Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/ADOC1nchtLkC-A6nlAGIooZD5nE.roa
File: ADOC1nchtLkC-A6nlAGIooZD5nE.roa (raw, json)
Hash identifier: n8FFFp+oVkBKJ25n4GmMD4gnSPdBAo7V53eXoSFvCOs=
Subject key identifier: 00:33:82:D6:77:21:B4:B9:02:F8:0E:A7:94:01:88:A2:86:43:E6:71
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0193672184AB910924FD55F14AA8626F50A9
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/ADOC1nchtLkC-A6nlAGIooZD5nE.roa
Signing time: Tue 26 Nov 2024 06:21:10 +0000
ROA not before: Tue 26 Nov 2024 06:21:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48309
IP address blocks: 31.25.104.0/22 maxlen: 22
31.25.108.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
37.191.64.0/22 maxlen: 22
37.191.68.0/22 maxlen: 22
37.191.72.0/22 maxlen: 22
37.191.74.0/24 maxlen: 24
37.191.76.0/22 maxlen: 22
37.191.80.0/21 maxlen: 24
37.191.88.0/23 maxlen: 24
37.191.92.0/22 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.140.0/22 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.144.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.146.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.149.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.158.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.161.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.187.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.192.0/23 maxlen: 23
188.136.194.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:21:84:ab:91:09:24:fd:55:f1:4a:a8:62:6f:50:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Nov 26 06:21:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=003382d67721b4b902f80ea7940188a28643e671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:94:4d:9e:9c:ed:ef:d5:79:b5:f4:3c:3c:67:
89:4a:80:ae:ab:5b:2f:9f:4c:b0:94:7c:c4:05:d3:
06:11:6f:44:b3:c2:84:1d:42:7e:14:54:9d:c0:ac:
de:41:ac:2d:27:f7:70:79:7e:4c:63:df:2c:75:2c:
43:94:c4:10:f2:34:5d:d2:f7:61:6b:84:9a:5c:7c:
24:bf:27:2e:64:fd:4f:f8:64:c6:92:14:21:6e:04:
65:e2:83:04:02:06:6c:a4:25:72:77:70:df:85:68:
7a:f0:cf:7a:21:d0:26:2b:fe:73:73:02:a7:f9:aa:
3c:ad:eb:15:b1:ed:df:2d:72:67:96:e1:bc:d7:db:
ae:79:7e:81:ef:aa:a6:2a:28:2f:fc:57:3e:60:c5:
d9:5f:93:2a:41:57:30:97:82:d9:bd:2f:23:1f:d3:
5d:80:38:c7:ea:9d:2d:3e:cd:32:5b:a5:1b:36:42:
d2:9b:c8:58:e8:fd:aa:c2:26:fe:67:3d:00:c7:a9:
48:70:af:d6:0c:64:22:76:37:0c:a4:ba:7f:d0:60:
56:14:a6:43:48:21:17:d0:2b:8b:99:8e:15:84:a0:
43:fd:2f:92:91:d5:b6:f5:0a:2a:fe:28:54:cb:3a:
8d:8c:6f:90:4f:fe:d2:9b:98:1d:bb:b3:ea:f1:5e:
a3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:33:82:D6:77:21:B4:B9:02:F8:0E:A7:94:01:88:A2:86:43:E6:71
