Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/AIbMivTzigEw-GugeqJKqc642o8.roa
File: AIbMivTzigEw-GugeqJKqc642o8.roa (raw, json)
Hash identifier: nvF24+uIu7BukwLpQQuMp8PSZkNr3wMfYSYXJqQlLck=
Subject key identifier: 00:86:CC:8A:F4:F3:8A:01:30:F8:6B:A0:7A:A2:4A:A9:CE:B8:DA:8F
Certificate issuer: /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial: 01942827497F5FA6DF0C7F7CB2BBA544A6BD
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/AIbMivTzigEw-GugeqJKqc642o8.roa
Signing time: Thu 02 Jan 2025 17:54:10 +0000
ROA not before: Thu 02 Jan 2025 17:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51020
IP address blocks: 5.62.128.0/23 maxlen: 23
5.62.128.0/24 maxlen: 24
5.62.129.0/24 maxlen: 24
5.62.136.0/23 maxlen: 23
5.62.136.0/24 maxlen: 24
5.62.137.0/24 maxlen: 24
31.7.80.0/23 maxlen: 23
31.7.80.0/24 maxlen: 24
31.7.81.0/24 maxlen: 24
31.7.82.0/23 maxlen: 23
31.7.82.0/24 maxlen: 24
31.7.84.0/23 maxlen: 23
31.7.84.0/24 maxlen: 24
31.7.85.0/24 maxlen: 24
31.7.86.0/23 maxlen: 23
31.7.86.0/24 maxlen: 24
31.7.87.0/24 maxlen: 24
37.77.48.0/23 maxlen: 23
37.77.48.0/24 maxlen: 24
37.77.49.0/24 maxlen: 24
37.77.50.0/23 maxlen: 23
37.77.50.0/24 maxlen: 24
37.77.51.0/24 maxlen: 24
37.77.52.0/23 maxlen: 23
37.77.52.0/24 maxlen: 24
37.77.53.0/24 maxlen: 24
37.77.54.0/23 maxlen: 23
37.77.54.0/24 maxlen: 24
37.77.55.0/24 maxlen: 24
185.69.4.0/23 maxlen: 23
185.69.4.0/24 maxlen: 24
185.69.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:49:7f:5f:a6:df:0c:7f:7c:b2:bb:a5:44:a6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Validity
Not Before: Jan 2 17:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0086cc8af4f38a0130f86ba07aa24aa9ceb8da8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:70:99:27:a2:df:9e:af:ab:05:28:1c:61:ab:
2a:79:95:c8:d6:0d:8b:63:ac:7c:ea:eb:ce:90:1f:
45:5c:69:58:01:51:17:66:ac:c4:08:71:86:7a:83:
36:ee:ee:11:bf:a3:da:cf:af:53:e1:70:80:1c:f6:
65:bf:5d:a5:e4:c5:ff:9b:5d:99:fe:48:02:91:bf:
af:af:ac:0b:b7:1a:94:97:06:b3:5d:63:c7:11:18:
c6:47:46:76:fd:c5:96:b9:c2:61:b8:f8:03:76:fe:
79:fd:f4:78:d5:11:c0:c2:c5:e3:fe:3b:54:e1:2d:
45:29:93:2e:34:9c:5d:91:49:1c:6b:81:35:fd:6f:
6b:e3:76:ce:42:b8:8f:da:58:8e:78:9b:2d:21:e8:
2b:18:49:d7:b8:fd:14:9e:64:9e:7e:4c:14:21:3e:
35:5c:b7:cd:33:1b:c4:02:ce:f5:fd:68:8b:de:4c:
d2:c8:ac:00:09:2b:3c:47:b2:8a:0d:44:5b:3d:12:
c5:13:68:25:93:20:27:9e:58:cc:2b:11:24:be:91:
86:e3:76:02:cf:09:df:0b:2a:e2:f2:a9:79:d1:04:
5d:e7:d8:79:2a:9d:b9:dc:e7:d0:b0:11:e7:07:73:
6e:fd:09:8e:c4:dc:38:39:40:80:eb:28:19:f6:4c:
