Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Smuji2Heb0yNKxKX50HJFljlW6Q.roa
File: Smuji2Heb0yNKxKX50HJFljlW6Q.roa (raw, json)
Hash identifier: Q+G4hEplYqmRDzDzZ0N2puaVHiaYEzSKUX0JFhh2fmw=
Subject key identifier: 4A:6B:A3:8B:61:DE:6F:4C:8D:2B:12:97:E7:41:C9:16:58:E5:5B:A4
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 018D5FB983E56A27D0055FE24539AEBBBB7B
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Smuji2Heb0yNKxKX50HJFljlW6Q.roa
Signing time: Wed 31 Jan 2024 13:33:29 +0000
ROA not before: Wed 31 Jan 2024 13:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:b9:83:e5:6a:27:d0:05:5f:e2:45:39:ae:bb:bb:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Jan 31 13:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a6ba38b61de6f4c8d2b1297e741c91658e55ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:06:f8:a8:46:8b:53:35:7c:6a:32:ed:7a:fc:
27:7c:e6:0a:2c:9a:02:ef:f2:7d:30:bd:6b:ba:df:
12:c3:54:25:48:c7:19:5d:46:c2:f4:95:97:6d:b7:
99:69:d4:90:3c:a7:5f:10:f7:8d:c6:be:9f:ec:2c:
f8:af:4a:c1:5a:69:15:2f:31:bf:08:2e:a3:c9:df:
1f:9e:37:29:f7:fb:0f:a8:c7:32:2d:e2:20:a1:0b:
c2:87:b5:13:0e:c1:ee:0b:25:e3:53:56:7b:65:5d:
e6:eb:30:f6:d7:74:64:2c:a9:34:f2:53:c2:f7:6e:
73:32:e7:8e:3f:a1:55:e5:5c:6e:8a:f2:8e:e0:8f:
b3:52:42:c9:cd:c3:1a:54:7a:d3:70:e4:91:ac:a9:
82:02:2d:69:8e:27:4d:ca:88:0f:4a:04:69:5d:36:
2a:e7:a1:0d:86:4d:a5:16:17:bc:99:82:41:e2:7d:
c8:3a:15:6c:23:a0:f2:44:c2:3e:63:3a:40:59:6a:
16:de:64:df:af:f8:cf:ad:d3:09:92:60:a7:fd:f0:
24:07:95:bf:5f:38:55:74:36:e7:e1:7b:27:a9:0e:
9d:c3:59:f4:a9:4a:4e:2c:96:b0:c6:37:81:a8:50:
ab:e1:fe:d9:35:27:29:40:9d:67:29:09:6e:61:be:
a3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6B:A3:8B:61:DE:6F:4C:8D:2B:12:97:E7:41:C9:16:58:E5:5B:A4
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Smuji2Heb0yNKxKX50HJFljlW6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
109.104.134.0-109.104.143.255
109.104.156.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
6a:5c:01:7f:d6:97:4e:5f:09:64:1d:71:17:9c:8d:b0:e0:6b:
4b:e6:bd:64:c9:5a:65:bc:62:d1:69:2f:79:02:c7:b8:34:67:
5f:32:da:ac:9c:49:28:59:cb:fa:bc:c1:fb:f1:9b:c9:71:b9:
89:db:c3:ce:ae:33:04:1f:06:4d:09:c8:fa:46:05:f6:5e:96:
9e:34:5c:f5:b8:18:f6:47:d7:73:55:be:49:35:c9:22:98:e8:
bb:6b:47:d3:4f:4e:4d:ed:e1:d3:e2:31:da:bf:08:6a:58:cb:
a1:cd:35:fa:57:9e:30:66:e1:80:fe:5c:58:65:4a:c6:b0:a7:
46:b9:e5:a5:f4:64:1a:f9:4e:e6:82:3c:01:d9:12:49:d3:67:
5d:b2:49:6c:96:eb:b0:f0:72:f7:db:72:8d:69:50:c1:7d:57:
a1:3e:2a:c1:cb:1a:0f:a2:c5:5e:98:4e:49:88:a4:70:16:87:
e8:32:b4:cb:9a:8a:e7:57:6e:57:0a:22:1f:5e:31:94:bc:89:
c8:03:f9:75:0e:dc:43:bb:ca:d6:45:10:6b:59:16:be:cf:09:
d0:69:a6:01:11:2d:46:e2:92:6d:77:fa:1c:ce:16:98:d1:61:
11:03:81:68:1b:96:3e:71:e5:a0:56:b6:22:af:08:ed:5f:19:
79:50:ab:b6
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAY1fuYPlaifQBV/iRTmuu7t7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQwMTMxMTMzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZiYTM4YjYxZGU2ZjRjOGQyYjEyOTdlNzQxYzkxNjU4ZTU1YmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAb4qEaLUzV8ajLtevwnfOYKLJoC
7/J9ML1rut8Sw1QlSMcZXUbC9JWXbbeZadSQPKdfEPeNxr6f7Cz4r0rBWmkVLzG/
CC6jyd8fnjcp9/sPqMcyLeIgoQvCh7UTDsHuCyXjU1Z7ZV3m6zD213RkLKk08lPC
925zMueOP6FV5VxuivKO4I+zUkLJzcMaVHrTcOSRrKmCAi1pjidNyogPSgRpXTYq
56ENhk2lFhe8mYJB4n3IOhVsI6DyRMI+YzpAWWoW3mTfr/jPrdMJkmCn/fAkB5W/
XzhVdDbn4XsnqQ6dw1n0qUpOLJawxjeBqFCr4f7ZNScpQJ1nKQluYb6jTQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFEpro4th3m9MjSsSl+dByRZY5VukMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvU211amkySGViMHlOS3hLWDUwSEpGbGpsVzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTA+BAIAATA4AwQDH6uY
AwQCLY4YMAwDBAFtaIYDBARtaIADBAJtaJwDBAK5NWQDBAK56XwDBAHCcVADBAHC
cV4wUwQCAAIwTQMFAyoEJ8ADBQMqCW5AAwUDKgluwAMFAyoNJ8ADBQMqDULAAwUD
Kg1KQAMFAyoOPwADBQMqDk8AAwUDKg7UwAMFAyoPQsADBQMqD6iAMA0GCSqGSIb3
DQEBCwUAA4IBAQBqXAF/1pdOXwlkHXEXnI2w4GtL5r1kyVplvGLRaS95Ase4NGdf
MtqsnEkoWcv6vMH78ZvJcbmJ28POrjMEHwZNCcj6RgX2XpaeNFz1uBj2R9dzVb5J
NckimOi7a0fTT05N7eHT4jHavwhqWMuhzTX6V54wZuGA/lxYZUrGsKdGueWl9GQa
+U7mgjwB2RJJ02ddsklsluuw8HL323KNaVDBfVehPirByxoPosVemE5JiKRwFofo
MrTLmornV25XCiIfXjGUvInIA/l1DtxDu8rWRRBrWRa+zwnQaaYBES1G4pJtd/oc
zhaY0WERA4FoG5Y+ceWgVrYirwjtXxl5UKu2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:44 2025 by rpki-client