Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/rrklfK2SIXU63eNHbLfy96DEEE4.roa
File: rrklfK2SIXU63eNHbLfy96DEEE4.roa (raw, json)
Hash identifier: MG3f+4yFLcREUv4lMpAVJXVlUxg7hDY8kaD7dmGDqvA=
Subject key identifier: AE:B9:25:7C:AD:92:21:75:3A:DD:E3:47:6C:B7:F2:F7:A0:C4:10:4E
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 019422FC355312C0A97D059B0B2A3AE1C8C1
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/rrklfK2SIXU63eNHbLfy96DEEE4.roa
Signing time: Wed 01 Jan 2025 17:49:01 +0000
ROA not before: Wed 01 Jan 2025 17:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.223.192.0/21 maxlen: 24
31.223.200.0/21 maxlen: 24
109.238.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:35:53:12:c0:a9:7d:05:9b:0b:2a:3a:e1:c8:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aeb9257cad9221753adde3476cb7f2f7a0c4104e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fe:22:54:ff:34:89:b5:72:49:8d:7b:c5:f4:
78:5a:5a:35:1d:a6:17:b8:f6:f7:b3:bd:c2:74:1f:
df:10:d8:28:01:f9:5c:e9:32:33:14:d2:d0:fd:21:
34:32:2b:8d:e7:b7:9e:3c:d0:90:51:16:26:a2:97:
b4:3a:48:a5:1f:e0:42:8a:40:72:da:46:ec:55:b2:
b4:d1:f9:ac:61:be:4b:6d:41:16:fc:6b:ca:9f:78:
ae:6c:57:38:96:59:4c:69:da:ea:01:b8:79:b5:cd:
6c:51:5f:1a:dc:f8:a7:6e:3e:7a:1e:55:29:d1:62:
a5:9d:f6:da:20:54:7a:5a:25:3f:52:cf:df:27:2c:
9f:8b:a1:71:80:22:c7:67:00:53:e7:38:4d:e6:5d:
43:57:b9:5f:f4:ed:44:cf:3e:84:2a:f8:60:0d:8c:
54:2f:37:4b:ea:be:04:35:c3:40:61:73:6d:a2:d4:
07:40:3d:54:f5:1a:02:05:e4:09:33:93:a5:ed:92:
6e:7f:33:16:e6:5f:b2:c0:80:c9:5f:7d:53:7d:0d:
03:54:de:6f:a3:ff:9b:3d:d2:06:99:c2:25:27:3f:
31:1b:58:07:9e:e9:95:3a:19:ce:f7:80:7f:56:5f:
f6:81:b0:5d:68:77:cb:00:1d:87:38:46:bc:81:42:
c5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B9:25:7C:AD:92:21:75:3A:DD:E3:47:6C:B7:F2:F7:A0:C4:10:4E
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/rrklfK2SIXU63eNHbLfy96DEEE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.192.0/20
109.238.160.0/21
Signature Algorithm: sha256WithRSAEncryption
68:db:fb:78:4b:16:84:e2:a8:8b:73:7b:8f:75:92:fb:a1:55:
eb:0f:17:37:1d:b0:6e:51:c3:bf:ea:61:71:0e:d7:0f:3e:13:
8c:a2:c5:9f:2a:d2:18:0f:a6:3a:0f:c6:52:dd:71:b5:ac:cf:
78:33:d0:0c:1b:bb:3e:66:0c:37:07:d2:16:85:36:c2:e3:6b:
c9:dc:f6:d5:73:bf:27:19:6c:7d:fd:da:65:b7:e3:f9:44:3a:
53:48:90:42:89:85:35:b5:c3:23:e3:3e:43:8b:3c:1a:22:30:
08:05:68:cf:90:7c:cc:2b:f6:ad:fb:c7:69:2e:8f:00:ee:3b:
b4:f8:e5:45:73:43:b2:97:51:3f:f8:78:0c:13:6c:ac:2c:84:
4e:76:41:a3:1a:a2:a8:3e:15:ac:7f:6c:d0:88:0f:bc:5c:9d:
dd:56:d4:f3:3c:6b:b3:8a:dc:04:bb:9f:a7:6f:a0:cb:aa:79:
f7:67:a1:be:b6:8e:87:f3:03:df:38:5b:f1:1b:e8:bb:14:5c:
47:96:cf:fc:0a:ce:61:0f:03:1d:37:7e:d9:8c:af:01:21:22:
19:2c:2d:4f:07:5f:66:8f:7b:18:bc:ba:b4:1a:71:8c:f8:87:
42:dd:62:42:3c:f0:27:b0:90:1a:7d:36:53:cd:a6:bb:5f:8e:
bd:05:8b:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/DVTEsCpfQWbCyo64cjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWI5MjU3Y2FkOTIyMTc1M2FkZGUzNDc2Y2I3ZjJmN2EwYzQxMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf4iVP80ibVySY17xfR4Wlo1HaYX
uPb3s73CdB/fENgoAflc6TIzFNLQ/SE0MiuN57eePNCQURYmope0OkilH+BCikBy
2kbsVbK00fmsYb5LbUEW/GvKn3iubFc4lllMadrqAbh5tc1sUV8a3Pinbj56HlUp
0WKlnfbaIFR6WiU/Us/fJyyfi6FxgCLHZwBT5zhN5l1DV7lf9O1Ezz6EKvhgDYxU
LzdL6r4ENcNAYXNtotQHQD1U9RoCBeQJM5Ol7ZJufzMW5l+ywIDJX31TfQ0DVN5v
o/+bPdIGmcIlJz8xG1gHnumVOhnO94B/Vl/2gbBdaHfLAB2HOEa8gULFNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK65JXytkiF1Ot3jR2y38vegxBBOMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvcnJrbGZLMlNJWFU2M2VOSGJMZnk5NkRFRUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH9/AAwQD
be6gMA0GCSqGSIb3DQEBCwUAA4IBAQBo2/t4SxaE4qiLc3uPdZL7oVXrDxc3HbBu
UcO/6mFxDtcPPhOMosWfKtIYD6Y6D8ZS3XG1rM94M9AMG7s+Zgw3B9IWhTbC42vJ
3PbVc78nGWx9/dplt+P5RDpTSJBCiYU1tcMj4z5DizwaIjAIBWjPkHzMK/at+8dp
Lo8A7ju0+OVFc0Oyl1E/+HgME2ysLIROdkGjGqKoPhWsf2zQiA+8XJ3dVtTzPGuz
itwEu5+nb6DLqnn3Z6G+to6H8wPfOFvxG+i7FFxHls/8Cs5hDwMdN37ZjK8BISIZ
LC1PB19mj3sYvLq0GnGM+IdC3WJCPPAnsJAafTZTzaa7X469BYsh
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:32 2025 by rpki-client