Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d11fff-d357-45c4-b806-6e907c378e47/1/TmqWgHpeeJj183iBMyeSugRXppo.roa
File: TmqWgHpeeJj183iBMyeSugRXppo.roa (raw, json)
Hash identifier: QRX0o0RXuVe9MyVAJUT6rRf9R3GgJMpGwqTXc4H60JU=
Subject key identifier: 4E:6A:96:80:7A:5E:78:98:F5:F3:78:81:33:27:92:BA:04:57:A6:9A
Certificate issuer: /CN=b4ad9f4a6635e3a0475b81b4c066e35208924780
Certificate serial: 018606B89E56A1B53E5128702272F103AC8E
Authority key identifier: B4:AD:9F:4A:66:35:E3:A0:47:5B:81:B4:C0:66:E3:52:08:92:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tK2fSmY146BHW4G0wGbjUgiSR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d11fff-d357-45c4-b806-6e907c378e47/1/TmqWgHpeeJj183iBMyeSugRXppo.roa
Signing time: Tue 31 Jan 2023 07:26:47 +0000
ROA not before: Tue 31 Jan 2023 07:26:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 31.222.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:06:b8:9e:56:a1:b5:3e:51:28:70:22:72:f1:03:ac:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ad9f4a6635e3a0475b81b4c066e35208924780
Validity
Not Before: Jan 31 07:26:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e6a96807a5e7898f5f37881332792ba0457a69a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a3:25:ca:53:fa:8a:e6:6c:0c:ed:52:05:90:
12:1b:22:48:30:68:d0:d5:3a:b3:5c:8e:2a:57:44:
aa:c0:c3:22:80:02:4a:b1:12:72:04:03:13:74:34:
86:9e:eb:59:5c:6a:84:73:7b:8e:16:6c:db:33:79:
70:11:ca:45:92:f9:fb:e5:60:3e:bd:b2:c1:90:57:
29:f9:f7:18:7a:9c:03:1e:4f:0b:8d:4b:22:b4:33:
32:3d:43:87:77:6e:5b:1d:f3:2c:7a:f0:1b:5a:92:
5e:a2:87:00:86:98:b9:26:a5:f4:6d:81:b1:14:c0:
ef:5c:02:02:f9:da:78:0b:d1:7b:f2:28:54:40:89:
6a:88:46:13:b8:c4:a5:37:6d:73:33:e9:fe:44:43:
f2:4f:7f:d1:c7:aa:0b:59:87:19:b2:ab:b5:72:cc:
c6:4c:35:d0:27:80:17:5b:bb:20:d8:db:39:a9:18:
98:5f:5d:85:c7:19:89:cc:87:e2:89:0a:fc:87:e8:
59:4d:ef:40:d7:6b:b7:81:bd:97:ff:59:1a:b9:46:
e8:2f:58:b6:19:c3:36:ce:e2:be:57:6d:ae:a4:06:
36:f8:d0:ae:c6:10:19:ce:6a:49:54:a4:d4:9a:21:
09:4e:9a:42:a5:67:a6:d7:2a:ae:9c:c3:bf:7f:02:
2f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6A:96:80:7A:5E:78:98:F5:F3:78:81:33:27:92:BA:04:57:A6:9A
X509v3 Authority Key Identifier:
keyid:B4:AD:9F:4A:66:35:E3:A0:47:5B:81:B4:C0:66:E3:52:08:92:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tK2fSmY146BHW4G0wGbjUgiSR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d11fff-d357-45c4-b806-6e907c378e47/1/TmqWgHpeeJj183iBMyeSugRXppo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d11fff-d357-45c4-b806-6e907c378e47/1/tK2fSmY146BHW4G0wGbjUgiSR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.238.0/24
