Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/u2mI5WXKZQHOiWfWxAn4U5YVnZY.roa
File: u2mI5WXKZQHOiWfWxAn4U5YVnZY.roa (raw, json)
Hash identifier: s5eEB3O7h2EwjMbB/ksL0Pfny7B6fk6mFuqJEHWzD00=
Subject key identifier: BB:69:88:E5:65:CA:65:01:CE:89:67:D6:C4:09:F8:53:96:15:9D:96
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 01856BAE9F3BD202F472A092E7CE9F567AB1
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/u2mI5WXKZQHOiWfWxAn4U5YVnZY.roa
Signing time: Sun 01 Jan 2023 04:54:44 +0000
ROA not before: Sun 01 Jan 2023 04:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 31.6.43.0/24 maxlen: 24
31.6.48.0/24 maxlen: 24
31.6.50.0/23 maxlen: 24
31.6.45.0/24 maxlen: 24
31.6.46.0/23 maxlen: 24
31.6.56.0/23 maxlen: 24
31.6.62.0/23 maxlen: 24
31.6.59.0/24 maxlen: 24
31.6.61.0/24 maxlen: 24
31.6.1.0/24 maxlen: 24
31.6.2.0/24 maxlen: 24
31.6.16.0/24 maxlen: 24
31.6.12.0/22 maxlen: 24
185.29.166.0/24 maxlen: 24
31.6.20.0/24 maxlen: 24
31.6.24.0/22 maxlen: 24
178.208.177.0/24 maxlen: 24
178.208.178.0/23 maxlen: 24
178.208.180.0/22 maxlen: 24
178.208.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:9f:3b:d2:02:f4:72:a0:92:e7:ce:9f:56:7a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Jan 1 04:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb6988e565ca6501ce8967d6c409f85396159d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:36:2d:3e:6d:b9:9e:e9:16:cb:14:59:10:
67:af:f3:43:3d:e4:4d:1c:38:93:bd:07:a2:02:63:
1a:3b:43:4a:bd:2d:ff:81:91:68:e4:fb:2d:c6:d7:
02:9d:88:4e:37:fc:36:d8:b4:b3:e4:31:bb:ca:1e:
3f:2c:73:f6:f8:ca:d5:b9:42:24:58:7a:b6:cd:ca:
63:22:7e:39:8f:33:20:c1:53:fa:ff:a3:7e:6a:aa:
3d:fc:fe:80:e1:b3:c1:1b:3c:4f:ee:2d:e1:f3:00:
3d:09:6d:23:05:10:93:a0:e5:70:67:e0:40:9a:33:
e9:79:a5:0c:99:cb:8e:7c:cb:9f:25:79:e4:79:70:
01:64:61:8c:4d:ca:ca:91:04:f9:3c:81:02:d5:96:
53:44:7c:5b:f9:aa:46:64:c4:9d:dd:b3:d6:e4:1a:
36:36:bd:a9:cc:0d:22:74:e0:59:41:d2:5e:2f:d0:
2b:11:3f:08:7a:35:84:88:9d:af:19:b6:c0:0f:cc:
20:de:46:71:22:06:9f:e0:17:7c:79:ce:79:60:92:
04:c9:45:39:75:e4:bd:2b:48:e4:7c:8a:3c:b6:b7:
47:d8:27:c8:85:83:a8:05:47:0a:57:1e:b0:f8:f5:
66:b7:d4:f0:ba:69:6a:6b:6f:27:b5:cf:cc:f7:40:
8c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:69:88:E5:65:CA:65:01:CE:89:67:D6:C4:09:F8:53:96:15:9D:96
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/u2mI5WXKZQHOiWfWxAn4U5YVnZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.1.0-31.6.2.255
31.6.12.0-31.6.16.255
31.6.20.0/24
31.6.24.0/22
31.6.43.0/24
31.6.45.0-31.6.48.255
31.6.50.0/23
31.6.56.0/23
31.6.59.0/24
31.6.61.0-31.6.63.255
