Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/IV0i8341e-STt23ntrtxVdJwiTk.roa
File: IV0i8341e-STt23ntrtxVdJwiTk.roa (raw, json)
Hash identifier: VUS/R9+ALZYtAsrX3f8Bix2FE2lBz2yfrPXppmLw39I=
Subject key identifier: 21:5D:22:F3:7E:35:7B:E4:93:B7:6D:E7:B6:BB:71:55:D2:70:89:39
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 018FEE50DBAE59FF08355A2CA23352970855
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/IV0i8341e-STt23ntrtxVdJwiTk.roa
Signing time: Thu 06 Jun 2024 16:10:27 +0000
ROA not before: Thu 06 Jun 2024 16:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ee:50:db:ae:59:ff:08:35:5a:2c:a2:33:52:97:08:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Jun 6 16:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=215d22f37e357be493b76de7b6bb7155d2708939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:32:4a:3a:be:af:c7:15:51:45:4e:3d:cd:1d:
bc:12:7b:41:8c:06:18:d2:00:2e:a9:41:e0:dd:14:
b5:75:73:56:03:c4:bb:81:a0:f4:f8:19:5f:d4:92:
2c:0b:d0:d7:52:9a:8d:b2:ae:4a:26:a0:a0:5f:ec:
f5:c9:b0:56:c6:06:18:25:b4:45:ba:f8:04:7f:db:
fd:e6:c5:f9:dd:6c:11:34:c4:2c:a0:47:c1:da:3f:
c6:4f:cd:38:de:1e:93:7d:58:4f:1e:6b:f7:57:d3:
b3:f9:64:74:18:d6:6f:8e:50:8d:73:74:03:22:4d:
12:37:46:83:40:ea:4d:3e:5f:b9:ea:a3:cc:47:ea:
15:bf:aa:b3:4f:7f:5b:d6:18:48:61:a7:d0:58:93:
ac:6f:41:e2:28:f2:b1:92:9e:a9:d4:8b:ec:ea:b3:
f3:82:51:eb:ca:cd:8f:b5:ce:61:8a:44:0f:e8:4a:
43:fd:0d:51:ea:96:37:09:48:0e:3a:44:21:c0:a6:
b2:be:26:3b:7b:1e:6a:63:ae:9e:24:92:d9:d1:5c:
dd:da:0a:22:af:7f:8c:c0:29:f4:d5:03:77:71:ca:
6e:40:21:0d:14:84:8e:bd:dd:78:fd:c1:99:b5:17:
8e:02:8e:3a:e0:8e:63:a3:ec:32:64:ce:d3:a4:71:
3c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5D:22:F3:7E:35:7B:E4:93:B7:6D:E7:B6:BB:71:55:D2:70:89:39
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/IV0i8341e-STt23ntrtxVdJwiTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
109.104.132.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
73:9e:26:32:9f:bf:3e:ed:de:74:84:49:ca:6c:55:a4:e5:8d:
7a:73:3a:61:67:ad:23:85:0c:96:94:8c:db:94:35:6e:e6:9b:
2f:3c:9a:5b:56:0a:15:06:48:62:55:4a:de:8d:de:73:37:e2:
ea:12:95:f7:fe:83:d1:09:cf:40:cf:61:49:fd:1a:1e:e0:63:
48:b0:07:38:d0:6a:09:02:b7:17:f3:01:fe:8e:dd:af:06:9d:
d6:50:b0:d2:62:a0:92:15:aa:9f:2e:3c:97:2b:4a:db:a8:94:
f9:d4:fa:30:76:5f:c0:2f:bf:5f:d2:c4:82:3c:ab:4e:32:51:
f3:5c:56:45:e2:81:e7:cd:81:56:26:aa:1e:c1:15:5d:e1:43:
fe:97:7a:f1:62:18:0b:38:b3:64:73:f8:f4:a9:76:62:11:17:
57:f1:7b:ac:20:85:64:1a:90:0e:e5:e8:a4:98:f1:54:52:d4:
8a:24:bb:eb:0e:da:25:c9:b1:26:07:74:98:68:9d:18:08:1f:
1c:4b:fa:a4:93:1d:bb:0f:de:d2:e2:7a:30:75:a2:36:d4:33:
6d:7a:f8:23:3e:e5:cb:19:aa:e3:c8:9d:2f:05:a0:77:97:c9:
79:f5:24:0f:84:3b:c6:37:fc:45:62:4a:ed:e3:f9:6b:3d:73:
7d:bf:df:20
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAY/uUNuuWf8INVosojNSlwhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQwNjA2MTYxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVkMjJmMzdlMzU3YmU0OTNiNzZkZTdiNmJiNzE1NWQyNzA4OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzJKOr6vxxVRRU49zR28EntBjAYY
0gAuqUHg3RS1dXNWA8S7gaD0+Blf1JIsC9DXUpqNsq5KJqCgX+z1ybBWxgYYJbRF
uvgEf9v95sX53WwRNMQsoEfB2j/GT8043h6TfVhPHmv3V9Oz+WR0GNZvjlCNc3QD
Ik0SN0aDQOpNPl+56qPMR+oVv6qzT39b1hhIYafQWJOsb0HiKPKxkp6p1Ivs6rPz
glHrys2Ptc5hikQP6EpD/Q1R6pY3CUgOOkQhwKayviY7ex5qY66eJJLZ0Vzd2goi
r3+MwCn01QN3ccpuQCENFISOvd14/cGZtReOAo464I5jo+wyZM7TpHE8BwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFCFdIvN+NXvkk7dt57a7cVXScIk5MB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvSVYwaTgzNDFlLVNUdDIzbnRydHhWZEp3aVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBKBAIAATBEAwQDH6uY
AwQCLY4YMAwDBAJtaIQDBARtaIADBAJtaJwDBAKQMDQDBAK5NWQDBAK5mXwDBAK5
6XwDBAHCcVADBAHCcV4wUwQCAAIwTQMFAyoEJ8ADBQMqCW5AAwUDKgluwAMFAyoN
J8ADBQMqDULAAwUDKg1KQAMFAyoOPwADBQMqDk8AAwUDKg7UwAMFAyoPQsADBQMq
D6iAMA0GCSqGSIb3DQEBCwUAA4IBAQBzniYyn78+7d50hEnKbFWk5Y16czphZ60j
hQyWlIzblDVu5psvPJpbVgoVBkhiVUrejd5zN+LqEpX3/oPRCc9Az2FJ/Roe4GNI
sAc40GoJArcX8wH+jt2vBp3WULDSYqCSFaqfLjyXK0rbqJT51Powdl/AL79f0sSC
PKtOMlHzXFZF4oHnzYFWJqoewRVd4UP+l3rxYhgLOLNkc/j0qXZiERdX8XusIIVk
GpAO5eikmPFUUtSKJLvrDtolybEmB3SYaJ0YCB8cS/qkkx27D97S4nowdaI21DNt
evgjPuXLGarjyJ0vBaB3l8l59SQPhDvGN/xFYkrt4/lrPXN9v98g
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:05 2025 by rpki-client