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/ADOC1nchtLkC-A6nlAGIooZD5nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0-37.191.89.255
37.191.92.0/22
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.173.255
188.136.175.0/24
188.136.185.0/24
188.136.187.0/24
188.136.189.0-188.136.194.255
188.136.196.0/24
188.136.200.0/24
188.136.209.0-188.136.211.255
Signature Algorithm: sha256WithRSAEncryption
70:57:87:56:10:6c:c3:75:d6:ed:6a:59:be:b0:d7:30:0d:8e:
9b:4f:d0:67:4e:ad:bc:76:35:41:ab:88:ad:77:e6:23:78:68:
e9:2c:8c:a9:c7:e6:93:cf:99:63:28:c8:db:38:e8:52:0d:5a:
34:f8:0a:0e:d2:d2:be:f7:3b:cb:c4:60:10:c8:21:5d:db:05:
00:59:65:a7:13:12:30:bf:5a:00:e6:db:1b:f2:82:d8:14:0f:
08:c7:66:85:f3:93:f4:5a:25:a0:55:3a:f0:a0:23:48:9d:8a:
4b:a4:56:cf:2e:93:6f:ed:72:40:cb:73:20:b4:a9:d2:fe:85:
d2:39:94:f1:ff:2e:87:2f:35:eb:e0:7c:80:51:f5:a4:06:b6:
cb:2d:c5:ed:eb:28:5d:1a:1f:a4:27:de:8a:76:17:0e:f5:5f:
b7:91:d2:0d:b9:71:23:25:a9:d2:e2:a7:4c:6d:06:2e:e5:d9:
45:8f:9f:d7:44:2b:79:db:ab:18:bd:e3:76:3f:1f:5e:f4:35:
a8:29:f3:d9:c6:20:35:d5:4a:13:78:6f:fe:4c:eb:c6:cd:5e:
c8:41:1c:c0:3f:17:de:a4:a0:12:ba:e1:6a:b7:06:87:dc:c1:
ff:20:a5:ca:03:a7:13:33:03:51:f6:e4:96:64:c4:4f:31:d3:
cc:b7:d7:60
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZNnIYSrkQkk/VXxSqhib1CpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQxMTI2MDYyMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDMzODJkNjc3MjFiNGI5MDJmODBlYTc5NDAxODhhMjg2NDNlNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpRNnpzt79V5tfQ8PGeJSoCuq1sv
n0ywlHzEBdMGEW9Es8KEHUJ+FFSdwKzeQawtJ/dweX5MY98sdSxDlMQQ8jRd0vdh
a4SaXHwkvycuZP1P+GTGkhQhbgRl4oMEAgZspCVyd3DfhWh68M96IdAmK/5zcwKn
+ao8resVse3fLXJnluG819uueX6B76qmKigv/Fc+YMXZX5MqQVcwl4LZvS8jH9Nd
gDjH6p0tPs0yW6UbNkLSm8hY6P2qwib+Zz0Ax6lIcK/WDGQidjcMpLp/0GBWFKZD
SCEX0CuLmY4VhKBD/S+SkdW29Qoq/ihUyzqNjG+QT/7Sm5gdu7Pq8V6jFQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFAAzgtZ3IbS5AvgOp5QBiKKGQ+ZxMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvQURPQzFuY2h0TGtDLUE2bmxBR0lvb1pENW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAMfGWgw
DAMEBiW/QAMEASW/WAMEAiW/XAMEA7yIgDAMAwQCvIiMAwQCvIiQMAwDBAC8iJUD
BAG8iKwDBAC8iK8DBAC8iLkDBAC8iLswDAMEALyIvQMEALyIwgMEALyIxAMEALyI
yDAMAwQAvIjRAwQCvIjQMA0GCSqGSIb3DQEBCwUAA4IBAQBwV4dWEGzDddbtalm+
sNcwDY6bT9BnTq28djVBq4itd+YjeGjpLIypx+aTz5ljKMjbOOhSDVo0+AoO0tK+
9zvLxGAQyCFd2wUAWWWnExIwv1oA5tsb8oLYFA8Ix2aF85P0WiWgVTrwoCNInYpL
pFbPLpNv7XJAy3MgtKnS/oXSOZTx/y6HLzXr4HyAUfWkBrbLLcXt6yhdGh+kJ96K
dhcO9V+3kdINuXEjJanS4qdMbQYu5dlFj5/XRCt526sYveN2Px9e9DWoKfPZxiA1
1UoTeG/+TOvGzV7IQRzAPxfepKASuuFqtwaH3MH/IKXKA6cTMwNR9uSWZMRPMdPM
t9dg
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:30:58 2025 by rpki-client