Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/gaU-sg24svaMgNvnPoGU6mQ2iLE.roa
File: gaU-sg24svaMgNvnPoGU6mQ2iLE.roa (raw, json)
Hash identifier: cBVTlDpUaumqdums9PexTzZazMeRHHu29jPnlQ1ghgg=
Subject key identifier: 81:A5:3E:B2:0D:B8:B2:F6:8C:80:DB:E7:3E:81:94:EA:64:36:88:B1
Certificate issuer: /CN=7cac8d7f4b75170607bfcf8439c2e1d03a21410d
Certificate serial: 01856D017D21D75F068E75FF100F0F63D355
Authority key identifier: 7C:AC:8D:7F:4B:75:17:06:07:BF:CF:84:39:C2:E1:D0:3A:21:41:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKyNf0t1FwYHv8-EOcLh0DohQQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/gaU-sg24svaMgNvnPoGU6mQ2iLE.roa
Signing time: Sun 01 Jan 2023 11:04:52 +0000
ROA not before: Sun 01 Jan 2023 11:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205402
IP address blocks: 109.234.224.0/24 maxlen: 24
109.234.225.0/24 maxlen: 24
31.25.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:7d:21:d7:5f:06:8e:75:ff:10:0f:0f:63:d3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cac8d7f4b75170607bfcf8439c2e1d03a21410d
Validity
Not Before: Jan 1 11:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81a53eb20db8b2f68c80dbe73e8194ea643688b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:5f:e1:41:3e:f6:5b:12:4f:1c:60:51:d5:
62:28:55:5d:90:f3:eb:99:75:05:dd:ba:9e:51:2c:
65:a2:a2:a7:18:14:cb:4b:46:61:4e:2c:8c:20:51:
6c:72:18:cc:cf:62:32:c3:16:6e:d2:c9:05:a7:c7:
58:91:d5:b7:13:47:3c:5f:81:2d:34:b7:7c:af:65:
b0:f2:9e:2a:28:69:fb:03:c4:b5:a1:d7:4f:87:cb:
d3:b2:e9:66:bb:00:3b:ad:cb:f3:dd:a6:2c:91:8c:
ad:71:db:9f:37:77:4f:17:fa:b7:c4:2d:4f:85:9e:
91:3b:a8:c4:75:e9:17:8d:ef:ba:ef:96:a0:73:61:
c0:8e:2d:82:25:c4:fb:7a:84:ce:24:63:77:75:fb:
a9:91:22:21:59:ea:75:7a:4f:b5:b5:5f:e9:9f:f1:
ce:7c:07:bd:5d:3c:bc:0b:eb:1f:34:d6:86:b8:aa:
de:28:05:ed:4a:94:44:49:6e:a2:3a:d5:71:65:4b:
be:64:d7:f9:61:1a:9b:34:81:7e:19:72:09:aa:98:
1e:58:52:bc:96:d9:6e:0c:97:23:d0:bd:4c:d9:3b:
fe:8f:3f:3d:7b:81:df:54:e1:c4:1e:f1:54:9d:17:
e0:6f:55:a5:3b:9f:85:49:f3:52:5a:3f:85:f6:51:
e8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A5:3E:B2:0D:B8:B2:F6:8C:80:DB:E7:3E:81:94:EA:64:36:88:B1
X509v3 Authority Key Identifier:
keyid:7C:AC:8D:7F:4B:75:17:06:07:BF:CF:84:39:C2:E1:D0:3A:21:41:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKyNf0t1FwYHv8-EOcLh0DohQQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/gaU-sg24svaMgNvnPoGU6mQ2iLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/fKyNf0t1FwYHv8-EOcLh0DohQQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.56.0/21
