Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/alVgOiGQaygKKfRiNXMQm1ojUWU.roa
File: alVgOiGQaygKKfRiNXMQm1ojUWU.roa (raw, json)
Hash identifier: aOJQStyVH2msGIdBHorM0kl3RBtrxvSgZcDUWInDqNM=
Subject key identifier: 6A:55:60:3A:21:90:6B:28:0A:29:F4:62:35:73:10:9B:5A:23:51:65
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019421B17964E5083D8FECEBC7B4D9796EC6
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/alVgOiGQaygKKfRiNXMQm1ojUWU.roa
Signing time: Wed 01 Jan 2025 11:47:46 +0000
ROA not before: Wed 01 Jan 2025 11:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30860
IP address blocks: 31.42.184.0/23 maxlen: 23
31.42.186.0/24 maxlen: 24
31.42.187.0/24 maxlen: 24
45.11.56.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
45.11.58.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.12.0.0/22 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.134.172.0/22 maxlen: 24
62.182.80.0/23 maxlen: 23
62.182.82.0/23 maxlen: 23
62.182.84.0/24 maxlen: 24
62.182.85.0/24 maxlen: 24
62.182.86.0/24 maxlen: 24
62.182.87.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
95.214.232.0/24 maxlen: 24
95.214.233.0/24 maxlen: 24
95.214.234.0/23 maxlen: 23
152.89.60.0/24 maxlen: 24
152.89.61.0/24 maxlen: 24
152.89.62.0/24 maxlen: 24
152.89.63.0/24 maxlen: 24
176.97.112.0/20 maxlen: 24
176.97.114.0/24 maxlen: 24
176.97.124.0/24 maxlen: 24
176.119.24.0/24 maxlen: 24
176.119.25.0/24 maxlen: 24
176.119.26.0/23 maxlen: 23
176.119.26.0/24 maxlen: 24
176.119.27.0/24 maxlen: 24
176.119.28.0/24 maxlen: 24
176.119.29.0/24 maxlen: 24
176.119.30.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
185.66.88.0/23 maxlen: 23
185.66.90.0/24 maxlen: 24
185.66.91.0/24 maxlen: 24
185.254.196.0/23 maxlen: 23
185.254.198.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
193.23.181.0/24 maxlen: 24
194.42.204.0/22 maxlen: 24
195.66.210.0/24 maxlen: 24
195.66.214.0/23 maxlen: 24
2a09:2dc0::/29 maxlen: 29
2a09:2dc1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:79:64:e5:08:3d:8f:ec:eb:c7:b4:d9:79:6e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jan 1 11:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a55603a21906b280a29f4623573109b5a235165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e0:ec:15:c0:ce:26:e1:1a:75:fa:5e:e6:35:
6e:eb:78:38:55:36:13:ae:d9:7c:2d:80:37:b5:9e:
64:c2:b8:43:05:f4:5d:7a:c8:99:70:3b:7d:fa:0e:
a1:02:0a:0e:76:58:c1:cb:7d:bd:ed:0b:dc:4f:19:
75:1c:5a:0e:65:77:f0:f9:da:0c:2e:76:f9:7c:0e:
1f:e9:bd:9a:63:20:3d:ba:a8:f9:63:9a:8d:c1:f0:
09:58:14:12:3c:a1:11:3a:58:ad:9e:71:32:1d:4e:
2f:4a:c7:a8:2b:fb:f9:83:50:66:ea:94:04:b8:43:
43:b6:c5:02:4a:fc:93:c0:02:d9:f2:01:8f:cc:41:
34:ad:3f:b7:63:2b:5b:38:07:cc:8c:0a:e0:30:98:
71:27:fd:29:da:93:c6:7a:11:65:6c:55:3d:3f:8f:
bc:46:dd:e0:bb:e7:fe:8e:8f:10:a7:49:2d:87:c5:
b4:4f:24:6d:a0:96:d6:42:25:62:07:b7:6a:78:cf:
61:6a:14:65:cb:59:a6:a6:19:ad:84:2c:9f:d4:1a:
ce:9b:fd:f1:f2:39:b8:d8:ed:64:a3:d1:71:6e:65:
