Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/aC6HOiqUxYGN254KZuSqiaJtNPE.roa
File: aC6HOiqUxYGN254KZuSqiaJtNPE.roa (raw, json)
Hash identifier: qS7pdtxXfriW+5XqG23et3Nu8v85hG8JxjCRqEZITSs=
Subject key identifier: 68:2E:87:3A:2A:94:C5:81:8D:DB:9E:0A:66:E4:AA:89:A2:6D:34:F1
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0195D309CE7EFB60B2F0E33540E6501288E6
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/aC6HOiqUxYGN254KZuSqiaJtNPE.roa
Signing time: Wed 26 Mar 2025 15:19:50 +0000
ROA not before: Wed 26 Mar 2025 15:19:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
2.59.111.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
45.92.132.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
89.44.36.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.85.255.0/24 maxlen: 24
185.102.204.0/22 maxlen: 24
185.103.148.0/22 maxlen: 24
185.110.212.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
185.243.136.0/22 maxlen: 24
193.108.206.0/23 maxlen: 24
193.108.230.0/23 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d3:09:ce:7e:fb:60:b2:f0:e3:35:40:e6:50:12:88:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Mar 26 15:19:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682e873a2a94c5818ddb9e0a66e4aa89a26d34f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:27:ad:ab:64:6d:f8:88:b4:49:c0:b4:61:f5:
f9:8b:20:32:7c:29:e8:84:d3:04:4b:9e:24:fb:8b:
1f:78:04:4c:ec:ac:b7:d9:7e:9b:9f:75:f9:1c:ec:
09:03:5a:1a:9b:c6:2c:14:32:8f:27:e7:e0:21:62:
a2:59:ca:b6:87:d3:6a:09:c8:19:58:41:8f:2f:31:
71:19:35:76:71:12:cb:6c:40:3f:5f:34:5e:f2:4a:
4c:04:cd:11:bc:67:7e:c6:2e:49:0d:18:35:63:67:
61:82:e1:25:da:53:6e:53:33:64:1e:28:fe:e6:f6:
bd:1b:1a:54:ef:b2:e0:5d:98:74:a4:60:21:86:22:
03:3c:d4:af:4d:02:cc:11:fa:2f:a0:65:9a:74:c6:
01:37:b6:35:07:c6:ab:cd:6e:f2:0e:b1:da:90:b5:
36:89:d6:be:71:2e:8d:1b:b8:7c:92:55:7f:f3:1d:
e3:f3:51:59:72:bc:d4:81:3a:78:f2:86:32:e2:db:
08:d7:f3:49:64:76:e0:ed:6a:2a:98:a1:f2:9e:7c:
c5:77:f5:12:c7:5a:f1:ac:74:a4:a4:82:28:3d:05:
ba:01:ff:b3:9d:69:76:46:24:d6:b2:ec:ba:d5:56:
b1:88:f4:2d:8c:4b:e9:73:b3:e4:69:58:35:7e:44:
92:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2E:87:3A:2A:94:C5:81:8D:DB:9E:0A:66:E4:AA:89:A2:6D:34:F1
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/aC6HOiqUxYGN254KZuSqiaJtNPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
45.92.132.0/22
46.28.160.0/21
89.40.84.0/22
89.44.36.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.85.255.0/24
185.102.204.0/22
185.103.148.0/22
185.110.212.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
185.243.136.0/22
