Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/kqtcrJgaAqKSyEkV7NCUD5uYo7s.roa
File: kqtcrJgaAqKSyEkV7NCUD5uYo7s.roa (raw, json)
Hash identifier: 3R51vdCbrN8opeCme57yIvtpXhyHzmavPATOHPdG5AQ=
Subject key identifier: 92:AB:5C:AC:98:1A:02:A2:92:C8:49:15:EC:D0:94:0F:9B:98:A3:BB
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01866E1D422B915A023E4DAC56885B59BD71
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/kqtcrJgaAqKSyEkV7NCUD5uYo7s.roa
Signing time: Mon 20 Feb 2023 09:17:36 +0000
ROA not before: Mon 20 Feb 2023 09:17:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:1d:42:2b:91:5a:02:3e:4d:ac:56:88:5b:59:bd:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 20 09:17:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92ab5cac981a02a292c84915ecd0940f9b98a3bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:95:c8:e0:8d:2e:e8:67:f6:ac:23:16:31:cd:
37:04:ea:e0:88:72:63:f3:89:7b:e4:17:34:2c:e8:
71:36:95:8e:67:5e:b2:12:ae:99:15:82:8f:eb:37:
68:56:b1:cc:7c:b9:6b:5a:0f:25:38:aa:e5:7a:92:
47:31:c6:1a:17:f6:5e:1a:84:a5:9c:bf:ae:fe:0d:
25:40:8e:74:10:c8:65:4c:72:99:a6:a7:9c:d6:09:
38:53:93:7e:4f:0b:01:ce:6e:f9:be:f3:86:94:50:
83:8f:dd:12:db:3c:ed:02:b0:9c:f8:0a:e7:f2:9e:
32:10:cb:6c:79:6c:28:3d:c9:82:82:90:95:2d:11:
5a:64:43:74:90:41:b9:2f:5a:85:d6:92:bc:9c:38:
0a:28:04:51:83:ec:a3:db:b2:91:b7:04:8e:9a:45:
83:d1:0b:0d:6b:0c:7f:41:79:04:af:2c:4b:5a:89:
8a:b8:d4:f5:8e:14:e6:ce:ff:d8:40:8b:ec:73:e7:
79:61:f6:cc:fd:6d:8e:88:8a:f9:4b:19:9a:dd:b9:
64:17:c2:12:b2:df:5c:70:09:22:3e:67:b2:ff:e1:
87:9e:73:8e:e8:17:84:0f:f2:ae:28:39:5d:83:6c:
c5:af:a4:32:bc:01:d1:a3:8d:7f:1a:c7:94:66:2c:
d8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:AB:5C:AC:98:1A:02:A2:92:C8:49:15:EC:D0:94:0F:9B:98:A3:BB
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/kqtcrJgaAqKSyEkV7NCUD5uYo7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
109.104.140.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:c4:da:38:13:69:ae:8b:08:c4:ef:36:f5:44:99:f4:7d:99:
b7:d7:91:ed:4e:32:34:8d:50:1a:84:65:68:47:2c:aa:3e:19:
df:36:42:26:aa:32:41:8c:d2:ed:73:db:22:b7:fb:c4:33:0c:
ab:73:a0:b9:10:53:6a:80:85:d9:15:bd:93:86:33:c3:68:a0:
f6:cf:22:8e:40:0f:10:cb:96:48:56:8f:bf:a8:c5:d5:3b:f9:
ca:bb:ec:c1:7b:da:7a:a1:2b:81:65:99:47:17:ef:de:f3:a0:
00:65:e4:a5:28:40:c4:af:3c:5d:5c:b1:85:9f:f6:1c:e3:cb:
6f:f1:d1:ae:94:1e:ba:58:44:4b:46:4d:b9:93:13:a7:48:b8:
42:3f:c1:21:ab:e7:39:d1:28:83:e0:0a:69:e8:14:2e:ef:3f:
72:74:2e:cf:2e:92:59:41:0d:d6:89:82:ff:15:f6:5b:bf:6b:
34:e7:97:c1:c9:28:ab:83:55:70:2b:2b:33:90:05:49:d5:61:
49:22:c3:34:f6:d3:d0:c6:71:e8:da:68:46:0e:5b:35:af:c6:
84:42:5b:3a:6e:f7:34:4e:b1:d4:b5:d5:b6:f7:87:1c:cc:5d:
10:9d:78:01:4e:23:0d:64:98:8b:bf:79:43:e4:7b:cc:3c:18:
a3:41:d2:be
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYZuHUIrkVoCPk2sVohbWb1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMwMjIwMDkxNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmFiNWNhYzk4MWEwMmEyOTJjODQ5MTVlY2QwOTQwZjliOThhM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5XI4I0u6Gf2rCMWMc03BOrgiHJj
84l75Bc0LOhxNpWOZ16yEq6ZFYKP6zdoVrHMfLlrWg8lOKrlepJHMcYaF/ZeGoSl
nL+u/g0lQI50EMhlTHKZpqec1gk4U5N+TwsBzm75vvOGlFCDj90S2zztArCc+Arn
8p4yEMtseWwoPcmCgpCVLRFaZEN0kEG5L1qF1pK8nDgKKARRg+yj27KRtwSOmkWD
0QsNawx/QXkEryxLWomKuNT1jhTmzv/YQIvsc+d5YfbM/W2OiIr5Sxma3blkF8IS
st9ccAkiPmey/+GHnnOO6BeED/KuKDldg2zFr6QyvAHRo41/GseUZizY+QIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFJKrXKyYGgKikshJFezQlA+bmKO7MB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEva3F0Y3JKZ2FBcUtTeUVrVjdOQ1VENXVZbzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCbWiMAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCkE
AgACMCMDBQMqBCfAAwUDKgluQAMFAyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG
9w0BAQsFAAOCAQEAf8TaOBNprosIxO829USZ9H2Zt9eR7U4yNI1QGoRlaEcsqj4Z
3zZCJqoyQYzS7XPbIrf7xDMMq3OguRBTaoCF2RW9k4Yzw2ig9s8ijkAPEMuWSFaP
v6jF1Tv5yrvswXvaeqErgWWZRxfv3vOgAGXkpShAxK88XVyxhZ/2HOPLb/HRrpQe
ulhES0ZNuZMTp0i4Qj/BIavnOdEog+AKaegULu8/cnQuzy6SWUEN1omC/xX2W79r
NOeXwckoq4NVcCsrM5AFSdVhSSLDNPbT0MZx6NpoRg5bNa/GhEJbOm73NE6x1LXV
tveHHMxdEJ14AU4jDWSYi795Q+R7zDwYo0HSvg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:29 2025 by rpki-client