Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jaQnsBKMA17x1K-wcGgo9APInxY.roa
File: jaQnsBKMA17x1K-wcGgo9APInxY.roa (raw, json)
Hash identifier: T9HDRMI7cW69mgkCKyIAEMYzsjkZ198Q+6/ajO4y7QY=
Subject key identifier: 8D:A4:27:B0:12:8C:03:5E:F1:D4:AF:B0:70:68:28:F4:03:C8:9F:16
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019421441CB486A54F5A2EE51304B1AC6F22
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jaQnsBKMA17x1K-wcGgo9APInxY.roa
Signing time: Wed 01 Jan 2025 09:48:19 +0000
ROA not before: Wed 01 Jan 2025 09:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215882
IP address blocks: 31.41.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1c:b4:86:a5:4f:5a:2e:e5:13:04:b1:ac:6f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8da427b0128c035ef1d4afb0706828f403c89f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c6:b7:b2:8f:d6:1e:71:a2:37:83:90:4a:93:
0b:5a:e1:de:c1:20:aa:d4:56:36:f3:f1:d1:9d:ef:
d0:8c:3e:1f:14:38:7f:13:f4:ef:91:06:62:6d:53:
6f:be:0d:3b:e3:78:0d:9e:86:77:00:85:c7:6c:28:
8f:0b:44:3a:ee:53:cc:15:73:3e:a7:b3:94:b8:2a:
73:52:b5:78:a9:12:0e:94:8b:8d:bf:d7:93:43:0c:
3b:6d:d1:7d:14:c4:6a:c5:b0:06:ce:c0:89:13:ae:
48:80:27:32:f7:26:71:7a:75:ff:a0:65:b3:2b:51:
78:62:4f:fc:fd:c3:e8:a2:82:67:e0:40:2f:e9:19:
93:29:d2:ee:b7:a9:4b:d1:88:e3:ce:c2:58:5a:e5:
62:d5:a0:c2:62:92:01:d7:a1:71:8e:44:3d:1f:d7:
90:0d:b6:b8:a0:56:6e:5e:5c:0d:39:37:b7:ed:df:
4e:7d:8c:f7:9d:dd:18:47:21:72:2a:e0:0f:54:65:
68:5a:7c:a0:f2:c1:3b:9e:d9:60:f9:11:7d:03:26:
08:fe:96:1f:f0:5a:13:2e:2f:d3:6d:11:a0:44:13:
91:30:96:99:1c:7a:50:90:26:69:55:1f:f0:2a:12:
57:6f:d7:3c:be:8e:24:d2:97:22:2c:b4:cc:db:d8:
9c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A4:27:B0:12:8C:03:5E:F1:D4:AF:B0:70:68:28:F4:03:C8:9F:16
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jaQnsBKMA17x1K-wcGgo9APInxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.32.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:2e:d1:ec:a4:90:31:2d:3f:e1:a9:9b:74:c2:9e:29:f2:85:
1a:cb:aa:95:4c:b5:b3:1c:19:cb:9a:31:28:62:20:b2:a6:db:
3b:9f:85:28:a8:9c:71:b3:ff:45:be:50:5a:ed:5c:eb:9b:03:
a8:d7:00:03:2f:fb:d8:67:f7:de:f1:f4:ec:dc:8d:c2:20:bf:
6b:4b:a8:d5:b4:9e:56:f1:66:58:0c:62:65:86:13:d0:ac:77:
3c:73:a1:03:71:ee:86:cd:70:bd:d4:44:97:c3:cf:ee:66:f8:
95:68:8b:9f:4b:83:06:c0:17:59:ff:f5:12:41:77:53:d2:ed:
a3:cf:18:e2:e8:1c:5f:8f:6b:28:85:8b:0d:11:23:35:bb:e2:
f3:8f:af:27:9f:96:8c:1c:d8:4b:f7:df:0a:0d:e0:99:9c:3c:
59:c3:03:bc:48:7d:36:81:4e:38:40:29:44:62:3c:96:ef:f8:
e4:3d:a2:bb:58:13:ab:2d:aa:7a:e2:01:56:63:74:84:0a:cc:
74:ac:f5:a1:99:e3:12:3a:84:e2:b2:cc:7a:97:a5:84:13:a6:
ce:ff:99:15:a4:ff:e1:05:6b:a9:a1:73:be:e9:c7:0a:7e:74:
92:37:03:b7:3a:3b:ef:e7:78:12:7f:7a:1f:14:c7:dc:26:de:
01:34:8b:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBy0hqVPWi7lEwSxrG8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGE0MjdiMDEyOGMwMzVlZjFkNGFmYjA3MDY4MjhmNDAzYzg5ZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ma3so/WHnGiN4OQSpMLWuHewSCq
1FY28/HRne/QjD4fFDh/E/TvkQZibVNvvg0743gNnoZ3AIXHbCiPC0Q67lPMFXM+
p7OUuCpzUrV4qRIOlIuNv9eTQww7bdF9FMRqxbAGzsCJE65IgCcy9yZxenX/oGWz
K1F4Yk/8/cPoooJn4EAv6RmTKdLut6lL0YjjzsJYWuVi1aDCYpIB16FxjkQ9H9eQ
Dba4oFZuXlwNOTe37d9OfYz3nd0YRyFyKuAPVGVoWnyg8sE7ntlg+RF9AyYI/pYf
8FoTLi/TbRGgRBORMJaZHHpQkCZpVR/wKhJXb9c8vo4k0pciLLTM29icoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2kJ7ASjANe8dSvsHBoKPQDyJ8WMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvamFRbnNCS01BMTd4MUstd2NHZ285QVBJbnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHykgMA0G
CSqGSIb3DQEBCwUAA4IBAQCaLtHspJAxLT/hqZt0wp4p8oUay6qVTLWzHBnLmjEo
YiCypts7n4UoqJxxs/9FvlBa7VzrmwOo1wADL/vYZ/fe8fTs3I3CIL9rS6jVtJ5W
8WZYDGJlhhPQrHc8c6EDce6GzXC91ESXw8/uZviVaIufS4MGwBdZ//USQXdT0u2j
zxji6Bxfj2sohYsNESM1u+Lzj68nn5aMHNhL998KDeCZnDxZwwO8SH02gU44QClE
YjyW7/jkPaK7WBOrLap64gFWY3SECsx0rPWhmeMSOoTissx6l6WEE6bO/5kVpP/h
BWupoXO+6ccKfnSSNwO3Ojvv53gSf3ofFMfcJt4BNIvj
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:49:12 2025 by rpki-client