Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/aPNoDBkPbIXZVMGSECHiXzi20wk.roa
File: aPNoDBkPbIXZVMGSECHiXzi20wk.roa (raw, json)
Hash identifier: J6UvG2F5Q6jISne8vTYBwGMp+YIdz9xRIzMboTVLxVw=
Subject key identifier: 68:F3:68:0C:19:0F:6C:85:D9:54:C1:92:10:21:E2:5F:38:B6:D3:09
Certificate issuer: /CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Certificate serial: 018571833A8EF2644ED0E537E49395265025
Authority key identifier: 71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/aPNoDBkPbIXZVMGSECHiXzi20wk.roa
Signing time: Mon 02 Jan 2023 08:05:03 +0000
ROA not before: Mon 02 Jan 2023 08:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47441
IP address blocks: 94.125.188.0/23 maxlen: 23
94.125.188.0/24 maxlen: 24
94.125.189.0/24 maxlen: 24
31.210.138.0/23 maxlen: 23
31.210.137.0/24 maxlen: 24
31.210.138.0/24 maxlen: 24
31.210.139.0/24 maxlen: 24
31.210.141.0/24 maxlen: 24
31.210.142.0/24 maxlen: 24
31.210.140.0/23 maxlen: 23
31.210.143.0/24 maxlen: 24
31.210.140.0/24 maxlen: 24
31.210.142.0/23 maxlen: 23
185.10.136.0/24 maxlen: 24
185.10.137.0/24 maxlen: 24
185.10.138.0/23 maxlen: 23
185.10.138.0/24 maxlen: 24
185.10.139.0/24 maxlen: 24
185.10.136.0/23 maxlen: 23
185.10.136.0/22 maxlen: 22
2a02:e487::/32 maxlen: 32
2a02:e486::/32 maxlen: 32
2a02:e480::/32 maxlen: 32
2a02:e482::/32 maxlen: 32
2a02:e485::/32 maxlen: 32
2a02:e480::/29 maxlen: 29
2a02:e483::/32 maxlen: 32
2a02:e481::/32 maxlen: 32
2a02:e484::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:3a:8e:f2:64:4e:d0:e5:37:e4:93:95:26:50:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Validity
Not Before: Jan 2 08:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68f3680c190f6c85d954c1921021e25f38b6d309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7d:35:41:2a:0d:48:cc:de:5e:67:1e:42:a4:
94:53:b0:27:4b:29:f9:c3:a4:5e:a9:fa:79:c3:37:
88:f2:e5:28:cc:d9:af:fe:c3:84:cc:c8:b0:4d:7a:
99:1f:73:35:16:c8:79:99:ed:88:5c:9f:35:b7:26:
9a:ca:34:eb:bd:96:ef:12:c3:50:f3:44:19:01:74:
dd:cb:10:aa:33:45:c3:f4:09:32:80:25:11:11:b9:
00:26:8d:5d:e6:df:49:c3:fc:14:d8:57:5c:d2:84:
8d:e3:7e:22:d3:b3:ab:49:5e:43:d7:92:82:1a:d6:
d5:fa:61:11:87:b2:ef:1c:da:29:0a:c5:7f:c3:7b:
1f:d3:1f:7b:d4:43:9a:fa:67:fc:38:3b:ea:e3:c6:
2a:f4:06:65:05:0a:eb:b6:48:60:c9:b7:77:a4:74:
c8:7a:44:1e:26:54:10:2b:84:e7:89:99:4e:0c:5a:
45:ff:ff:a0:61:29:b5:c2:81:6c:7e:ff:f4:9c:4b:
a3:fd:56:b0:d1:80:67:e8:67:5e:e4:a0:92:ff:e6:
d5:f2:6a:46:0c:6e:a7:7e:47:6b:bd:9b:19:c6:20:
5d:02:f2:8b:79:32:fe:8e:57:fc:4e:0e:c1:90:d8:
fe:03:5f:a6:88:a9:8c:20:5b:03:81:22:14:d7:8b:
53:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F3:68:0C:19:0F:6C:85:D9:54:C1:92:10:21:E2:5F:38:B6:D3:09
