Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/KA2I4i9InQ2rqhg_3CLM-J5d_Hg.roa
File: KA2I4i9InQ2rqhg_3CLM-J5d_Hg.roa (raw, json)
Hash identifier: R3BIjTAqtQn4zzMJbx5ODfsRnptiBRP8xqopwpF6mFM=
Subject key identifier: 28:0D:88:E2:2F:48:9D:0D:AB:AA:18:3F:DC:22:CC:F8:9E:5D:FC:78
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 01942827A1347F8C4E11F9F77E3F62165850
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/KA2I4i9InQ2rqhg_3CLM-J5d_Hg.roa
Signing time: Thu 02 Jan 2025 17:54:33 +0000
ROA not before: Thu 02 Jan 2025 17:54:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209420
IP address blocks: 31.207.68.0/24 maxlen: 24
31.207.69.0/24 maxlen: 24
152.89.133.0/24 maxlen: 24
192.145.16.0/23 maxlen: 23
192.145.16.0/24 maxlen: 24
192.145.17.0/24 maxlen: 24
192.145.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:a1:34:7f:8c:4e:11:f9:f7:7e:3f:62:16:58:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 2 17:54:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=280d88e22f489d0dabaa183fdc22ccf89e5dfc78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ac:45:74:11:bc:39:0b:29:6f:6c:1b:57:d5:
ca:64:8f:dc:d4:d2:36:53:ec:8d:c9:5e:04:36:40:
c7:16:52:ae:72:21:e6:fc:bd:dd:0e:be:87:84:dc:
61:fb:c5:74:43:c1:9d:73:75:1b:f0:98:69:7a:b7:
92:cc:a5:85:a1:ce:7f:66:c2:01:d8:c7:9d:43:30:
f8:70:2b:ec:0b:5b:18:65:78:3b:17:4b:c1:47:2e:
49:88:7f:2f:c7:2a:2b:81:b8:51:5a:50:f3:13:e8:
90:de:a3:10:e7:62:54:d9:f5:f0:46:3e:85:ca:b1:
44:e2:3e:bb:02:4f:8d:51:67:08:b4:0f:7f:20:d0:
63:81:98:ab:98:3e:3f:8b:8c:52:0f:eb:93:a7:fc:
3a:aa:c0:fa:0c:ce:47:f2:82:8d:9b:96:8a:df:6f:
eb:43:b7:a3:3a:41:61:05:5b:ae:cd:1d:18:b6:9f:
9a:30:1a:7a:50:a4:90:06:94:e4:ab:d3:75:09:a7:
e5:6e:47:19:9a:1f:db:24:14:dd:0e:3c:95:4d:6e:
6b:aa:da:40:f2:69:c7:a3:9d:98:a2:1f:ce:91:d6:
a7:16:88:72:45:0d:c1:16:22:63:11:24:5b:e4:5a:
05:28:3d:b4:4b:85:a2:69:7c:b6:b8:44:cb:dc:81:
5b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0D:88:E2:2F:48:9D:0D:AB:AA:18:3F:DC:22:CC:F8:9E:5D:FC:78
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/KA2I4i9InQ2rqhg_3CLM-J5d_Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.68.0/23
152.89.133.0/24
192.145.16.0-192.145.18.255
Signature Algorithm: sha256WithRSAEncryption
3c:84:a6:f1:b7:15:4f:78:c5:15:cd:c2:b3:e0:8b:45:e1:4b:
39:ff:0c:39:84:6a:f5:ec:f2:ee:28:41:e0:ef:dc:74:c1:d1:
bf:b2:8b:01:f2:a8:c8:b1:ff:68:13:0d:a6:94:e7:70:54:fc:
da:fa:3b:32:b6:c0:77:14:d3:44:01:02:ce:51:21:86:c8:78:
b5:7a:ac:a9:48:9a:20:97:4d:d8:f4:b6:7b:85:d7:31:4c:41:
61:0d:44:24:12:49:5b:d3:98:c8:37:9f:75:fc:7d:a7:c0:29:
cc:29:02:d4:8c:9c:48:ca:35:bd:93:32:b9:f1:8d:e7:2b:39:
66:12:15:d0:d0:4d:f3:26:71:3d:a9:b9:20:a7:26:80:b4:82:
f2:52:27:41:72:28:72:81:96:9d:78:1e:1a:40:6f:50:b8:d9:
85:4b:7a:54:cf:8b:46:49:bf:f3:73:85:25:50:68:83:c2:da:
e7:98:b3:c1:db:90:4c:8b:33:10:ac:a0:ac:97:62:0b:fb:2f:
65:f6:4c:55:4f:92:37:c1:fb:a1:e8:5d:8e:b9:94:29:68:99:
06:0d:e5:bc:8e:8c:b9:88:6a:80:3c:a1:62:ae:d3:37:75:91:
f3:d1:36:e9:d6:18:65:23:aa:8b:75:42:a3:8b:01:11:16:0d:
be:b9:92:e0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQoJ6E0f4xOEfn3fj9iFlhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjUwMTAyMTc1NDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBkODhlMjJmNDg5ZDBkYWJhYTE4M2ZkYzIyY2NmODllNWRmYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KxFdBG8OQspb2wbV9XKZI/c1NI2
U+yNyV4ENkDHFlKuciHm/L3dDr6HhNxh+8V0Q8Gdc3Ub8JhpereSzKWFoc5/ZsIB
2MedQzD4cCvsC1sYZXg7F0vBRy5JiH8vxyorgbhRWlDzE+iQ3qMQ52JU2fXwRj6F
yrFE4j67Ak+NUWcItA9/INBjgZirmD4/i4xSD+uTp/w6qsD6DM5H8oKNm5aK32/r
Q7ejOkFhBVuuzR0Ytp+aMBp6UKSQBpTkq9N1CaflbkcZmh/bJBTdDjyVTW5rqtpA
8mnHo52Yoh/OkdanFohyRQ3BFiJjESRb5FoFKD20S4WiaXy2uETL3IFb5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCgNiOIvSJ0Nq6oYP9wizPieXfx4MB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvS0EySTRpOUluUTJycWhnXzNDTE0tSjVkX0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBH89EAwQA
mFmFMAwDBATAkRADBADAkRIwDQYJKoZIhvcNAQELBQADggEBADyEpvG3FU94xRXN
wrPgi0XhSzn/DDmEavXs8u4oQeDv3HTB0b+yiwHyqMix/2gTDaaU53BU/Nr6OzK2
wHcU00QBAs5RIYbIeLV6rKlImiCXTdj0tnuF1zFMQWENRCQSSVvTmMg3n3X8fafA
KcwpAtSMnEjKNb2TMrnxjecrOWYSFdDQTfMmcT2puSCnJoC0gvJSJ0FyKHKBlp14
HhpAb1C42YVLelTPi0ZJv/NzhSVQaIPC2ueYs8HbkEyLMxCsoKyXYgv7L2X2TFVP
kjfB+6HoXY65lClomQYN5byOjLmIaoA8oWKu0zd1kfPRNunWGGUjqot1QqOLAREW
Db65kuA=
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:13:28 2025 by rpki-client