Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/YmfxS-GgNftFlff0Z2MZRV7dFdg.roa
File: YmfxS-GgNftFlff0Z2MZRV7dFdg.roa (raw, json)
Hash identifier: udDDnBYDprQnDTUgHyUZUopukV2qllWtt5uqI+VT1iw=
Subject key identifier: 62:67:F1:4B:E1:A0:35:FB:45:95:F7:F4:67:63:19:45:5E:DD:15:D8
Certificate issuer: /CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Certificate serial: 019426D9DA0E2DEE355CA63A93A1A18E0E77
Authority key identifier: 06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/YmfxS-GgNftFlff0Z2MZRV7dFdg.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15497
IP address blocks: 31.28.160.0/22 maxlen: 22
31.28.164.0/22 maxlen: 22
31.28.172.0/22 maxlen: 22
31.28.176.0/22 maxlen: 22
31.28.180.0/22 maxlen: 22
31.28.184.0/22 maxlen: 22
31.28.184.0/24 maxlen: 24
31.28.190.0/24 maxlen: 24
62.149.2.0/24 maxlen: 24
62.149.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:da:0e:2d:ee:35:5c:a6:3a:93:a1:a1:8e:0e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6267f14be1a035fb4595f7f4676319455edd15d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:45:02:2b:13:4f:eb:32:ae:9c:63:9d:4c:
a3:7d:b0:09:c5:de:7a:c3:c4:37:27:20:09:b4:85:
69:b9:b2:7d:b2:a6:50:d1:52:0c:bd:1d:f8:9d:fd:
c0:fb:2f:98:2e:a1:92:4e:e5:b3:ac:5c:a0:24:48:
d2:02:82:92:ad:6c:8b:9d:a1:c4:a5:04:96:de:55:
c0:d2:82:6e:34:96:30:47:9e:7a:b8:89:d8:ca:61:
95:29:65:52:4d:eb:f5:57:4f:2f:f8:50:e7:db:a8:
e3:9d:4b:cb:92:50:5c:1b:c9:69:f8:8a:99:34:ff:
1a:13:63:5f:67:4a:34:a3:ce:43:56:29:dd:9b:a0:
eb:56:60:2e:ed:b2:85:b8:13:ac:f7:da:a4:10:60:
c2:ab:91:01:24:d8:0f:29:9d:46:ba:cb:57:7f:bd:
9c:a5:23:5a:a4:f3:7a:65:f5:59:fd:56:df:38:6f:
dc:d2:55:b5:93:b4:05:e6:41:7f:34:97:23:31:13:
b2:34:4f:e5:65:43:ed:d5:a7:c4:19:60:b9:32:86:
3c:e2:8b:76:9f:0c:46:7e:94:6e:48:9a:57:c5:59:
27:92:4f:8e:27:bd:bc:3f:0c:1b:be:0c:40:76:1f:
30:a6:0b:9d:cd:a2:7d:0f:e2:82:a3:6b:7a:cf:d9:
89:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:67:F1:4B:E1:A0:35:FB:45:95:F7:F4:67:63:19:45:5E:DD:15:D8
X509v3 Authority Key Identifier:
keyid:06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/YmfxS-GgNftFlff0Z2MZRV7dFdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/BuS72riW5mET81G02cgt9Q5mpxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.28.160.0/21
31.28.172.0-31.28.187.255
31.28.190.0/24
62.149.2.0/24
62.149.10.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:c2:0a:3f:1f:85:52:fa:29:4b:44:f3:9c:ea:84:e7:1d:ff:
41:8e:39:9b:16:cf:7c:be:46:d1:b9:27:e0:bd:97:56:d9:d6:
a7:5f:fd:50:88:b9:1a:41:f7:33:47:c0:ea:0c:08:9a:b8:2c:
27:f1:42:a8:4a:f6:35:77:56:a8:18:37:6a:7e:ac:37:44:af:
99:f4:07:bb:b4:d5:a5:fb:8d:6d:b0:43:cc:f5:97:6c:87:89:
cc:5d:51:7c:a0:92:5d:39:fe:33:6c:0e:8b:fa:6b:18:27:d0:
44:0e:93:df:95:8f:e7:f6:16:2e:dc:96:39:75:8f:6e:50:d6:
cf:09:96:39:4e:50:c8:fe:cb:56:79:0a:28:e6:96:98:14:ba:
e5:99:9e:28:ff:20:e7:2a:07:17:e7:06:4c:41:3a:d2:1a:67:
8f:9f:ca:b8:97:6e:ea:39:0f:98:d6:aa:2c:d9:a6:7a:ff:62:
6c:09:4d:6c:f3:6d:34:b8:59:23:93:ef:bc:34:8d:04:64:43:
64:d7:fc:8d:f9:5b:90:05:9d:f1:5f:9a:aa:68:44:cb:9e:67:
10:71:69:e7:29:e3:58:54:9f:45:92:d0:3a:1d:66:73:64:51:
4a:b7:a1:c3:fa:78:94:d9:ed:90:9e:73:f0:f1:75:26:e5:b6:
e8:64:27:2b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQm2doOLe41XKY6k6Ghjg53MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZTRiYmRhYjg5NmU2NjExM2YzNTFiNGQ5YzgyZGY1MGU2
NmE3MTIwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjY3ZjE0YmUxYTAzNWZiNDU5NWY3ZjQ2NzYzMTk0NTVlZGQxNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyNFAisTT+syrpxjnUyjfbAJxd56
w8Q3JyAJtIVpubJ9sqZQ0VIMvR34nf3A+y+YLqGSTuWzrFygJEjSAoKSrWyLnaHE
pQSW3lXA0oJuNJYwR556uInYymGVKWVSTev1V08v+FDn26jjnUvLklBcG8lp+IqZ
NP8aE2NfZ0o0o85DVindm6DrVmAu7bKFuBOs99qkEGDCq5EBJNgPKZ1GustXf72c
pSNapPN6ZfVZ/VbfOG/c0lW1k7QF5kF/NJcjMROyNE/lZUPt1afEGWC5MoY84ot2
nwxGfpRuSJpXxVknkk+OJ728PwwbvgxAdh8wpgudzaJ9D+KCo2t6z9mJHwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGJn8UvhoDX7RZX39GdjGUVe3RXYMB8GA1UdIwQY
MBaAFAbku9q4luZhE/NRtNnILfUOZqcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAt
ZmUwZDI4YjY4Y2Q1LzEvWW1meFMtR2dOZnRGbGZmMFoyTVpSVjdkRmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAtZmUwZDI4YjY4Y2Q1
LzEvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDHxygMAwD
BAIfHKwDBAIfHLgDBAAfHL4DBAA+lQIDBAA+lQowDQYJKoZIhvcNAQELBQADggEB
AKjCCj8fhVL6KUtE85zqhOcd/0GOOZsWz3y+RtG5J+C9l1bZ1qdf/VCIuRpB9zNH
wOoMCJq4LCfxQqhK9jV3VqgYN2p+rDdEr5n0B7u01aX7jW2wQ8z1l2yHicxdUXyg
kl05/jNsDov6axgn0EQOk9+Vj+f2Fi7cljl1j25Q1s8JljlOUMj+y1Z5CijmlpgU
uuWZnij/IOcqBxfnBkxBOtIaZ4+fyriXbuo5D5jWqizZpnr/YmwJTWzzbTS4WSOT
77w0jQRkQ2TX/I35W5AFnfFfmqpoRMueZxBxaecp41hUn0WS0DodZnNkUUq3ocP6
eJTZ7ZCec/DxdSbltuhkJys=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:24 2025 by rpki-client