X509v3 Authority Key Identifier:
keyid:71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/aPNoDBkPbIXZVMGSECHiXzi20wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.137.0-31.210.143.255
94.125.188.0/23
185.10.136.0/22
IPv6:
2a02:e480::/29
Signature Algorithm: sha256WithRSAEncryption
08:41:33:51:11:17:d2:e0:6c:57:16:c0:6b:7b:fa:16:64:57:
07:ea:e3:f3:ac:63:9f:2c:83:49:5e:01:86:03:d5:03:96:05:
70:59:01:e9:44:15:61:87:85:11:c7:6e:63:90:c0:93:81:b2:
07:b4:67:bd:30:12:f6:3e:d3:bb:c3:9a:8a:e4:7b:1a:f8:d2:
20:2b:36:4d:97:c7:f3:2b:35:6d:73:6f:5b:2a:be:16:55:fd:
e0:23:3c:c7:c0:e8:7d:da:ca:ab:3a:aa:9b:80:56:0b:ff:4e:
c1:dd:60:44:25:db:03:13:96:03:74:c6:bc:5e:b2:46:c2:d5:
38:f3:2a:1d:8b:bf:a2:09:a0:c9:03:0d:1c:df:10:ff:b0:9b:
9f:d0:ac:1b:e6:f0:36:88:84:74:54:36:19:c2:89:47:62:9a:
a6:5c:c2:fe:d9:bf:6c:3a:e1:c5:ac:d1:ae:f7:f3:95:69:52:
b0:4f:97:a7:9e:05:df:47:f8:c4:5b:bf:98:c3:b2:ed:07:18:
75:ce:ca:f6:a5:a8:b4:03:81:45:a9:ef:0f:9a:b9:24:a2:b9:
7c:ee:11:9f:81:0f:57:dd:12:4c:7c:53:07:7d:f7:6f:17:58:
88:27:38:35:0c:52:e5:93:29:f8:c7:f0:51:a7:f6:5c:37:47:
4a:a2:e5:fd
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVxgzqO8mRO0OU35JOVJlAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWRmOWFhZjlkMWNkMTdjYTQwYzk1MmFkOGY3MWYwYTM0
MzJiYjcwHhcNMjMwMTAyMDgwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGYzNjgwYzE5MGY2Yzg1ZDk1NGMxOTIxMDIxZTI1ZjM4YjZkMzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX01QSoNSMzeXmceQqSUU7AnSyn5
w6Reqfp5wzeI8uUozNmv/sOEzMiwTXqZH3M1Fsh5me2IXJ81tyaayjTrvZbvEsNQ
80QZAXTdyxCqM0XD9AkygCUREbkAJo1d5t9Jw/wU2Fdc0oSN434i07OrSV5D15KC
GtbV+mERh7LvHNopCsV/w3sf0x971EOa+mf8ODvq48Yq9AZlBQrrtkhgybd3pHTI
ekQeJlQQK4TniZlODFpF//+gYSm1woFsfv/0nEuj/Vaw0YBn6Gde5KCS/+bV8mpG
DG6nfkdrvZsZxiBdAvKLeTL+jlf8Tg7BkNj+A1+miKmMIFsDgSIU14tT6QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGjzaAwZD2yF2VTBkhAh4l84ttMJMB8GA1UdIwQY
MBaAFHFd+ar50c0XykDJUq2PcfCjQyu3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgt
NzgxYmU1OThiZjU4LzEvYVBOb0RCa1BiSVhaVk1HU0VDSGlYemkyMHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgtNzgxYmU1OThiZjU4
LzEvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAAf0okD
BAQf0oADBAFefbwDBAK5CogwDQQCAAIwBwMFAyoC5IAwDQYJKoZIhvcNAQELBQAD
ggEBAAhBM1ERF9LgbFcWwGt7+hZkVwfq4/OsY58sg0leAYYD1QOWBXBZAelEFWGH
hRHHbmOQwJOBsge0Z70wEvY+07vDmorkexr40iArNk2Xx/MrNW1zb1sqvhZV/eAj
PMfA6H3ayqs6qpuAVgv/TsHdYEQl2wMTlgN0xrxeskbC1TjzKh2Lv6IJoMkDDRzf
EP+wm5/QrBvm8DaIhHRUNhnCiUdimqZcwv7Zv2w64cWs0a7385VpUrBPl6eeBd9H
+MRbv5jDsu0HGHXOyvalqLQDgUWp7w+auSSiuXzuEZ+BD1fdEkx8Uwd9928XWIgn
ODUMUuWTKfjH8FGn9lw3R0qi5f0=
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:42:10 2025 by rpki-client