Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/31ag2HrgANjhnzyqvzYcA_GuDbg.roa
File: 31ag2HrgANjhnzyqvzYcA_GuDbg.roa (raw, json)
Hash identifier: 2P8QZCQEYwZ7T/ngNrFwmBzstV47MWzT0cHknGsfldw=
Subject key identifier: DF:56:A0:D8:7A:E0:00:D8:E1:9F:3C:AA:BF:36:1C:03:F1:AE:0D:B8
Certificate issuer: /CN=19b390b62d09950d500cd6bbbd78d0390560ec42
Certificate serial: 01941FFA673A6517A496D513912997FFAF6F
Authority key identifier: 19:B3:90:B6:2D:09:95:0D:50:0C:D6:BB:BD:78:D0:39:05:60:EC:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbOQti0JlQ1QDNa7vXjQOQVg7EI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/31ag2HrgANjhnzyqvzYcA_GuDbg.roa
Signing time: Wed 01 Jan 2025 03:48:11 +0000
ROA not before: Wed 01 Jan 2025 03:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200474
IP address blocks: 185.133.240.0/23 maxlen: 24
2a05:fbe0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:67:3a:65:17:a4:96:d5:13:91:29:97:ff:af:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19b390b62d09950d500cd6bbbd78d0390560ec42
Validity
Not Before: Jan 1 03:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df56a0d87ae000d8e19f3caabf361c03f1ae0db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:73:6d:e2:62:7f:62:51:38:dd:7d:a0:b5:85:
3b:8d:df:36:9b:ab:d3:85:30:79:f3:9e:4c:f9:2d:
70:0a:18:ee:7e:e5:50:5a:4d:4e:b3:07:1d:4c:a2:
50:47:bc:e0:2d:af:bf:64:00:51:6e:ff:aa:28:d8:
73:d1:6b:bd:a1:8e:9a:2b:c1:a2:e6:79:e8:c2:e3:
aa:bd:4b:17:c8:09:54:21:ae:9c:ca:64:e6:e8:16:
40:6a:f0:ee:2d:4a:ef:ef:d5:0b:c9:11:75:c6:86:
92:f3:fc:19:75:5f:2f:60:26:52:14:68:26:52:6f:
43:52:d0:73:ee:aa:a3:aa:4f:f9:03:5c:b1:ca:e3:
94:c5:c9:09:2b:69:b5:0f:74:09:e6:e7:1f:25:9d:
fb:3a:dd:b9:97:0b:2e:a5:70:eb:cf:76:e3:a8:05:
ca:58:8f:54:d0:7f:1d:9c:6c:9c:7b:44:9a:2b:9c:
cf:ff:b8:36:a4:b8:4e:37:bf:fe:fc:4d:a4:ee:c2:
ab:cf:24:7d:ae:df:74:c8:56:cc:0a:5e:14:75:01:
31:8d:1c:c5:2d:79:83:46:64:8c:92:15:53:e0:a2:
5f:83:88:0f:50:0b:68:b0:c6:28:bb:a2:e4:95:1a:
ba:f1:a7:ae:54:f8:30:fd:63:e7:88:ec:52:c1:0e:
91:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:56:A0:D8:7A:E0:00:D8:E1:9F:3C:AA:BF:36:1C:03:F1:AE:0D:B8
X509v3 Authority Key Identifier:
keyid:19:B3:90:B6:2D:09:95:0D:50:0C:D6:BB:BD:78:D0:39:05:60:EC:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbOQti0JlQ1QDNa7vXjQOQVg7EI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/31ag2HrgANjhnzyqvzYcA_GuDbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/GbOQti0JlQ1QDNa7vXjQOQVg7EI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.240.0/23
IPv6:
2a05:fbe0::/32
