Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/1-TKHNCKbZE8g4XJcuPLU9wUNwXw.roa
File: 1-TKHNCKbZE8g4XJcuPLU9wUNwXw.roa (raw, json)
Hash identifier: 4YE3N5IWvrJIb1gbK5UKUvbBqNqAEHWjC5reIu6mjb8=
Subject key identifier: F9:32:87:34:22:9B:64:4F:20:E1:72:5C:B8:F2:D4:F7:05:0D:C1:7C
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 019421B23B3D959E21A5F0623379AE73CF7C
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/1-TKHNCKbZE8g4XJcuPLU9wUNwXw.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135330
IP address blocks: 31.192.233.0/24 maxlen: 24
2a0a:eec0:8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3b:3d:95:9e:21:a5:f0:62:33:79:ae:73:cf:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9328734229b644f20e1725cb8f2d4f7050dc17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:22:56:99:14:e4:13:95:69:fd:33:53:36:f6:
8b:cd:8a:4e:c3:39:f6:ef:21:8b:31:97:c5:5c:b4:
5d:30:d3:c1:a2:fb:c1:48:87:52:34:fc:f4:ad:28:
2f:26:16:31:3d:af:61:52:90:13:dd:f5:15:98:fc:
4d:ae:a5:a7:bd:37:8d:2e:f8:b5:62:41:75:51:f8:
95:2e:b4:8d:5f:13:ac:96:ca:21:92:92:43:fb:ef:
43:db:ec:80:73:45:6c:13:f3:25:a7:b6:86:7b:96:
2a:29:eb:dd:cc:99:89:27:24:2e:70:27:d6:8d:f5:
75:30:70:c3:b9:92:99:53:ee:85:25:eb:73:f0:c0:
7f:3a:cb:3b:eb:dc:f5:72:1e:ac:35:54:da:c0:4e:
55:eb:16:9c:b5:ff:03:ad:10:12:bc:ee:82:ca:84:
b8:ae:33:35:33:3b:95:62:e1:16:e2:86:e4:fb:3b:
e9:a0:8c:5f:67:af:1c:02:f2:b3:42:04:b9:d4:d9:
0c:b2:85:31:fc:2d:b1:9d:cc:91:b9:06:d0:56:36:
49:8a:a5:a5:70:ad:c4:4b:19:85:ca:bc:fc:6c:80:
44:75:b2:91:85:3d:58:1c:80:d3:5c:93:51:1e:2b:
59:d0:3c:c1:79:3a:6c:8b:50:16:53:bc:9f:73:b5:
5f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:32:87:34:22:9B:64:4F:20:E1:72:5C:B8:F2:D4:F7:05:0D:C1:7C
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/1-TKHNCKbZE8g4XJcuPLU9wUNwXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.233.0/24
IPv6:
2a0a:eec0:8::/48
Signature Algorithm: sha256WithRSAEncryption
4e:00:84:12:5a:e0:74:11:ec:79:0a:0c:42:b4:66:75:92:d2:
11:d7:18:cc:8c:c2:d3:36:cd:82:d9:63:cd:b3:96:99:2a:a6:
7c:5b:1a:71:cd:3b:89:70:34:f0:ba:fc:13:64:3e:f7:0f:22:
49:b4:68:62:4a:db:92:45:50:dc:6f:fa:34:6f:6f:c7:9e:12:
04:e1:8e:eb:f3:95:3e:ed:2b:87:f1:f4:79:0d:a2:d1:25:65:
0e:c0:b6:eb:f2:9e:71:91:cb:a0:5c:f2:e2:4d:ff:43:19:46:
c6:de:9f:95:bd:dd:eb:fd:62:a0:f0:a4:98:30:f9:71:d3:e6:
1e:64:e3:c3:56:5a:c1:69:65:e6:a8:82:33:b8:09:58:cb:02:
a7:61:56:b5:f1:2b:eb:27:4b:df:e4:65:8e:5e:d6:b2:fb:51:
9a:36:20:90:52:ae:89:ba:c9:16:74:b8:c7:57:a0:05:a7:78:
62:28:f7:16:cc:ac:64:5b:5d:15:36:4b:6c:b9:c7:21:82:58:
db:85:0c:67:1c:08:f0:72:ac:24:72:25:15:3b:dd:25:c3:c1:
f6:4c:26:21:c8:27:25:d9:95:41:a6:00:0d:6a:04:50:be:0a:
f5:96:2a:5d:24:0d:9e:01:65:43:12:4d:2d:c8:e8:cb:ed:c7:
e2:04:4d:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsjs9lZ4hpfBiM3muc898MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTMyODczNDIyOWI2NDRmMjBlMTcyNWNiOGYyZDRmNzA1MGRjMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSJWmRTkE5Vp/TNTNvaLzYpOwzn2
7yGLMZfFXLRdMNPBovvBSIdSNPz0rSgvJhYxPa9hUpAT3fUVmPxNrqWnvTeNLvi1
YkF1UfiVLrSNXxOslsohkpJD++9D2+yAc0VsE/Mlp7aGe5YqKevdzJmJJyQucCfW
jfV1MHDDuZKZU+6FJetz8MB/Oss769z1ch6sNVTawE5V6xactf8DrRASvO6CyoS4
rjM1MzuVYuEW4obk+zvpoIxfZ68cAvKzQgS51NkMsoUx/C2xncyRuQbQVjZJiqWl
cK3ESxmFyrz8bIBEdbKRhT1YHIDTXJNRHitZ0DzBeTpsi1AWU7yfc7VfewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPkyhzQim2RPIOFyXLjy1PcFDcF8MB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvMS1US0hOQ0tiWkU4ZzRYSmN1UExVOXdVTndYdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjkvNzY3YWU1LWI5YTItNDk5My04MWE4LTA1ZjE4ZmMyMTJh
Ny8xL2hzdDBLZ084bklWUWNoZWlVZ1RmXzRMOHpmay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAB/A6TAP
BAIAAjAJAwcAKgruwAAIMA0GCSqGSIb3DQEBCwUAA4IBAQBOAIQSWuB0Eex5CgxC
tGZ1ktIR1xjMjMLTNs2C2WPNs5aZKqZ8WxpxzTuJcDTwuvwTZD73DyJJtGhiStuS
RVDcb/o0b2/HnhIE4Y7r85U+7SuH8fR5DaLRJWUOwLbr8p5xkcugXPLiTf9DGUbG
3p+Vvd3r/WKg8KSYMPlx0+YeZOPDVlrBaWXmqIIzuAlYywKnYVa18SvrJ0vf5GWO
Xtay+1GaNiCQUq6JuskWdLjHV6AFp3hiKPcWzKxkW10VNktsucchgljbhQxnHAjw
cqwkciUVO90lw8H2TCYhyCcl2ZVBpgANagRQvgr1lipdJA2eAWVDEk0tyOjL7cfi
BE3Y
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:20:13 2025 by rpki-client