Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/vCrboRiX2-x0Hj4tuYu_xbgbFZw.roa
File: vCrboRiX2-x0Hj4tuYu_xbgbFZw.roa (raw, json)
Hash identifier: Ims0H0n2WfNSwY5kddyQ/IU2ZsBzT2LbpZytbh0pFpE=
Subject key identifier: BC:2A:DB:A1:18:97:DB:EC:74:1E:3E:2D:B9:8B:BF:C5:B8:1B:15:9C
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01865FE03FDC9719544E29684CE679CDF779
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/vCrboRiX2-x0Hj4tuYu_xbgbFZw.roa
Signing time: Fri 17 Feb 2023 14:56:17 +0000
ROA not before: Fri 17 Feb 2023 14:56:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:e0:3f:dc:97:19:54:4e:29:68:4c:e6:79:cd:f7:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 17 14:56:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc2adba11897dbec741e3e2db98bbfc5b81b159c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:23:98:0e:ac:20:da:65:c2:2f:8a:d8:a3:76:
46:9e:e5:a4:7f:c4:81:b1:da:9b:ec:fb:b9:00:19:
11:42:19:0c:d8:9b:46:c6:4b:ae:a3:44:20:6a:1e:
5b:49:da:a5:68:29:2a:3f:e4:da:e7:fd:37:6f:6a:
68:2e:e0:50:9c:54:9b:f7:36:07:ec:c8:b3:a9:2b:
6c:7e:89:b5:1c:0a:9e:37:38:f7:81:f8:6d:ba:e4:
58:0d:fe:60:cb:f0:10:8a:f8:ea:e2:fe:2e:68:ae:
29:be:69:df:d6:c6:21:da:8c:c8:ef:0b:21:b6:77:
c2:29:35:0d:71:9c:12:5d:12:47:61:c6:cc:33:9a:
12:6e:88:c3:37:45:ff:c6:c5:e9:b7:cc:bd:4e:54:
0b:04:62:55:c1:95:b4:94:a9:70:35:6a:e3:a3:81:
63:61:b1:db:4a:84:c4:79:44:67:57:ad:2d:1f:90:
b9:d2:b6:ba:0f:73:92:70:74:79:fa:5e:ab:26:d7:
a9:26:93:5b:bb:9c:26:c2:72:f5:47:0a:7b:0e:1f:
07:72:e4:ca:21:2c:a9:b6:37:17:f4:9a:85:67:47:
76:76:1f:bd:47:00:b0:79:67:08:32:79:2a:94:93:
9f:8d:93:12:e9:11:66:d8:79:ce:0c:67:65:2e:c9:
0f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:2A:DB:A1:18:97:DB:EC:74:1E:3E:2D:B9:8B:BF:C5:B8:1B:15:9C
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/vCrboRiX2-x0Hj4tuYu_xbgbFZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
109.104.140.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:35:bb:a1:d7:33:39:de:88:bb:d2:33:a2:bf:a3:63:c4:97:
58:21:fc:d0:c8:51:db:f3:4c:f4:00:a1:85:3f:46:4f:cc:e1:
3d:e6:8e:13:60:f3:3e:a2:ea:d8:39:05:16:5c:7b:c9:8d:88:
c0:1e:4b:c8:c9:c6:1c:76:1f:b0:4a:cc:4f:2a:72:77:0b:0b:
33:4a:78:30:6b:b0:77:ce:0f:f7:20:4b:ce:40:e7:a3:d5:ae:
88:5b:32:10:59:d6:6c:ca:df:fa:0d:72:b6:5c:d0:c8:46:d4:
a1:3a:50:fa:63:26:2c:ac:d1:2f:ab:cc:10:17:50:f2:c1:e9:
df:94:9f:4d:55:5e:e9:18:cc:30:83:6b:63:8f:64:44:17:15:
00:30:7a:b2:be:58:ff:8d:e9:13:e7:6d:98:44:c5:f0:44:4b:
f0:67:23:b9:f5:4c:c2:99:f8:8f:57:d6:79:28:f3:35:68:34:
a5:46:64:d8:f9:5d:c3:81:9c:50:21:93:8d:55:63:57:59:df:
01:a2:f7:6e:05:60:c6:b3:f0:c3:53:a3:77:16:99:11:73:27:
13:17:6f:e9:7e:8a:f6:d5:72:76:6b:42:d0:b4:ce:02:9b:cd:
6b:92:e1:0c:0d:1c:40:62:af:c5:98:cb:40:ff:6a:2b:72:3e:
6f:aa:b8:9d
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYZf4D/clxlUTiloTOZ5zfd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMwMjE3MTQ1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzJhZGJhMTE4OTdkYmVjNzQxZTNlMmRiOThiYmZjNWI4MWIxNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyOYDqwg2mXCL4rYo3ZGnuWkf8SB
sdqb7Pu5ABkRQhkM2JtGxkuuo0Qgah5bSdqlaCkqP+Ta5/03b2poLuBQnFSb9zYH
7MizqStsfom1HAqeNzj3gfhtuuRYDf5gy/AQivjq4v4uaK4pvmnf1sYh2ozI7wsh
tnfCKTUNcZwSXRJHYcbMM5oSbojDN0X/xsXpt8y9TlQLBGJVwZW0lKlwNWrjo4Fj
YbHbSoTEeURnV60tH5C50ra6D3OScHR5+l6rJtepJpNbu5wmwnL1Rwp7Dh8HcuTK
ISyptjcX9JqFZ0d2dh+9RwCweWcIMnkqlJOfjZMS6RFm2HnODGdlLskPjQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFLwq26EYl9vsdB4+LbmLv8W4GxWcMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvdkNyYm9SaVgyLXgwSGo0dHVZdV94YmdiRlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCbWiMAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCkE
AgACMCMDBQMqBCfAAwUDKgluQAMFAyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG
9w0BAQsFAAOCAQEAUDW7odczOd6Iu9Izor+jY8SXWCH80MhR2/NM9AChhT9GT8zh
PeaOE2DzPqLq2DkFFlx7yY2IwB5LyMnGHHYfsErMTypydwsLM0p4MGuwd84P9yBL
zkDno9WuiFsyEFnWbMrf+g1ytlzQyEbUoTpQ+mMmLKzRL6vMEBdQ8sHp35SfTVVe
6RjMMINrY49kRBcVADB6sr5Y/43pE+dtmETF8ERL8GcjufVMwpn4j1fWeSjzNWg0
pUZk2Pldw4GcUCGTjVVjV1nfAaL3bgVgxrPww1OjdxaZEXMnExdv6X6K9tVydmtC
0LTOApvNa5LhDA0cQGKvxZjLQP9qK3I+b6q4nQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:43 2025 by rpki-client