Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/hcpelkMB3HLp2KFjx3F4u7p7QiA.roa
File: hcpelkMB3HLp2KFjx3F4u7p7QiA.roa (raw, json)
Hash identifier: 61+3xEVQzTEIYSViuJWqNAx3iaX+tJlcGs9MEnOKcRg=
Subject key identifier: 85:CA:5E:96:43:01:DC:72:E9:D8:A1:63:C7:71:78:BB:BA:7B:42:20
Certificate issuer: /CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Certificate serial: 019427B3ED9A36676DB5C2F9DD69D1CE5481
Authority key identifier: B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/hcpelkMB3HLp2KFjx3F4u7p7QiA.roa
Signing time: Thu 02 Jan 2025 15:48:10 +0000
ROA not before: Thu 02 Jan 2025 15:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60672
IP address blocks: 31.24.104.0/21 maxlen: 21
31.28.64.0/24 maxlen: 24
31.28.66.0/24 maxlen: 24
31.28.69.0/24 maxlen: 24
31.28.71.0/24 maxlen: 24
31.28.73.0/24 maxlen: 24
31.28.76.0/22 maxlen: 22
31.28.87.0/24 maxlen: 24
31.28.88.0/21 maxlen: 21
31.28.92.0/24 maxlen: 24
94.126.41.0/24 maxlen: 24
94.126.42.0/24 maxlen: 24
94.126.44.0/23 maxlen: 23
94.126.46.0/24 maxlen: 24
178.18.120.0/22 maxlen: 22
193.192.2.0/23 maxlen: 23
193.193.162.0/23 maxlen: 23
2a01:8000::/32 maxlen: 32
2a10:6740::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:ed:9a:36:67:6d:b5:c2:f9:dd:69:d1:ce:54:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Validity
Not Before: Jan 2 15:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85ca5e964301dc72e9d8a163c77178bbba7b4220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b6:bc:b0:bf:c0:9c:8f:82:0e:c6:8d:02:6e:
1c:d6:2f:ab:18:00:e7:c8:f5:f1:13:ee:54:6b:a3:
87:e6:25:b7:3e:8e:a5:78:4d:41:22:05:ab:a1:1a:
31:48:38:45:a4:bf:07:48:ff:75:04:b5:d5:8b:92:
a5:0c:1e:92:e1:51:40:a7:5d:98:1f:45:c3:b2:cf:
91:c1:3e:25:54:e5:3e:b3:3a:89:5f:82:e2:cc:1b:
ca:cc:cd:5d:f1:ec:c1:21:5e:50:36:47:19:cf:11:
3d:96:70:89:fd:16:82:f1:8f:98:0d:c0:ee:b7:30:
3f:44:43:2a:1d:0b:8e:2b:e8:19:06:72:e9:93:e8:
3b:2f:58:4e:c1:25:4a:32:ca:a9:6e:20:0f:74:a3:
8a:38:c9:29:44:ce:bd:e9:ee:02:ba:9d:50:f1:a4:
60:61:3e:e9:06:93:29:f1:53:34:04:94:bf:72:af:
79:4c:e3:84:eb:06:db:b7:d4:b3:81:05:5e:2d:73:
d9:e4:6b:44:97:dc:dd:7e:25:f7:f9:29:ac:74:aa:
c1:bb:9e:30:85:af:13:21:aa:7e:27:d8:61:cc:e9:
c4:5c:6e:e7:90:72:22:a4:f0:ea:8f:69:a2:08:24:
01:78:af:0b:92:d3:8d:51:eb:c3:19:8a:2e:d1:72:
52:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CA:5E:96:43:01:DC:72:E9:D8:A1:63:C7:71:78:BB:BA:7B:42:20
X509v3 Authority Key Identifier:
keyid:B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/hcpelkMB3HLp2KFjx3F4u7p7QiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.104.0/21
31.28.64.0/24
31.28.66.0/24
31.28.69.0/24
31.28.71.0/24
31.28.73.0/24
31.28.76.0/22
31.28.87.0-31.28.95.255
