Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/cAwqfrtb7RGZwQ4-1glnZSV1hmw.roa
File: cAwqfrtb7RGZwQ4-1glnZSV1hmw.roa (raw, json)
Hash identifier: DexdHx6Dwepza0uinTLhNHB2OsSdkoVGadlVgHRZqMI=
Subject key identifier: 70:0C:2A:7E:BB:5B:ED:11:99:C1:0E:3E:D6:09:67:65:25:75:86:6C
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018CC6B8C6CCE507035A85CD8A3AFEE05D15
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/cAwqfrtb7RGZwQ4-1glnZSV1hmw.roa
Signing time: Mon 01 Jan 2024 20:30:47 +0000
ROA not before: Mon 01 Jan 2024 20:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25098
IP address blocks: 31.40.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:c6:cc:e5:07:03:5a:85:cd:8a:3a:fe:e0:5d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 20:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=700c2a7ebb5bed1199c10e3ed60967652575866c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:25:5c:8f:16:1b:2f:79:3b:a7:d1:3c:03:aa:
e6:2a:64:04:30:de:7f:66:4b:f0:ea:d6:ef:c3:28:
bf:82:28:83:e0:e5:d7:2e:7b:6f:08:10:fb:c3:d0:
6a:f7:5d:3c:c1:9a:1c:93:dd:c7:5f:26:d8:d7:1c:
88:6c:b2:4a:90:44:78:dc:b2:1d:7a:ce:f5:8a:b0:
9f:78:78:81:3f:94:13:06:ed:52:08:45:81:cc:0f:
07:23:36:09:c1:a5:4b:ec:23:aa:4e:11:26:37:ef:
11:a3:41:e4:65:32:74:c7:44:f0:06:6d:4f:a4:37:
d8:e4:3a:9c:6f:90:ac:74:33:d2:c1:08:87:71:55:
28:73:df:98:c9:9d:d3:ee:3f:6c:c6:90:8b:d9:2d:
03:ed:ee:d6:24:dd:87:86:0d:bd:ee:12:a8:35:59:
5d:0a:7a:f9:b5:bd:7b:9c:00:84:85:68:c5:09:1a:
fa:7f:b8:3d:d5:f3:df:22:13:6b:47:db:69:af:f2:
9c:f0:7f:f4:97:a5:62:0a:40:e7:57:4a:eb:57:73:
70:b2:32:b4:24:05:6d:bb:1b:c8:7a:71:38:11:1c:
4e:08:78:58:d4:9c:f6:14:b7:bf:cb:51:73:81:03:
d8:9d:2a:f9:45:67:8e:f4:27:25:a9:ea:f7:b7:b6:
48:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0C:2A:7E:BB:5B:ED:11:99:C1:0E:3E:D6:09:67:65:25:75:86:6C
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/cAwqfrtb7RGZwQ4-1glnZSV1hmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/22
85.8.144.0/22
188.119.68.0/22
212.107.4.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:01:ec:4b:ff:72:12:cb:a8:a3:32:f1:c3:23:45:5c:ad:a7:
28:92:89:4a:c2:77:16:36:e7:65:06:3b:5f:e1:ee:ab:bb:e2:
0a:6f:b9:6e:05:22:1c:45:32:b6:47:70:d2:70:69:ac:91:eb:
79:87:2f:cc:fe:f8:72:ab:db:ab:1d:b9:46:55:d4:87:6b:88:
fb:c8:f7:55:7a:a2:02:34:14:2d:0a:0c:19:06:a7:c9:b5:9d:
4d:3a:08:80:e7:83:bc:92:10:09:de:1b:28:e5:92:25:b7:bf:
d1:d3:a2:23:e5:09:0e:ba:30:f6:b8:49:f2:65:c0:98:80:e2:
10:80:66:8f:63:89:15:81:61:a3:17:2f:2a:16:2a:a8:60:95:
8e:43:95:76:d6:7a:c8:77:c2:91:ea:cf:87:f7:40:35:de:23:
57:f4:76:9c:d6:db:fd:8d:65:31:75:9c:c9:4a:81:5e:a0:e4:
1e:95:6a:bc:26:fa:92:f6:1c:e9:69:84:23:16:b3:bb:c6:ea:
36:f3:7c:d9:7a:64:aa:8c:4d:cc:b1:88:27:4d:48:c1:f4:ab:
d7:29:d4:a7:be:cc:01:c0:64:e9:9a:3d:01:d7:40:38:bc:60:
f8:0c:77:93:bd:72:dc:8c:94:a4:d0:36:b4:3e:86:3e:da:dd:
16:a6:3e:3b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzGuMbM5QcDWoXNijr+4F0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMTAxMjAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDBjMmE3ZWJiNWJlZDExOTljMTBlM2VkNjA5Njc2NTI1NzU4NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyVcjxYbL3k7p9E8A6rmKmQEMN5/
Zkvw6tbvwyi/giiD4OXXLntvCBD7w9Bq9108wZock93HXybY1xyIbLJKkER43LId
es71irCfeHiBP5QTBu1SCEWBzA8HIzYJwaVL7COqThEmN+8Ro0HkZTJ0x0TwBm1P
pDfY5Dqcb5CsdDPSwQiHcVUoc9+YyZ3T7j9sxpCL2S0D7e7WJN2Hhg297hKoNVld
Cnr5tb17nACEhWjFCRr6f7g91fPfIhNrR9tpr/Kc8H/0l6ViCkDnV0rrV3NwsjK0
JAVtuxvIenE4ERxOCHhY1Jz2FLe/y1FzgQPYnSr5RWeO9Cclqer3t7ZIiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHAMKn67W+0RmcEOPtYJZ2UldYZsMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvY0F3cWZydGI3Ukdad1E0LTFnbG5aU1YxaG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHyjEAwQC
VQiQAwQCvHdEAwQC1GsEAwQC1HNkMA0GCSqGSIb3DQEBCwUAA4IBAQCpAexL/3IS
y6ijMvHDI0VcracokolKwncWNudlBjtf4e6ru+IKb7luBSIcRTK2R3DScGmsket5
hy/M/vhyq9urHblGVdSHa4j7yPdVeqICNBQtCgwZBqfJtZ1NOgiA54O8khAJ3hso
5ZIlt7/R06Ij5QkOujD2uEnyZcCYgOIQgGaPY4kVgWGjFy8qFiqoYJWOQ5V21nrI
d8KR6s+H90A13iNX9Hac1tv9jWUxdZzJSoFeoOQelWq8JvqS9hzpaYQjFrO7xuo2
83zZemSqjE3MsYgnTUjB9KvXKdSnvswBwGTpmj0B10A4vGD4DHeTvXLcjJSk0Da0
PoY+2t0Wpj47
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:17 2025 by rpki-client