Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/ppkwZSnQe_B1w9UhP5ke1_jD4Vk.roa
File: ppkwZSnQe_B1w9UhP5ke1_jD4Vk.roa (raw, json)
Hash identifier: hVKC9oxQ4TOks3wr3lJFJ2Whe3zItAMI4ja6SGb5ZM4=
Subject key identifier: A6:99:30:65:29:D0:7B:F0:75:C3:D5:21:3F:99:1E:D7:F8:C3:E1:59
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 019424B3AE5CF2ABACE5357078F060F1E5E6
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/ppkwZSnQe_B1w9UhP5ke1_jD4Vk.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207456
IP address blocks: 31.171.132.0/22 maxlen: 24
45.154.4.0/22 maxlen: 24
109.235.52.0/22 maxlen: 24
109.235.53.0/24 maxlen: 24
109.235.54.0/23 maxlen: 24
185.153.188.0/22 maxlen: 24
185.196.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ae:5c:f2:ab:ac:e5:35:70:78:f0:60:f1:e5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a699306529d07bf075c3d5213f991ed7f8c3e159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:c4:fc:48:bf:63:01:cd:e6:99:6f:8a:e5:
ca:8c:5e:6e:22:bd:b0:ef:fc:50:97:68:a2:2a:58:
9c:5f:a5:c3:02:65:2e:ac:7a:9d:ea:43:dc:5f:3e:
51:84:bd:ac:b4:ec:89:38:14:56:29:19:4a:d2:0c:
96:c0:30:e2:e0:c2:45:8f:7d:a1:93:29:9a:b1:22:
be:c3:8e:0d:d5:23:72:9e:0a:2e:db:4f:78:8a:9a:
12:01:36:ca:91:db:13:6c:e2:f2:3f:11:51:51:d4:
25:5c:36:d6:34:8a:b7:95:c3:35:a1:80:e7:73:f5:
fa:8e:78:6a:59:e3:59:85:3b:4f:17:61:2b:a2:94:
7d:85:53:01:d8:fe:81:01:9c:79:07:8a:99:7c:1e:
47:46:7a:4d:22:e9:bd:b4:71:89:91:2b:e0:1a:53:
a6:16:b9:fd:7e:ae:09:a3:40:3e:29:bd:66:aa:10:
c8:ee:a4:67:37:0e:22:d4:dd:1e:f0:b5:ea:f1:75:
2b:ed:41:0b:01:69:56:72:c1:94:1f:05:ce:34:53:
c2:29:c7:c1:54:3e:8e:bd:42:60:51:a0:80:8b:8a:
66:9a:1d:78:56:9d:ae:e1:e5:3f:95:a8:32:a1:e5:
dc:a2:3b:21:1e:c7:69:df:de:70:c1:ee:59:94:17:
e5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:99:30:65:29:D0:7B:F0:75:C3:D5:21:3F:99:1E:D7:F8:C3:E1:59
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/ppkwZSnQe_B1w9UhP5ke1_jD4Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.132.0/22
45.154.4.0/22
109.235.52.0/22
185.153.188.0/22
185.196.92.0/22
Signature Algorithm: sha256WithRSAEncryption
72:56:88:71:57:83:9e:b6:85:3c:8f:c3:a8:a9:6f:d1:23:61:
61:1b:79:40:62:42:c3:11:f4:a0:01:54:0f:4a:4e:c4:71:33:
b0:82:ba:31:59:b0:34:05:ea:51:c7:38:4c:e8:a5:1b:d3:95:
53:ea:84:f4:6f:24:4c:47:8a:ce:b4:e0:1f:02:6c:95:b6:ae:
3b:df:c9:b5:de:83:a5:07:1d:9b:3b:1e:24:c3:55:1e:d9:5e:
1e:68:99:89:d2:40:8f:14:e6:4d:c4:90:13:be:60:20:0d:6b:
62:e2:3b:cc:46:ff:1a:4a:a9:1c:aa:e5:fa:22:c8:d6:13:95:
13:4f:58:d4:7f:e6:5c:ef:73:05:95:25:4c:35:14:b3:2f:8e:
52:62:9e:9f:4a:e9:8f:5a:8d:68:aa:3b:92:6b:7f:11:de:f2:
4f:5b:89:ca:bc:25:ff:4a:3d:1f:12:78:d5:cc:61:90:dd:29:
a2:bc:60:89:ac:77:43:22:1f:ca:cc:86:35:7e:5d:be:d7:c1:
11:a6:ce:25:89:bc:ea:1f:67:37:80:3d:4e:53:87:54:12:64:
ea:6e:32:35:5c:18:93:2b:ae:b8:59:12:15:07:0e:28:30:52:
f0:1f:ee:cf:fb:a5:61:d5:51:7b:5a:d0:4d:05:92:e1:fd:39:
ab:fb:62:16
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQks65c8qus5TVwePBg8eXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjk5MzA2NTI5ZDA3YmYwNzVjM2Q1MjEzZjk5MWVkN2Y4YzNlMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy/E/Ei/YwHN5plviuXKjF5uIr2w
7/xQl2iiKlicX6XDAmUurHqd6kPcXz5RhL2stOyJOBRWKRlK0gyWwDDi4MJFj32h
kymasSK+w44N1SNyngou2094ipoSATbKkdsTbOLyPxFRUdQlXDbWNIq3lcM1oYDn
c/X6jnhqWeNZhTtPF2EropR9hVMB2P6BAZx5B4qZfB5HRnpNIum9tHGJkSvgGlOm
Frn9fq4Jo0A+Kb1mqhDI7qRnNw4i1N0e8LXq8XUr7UELAWlWcsGUHwXONFPCKcfB
VD6OvUJgUaCAi4pmmh14Vp2u4eU/lagyoeXcojshHsdp395wwe5ZlBflSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKaZMGUp0HvwdcPVIT+ZHtf4w+FZMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvcHBrd1pTblFlX0IxdzlVaFA1a2UxX2pENFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH6uEAwQC
LZoEAwQCbes0AwQCuZm8AwQCucRcMA0GCSqGSIb3DQEBCwUAA4IBAQByVohxV4Oe
toU8j8OoqW/RI2FhG3lAYkLDEfSgAVQPSk7EcTOwgroxWbA0BepRxzhM6KUb05VT
6oT0byRMR4rOtOAfAmyVtq4738m13oOlBx2bOx4kw1Ue2V4eaJmJ0kCPFOZNxJAT
vmAgDWti4jvMRv8aSqkcquX6IsjWE5UTT1jUf+Zc73MFlSVMNRSzL45SYp6fSumP
Wo1oqjuSa38R3vJPW4nKvCX/Sj0fEnjVzGGQ3SmivGCJrHdDIh/KzIY1fl2+18ER
ps4libzqH2c3gD1OU4dUEmTqbjI1XBiTK664WRIVBw4oMFLwH+7P+6Vh1VF7WtBN
BZLh/Tmr+2IW
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:28:33 2025 by rpki-client