI26las28FKk/3qfV2h8gAlqT2n3PfsBwwUPvzLhlHyBqcB2Cv
lM8YABsv/cNuJ8vAISDo5UZK9vqT2bUOl24wTChktLdhdJvZWChst2uhYFpLHgC1
mcu5g/fQdU3i/IoISQD5mON5KEgeaLbeyrV6oDfSCwRK+Z7wqIMQPq2BqlNpdatL
1a9Fsx0En5Aeh/HJLZPzBHSpLNemFjsTUOMMICMVnnAEWZ+CeL285jwdsq0CALdC
ALw+5eD/ITdBrq+rCyhNY8o1J9kOLo23LJcs8OesYfLOdyIxiWHGgeWb1wIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFAKq/5QKwi2wzN0cgLkg1Qb+BPn6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQXFyX2xBckNMYkRNM1J5QXVTRFZCdjRFLWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
owUWAwQBowUeAwQAowUiAwQAowUuAwQAowU7AwQAowVJMAwDBACjBW8DBAGjBXAD
BAGjBXYDBACjBXkDBAGjBYADBAGjBYowDAMEAaMFjgMEAKMFkAMEAKMFkgMEAKMF
lwMEAKMFngMEAKMFoAMEAKMFogMEAKMFpwMEAKMFqgMEAKMFrQMEAKMFrwMEAaMF
sgMEAKMFtgMEAKMFvQMEAKMFvwMEAaMFyDAMAwQAowXLAwQAowXOAwQAowXRAwQA
owXUAwQAowXaAwQAowXgAwQAowXkMAwDBACjBfEDBACjBfIDBACjBfcwDQYJKoZI
hvcNAQELBQADggEBAGxHo6XWjRsFgJEpRg2XXmfozGKSHttxkWJ1RrRX+5FoUEqn
1uj8x02YBwaDJtfqlNfvGEWr1VV1woK/rSuiDbc9/bQTHQi8nroApzODHqEhtC66
PiGVVFay6gmAfkIzfjjCsjGZ7vT8xEbeOtCzwQ3U1TeGnknzWZje3w4MP8AkwaiE
At0SGRt1PaD4Sj3r3kKSrNSJT/j/yieWwIIeSs/OX3a4N5upr/vB0//ureeyoI+P
lvU6DmUIv9oMUKysCNIJIonSxv1LVqsLf3hvTTPJugBoT2zCGWDeRmGbm44G2CqE
KxumjwibMg2iEZHQjZ9iiSbtOdQ0sb+xXRpRiDE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:33:23 2025 by rpki-client