94.126.41.0-94.126.42.255
94.126.44.0-94.126.46.255
178.18.120.0/22
193.192.2.0/23
193.193.162.0/23
IPv6:
2a01:8000::/32
2a10:6740::/32
Signature Algorithm: sha256WithRSAEncryption
0c:2a:40:43:02:24:3e:bf:81:9a:5c:52:a3:60:00:92:3d:c4:
21:1b:ba:ef:6d:25:32:86:b7:3f:b1:80:07:1e:ae:da:d8:37:
8e:a7:63:e8:c6:fd:f8:80:b2:e4:b7:ed:4f:dd:0a:aa:de:cb:
e5:fe:a9:75:0a:7d:55:bc:32:34:18:03:8d:7d:6d:53:d6:94:
55:76:b9:36:7b:24:a7:21:9e:d1:47:17:8e:96:92:74:87:a2:
5b:bf:cf:61:00:73:22:71:2a:f0:01:43:72:ae:24:8c:99:1d:
6c:1f:7e:d1:ca:41:b4:ea:a0:09:3b:41:82:06:72:c0:31:f6:
cd:ce:94:23:18:51:64:6c:26:27:b1:c9:d1:11:b3:54:38:c1:
4d:4a:38:4a:ea:d6:2d:fa:da:72:90:45:06:a4:cd:75:b6:09:
cb:4d:1c:2e:9a:95:e3:b8:fe:2a:51:81:fb:a5:f7:34:05:66:
9b:bb:db:5f:07:de:80:e2:90:e5:91:59:fb:1e:be:ad:2f:5d:
bc:75:fd:e6:ec:5b:4f:53:c2:23:1a:83:29:aa:04:92:84:da:
90:14:5e:43:f9:29:5a:e2:4f:d5:e3:f0:c9:91:f4:82:47:70:
9d:24:4f:5c:cc:c9:bf:8d:6a:7e:61:c4:a2:67:ef:c9:34:a1:
1f:08:9a:a7
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZQns+2aNmdttcL53WnRzlSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NzJiZDQ5ZDU1MWI0YWRhNWJkNmJiNjk1NjE4YTc5NDUx
YWQzNGUwHhcNMjUwMTAyMTU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNhNWU5NjQzMDFkYzcyZTlkOGExNjNjNzcxNzhiYmJhN2I0MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7a8sL/AnI+CDsaNAm4c1i+rGADn
yPXxE+5Ua6OH5iW3Po6leE1BIgWroRoxSDhFpL8HSP91BLXVi5KlDB6S4VFAp12Y
H0XDss+RwT4lVOU+szqJX4LizBvKzM1d8ezBIV5QNkcZzxE9lnCJ/RaC8Y+YDcDu
tzA/REMqHQuOK+gZBnLpk+g7L1hOwSVKMsqpbiAPdKOKOMkpRM696e4Cup1Q8aRg
YT7pBpMp8VM0BJS/cq95TOOE6wbbt9SzgQVeLXPZ5GtEl9zdfiX3+SmsdKrBu54w
ha8TIap+J9hhzOnEXG7nkHIipPDqj2miCCQBeK8LktONUevDGYou0XJSXwIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFIXKXpZDAdxy6dihY8dxeLu6e0IgMB8GA1UdIwQY
MBaAFLlyvUnVUbStpb1rtpVhinlFGtNOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTkt
Y2E1ZTY4NTQzOGEyLzEvaGNwZWxrTUIzSExwMktGangzRjR1N3A3UWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTktY2E1ZTY4NTQzOGEy
LzEvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQDHxho
AwQAHxxAAwQAHxxCAwQAHxxFAwQAHxxHAwQAHxxJAwQCHxxMMAwDBAAfHFcDBAUf
HEAwDAMEAF5+KQMEAF5+KjAMAwQCXn4sAwQAXn4uAwQCshJ4AwQBwcACAwQBwcGi
MBQEAgACMA4DBQAqAYAAAwUAKhBnQDANBgkqhkiG9w0BAQsFAAOCAQEADCpAQwIk
Pr+BmlxSo2AAkj3EIRu6720lMoa3P7GABx6u2tg3jqdj6Mb9+ICy5LftT90Kqt7L
5f6pdQp9VbwyNBgDjX1tU9aUVXa5NnskpyGe0UcXjpaSdIeiW7/PYQBzInEq8AFD
cq4kjJkdbB9+0cpBtOqgCTtBggZywDH2zc6UIxhRZGwmJ7HJ0RGzVDjBTUo4SurW
LfracpBFBqTNdbYJy00cLpqV47j+KlGB+6X3NAVmm7vbXwfegOKQ5ZFZ+x6+rS9d
vHX95uxbT1PCIxqDKaoEkoTakBReQ/kpWuJP1ePwyZH0gkdwnSRPXMzJv41qfmHE
omfvyTShHwiapw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:26 2025 by rpki-client