Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/UJCqapVCxjgAJi0Sj0C-iHYaW3U.roa
File: UJCqapVCxjgAJi0Sj0C-iHYaW3U.roa (raw, json)
Hash identifier: qAjMWnKS1ccwKHmXngDJbTAYw7Fe3wukpXhaUZRx2Ec=
Subject key identifier: 50:90:AA:6A:95:42:C6:38:00:26:2D:12:8F:40:BE:88:76:1A:5B:75
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 018FC0A13A9952176AACDE3BC284CC56B867
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/UJCqapVCxjgAJi0Sj0C-iHYaW3U.roa
Signing time: Tue 28 May 2024 19:15:42 +0000
ROA not before: Tue 28 May 2024 19:15:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:a1:3a:99:52:17:6a:ac:de:3b:c2:84:cc:56:b8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: May 28 19:15:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5090aa6a9542c63800262d128f40be88761a5b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:67:fd:66:5f:0d:2d:01:b4:dd:9f:1e:d5:88:
3d:20:ce:75:f9:85:89:cf:45:91:ea:79:b7:1d:78:
db:e0:04:eb:8c:8c:b1:1d:37:d1:cd:33:22:fe:d1:
76:7e:75:d4:21:d9:f9:23:e3:61:9a:71:1e:47:6a:
9f:bf:aa:9c:2f:10:7f:88:ba:d0:ae:2f:19:2b:c2:
e5:b7:fa:58:71:c9:1d:0c:cd:63:c9:00:0e:85:36:
e2:f7:98:66:ed:d3:36:b2:92:ad:34:1a:4a:bd:85:
77:0b:10:a9:32:9d:1f:64:08:29:45:20:09:f2:74:
50:57:22:c2:42:31:f8:97:e7:fe:85:d6:d9:01:54:
04:b3:86:f8:e4:5a:bd:cf:bf:84:7c:fb:e4:2d:35:
6b:08:e5:ec:03:11:a8:d3:8d:5f:42:a7:31:5b:35:
ee:ff:f0:5d:fa:09:72:22:22:52:3c:ae:aa:5c:87:
40:cf:b0:45:92:ab:6f:95:56:6d:af:c9:bb:b8:20:
31:8f:02:01:21:9d:7b:5e:4f:02:7e:f4:4d:d9:25:
9b:bb:e8:1b:48:a8:b6:f9:ff:df:59:56:55:9e:8e:
3b:f4:c2:8e:ee:12:81:a5:76:66:0c:37:f2:89:a9:
ab:3a:bb:39:44:d6:88:11:e4:2c:2c:8f:b1:5f:d2:
99:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:90:AA:6A:95:42:C6:38:00:26:2D:12:8F:40:BE:88:76:1A:5B:75
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/UJCqapVCxjgAJi0Sj0C-iHYaW3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
109.104.132.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
87:95:a8:bf:9c:59:88:dd:0d:5a:d6:d6:4a:ef:f5:94:d6:75:
bd:29:cc:a2:64:22:92:14:70:cd:35:4c:aa:89:6b:75:77:2d:
cd:08:9b:34:ce:e6:76:ed:c8:de:56:dc:9e:30:75:4d:4a:03:
92:ce:1d:85:df:20:14:fe:c8:85:07:7e:d1:8f:3e:69:73:ce:
a5:0d:f6:69:35:f7:fe:4e:d4:ad:b1:00:00:81:79:27:00:ae:
85:b2:0e:e9:3c:b5:23:3f:2f:2a:4c:52:24:7d:5c:f4:6b:15:
03:0e:dc:bb:1f:f0:93:83:76:df:fe:73:8e:9a:2d:1d:54:0f:
d7:8a:52:ea:24:7f:eb:09:33:63:3a:3e:ba:15:14:1a:ef:d7:
be:85:35:12:6c:ed:94:1b:6c:be:9e:ac:09:68:70:5c:20:6c:
b6:c8:a9:7f:a5:82:58:7a:4e:72:74:2a:f9:8a:11:39:2b:08:
7c:07:52:dc:85:b6:ab:3d:78:14:ea:c0:46:f7:a6:be:fd:ff:
de:f9:7a:0f:ec:ff:8e:43:26:d3:82:0d:27:3b:9f:85:11:77:
21:05:88:df:f7:9b:d4:30:3d:03:66:89:f3:d6:0e:94:92:34:
8a:38:aa:66:64:1d:b5:cb:78:54:ae:a0:bc:08:62:db:8d:71:
97:29:70:8e
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAY/AoTqZUhdqrN47woTMVrhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQwNTI4MTkxNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDkwYWE2YTk1NDJjNjM4MDAyNjJkMTI4ZjQwYmU4ODc2MWE1Yjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22f9Zl8NLQG03Z8e1Yg9IM51+YWJ
z0WR6nm3HXjb4ATrjIyxHTfRzTMi/tF2fnXUIdn5I+NhmnEeR2qfv6qcLxB/iLrQ
ri8ZK8Llt/pYcckdDM1jyQAOhTbi95hm7dM2spKtNBpKvYV3CxCpMp0fZAgpRSAJ
8nRQVyLCQjH4l+f+hdbZAVQEs4b45Fq9z7+EfPvkLTVrCOXsAxGo041fQqcxWzXu
//Bd+glyIiJSPK6qXIdAz7BFkqtvlVZtr8m7uCAxjwIBIZ17Xk8CfvRN2SWbu+gb
SKi2+f/fWVZVno479MKO7hKBpXZmDDfyiamrOrs5RNaIEeQsLI+xX9KZvQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFFCQqmqVQsY4ACYtEo9Avoh2Glt1MB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvVUpDcWFwVkN4amdBSmkwU2owQy1pSFlhVzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBKBAIAATBEAwQDH6uY
AwQCLY4YMAwDBAJtaIQDBARtaIADBAJtaJwDBAKQMDQDBAK5NWQDBAK5mXwDBAK5
6XwDBAHCcVADBAHCcV4wUwQCAAIwTQMFAyoEJ8ADBQMqCW5AAwUDKgluwAMFAyoN
J8ADBQMqDULAAwUDKg1KQAMFAyoOPwADBQMqDk8AAwUDKg7UwAMFAyoPQsADBQMq
D6iAMA0GCSqGSIb3DQEBCwUAA4IBAQCHlai/nFmI3Q1a1tZK7/WU1nW9KcyiZCKS
FHDNNUyqiWt1dy3NCJs0zuZ27cjeVtyeMHVNSgOSzh2F3yAU/siFB37Rjz5pc86l
DfZpNff+TtStsQAAgXknAK6Fsg7pPLUjPy8qTFIkfVz0axUDDty7H/CTg3bf/nOO
mi0dVA/XilLqJH/rCTNjOj66FRQa79e+hTUSbO2UG2y+nqwJaHBcIGy2yKl/pYJY
ek5ydCr5ihE5Kwh8B1LchbarPXgU6sBG96a+/f/e+XoP7P+OQybTgg0nO5+FEXch
BYjf95vUMD0DZonz1g6UkjSKOKpmZB21y3hUrqC8CGLbjXGXKXCO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:49 2025 by rpki-client