1e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:86:CC:8A:F4:F3:8A:01:30:F8:6B:A0:7A:A2:4A:A9:CE:B8:DA:8F
X509v3 Authority Key Identifier:
keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/AIbMivTzigEw-GugeqJKqc642o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.128.0/23
5.62.136.0/23
31.7.80.0/21
37.77.48.0/21
185.69.4.0/23
Signature Algorithm: sha256WithRSAEncryption
34:95:c1:7a:f1:a4:72:c8:8f:7b:c8:a8:b7:37:5b:b9:be:fe:
74:d8:56:d0:49:73:15:c5:11:03:3a:49:00:5a:39:0d:4e:ca:
26:96:e2:0a:5e:74:a0:28:dd:cf:71:e0:f2:c3:08:93:0c:5c:
b9:ef:cb:2e:92:62:3b:ca:80:a7:23:02:74:97:55:fb:8f:df:
aa:cf:a9:d9:d0:75:dd:7d:3a:5d:4a:be:c5:a5:31:b6:f9:12:
a7:14:59:be:46:49:cb:3a:64:a0:c9:a1:5a:a1:3f:1f:c7:b7:
04:d0:f7:97:21:69:43:fe:1b:42:ce:b6:ac:53:40:0b:40:8d:
f5:6f:5f:55:03:64:33:2c:40:43:7c:62:b2:6e:6e:43:2e:dd:
ff:8f:55:ea:b6:1a:77:15:10:3f:f9:79:f3:90:36:63:eb:fc:
a4:d2:2a:1f:d0:e8:88:d2:71:f1:24:1e:04:dd:ef:8e:a2:9f:
7f:1c:2b:ed:52:44:a2:a3:91:89:57:10:aa:76:e5:2a:6c:be:
9c:82:0f:d7:a6:0d:15:59:ec:4c:e0:18:ce:57:37:3d:af:99:
8a:6d:b2:f9:cc:1e:17:7e:78:b5:48:81:ca:83:56:1e:88:87:
b1:2b:6c:61:af:fd:89:06:d0:69:8a:0e:bf:d7:ab:4c:85:d6:
e4:ea:89:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoJ0l/X6bfDH98srulRKa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjUwMTAyMTc1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDg2Y2M4YWY0ZjM4YTAxMzBmODZiYTA3YWEyNGFhOWNlYjhkYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3CZJ6Lfnq+rBSgcYasqeZXI1g2L
Y6x86uvOkB9FXGlYAVEXZqzECHGGeoM27u4Rv6Paz69T4XCAHPZlv12l5MX/m12Z
/kgCkb+vr6wLtxqUlwazXWPHERjGR0Z2/cWWucJhuPgDdv55/fR41RHAwsXj/jtU
4S1FKZMuNJxdkUkca4E1/W9r43bOQriP2liOeJstIegrGEnXuP0UnmSefkwUIT41
XLfNMxvEAs71/WiL3kzSyKwACSs8R7KKDURbPRLFE2glkyAnnljMKxEkvpGG43YC
zwnfCyri8ql50QRd59h5Kp253OfQsBHnB3Nu/QmOxNw4OUCA6ygZ9kwehwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFACGzIr084oBMPhroHqiSqnOuNqPMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvQUliTWl2VHppZ0V3LUd1Z2VxSktxYzY0Mm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBT6AAwQB
BT6IAwQDHwdQAwQDJU0wAwQBuUUEMA0GCSqGSIb3DQEBCwUAA4IBAQA0lcF68aRy
yI97yKi3N1u5vv502FbQSXMVxREDOkkAWjkNTsomluIKXnSgKN3PceDywwiTDFy5
78sukmI7yoCnIwJ0l1X7j9+qz6nZ0HXdfTpdSr7FpTG2+RKnFFm+RknLOmSgyaFa
oT8fx7cE0PeXIWlD/htCzrasU0ALQI31b19VA2QzLEBDfGKybm5DLt3/j1Xqthp3
FRA/+XnzkDZj6/yk0iof0OiI0nHxJB4E3e+Oop9/HCvtUkSio5GJVxCqduUqbL6c
gg/Xpg0VWexM4BjOVzc9r5mKbbL5zB4Xfni1SIHKg1YeiIexK2xhr/2JBtBpig6/
16tMhdbk6oli
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:24 2025 by rpki-client