Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/1vmA58UrbgxcoumvMlIWly9e2Io.roa
File: 1vmA58UrbgxcoumvMlIWly9e2Io.roa (raw, json)
Hash identifier: lAGiWsqtk0bnT0uLlswdvF+sJLy6F/erR6zULv5B/74=
Subject key identifier: D6:F9:80:E7:C5:2B:6E:0C:5C:A2:E9:AF:32:52:16:97:2F:5E:D8:8A
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 0191E4FA376F8AF0B11698349A02896957FF
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/1vmA58UrbgxcoumvMlIWly9e2Io.roa
Signing time: Thu 12 Sep 2024 06:44:49 +0000
ROA not before: Thu 12 Sep 2024 06:44:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34602
IP address blocks: 31.130.128.0/21 maxlen: 21
31.130.144.0/21 maxlen: 21
31.130.152.0/22 maxlen: 22
77.50.0.0/16 maxlen: 16
77.50.0.0/23 maxlen: 23
77.50.2.0/23 maxlen: 23
77.50.4.0/22 maxlen: 22
77.50.8.0/21 maxlen: 21
77.50.16.0/20 maxlen: 20
77.50.32.0/19 maxlen: 19
77.50.53.0/24 maxlen: 24
77.50.64.0/18 maxlen: 24
77.50.128.0/17 maxlen: 17
77.233.192.0/19 maxlen: 19
77.243.96.0/20 maxlen: 20
81.17.144.0/20 maxlen: 24
91.204.128.0/22 maxlen: 22
91.204.128.0/23 maxlen: 23
91.204.130.0/24 maxlen: 24
94.141.160.0/19 maxlen: 19
94.141.162.0/23 maxlen: 23
94.141.164.0/22 maxlen: 22
94.141.168.0/22 maxlen: 22
94.141.172.0/22 maxlen: 22
94.141.176.0/20 maxlen: 20
185.185.140.0/24 maxlen: 24
2a00:e78::/33 maxlen: 33
2a00:e78::/34 maxlen: 34
2a00:e78:6000::/36 maxlen: 36
2a00:e79::/32 maxlen: 32
2a00:e79::/36 maxlen: 36
2a00:e7a::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e4:fa:37:6f:8a:f0:b1:16:98:34:9a:02:89:69:57:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Sep 12 06:44:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6f980e7c52b6e0c5ca2e9af325216972f5ed88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:96:c3:e1:48:25:69:1c:89:9a:dd:a0:c0:76:
6b:e2:4d:49:0d:3b:61:54:80:f3:cf:59:00:18:e9:
ac:e9:57:4e:25:f0:40:fe:14:a2:63:0e:f5:6e:43:
82:c3:8d:6d:67:4c:27:52:17:a3:3f:d3:ee:18:ea:
bd:f8:3b:c2:42:f2:41:1a:ca:44:4d:10:7e:9d:cc:
26:f8:eb:d5:13:b5:a6:cc:44:b4:a4:65:83:4f:6b:
fa:f8:c4:6a:8b:81:97:73:b8:f3:06:91:b7:ea:f9:
2d:e0:18:0c:71:a0:19:b9:4a:c4:93:b7:a0:c6:ad:
7f:54:0f:f2:a6:bf:73:15:5f:cf:b8:57:28:3c:25:
e2:a9:5c:5c:8a:41:a1:81:7d:a4:5b:b7:52:cb:b9:
00:23:f1:e8:23:6b:c8:c8:19:b7:03:62:f2:4b:e2:
64:dc:2f:04:f8:6a:4a:da:f7:e0:68:e5:e8:b4:a6:
cd:4c:a7:79:c6:7f:7b:dc:d6:7c:0b:b7:4a:9c:94:
23:32:c0:ce:0c:8b:4d:a4:42:eb:84:b9:da:19:30:
ac:68:45:a2:c7:2a:08:62:a3:62:9d:20:1e:5b:b4:
39:25:de:be:87:aa:8c:74:f1:f4:4a:10:db:55:46:
d9:95:cd:64:09:74:67:f4:79:0e:ef:3e:29:aa:d5:
ae:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F9:80:E7:C5:2B:6E:0C:5C:A2:E9:AF:32:52:16:97:2F:5E:D8:8A