Signature Algorithm: sha256WithRSAEncryption
36:96:f4:0c:95:7e:7e:bc:19:50:b4:8a:ee:1c:d4:37:75:e7:
24:88:5c:f8:a2:db:13:06:f0:d5:05:3e:85:a7:30:c3:a3:fc:
64:2b:29:10:26:e8:5a:ac:9b:95:d0:7b:01:a2:9d:8a:4c:53:
a0:04:9f:d0:8b:22:2b:8d:a2:04:88:fb:c1:c4:f5:f8:17:3d:
d2:aa:6b:28:71:74:ab:7c:18:ac:49:29:54:7f:59:d9:1d:06:
04:24:70:9e:9d:b6:08:e5:b6:d6:cc:08:73:ea:26:91:cb:e9:
7b:2f:a1:31:8a:52:9f:89:25:9c:38:9d:fc:40:74:fb:56:95:
d5:4f:cd:b9:f7:c8:ee:31:7a:98:f3:f2:0f:7d:aa:cd:49:92:
06:b9:81:71:3d:e2:e1:00:9c:fa:f7:e2:e0:74:89:61:bf:47:
fb:c5:f2:98:11:70:a2:f8:dd:6d:1d:df:e6:5b:09:73:ee:7f:
c1:b0:14:9a:eb:53:0b:94:58:60:25:c9:24:54:20:03:61:58:
d1:74:a6:43:79:53:39:30:d1:7d:be:fa:80:c3:43:16:ba:d0:
0b:c3:19:8b:c4:90:19:8f:3c:9e:99:13:13:ca:3d:c5:e4:5a:
db:3a:23:3f:f8:74:44:10:a8:23:96:c5:1a:fe:c9:00:16:1c:
b3:e5:d6:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYGuJ5WobU+UShwInLxA6yOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YWQ5ZjRhNjYzNWUzYTA0NzViODFiNGMwNjZlMzUyMDg5
MjQ3ODAwHhcNMjMwMTMxMDcyNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTZhOTY4MDdhNWU3ODk4ZjVmMzc4ODEzMzI3OTJiYTA0NTdhNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6MlylP6iuZsDO1SBZASGyJIMGjQ
1TqzXI4qV0SqwMMigAJKsRJyBAMTdDSGnutZXGqEc3uOFmzbM3lwEcpFkvn75WA+
vbLBkFcp+fcYepwDHk8LjUsitDMyPUOHd25bHfMsevAbWpJeoocAhpi5JqX0bYGx
FMDvXAIC+dp4C9F78ihUQIlqiEYTuMSlN21zM+n+REPyT3/Rx6oLWYcZsqu1cszG
TDXQJ4AXW7sg2Ns5qRiYX12FxxmJzIfiiQr8h+hZTe9A12u3gb2X/1kauUboL1i2
GcM2zuK+V22upAY2+NCuxhAZzmpJVKTUmiEJTppCpWem1yqunMO/fwIvjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5qloB6XniY9fN4gTMnkroEV6aaMB8GA1UdIwQY
MBaAFLStn0pmNeOgR1uBtMBm41IIkkeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEsyZlNtWTE0NkJIVzRHMHdHYmpVZ2lTUjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kMTFmZmYtZDM1Ny00NWM0LWI4MDYt
NmU5MDdjMzc4ZTQ3LzEvVG1xV2dIcGVlSmoxODNpQk15ZVN1Z1JYcHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kMTFmZmYtZDM1Ny00NWM0LWI4MDYtNmU5MDdjMzc4ZTQ3
LzEvdEsyZlNtWTE0NkJIVzRHMHdHYmpVZ2lTUjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH97uMA0G
CSqGSIb3DQEBCwUAA4IBAQA2lvQMlX5+vBlQtIruHNQ3deckiFz4otsTBvDVBT6F
pzDDo/xkKykQJuharJuV0HsBop2KTFOgBJ/QiyIrjaIEiPvBxPX4Fz3SqmsocXSr
fBisSSlUf1nZHQYEJHCenbYI5bbWzAhz6iaRy+l7L6ExilKfiSWcOJ38QHT7VpXV
T82598juMXqY8/IPfarNSZIGuYFxPeLhAJz69+LgdIlhv0f7xfKYEXCi+N1tHd/m
Wwlz7n/BsBSa61MLlFhgJckkVCADYVjRdKZDeVM5MNF9vvqAw0MWutALwxmLxJAZ
jzyemRMTyj3F5FrbOiM/+HREEKgjlsUa/skAFhyz5daG
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:18:01 2025 by rpki-client