Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/BY7zogmO24IEG5UVppQeS6Gd5vE.roa
File: BY7zogmO24IEG5UVppQeS6Gd5vE.roa (raw, json)
Hash identifier: p8kUsZQCJoolGFVcidzfKv54az7wkfAAI5567t8FEGQ=
Subject key identifier: 05:8E:F3:A2:09:8E:DB:82:04:1B:95:15:A6:94:1E:4B:A1:9D:E6:F1
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01948E4271C97BF8E443EB427889FB427B6D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/BY7zogmO24IEG5UVppQeS6Gd5vE.roa
Signing time: Wed 22 Jan 2025 13:45:06 +0000
ROA not before: Wed 22 Jan 2025 13:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205655
IP address blocks: 31.135.6.0/24 maxlen: 24
64.43.65.0/24 maxlen: 24
64.43.74.0/23 maxlen: 23
91.224.40.0/24 maxlen: 24
176.103.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:42:71:c9:7b:f8:e4:43:eb:42:78:89:fb:42:7b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 22 13:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=058ef3a2098edb82041b9515a6941e4ba19de6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:e8:c4:f2:1e:66:f5:15:5b:fb:52:b4:f7:
92:ec:75:61:c0:8e:ac:55:6d:c1:50:76:8e:73:95:
02:0f:40:88:73:6f:9b:31:a1:4b:4b:f6:c9:18:20:
1a:18:2e:4b:b0:b3:91:8f:4c:c0:f9:23:0e:d8:9d:
14:54:1e:48:8d:91:40:c7:b0:fd:ad:01:22:8e:fa:
b4:11:fe:0b:3b:53:c0:05:aa:0e:86:64:b1:c7:f2:
18:1c:fb:72:78:fc:c0:10:35:a8:cb:6e:69:ad:cb:
58:f7:2b:b6:3b:58:a6:8f:e0:d1:b7:79:58:c2:7f:
e9:0c:8d:2b:c0:23:b9:4d:c4:1a:a9:0d:dc:14:c2:
f5:05:7f:3e:4a:d3:d4:c1:f4:3e:94:dc:4d:7f:65:
bb:b9:4b:bc:e7:75:70:48:99:4a:48:a1:db:95:18:
37:29:e5:7a:4b:2f:04:95:17:2d:71:6a:61:46:28:
09:0d:a7:73:83:23:1d:7d:b8:f4:da:ed:ec:88:8b:
09:ee:0a:9a:38:bf:30:8a:1c:42:f8:95:57:b2:ed:
92:7a:bb:bf:0e:7e:89:66:3b:6a:81:d5:2e:d9:48:
fe:ed:b5:99:a0:b9:2e:b9:33:a5:10:d7:b9:f9:2e:
9d:4f:49:69:86:7d:da:0f:b6:c3:63:59:92:36:c0:
32:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8E:F3:A2:09:8E:DB:82:04:1B:95:15:A6:94:1E:4B:A1:9D:E6:F1
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/BY7zogmO24IEG5UVppQeS6Gd5vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.6.0/24
64.43.65.0/24
64.43.74.0/23
91.224.40.0/24
176.103.120.0/24
Signature Algorithm: sha256WithRSAEncryption
65:17:9f:a7:f5:53:a0:b3:9b:63:a1:e8:68:73:fb:1c:7f:14:
0d:ca:2a:e4:6c:ca:51:5b:ec:fe:fd:7b:f4:bc:da:8b:c2:ee:
89:ad:a5:96:db:92:9d:cd:3f:76:5a:ba:f9:77:78:a8:e1:4b:
ff:96:be:45:13:6e:84:63:16:a4:d4:3b:6e:bd:b5:07:62:6f:
98:e6:56:88:a5:4f:e4:fa:4d:a1:21:82:6c:53:19:5c:1c:10:
93:81:2f:36:45:78:fb:90:62:99:a6:7e:ad:29:6b:cf:40:df:
f4:41:0f:1c:59:80:f5:36:e3:59:3a:38:eb:6a:39:66:2e:f7:
e8:3b:f2:e7:b8:7b:b2:08:52:48:92:f3:1b:2a:2e:f0:e3:bf:
44:ba:fd:ef:be:16:3c:8b:0d:50:eb:f6:bf:4c:63:e1:45:ca:
a3:bb:53:c5:cc:b8:4a:f4:14:9a:d1:ee:f3:ab:a0:4e:00:1b:
07:37:9f:a1:b8:cd:0c:43:78:bc:53:da:02:40:33:c0:02:61:
d7:6b:ab:c0:d3:c6:9b:28:1a:58:3f:28:d2:7c:c9:c0:2b:37:
16:2a:5c:93:6a:c0:4f:96:a8:e3:b1:f9:22:ce:56:4c:63:0a:
ae:cb:1c:96:59:b7:84:14:8e:91:eb:fa:44:94:df:9f:1d:ac:
29:39:07:ee
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZSOQnHJe/jkQ+tCeIn7QnttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTIyMTM0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThlZjNhMjA5OGVkYjgyMDQxYjk1MTVhNjk0MWU0YmExOWRlNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsszoxPIeZvUVW/tStPeS7HVhwI6s
VW3BUHaOc5UCD0CIc2+bMaFLS/bJGCAaGC5LsLORj0zA+SMO2J0UVB5IjZFAx7D9
rQEijvq0Ef4LO1PABaoOhmSxx/IYHPtyePzAEDWoy25prctY9yu2O1imj+DRt3lY
wn/pDI0rwCO5TcQaqQ3cFML1BX8+StPUwfQ+lNxNf2W7uUu853VwSJlKSKHblRg3
KeV6Sy8ElRctcWphRigJDadzgyMdfbj02u3siIsJ7gqaOL8wihxC+JVXsu2Seru/
Dn6JZjtqgdUu2Uj+7bWZoLkuuTOlENe5+S6dT0lphn3aD7bDY1mSNsAyFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAWO86IJjtuCBBuVFaaUHkuhnebxMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvQlk3em9nbU8yNElFRzVVVnBwUWVTNkdkNXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH4cGAwQA
QCtBAwQBQCtKAwQAW+AoAwQAsGd4MA0GCSqGSIb3DQEBCwUAA4IBAQBlF5+n9VOg
s5tjoehoc/scfxQNyirkbMpRW+z+/Xv0vNqLwu6JraWW25KdzT92Wrr5d3io4Uv/
lr5FE26EYxak1DtuvbUHYm+Y5laIpU/k+k2hIYJsUxlcHBCTgS82RXj7kGKZpn6t
KWvPQN/0QQ8cWYD1NuNZOjjrajlmLvfoO/LnuHuyCFJIkvMbKi7w479Euv3vvhY8
iw1Q6/a/TGPhRcqju1PFzLhK9BSa0e7zq6BOABsHN5+huM0MQ3i8U9oCQDPAAmHX
a6vA08abKBpYPyjSfMnAKzcWKlyTasBPlqjjsfkizlZMYwquyxyWWbeEFI6R6/pE
lN+fHawpOQfu
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:03 2025 by rpki-client