7c:61:b1:92:b7:eb:b5:91:ea:15:8a:57:b8:ce:d7:
b3:2c:30:e0:87:fa:b1:94:b3:9a:25:f8:cc:27:f2:
3b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:55:60:3A:21:90:6B:28:0A:29:F4:62:35:73:10:9B:5A:23:51:65
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/alVgOiGQaygKKfRiNXMQm1ojUWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.184.0/22
45.11.56.0/22
45.12.0.0/22
45.134.172.0/22
62.182.80.0/21
91.208.115.0/24
95.214.232.0/22
152.89.60.0/22
176.97.112.0/20
176.119.24.0/21
185.66.88.0/22
185.254.196.0/22
193.23.181.0/24
194.42.204.0/22
195.66.210.0/24
195.66.214.0/23
IPv6:
2a09:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:ca:76:6e:5e:52:15:08:e0:dc:c3:03:53:ff:a0:60:36:af:
16:c0:da:d1:d0:40:46:ba:2a:e5:d7:b2:75:64:7a:62:7e:9c:
8b:6f:1b:1f:1c:10:11:30:89:92:45:8c:07:26:60:fb:a8:05:
d7:e0:03:25:c3:bb:16:13:df:2a:73:bd:53:02:86:6e:13:22:
a2:87:0e:aa:30:43:e2:06:ed:c9:13:b3:00:10:b5:c8:3a:77:
bb:5e:89:35:7c:64:48:6e:bf:15:90:07:e4:43:e7:ba:99:89:
1f:64:a4:8a:26:f7:6e:95:ff:f9:fd:9e:63:79:f9:a7:c3:85:
cf:fd:5b:82:79:b5:37:07:b5:73:fa:8a:72:a8:f2:a3:5c:43:
65:0c:d8:75:b5:87:82:b5:1a:7e:c8:6f:40:78:f0:22:30:80:
ad:2d:a1:86:a4:68:b9:f5:ad:97:da:2c:e5:5c:41:c9:4d:2b:
4b:c7:e7:69:6e:d2:05:1f:90:60:b8:ba:2c:89:4e:00:81:2f:
11:e1:bf:9d:08:66:73:24:76:41:b5:20:e2:91:3c:52:40:b6:
b3:c2:e8:5d:58:36:7d:69:b0:94:8f:d0:41:3a:8c:1a:ca:02:
e2:b7:04:fd:66:4c:d0:0f:95:00:3f:2e:fb:1c:08:69:a5:4a:
c8:bc:71:bb
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZQhsXlk5Qg9j+zrx7TZeW7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjUwMTAxMTE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU1NjAzYTIxOTA2YjI4MGEyOWY0NjIzNTczMTA5YjVhMjM1MTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+DsFcDOJuEadfpe5jVu63g4VTYT
rtl8LYA3tZ5kwrhDBfRdesiZcDt9+g6hAgoOdljBy3297QvcTxl1HFoOZXfw+doM
Lnb5fA4f6b2aYyA9uqj5Y5qNwfAJWBQSPKEROlitnnEyHU4vSseoK/v5g1Bm6pQE
uENDtsUCSvyTwALZ8gGPzEE0rT+3YytbOAfMjArgMJhxJ/0p2pPGehFlbFU9P4+8
Rt3gu+f+jo8Qp0kth8W0TyRtoJbWQiViB7dqeM9hahRly1mmphmthCyf1BrOm/3x
8jm42O1ko9FxbmV8YbGSt+u1keoVile4ztezLDDgh/qxlLOaJfjMJ/I7WQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFGpVYDohkGsoCin0YjVzEJtaI1FlMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvYWxWZ09pR1FheWdLS2ZSaU5YTVFtMW9qVVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAh8quAME
Ai0LOAMEAi0MAAMEAi2GrAMEAz62UAMEAFvQcwMEAl/W6AMEAphZPAMEBLBhcAME
A7B3GAMEArlCWAMEArn+xAMEAMEXtQMEAsIqzAMEAMNC0gMEAcNC1jANBAIAAjAH
AwUDKgktwDANBgkqhkiG9w0BAQsFAAOCAQEAosp2bl5SFQjg3MMDU/+gYDavFsDa
0dBARroq5deydWR6Yn6ci28bHxwQETCJkkWMByZg+6gF1+ADJcO7FhPfKnO9UwKG
bhMioocOqjBD4gbtyROzABC1yDp3u16JNXxkSG6/FZAH5EPnupmJH2Skiib3bpX/
+f2eY3n5p8OFz/1bgnm1Nwe1c/qKcqjyo1xDZQzYdbWHgrUafshvQHjwIjCArS2h
hqRoufWtl9os5VxByU0rS8fnaW7SBR+QYLi6LIlOAIEvEeG/nQhmcyR2QbUg4pE8
UkC2s8LoXVg2fWmwlI/QQTqMGsoC4rcE/WZM0A+VAD8u+xwIaaVKyLxxuw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:12:23 2025 by rpki-client