Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/cJVRQXd44-OpM2YtQfVOErFtsVc.roa
File: cJVRQXd44-OpM2YtQfVOErFtsVc.roa (raw, json)
Hash identifier: dyouYw/aXmfjcmQGlEEugImkHjpAD0tjKvhyqYvecOg=
Subject key identifier: 70:95:51:41:77:78:E3:E3:A9:33:66:2D:41:F5:4E:12:B1:6D:B1:57
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01927A93FE06701E5C512D36AA88286586CF
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/cJVRQXd44-OpM2YtQfVOErFtsVc.roa
Signing time: Fri 11 Oct 2024 07:56:12 +0000
ROA not before: Fri 11 Oct 2024 07:56:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.111.0.0/24 maxlen: 24
103.111.1.0/24 maxlen: 24
103.111.2.0/24 maxlen: 24
103.111.3.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:93:fe:06:70:1e:5c:51:2d:36:aa:88:28:65:86:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Oct 11 07:56:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=709551417778e3e3a933662d41f54e12b16db157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:56:85:0f:68:60:1f:72:f7:64:c4:31:29:6e:
11:09:ba:c8:c1:3e:81:50:b1:dc:5f:b1:03:27:68:
05:30:e8:1d:27:c8:14:4c:6f:1f:5a:a7:66:e2:52:
36:c0:9a:61:46:ae:67:bf:f0:17:ba:39:01:30:4f:
76:7a:aa:6c:91:29:6e:21:46:7b:b0:f6:35:cb:54:
8c:2c:31:76:d2:d7:48:c4:14:0e:73:9b:62:25:66:
f0:0d:0d:7a:8a:a6:a5:91:bd:11:bc:f2:d9:df:d0:
42:23:9e:f5:6f:78:53:5a:1c:4f:a0:4c:5c:90:3f:
c0:91:2c:8e:26:62:a8:da:79:7e:4b:91:8e:fe:8d:
d9:88:9b:fb:b7:47:b2:c4:29:6c:00:81:e6:be:1b:
cc:eb:45:ac:b5:47:a4:b2:91:ff:5c:ed:90:bf:a7:
34:98:52:0f:d1:b0:94:b4:54:ea:5f:37:b4:27:1e:
d2:a9:89:d8:65:ec:eb:25:da:16:cd:1c:4d:82:c9:
05:ac:e3:db:38:50:87:79:cc:9e:0c:76:74:6b:ba:
e8:d6:52:64:a7:42:18:c6:07:d6:83:ec:e1:a1:5e:
f0:e8:a4:2e:49:46:85:ba:93:52:06:f2:b0:76:94:
2e:6b:bf:93:46:89:bc:f5:ad:df:cd:65:6f:67:3b:
7c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:95:51:41:77:78:E3:E3:A9:33:66:2D:41:F5:4E:12:B1:6D:B1:57
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/cJVRQXd44-OpM2YtQfVOErFtsVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
103.93.40.0/22
103.111.0.0/22
109.104.132.0/24
109.104.134.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0-185.233.126.255
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
7e:c8:b9:80:b7:d8:4d:87:08:71:10:7a:fe:08:93:83:29:2d:
7b:5b:59:82:1a:35:51:4e:8c:6f:74:9d:12:5d:b8:46:2c:2c:
e6:48:f4:bf:61:77:cf:9d:d4:ea:ec:7a:09:a2:4a:ef:f4:d1:
44:e5:9f:3f:69:71:a0:0c:d7:e9:78:f4:cf:21:ee:6b:de:35:
f4:95:67:d4:3e:c8:88:d7:12:0f:47:95:6a:c4:ff:39:64:3d:
0c:80:7d:d7:14:89:fd:19:80:88:17:48:72:a8:9f:a8:1f:4e:
c9:58:a5:38:e7:33:90:0f:1c:99:f5:08:23:1c:f4:d4:58:ff:
ba:32:07:35:04:98:82:37:fd:fd:6d:4e:98:04:ca:c6:4a:81:
c2:67:15:e5:81:b9:8f:e5:09:bb:d7:85:8e:60:c4:8c:39:1b:
ef:79:2c:c8:be:b7:d7:5a:70:91:e3:63:ef:82:d7:3c:82:13:
20:b9:28:51:53:75:ce:98:84:44:14:b9:eb:fe:c5:d5:19:ef:
2a:25:7e:47:6e:3a:6a:94:03:4d:54:01:08:76:27:e3:0e:e6:
fb:1f:d9:80:42:11:b9:50:5f:df:65:6b:33:f6:f1:da:4d:2b:
cd:de:c0:ce:06:a7:23:b6:2e:6c:37:af:18:aa:87:7c:e7:3e:
e9:8a:87:89
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZJ6k/4GcB5cUS02qogoZYbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQxMDExMDc1NjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDk1NTE0MTc3NzhlM2UzYTkzMzY2MmQ0MWY1NGUxMmIxNmRiMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFaFD2hgH3L3ZMQxKW4RCbrIwT6B
ULHcX7EDJ2gFMOgdJ8gUTG8fWqdm4lI2wJphRq5nv/AXujkBME92eqpskSluIUZ7
sPY1y1SMLDF20tdIxBQOc5tiJWbwDQ16iqalkb0RvPLZ39BCI571b3hTWhxPoExc
kD/AkSyOJmKo2nl+S5GO/o3ZiJv7t0eyxClsAIHmvhvM60WstUekspH/XO2Qv6c0
mFIP0bCUtFTqXze0Jx7SqYnYZezrJdoWzRxNgskFrOPbOFCHecyeDHZ0a7ro1lJk
p0IYxgfWg+zhoV7w6KQuSUaFupNSBvKwdpQua7+TRom89a3fzWVvZzt89wIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFHCVUUF3eOPjqTNmLUH1ThKxbbFXMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvY0pWUlFYZDQ0LU9wTTJZdFFmVk9FckZ0c1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTBeBAIAATBYAwQDH6uY
AwQCLY4YAwQCZ10oAwQCZ28AAwQAbWiEMAwDBAFtaIYDBARtaIADBAJtaJwDBAKQ
MDQDBAK5NWQDBAK5mXwwDAMEArnpfAMEALnpfgMEAcJxXjBTBAIAAjBNAwUDKgQn
wAMFAyoJbkADBQMqCW7AAwUDKg0nwAMFAyoNQsADBQMqDUpAAwUDKg4/AAMFAyoO
TwADBQMqDtTAAwUDKg9CwAMFAyoPqIAwDQYJKoZIhvcNAQELBQADggEBAH7IuYC3
2E2HCHEQev4Ik4MpLXtbWYIaNVFOjG90nRJduEYsLOZI9L9hd8+d1OrsegmiSu/0
0UTlnz9pcaAM1+l49M8h7mveNfSVZ9Q+yIjXEg9HlWrE/zlkPQyAfdcUif0ZgIgX
SHKon6gfTslYpTjnM5APHJn1CCMc9NRY/7oyBzUEmII3/f1tTpgEysZKgcJnFeWB
uY/lCbvXhY5gxIw5G+95LMi+t9dacJHjY++C1zyCEyC5KFFTdc6YhEQUuev+xdUZ
7yolfkduOmqUA01UAQh2J+MO5vsf2YBCEblQX99lazP28dpNK83ewM4GpyO2Lmw3
rxiqh3znPumKh4k=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:05 2025 by rpki-client