Signature Algorithm: sha256WithRSAEncryption
39:d0:9e:cf:b6:18:a2:e9:5d:9e:35:6d:2d:6e:af:fa:4b:28:
f8:95:ad:6c:0e:7b:12:8b:b8:d1:b2:8d:4a:01:17:5c:41:69:
00:99:5b:e3:fc:e6:2d:24:ce:90:93:20:5b:8c:df:1e:eb:49:
f8:38:48:22:a9:5c:e7:cb:33:9d:32:7e:93:8d:cb:55:7d:fd:
7a:26:70:ac:eb:4a:af:9e:06:e9:1d:ad:13:cf:a2:be:a5:c9:
bb:68:3b:08:df:a8:5b:dd:33:81:77:e8:01:d6:d7:9e:b2:b2:
07:de:5b:70:e4:1d:05:c7:7d:87:d5:32:0d:e5:45:8e:3a:df:
60:fd:15:bf:36:ba:ae:70:1b:7b:41:9a:b4:61:96:34:d7:e4:
88:0f:b5:cd:6d:d1:3b:bc:2b:40:ef:07:1c:b6:be:df:f1:4e:
86:d3:23:ab:82:57:01:cc:0f:82:46:96:bb:d8:55:a1:5f:98:
5e:d7:26:26:cf:47:dd:38:0f:09:9d:e2:17:e5:58:b2:7a:60:
f4:c2:44:95:52:07:ef:e6:af:fc:3f:16:5b:6d:41:a2:af:e3:
44:11:d2:0c:5c:93:99:96:ba:bc:ac:88:2c:49:91:54:e8:22:
e0:b8:46:54:88:c6:41:de:da:8f:ec:90:18:11:ae:24:6b:ca:
03:52:e2:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+mc6ZRekltUTkSmX/69vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YjM5MGI2MmQwOTk1MGQ1MDBjZDZiYmJkNzhkMDM5MDU2
MGVjNDIwHhcNMjUwMTAxMDM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjU2YTBkODdhZTAwMGQ4ZTE5ZjNjYWFiZjM2MWMwM2YxYWUwZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknNt4mJ/YlE43X2gtYU7jd82m6vT
hTB5855M+S1wChjufuVQWk1OswcdTKJQR7zgLa+/ZABRbv+qKNhz0Wu9oY6aK8Gi
5nnowuOqvUsXyAlUIa6cymTm6BZAavDuLUrv79ULyRF1xoaS8/wZdV8vYCZSFGgm
Um9DUtBz7qqjqk/5A1yxyuOUxckJK2m1D3QJ5ucfJZ37Ot25lwsupXDrz3bjqAXK
WI9U0H8dnGyce0SaK5zP/7g2pLhON7/+/E2k7sKrzyR9rt90yFbMCl4UdQExjRzF
LXmDRmSMkhVT4KJfg4gPUAtosMYou6LklRq68aeuVPgw/WPniOxSwQ6RZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN9WoNh64ADY4Z88qr82HAPxrg24MB8GA1UdIwQY
MBaAFBmzkLYtCZUNUAzWu7140DkFYOxCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2JPUXRpMEpsUTFRRE5hN3ZYalFPUVZnN0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iMzE1ODYtMzU2Ni00N2IwLTk1Y2Mt
MTQ0ZDc0NzNlYTU5LzEvMzFhZzJIcmdBTmpobnp5cXZ6WWNBX0d1RGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9iMzE1ODYtMzU2Ni00N2IwLTk1Y2MtMTQ0ZDc0NzNlYTU5
LzEvR2JPUXRpMEpsUTFRRE5hN3ZYalFPUVZnN0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuYXwMA0E
AgACMAcDBQAqBfvgMA0GCSqGSIb3DQEBCwUAA4IBAQA50J7Pthii6V2eNW0tbq/6
Syj4la1sDnsSi7jRso1KARdcQWkAmVvj/OYtJM6QkyBbjN8e60n4OEgiqVznyzOd
Mn6TjctVff16JnCs60qvngbpHa0Tz6K+pcm7aDsI36hb3TOBd+gB1teesrIH3ltw
5B0Fx32H1TIN5UWOOt9g/RW/NrqucBt7QZq0YZY01+SID7XNbdE7vCtA7wcctr7f
8U6G0yOrglcBzA+CRpa72FWhX5he1yYmz0fdOA8JneIX5ViyemD0wkSVUgfv5q/8
PxZbbUGir+NEEdIMXJOZlrq8rIgsSZFU6CLguEZUiMZB3tqP7JAYEa4ka8oDUuLg
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:25 2025 by rpki-client