193.108.206.0/23
193.108.230.0/23
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
65:8c:ee:d0:64:b4:2d:e1:2b:77:37:d2:95:8e:af:e5:0f:f2:
f2:94:96:33:e5:97:ef:96:aa:02:be:d3:d1:f3:50:25:2f:cb:
e4:18:85:11:e4:59:e6:05:e8:c1:27:b9:f7:a0:26:36:ae:1b:
45:c4:78:b8:d9:10:17:f8:d2:61:26:ad:87:b2:55:b0:a7:43:
48:7a:cb:76:cf:0b:9f:49:3b:20:8b:0f:43:92:3b:af:a0:bd:
c4:7d:03:03:eb:eb:ea:76:37:33:0e:f4:36:21:1f:78:f6:3b:
9c:1c:e6:3f:b6:f1:c3:b3:3e:c0:b5:80:95:65:43:ff:c1:03:
1e:1d:ed:b2:6a:34:2a:1c:93:6b:2c:dc:ba:c5:77:ea:12:f3:
ec:77:80:0f:07:cc:ce:55:d1:de:ec:30:be:3c:29:55:be:73:
6f:ba:ed:a7:d9:69:a7:38:c0:6f:32:61:b1:54:61:23:f3:04:
39:c6:2e:79:16:de:8e:a6:d8:bf:f4:55:5a:74:bb:a7:fa:b6:
5a:6c:3e:fd:da:bc:6c:dd:f2:27:bd:91:5e:b7:1b:9e:28:aa:
b0:39:1b:76:3f:c8:26:e2:c0:e8:ec:da:51:6d:e3:cb:35:86:
7d:de:2a:ce:14:fd:d7:0f:91:71:00:5f:9f:1b:22:1d:4f:44:
84:86:19:28
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAZXTCc5++2Cy8OM1QOZQEojmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMzI2MTUxOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJlODczYTJhOTRjNTgxOGRkYjllMGE2NmU0YWE4OWEyNmQzNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyetq2Rt+Ii0ScC0YfX5iyAyfCno
hNMES54k+4sfeARM7Ky32X6bn3X5HOwJA1oam8YsFDKPJ+fgIWKiWcq2h9NqCcgZ
WEGPLzFxGTV2cRLLbEA/XzRe8kpMBM0RvGd+xi5JDRg1Y2dhguEl2lNuUzNkHij+
5va9GxpU77LgXZh0pGAhhiIDPNSvTQLMEfovoGWadMYBN7Y1B8arzW7yDrHakLU2
ida+cS6NG7h8klV/8x3j81FZcrzUgTp48oYy4tsI1/NJZHbg7WoqmKHynnzFd/US
x1rxrHSkpIIoPQW6Af+znWl2RiTWsuy61VaxiPQtjEvpc7PkaVg1fkSS3QIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFGguhzoqlMWBjdueCmbkqomibTTxMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvYUM2SE9pcVV4WUdOMjU0S1p1U3FpYUp0TlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCBywQCAAEwgcQD
BAICO2wDBAMfGbADBAAletsDBAItXIQDBAMuHKADBAJZKFQDBAJZLCQDBAJb8pQD
BANt6xADBAWwOEADBAK5BCADBAK5BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAC5Vf8D
BAK5ZswDBAK5Z5QDBAK5btQDBAK5mRADBAK5sGgwDAMEALnN/QMEALnN/gMEArnf
2AMEArnkfAMEArnvoAMEArnziAMEAcFszgMEAcFs5jAMAwQBwfaaAwQBwfacAwQC
wpxIMEUEAgACMD8DBQAqAl3AAwUAKgJfwAMFACoDBEADBQMqBZsAAwUDKgWoAAMF
AyoGPAADBQMqCerAAwUDKgoSgAMFAyoLDEAwDQYJKoZIhvcNAQELBQADggEBAGWM
7tBktC3hK3c30pWOr+UP8vKUljPll++WqgK+09HzUCUvy+QYhRHkWeYF6MEnufeg
JjauG0XEeLjZEBf40mEmrYeyVbCnQ0h6y3bPC59JOyCLD0OSO6+gvcR9AwPr6+p2
NzMO9DYhH3j2O5wc5j+28cOzPsC1gJVlQ//BAx4d7bJqNCock2ss3LrFd+oS8+x3
gA8HzM5V0d7sML48KVW+c2+67afZaac4wG8yYbFUYSPzBDnGLnkW3o6m2L/0VVp0
u6f6tlpsPv3avGzd8ie9kV63G54oqrA5G3Y/yCbiwOjs2lFt48s1hn3eKs4U/dcP
kXEAX58bIh1PRISGGSg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:52:14 2025 by rpki-client