Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/DefZ__9RqwjeIQvvIG8DNEtfalk.roa
File: DefZ__9RqwjeIQvvIG8DNEtfalk.roa (raw, json)
Hash identifier: 8CQeEiGOKVZsA3/HRDhtbloh6zsps5iaRDAh0kwUHcw=
Subject key identifier: 0D:E7:D9:FF:FF:51:AB:08:DE:21:0B:EF:20:6F:03:34:4B:5F:6A:59
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 01957154397074AD4388612C9DC1E30A676E
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/DefZ__9RqwjeIQvvIG8DNEtfalk.roa
Signing time: Fri 07 Mar 2025 15:58:19 +0000
ROA not before: Fri 07 Mar 2025 15:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31216
IP address blocks: 31.217.128.0/19 maxlen: 24
46.18.168.0/21 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
89.30.58.0/24 maxlen: 24
89.30.68.0/22 maxlen: 24
91.196.184.0/22 maxlen: 24
185.55.16.0/22 maxlen: 24
185.143.244.0/22 maxlen: 22
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:71:54:39:70:74:ad:43:88:61:2c:9d:c1:e3:0a:67:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Mar 7 15:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0de7d9ffff51ab08de210bef206f03344b5f6a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cb:31:92:ec:89:7a:68:26:61:dd:27:f8:c3:
2c:ba:65:b7:5e:9b:e3:9a:71:c6:32:1f:b0:0b:d6:
27:c9:0c:ac:15:27:69:78:08:7f:a8:98:77:74:89:
f1:8a:c9:9e:31:a5:da:bf:87:b6:75:a4:bd:ad:75:
10:aa:6d:1a:d0:b3:8f:2b:36:75:d1:f7:7b:65:df:
e4:81:96:dc:d6:f5:cb:99:a3:4f:7c:9d:cc:76:f3:
e0:7b:d8:d6:99:6f:b9:eb:4b:05:10:5f:18:13:f9:
57:d5:92:57:55:a2:7d:ea:49:11:92:bb:2e:ce:e8:
2c:a8:21:77:50:28:44:80:66:a3:52:19:38:51:b8:
4e:03:8c:82:e0:b6:50:b0:86:31:e4:9e:d4:55:ef:
57:d6:2e:46:2c:14:4a:46:40:a4:90:11:1c:8a:e8:
3a:d8:ff:fd:84:27:b5:92:0a:22:30:ce:4d:50:e3:
c0:e3:3c:7b:b0:32:4a:00:e6:a6:c6:43:42:db:7e:
4e:d7:b4:5f:2e:50:e0:3b:db:8c:71:8a:66:76:35:
a3:15:02:bf:a0:15:2f:8e:35:7e:08:62:9d:3f:28:
51:53:59:15:43:81:a5:0c:cd:44:54:b8:71:b1:b2:
65:5c:62:db:02:78:c3:a8:6c:b6:4c:f4:32:8d:35:
75:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E7:D9:FF:FF:51:AB:08:DE:21:0B:EF:20:6F:03:34:4B:5F:6A:59
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/DefZ__9RqwjeIQvvIG8DNEtfalk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.128.0/19
46.18.168.0/21
83.243.16.0/21
89.30.0.0/17
91.196.184.0/22
185.55.16.0/22
185.143.244.0/22
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
4a:2f:56:4d:22:e0:8c:e2:b9:1e:04:bb:34:0c:96:a5:0d:3f:
53:bc:a0:43:96:80:20:72:4d:ca:6a:11:b4:d9:c1:15:e2:f9:
bd:df:83:20:bb:84:9d:18:66:bf:97:4c:29:e9:6f:df:f7:79:
b0:9b:97:19:b8:07:ce:a1:c8:3d:3f:b4:b3:95:ef:8d:49:92:
d4:d7:91:71:05:1c:36:6f:19:6a:13:23:6d:07:a8:53:33:c1:
81:bf:cc:be:72:66:80:b8:f7:e2:48:b9:b1:1c:8a:e4:05:89:
20:ae:c5:55:43:65:ea:69:61:7c:da:09:bf:0e:a0:d8:4f:e9:
7c:ec:9c:1e:02:25:92:1a:c1:9d:6e:a9:d1:92:4a:fb:44:2d:
75:a6:52:bc:97:9a:b1:c2:a6:40:dc:4f:1e:90:a3:4c:ce:70:
e3:7f:7b:ac:f7:a7:32:dc:08:b1:1e:74:52:38:fc:dc:35:83:
45:34:f4:02:4f:a1:94:6b:a1:03:80:86:46:86:3b:4f:25:7d:
47:62:7b:fd:04:32:8f:78:9a:48:f2:cb:34:8c:55:fd:30:24:
34:95:f9:94:23:de:7b:5b:e3:44:51:a3:70:51:81:e7:c9:60:
12:ae:35:75:1c:8c:1e:ba:67:49:31:53:58:11:e8:e5:9b:f7:
4b:45:0b:34
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZVxVDlwdK1DiGEsncHjCmduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjUwMzA3MTU1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGU3ZDlmZmZmNTFhYjA4ZGUyMTBiZWYyMDZmMDMzNDRiNWY2YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMsxkuyJemgmYd0n+MMsumW3Xpvj
mnHGMh+wC9YnyQysFSdpeAh/qJh3dInxismeMaXav4e2daS9rXUQqm0a0LOPKzZ1
0fd7Zd/kgZbc1vXLmaNPfJ3MdvPge9jWmW+560sFEF8YE/lX1ZJXVaJ96kkRkrsu
zugsqCF3UChEgGajUhk4UbhOA4yC4LZQsIYx5J7UVe9X1i5GLBRKRkCkkBEciug6
2P/9hCe1kgoiMM5NUOPA4zx7sDJKAOamxkNC235O17RfLlDgO9uMcYpmdjWjFQK/
oBUvjjV+CGKdPyhRU1kVQ4GlDM1EVLhxsbJlXGLbAnjDqGy2TPQyjTV19wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFA3n2f//UasI3iEL7yBvAzRLX2pZMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvRGVmWl9fOVJxd2plSVF2dklHOERORXRmYWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQFH9mAAwQD
LhKoAwQDU/MQAwQHWR4AAwQCW8S4AwQCuTcQAwQCuY/0AwQAwn7ZMA0EAgACMAcD
BQAqAYIAMA0GCSqGSIb3DQEBCwUAA4IBAQBKL1ZNIuCM4rkeBLs0DJalDT9TvKBD
loAgck3KahG02cEV4vm934Mgu4SdGGa/l0wp6W/f93mwm5cZuAfOocg9P7Szle+N
SZLU15FxBRw2bxlqEyNtB6hTM8GBv8y+cmaAuPfiSLmxHIrkBYkgrsVVQ2XqaWF8
2gm/DqDYT+l87JweAiWSGsGdbqnRkkr7RC11plK8l5qxwqZA3E8ekKNMznDjf3us
96cy3AixHnRSOPzcNYNFNPQCT6GUa6EDgIZGhjtPJX1HYnv9BDKPeJpI8ss0jFX9
MCQ0lfmUI957W+NEUaNwUYHnyWASrjV1HIweumdJMVNYEejlm/dLRQs0
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:35 2025 by rpki-client