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/1vmA58UrbgxcoumvMlIWly9e2Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.128.0/21
31.130.144.0-31.130.155.255
77.50.0.0/16
77.233.192.0/19
77.243.96.0/20
81.17.144.0/20
91.204.128.0/22
94.141.160.0/19
185.185.140.0/24
IPv6:
2a00:e78::/33
2a00:e79::-2a00:e7b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:a7:40:94:e4:3c:17:99:6f:16:d9:35:32:2b:04:8a:c5:9f:
7d:11:a0:15:02:0a:29:e3:cb:2f:0c:5b:e7:a5:f7:4a:20:b6:
fb:f5:fc:70:2d:7f:a4:cf:ed:51:71:15:c4:df:62:d3:5a:ef:
61:84:bd:6a:d7:a2:ec:70:fd:b1:00:fd:ef:81:71:cf:59:04:
d6:71:84:93:87:2d:12:2e:15:a9:a9:96:0b:59:c0:98:b0:5a:
32:4c:1d:b7:ec:15:a2:ec:f9:5f:e0:6b:9f:d0:1e:4d:de:6d:
75:90:56:82:a9:42:5a:ee:c7:40:84:40:a7:07:48:82:04:f6:
31:48:19:32:b1:73:b7:c8:44:19:9e:f1:61:e5:43:c4:f0:d1:
9d:e8:30:c1:63:c7:74:12:a3:d5:6e:cc:b3:4d:b2:d2:0b:e8:
54:cb:77:29:24:97:69:fb:0c:f5:8b:45:6b:d3:b4:70:71:72:
59:41:09:d5:50:31:17:78:ac:61:6c:68:f5:34:06:b2:8f:d2:
c1:a1:a9:f9:79:1e:1c:15:af:e5:9e:84:f8:2e:55:8b:dc:1a:
1a:02:ab:66:4c:ad:c2:f0:ef:6d:8e:4d:b5:0c:af:30:e9:39:
39:4c:1b:8c:c4:d5:0b:6f:9b:d5:da:66:3d:fc:7c:fe:2a:d8:
2c:dd:8e:57
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZHk+jdvivCxFpg0mgKJaVf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQwOTEyMDY0NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmY5ODBlN2M1MmI2ZTBjNWNhMmU5YWYzMjUyMTY5NzJmNWVkODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJbD4UglaRyJmt2gwHZr4k1JDTth
VIDzz1kAGOms6VdOJfBA/hSiYw71bkOCw41tZ0wnUhejP9PuGOq9+DvCQvJBGspE
TRB+ncwm+OvVE7WmzES0pGWDT2v6+MRqi4GXc7jzBpG36vkt4BgMcaAZuUrEk7eg
xq1/VA/ypr9zFV/PuFcoPCXiqVxcikGhgX2kW7dSy7kAI/HoI2vIyBm3A2LyS+Jk
3C8E+GpK2vfgaOXotKbNTKd5xn973NZ8C7dKnJQjMsDODItNpELrhLnaGTCsaEWi
xyoIYqNinSAeW7Q5Jd6+h6qMdPH0ShDbVUbZlc1kCXRn9HkO7z4pqtWurQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFNb5gOfFK24MXKLprzJSFpcvXtiKMB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvMXZtQTU4VXJiZ3hjb3Vtdk1sSVdseTllMklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBDBAIAATA9AwQDH4KAMAwD
BAQfgpADBAIfgpgDAwBNMgMEBU3pwAMEBE3zYAMEBFERkAMEAlvMgAMEBV6NoAME
ALm5jDAeBAIAAjAYAwYHKgAOeAAwDgMFACoADnkDBQIqAA54MA0GCSqGSIb3DQEB
CwUAA4IBAQAOp0CU5DwXmW8W2TUyKwSKxZ99EaAVAgop48svDFvnpfdKILb79fxw
LX+kz+1RcRXE32LTWu9hhL1q16LscP2xAP3vgXHPWQTWcYSThy0SLhWpqZYLWcCY
sFoyTB237BWi7Plf4Guf0B5N3m11kFaCqUJa7sdAhECnB0iCBPYxSBkysXO3yEQZ
nvFh5UPE8NGd6DDBY8d0EqPVbsyzTbLSC+hUy3cpJJdp+wz1i0Vr07RwcXJZQQnV
UDEXeKxhbGj1NAayj9LBoan5eR4cFa/lnoT4LlWL3BoaAqtmTK3C8O9tjk21DK8w
6Tk5TBuMxNULb5vV2mY9/Hz+Ktgs3Y5X
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:00:33 2025 by rpki-client