Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/bRGMNf_rDn2oIgmno8_OH4yrYJk.roa
File: bRGMNf_rDn2oIgmno8_OH4yrYJk.roa (raw, json)
Hash identifier: lMu2U5uihZ/jm+W00bivO9WfjsZi+WDUigBmLj3NKNA=
Subject key identifier: 6D:11:8C:35:FF:EB:0E:7D:A8:22:09:A7:A3:CF:CE:1F:8C:AB:60:99
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 075A7CA2
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/bRGMNf_rDn2oIgmno8_OH4yrYJk.roa
Signing time: Mon 25 Apr 2022 11:46:49 +0000
ROA not before: Mon 25 Apr 2022 11:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/22 maxlen: 22
2a0d:4a40::/29 maxlen: 29
2a04:27c0::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123370658 (0x75a7ca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Apr 25 11:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d118c35ffeb0e7da82209a7a3cfce1f8cab6099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:ea:f7:8f:bb:f8:03:55:7b:6a:48:69:ee:
19:d1:bf:d6:40:52:06:47:27:96:98:03:31:0d:99:
8d:72:3e:23:ce:55:31:79:dc:b9:1d:d2:11:8b:b0:
ae:66:e4:cf:99:3d:fc:0d:07:eb:8b:ef:07:35:2d:
96:e7:2f:f9:b9:51:5c:95:66:2d:27:6b:df:ba:1b:
c5:08:e4:c9:90:c3:5a:95:c7:e5:0e:73:36:57:02:
97:f5:d4:9f:82:12:5f:83:aa:6c:e3:c4:6e:8f:9a:
3e:36:08:75:1d:59:c8:19:8a:05:27:f0:e7:a9:f9:
bf:a8:5d:53:cb:52:0a:b0:bb:c7:94:8d:3b:c7:5d:
37:21:41:03:eb:6c:f3:13:5d:be:a3:ec:a7:ea:ad:
5b:f7:92:a8:64:62:be:f4:e1:14:bb:bd:fc:5a:2e:
93:ba:b6:e5:c1:5c:75:da:96:50:09:b0:a1:18:8e:
52:94:f3:16:97:bc:81:78:12:ae:1c:23:a3:2c:5e:
44:72:fe:c0:45:ec:0a:b8:b2:7c:ae:9c:01:9e:db:
f9:bf:bb:a4:92:16:be:3e:3c:47:69:9c:f6:5a:77:
88:ee:32:9d:3a:cf:ca:7d:71:48:d5:0f:8e:a4:73:
6a:3c:b2:da:07:ac:93:e5:20:b3:ad:fc:2c:32:64:
99:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:11:8C:35:FF:EB:0E:7D:A8:22:09:A7:A3:CF:CE:1F:8C:AB:60:99
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/bRGMNf_rDn2oIgmno8_OH4yrYJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/24
109.74.30.0/24
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:80:a5:10:64:0c:8d:df:a7:1d:76:8b:33:d4:34:a3:cb:bf:
90:bd:54:72:f3:18:2b:76:87:c1:f9:8c:3f:f7:6b:2f:48:82:
08:34:f9:2a:a8:77:53:be:02:86:8f:ee:f3:cd:3e:bf:fb:98:
66:b7:f9:fd:83:3d:2e:16:30:fc:77:5c:86:13:88:db:74:e9:
2a:33:71:a4:81:c4:dc:3d:8a:f0:da:66:2b:0b:b8:86:57:52:
9f:8b:99:06:c2:b1:a7:7c:f4:f6:7b:1a:2e:dd:e9:4a:11:1e:
00:66:52:33:86:3d:5d:bf:c6:54:79:15:0f:77:d5:70:04:d6:
5b:a6:6f:a8:48:90:ce:4b:05:b4:2b:e4:24:b2:89:14:d9:bc:
8c:3d:57:6d:b0:d8:c1:9f:a8:9c:8c:fd:de:9e:f5:3f:94:ff:
c8:2a:01:64:b6:b2:99:e1:85:2d:9a:ae:07:ac:5b:b8:bf:e3:
b2:fd:ee:4b:7e:36:ca:3c:06:f5:52:5b:9c:38:46:59:19:38:
c3:df:25:be:23:b4:9d:61:4e:e1:81:87:33:a9:c7:0b:a7:72:
72:43:4f:0b:1c:00:d2:7d:06:0a:9c:78:9f:d3:f6:32:49:cc:
7e:81:d5:98:cc:bb:34:4a:00:b2:70:30:9e:13:5b:b3:a1:7d:
fa:ad:af:bd
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEB1p8ojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMB4XDTIyMDQy
NTExNDY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQxMThjMzVmZmVi
MGU3ZGE4MjIwOWE3YTNjZmNlMWY4Y2FiNjA5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiN6vePu/gDVXtqSGnuGdG/1kBSBkcnlpgDMQ2ZjXI+I85V
MXncuR3SEYuwrmbkz5k9/A0H64vvBzUtlucv+blRXJVmLSdr37obxQjkyZDDWpXH
5Q5zNlcCl/XUn4ISX4OqbOPEbo+aPjYIdR1ZyBmKBSfw56n5v6hdU8tSCrC7x5SN
O8ddNyFBA+ts8xNdvqPsp+qtW/eSqGRivvThFLu9/Fouk7q25cFcddqWUAmwoRiO
UpTzFpe8gXgSrhwjoyxeRHL+wEXsCriyfK6cAZ7b+b+7pJIWvj48R2mc9lp3iO4y
nTrPyn1xSNUPjqRzajyy2gesk+Ugs638LDJkmbkCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBRtEYw1/+sOfagiCaejz84fjKtgmTAfBgNVHSMEGDAWgBRiStRTWsiN1TQZ
nypyYJWvca/kTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lrclVVMXJJamRVMEdaOHFjbUNWcjNHdjVFNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8x
L2JSR01OZl9yRG4yb0lnbW5vOF9PSDR5cllKay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRV
MEdaOHFjbUNWcjNHdjVFNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwPAQCAAEwNgMEAx+rmAMEAi1C/AMEAi2OGAMEAG1K
HAMEAG1KHgMEArk1ZAMEArnpfAMEAcJxUAMEAcJxXjAiBAIAAjAcAwUDKgQnwAMF
AyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG9w0BAQsFAAOCAQEAWYClEGQMjd+n
HXaLM9Q0o8u/kL1UcvMYK3aHwfmMP/drL0iCCDT5Kqh3U74Cho/u880+v/uYZrf5
/YM9LhYw/HdchhOI23TpKjNxpIHE3D2K8NpmKwu4hldSn4uZBsKxp3z09nsaLt3p
ShEeAGZSM4Y9Xb/GVHkVD3fVcATWW6ZvqEiQzksFtCvkJLKJFNm8jD1XbbDYwZ+o
nIz93p71P5T/yCoBZLaymeGFLZquB6xbuL/jsv3uS342yjwG9VJbnDhGWRk4w98l
viO0nWFO4YGHM6nHC6dyckNPCxwA0n0GCpx4n9P2MknMfoHVmMy7NEoAsnAwnhNb
s6F9+q2vvQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:38 2025 by rpki-client