109.234.224.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:ed:e9:37:7b:1c:7c:2d:5c:7a:35:bc:77:03:22:7d:ec:d1:
a9:16:32:b4:20:05:c7:69:70:67:4a:f3:f2:02:e0:a8:98:b3:
50:cd:ee:61:36:c1:f7:49:3e:90:70:c6:24:d0:f2:0d:ab:d9:
e6:58:67:24:cc:97:70:62:c3:e2:dc:c3:76:55:98:fb:f1:a0:
5c:ca:73:6f:51:c2:b6:f8:00:bd:9d:e8:f5:6f:7d:f3:47:1c:
e0:c5:2f:a1:09:bb:88:39:5a:0e:2d:6d:0b:b0:a1:a9:05:95:
55:28:01:3e:2b:92:5f:71:56:4f:5f:ee:89:72:86:31:a4:43:
a7:e3:58:6f:4d:e0:2a:64:a0:8a:38:fe:e9:4d:a1:2c:7c:9a:
38:4c:bf:98:6c:98:67:46:50:d3:bc:55:31:31:2c:a8:4c:c7:
38:3c:e3:50:52:ed:e9:15:89:89:d9:e3:e6:0e:26:72:fa:98:
f8:db:73:eb:4c:b0:f6:46:43:63:59:de:68:c5:0b:1c:bc:e6:
52:ba:41:b4:3f:8f:1e:12:a2:2d:c3:98:f4:87:59:8e:00:41:
7f:fc:86:83:70:a4:ab:05:b9:76:11:79:32:86:78:d1:c1:0f:
8b:0b:9c:49:59:25:f9:7d:e8:19:b3:4a:23:e5:c5:dc:d0:af:
f2:ed:bb:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtAX0h118GjnX/EA8PY9NVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYWM4ZDdmNGI3NTE3MDYwN2JmY2Y4NDM5YzJlMWQwM2Ey
MTQxMGQwHhcNMjMwMTAxMTEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWE1M2ViMjBkYjhiMmY2OGM4MGRiZTczZTgxOTRlYTY0MzY4OGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrhf4UE+9lsSTxxgUdViKFVdkPPr
mXUF3bqeUSxloqKnGBTLS0ZhTiyMIFFschjMz2IywxZu0skFp8dYkdW3E0c8X4Et
NLd8r2Ww8p4qKGn7A8S1oddPh8vTsulmuwA7rcvz3aYskYytcdufN3dPF/q3xC1P
hZ6RO6jEdekXje+675agc2HAji2CJcT7eoTOJGN3dfupkSIhWep1ek+1tV/pn/HO
fAe9XTy8C+sfNNaGuKreKAXtSpRESW6iOtVxZUu+ZNf5YRqbNIF+GXIJqpgeWFK8
ltluDJcj0L1M2Tv+jz89e4HfVOHEHvFUnRfgb1WlO5+FSfNSWj+F9lHowQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIGlPrINuLL2jIDb5z6BlOpkNoixMB8GA1UdIwQY
MBaAFHysjX9LdRcGB7/PhDnC4dA6IUENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkt5TmYwdDFGd1lIdjgtRU9jTGgwRG9oUVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85NzkxM2MtNzQ4ZS00ZmQxLTkxOTQt
MjA4ZmNmZGZiMjAxLzEvZ2FVLXNnMjRzdmFNZ052blBvR1U2bVEyaUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85NzkxM2MtNzQ4ZS00ZmQxLTkxOTQtMjA4ZmNmZGZiMjAx
LzEvZkt5TmYwdDFGd1lIdjgtRU9jTGgwRG9oUVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDHxk4AwQB
bergMA0GCSqGSIb3DQEBCwUAA4IBAQCk7ek3exx8LVx6Nbx3AyJ97NGpFjK0IAXH
aXBnSvPyAuComLNQze5hNsH3ST6QcMYk0PINq9nmWGckzJdwYsPi3MN2VZj78aBc
ynNvUcK2+AC9nej1b33zRxzgxS+hCbuIOVoOLW0LsKGpBZVVKAE+K5JfcVZPX+6J
coYxpEOn41hvTeAqZKCKOP7pTaEsfJo4TL+YbJhnRlDTvFUxMSyoTMc4PONQUu3p
FYmJ2ePmDiZy+pj423PrTLD2RkNjWd5oxQscvOZSukG0P48eEqItw5j0h1mOAEF/
/IaDcKSrBbl2EXkyhnjRwQ+LC5xJWSX5fegZs0oj5cXc0K/y7buE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org