178.208.177.0-178.208.184.255
185.29.166.0/24
Signature Algorithm: sha256WithRSAEncryption
36:95:44:0d:7f:03:86:bd:1a:9b:5a:23:c2:51:df:38:14:a6:
4c:b4:1b:73:49:89:e6:95:3e:d8:ec:55:07:08:ba:a2:96:41:
a0:34:b6:0f:ee:e7:a1:29:7d:ed:e7:e0:0e:16:f2:ab:ba:4c:
2a:2a:f2:a6:58:5a:d9:40:7b:4b:e0:67:b0:e5:06:03:72:9d:
75:1d:79:13:81:ea:04:66:32:fb:e2:d0:3e:e7:46:bd:51:fd:
d4:59:56:6e:c5:7c:d6:d2:9f:20:68:08:6e:41:9f:3c:2b:76:
4b:95:51:85:aa:5e:13:1c:9d:e9:d4:9e:77:e6:16:5f:ac:03:
95:be:8f:a1:f9:53:83:16:c9:bb:1f:ff:7b:6f:72:18:76:cd:
49:0a:0e:02:d5:b9:e3:75:9d:48:04:6b:21:d6:0d:73:4b:44:
76:2e:80:d0:28:95:e7:d6:a2:bf:86:9d:76:58:1a:62:a9:82:
b7:70:51:14:6e:bf:ff:8c:ee:a4:07:45:8d:34:1a:52:57:f7:
f5:1c:8f:e3:6c:84:21:8b:1f:c0:2b:ab:ed:2f:df:29:25:4f:
cd:ef:64:3b:b5:c9:41:02:35:b2:2f:2a:d8:5c:e0:e7:92:0f:
a0:3c:d9:4d:c6:f6:86:b4:0c:d6:4a:59:b1:25:ef:10:de:8b:
1c:3b:6b:34
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYVrrp870gL0cqCS586fVnqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2VjZTcxZWY2ZWJmNTViYjdiODdlNTA2NjViYTExZmRj
NzdmMDgwHhcNMjMwMTAxMDQ1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY5ODhlNTY1Y2E2NTAxY2U4OTY3ZDZjNDA5Zjg1Mzk2MTU5ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbQ2LT5tuZ7pFssUWRBnr/NDPeRN
HDiTvQeiAmMaO0NKvS3/gZFo5PstxtcCnYhON/w22LSz5DG7yh4/LHP2+MrVuUIk
WHq2zcpjIn45jzMgwVP6/6N+aqo9/P6A4bPBGzxP7i3h8wA9CW0jBRCToOVwZ+BA
mjPpeaUMmcuOfMufJXnkeXABZGGMTcrKkQT5PIEC1ZZTRHxb+apGZMSd3bPW5Bo2
Nr2pzA0idOBZQdJeL9ArET8IejWEiJ2vGbbAD8wg3kZxIgaf4Bd8ec55YJIEyUU5
deS9K0jkfIo8trdH2CfIhYOoBUcKVx6w+PVmt9Twumlqa28ntc/M90CMCwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFLtpiOVlymUBzoln1sQJ+FOWFZ2WMB8GA1UdIwQY
MBaAFNU+znHvbr9Vu3uH5QZluhH9x38IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQt
MWMyNjI2NTkwZDI4LzEvdTJtSTVXWEtaUUhPaVdmV3hBbjRVNVlWblpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQtMWMyNjI2NTkwZDI4
LzEvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcDAMAwQAHwYB
AwQAHwYCMAwDBAIfBgwDBAAfBhADBAAfBhQDBAIfBhgDBAAfBiswDAMEAB8GLQME
AB8GMAMEAR8GMgMEAR8GOAMEAB8GOzAMAwQAHwY9AwQGHwYAMAwDBACy0LEDBACy
0LgDBAC5HaYwDQYJKoZIhvcNAQELBQADggEBADaVRA1/A4a9GptaI8JR3zgUpky0
G3NJieaVPtjsVQcIuqKWQaA0tg/u56Epfe3n4A4W8qu6TCoq8qZYWtlAe0vgZ7Dl
BgNynXUdeROB6gRmMvvi0D7nRr1R/dRZVm7FfNbSnyBoCG5BnzwrdkuVUYWqXhMc
nenUnnfmFl+sA5W+j6H5U4MWybsf/3tvchh2zUkKDgLVueN1nUgEayHWDXNLRHYu
gNAolefWor+GnXZYGmKpgrdwURRuv/+M7qQHRY00GlJX9/Ucj+NshCGLH8Arq+0v
3yklT83vZDu1yUECNbIvKthc4OeSD6A82U3G9oa0DNZKWbEl7xDeixw7azQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:04 2025 by rpki-client