Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/0yrxZSQJ1wUyH85Ez4W85_8deyk.roa
File: 0yrxZSQJ1wUyH85Ez4W85_8deyk.roa (raw, json)
Hash identifier: oB/nrKT1HSAEvSmkGIU2bhiitJgSrJq6nsR9S6AnhzQ=
Subject key identifier: D3:2A:F1:65:24:09:D7:05:32:1F:CE:44:CF:85:BC:E7:FF:1D:7B:29
Certificate issuer: /CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0
Certificate serial: 019420682A4F5BF3C74F46CB58565066D1C1
Authority key identifier: 56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/0yrxZSQJ1wUyH85Ez4W85_8deyk.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201198
IP address blocks: 31.14.233.0/24 maxlen: 24
94.177.114.0/23 maxlen: 24
176.223.189.0/24 maxlen: 24
185.53.252.0/22 maxlen: 24
2a01:7c60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2a:4f:5b:f3:c7:4f:46:cb:58:56:50:66:d1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d32af1652409d705321fce44cf85bce7ff1d7b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:17:b4:40:f6:3f:6d:2f:d3:06:de:31:80:41:
0e:a8:e5:f4:a8:c0:e0:b9:fe:09:1b:ca:d2:af:c9:
0f:7f:8e:a6:64:57:84:b7:65:b4:09:f9:11:27:0c:
df:22:c5:4f:c9:96:02:1c:9c:33:f1:12:30:3b:1b:
7c:19:86:91:6d:c2:e9:47:ff:62:20:7d:60:d3:3a:
79:40:e6:da:70:b3:d0:9f:c8:85:f6:3b:84:f0:56:
4c:37:e1:7b:18:84:db:78:b8:b5:c4:dc:13:0d:d6:
c4:bd:5b:85:0c:e0:64:4e:02:b8:a4:8a:90:8d:bc:
d0:55:f5:d4:a2:f0:b4:ea:1d:27:0d:cf:b5:d0:9a:
20:2c:d6:db:f9:18:b2:cc:9e:46:6b:b7:a4:24:77:
c9:d6:e1:13:a0:54:d8:40:7d:70:71:55:93:07:48:
ea:68:a6:05:f2:32:55:f5:63:aa:a2:15:76:de:6f:
a4:a2:c9:df:28:4e:74:c9:9d:30:41:77:8d:49:a0:
2d:9a:58:77:6e:aa:d8:28:54:78:7a:bf:55:fd:f0:
5f:32:cf:6d:43:60:25:c7:81:5f:3c:e7:5b:7f:70:
08:93:78:bb:66:0a:1f:92:f1:07:53:09:2d:4b:08:
a5:79:21:69:a0:04:e5:54:6e:86:ec:59:e0:b5:0a:
0f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2A:F1:65:24:09:D7:05:32:1F:CE:44:CF:85:BC:E7:FF:1D:7B:29
X509v3 Authority Key Identifier:
keyid:56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/0yrxZSQJ1wUyH85Ez4W85_8deyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.233.0/24
94.177.114.0/23
176.223.189.0/24
185.53.252.0/22
IPv6:
2a01:7c60::/32
Signature Algorithm: sha256WithRSAEncryption
ad:8e:bc:dc:32:ad:c7:24:1a:cd:d9:32:81:e7:1c:d9:97:a6:
89:1a:3b:2a:b6:34:8c:26:28:31:10:48:72:d4:e9:ac:62:2c:
b7:22:6f:dc:35:53:4f:c6:7c:83:8e:9b:72:17:30:21:08:85:
66:0f:f9:9f:df:b4:e8:03:01:bd:c7:a9:b0:fd:ab:66:7d:5b:
4a:d7:63:2b:13:be:ec:a3:84:cc:65:4c:f7:80:56:52:83:aa:
bb:09:23:d2:ba:20:2a:20:c0:ae:ac:cf:dc:b4:aa:6d:44:04:
d4:d5:78:da:b0:55:40:81:82:ac:d9:cb:57:82:56:65:30:75:
b9:ea:91:16:f0:ed:50:af:a2:37:44:e2:74:67:60:fd:d9:bd:
7e:a8:c7:72:1d:fd:dc:48:85:6a:fa:d4:ca:c9:48:c3:c4:1b:
6d:0b:4d:ba:e0:96:9b:5d:69:f3:57:3b:48:fa:48:6e:7a:e7:
c7:ef:3e:ea:22:68:04:b6:5e:bc:62:19:60:39:e0:e8:e9:b6:
40:75:3d:34:c4:7f:cf:64:f1:8b:26:d0:ad:8a:1d:c8:67:03:
1c:d2:8a:92:71:40:6e:4b:53:6e:bb:3b:08:f4:e8:8c:da:af:
76:eb:bb:a4:ae:31:9d:30:3f:3d:41:93:a9:ae:45:a3:7c:fc:
41:5f:09:5a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQgaCpPW/PHT0bLWFZQZtHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWExZWVkOTkwZWQwMzFlZTE3YjBiMTNkYThmODNlMGVm
YmEyYjAwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJhZjE2NTI0MDlkNzA1MzIxZmNlNDRjZjg1YmNlN2ZmMWQ3YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0he0QPY/bS/TBt4xgEEOqOX0qMDg
uf4JG8rSr8kPf46mZFeEt2W0CfkRJwzfIsVPyZYCHJwz8RIwOxt8GYaRbcLpR/9i
IH1g0zp5QObacLPQn8iF9juE8FZMN+F7GITbeLi1xNwTDdbEvVuFDOBkTgK4pIqQ
jbzQVfXUovC06h0nDc+10JogLNbb+RiyzJ5Ga7ekJHfJ1uEToFTYQH1wcVWTB0jq
aKYF8jJV9WOqohV23m+kosnfKE50yZ0wQXeNSaAtmlh3bqrYKFR4er9V/fBfMs9t
Q2Alx4FfPOdbf3AIk3i7ZgofkvEHUwktSwileSFpoATlVG6G7FngtQoP6QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNMq8WUkCdcFMh/ORM+FvOf/HXspMB8GA1UdIwQY
MBaAFFaqHu2ZDtAx7hewsT2o+D4O+6KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFvZTdaa08wREh1RjdDeFBhajRQZzc3b3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZDIwZjQtMjk3Ny00ZTA2LTllNzIt
YWM0NTQ5OTc3OTAxLzEvMHlyeFpTUUoxd1V5SDg1RXo0Vzg1XzhkZXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81ZDIwZjQtMjk3Ny00ZTA2LTllNzItYWM0NTQ5OTc3OTAx
LzEvVnFvZTdaa08wREh1RjdDeFBhajRQZzc3b3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHw7pAwQB
XrFyAwQAsN+9AwQCuTX8MA0EAgACMAcDBQAqAXxgMA0GCSqGSIb3DQEBCwUAA4IB
AQCtjrzcMq3HJBrN2TKB5xzZl6aJGjsqtjSMJigxEEhy1OmsYiy3Im/cNVNPxnyD
jptyFzAhCIVmD/mf37ToAwG9x6mw/atmfVtK12MrE77so4TMZUz3gFZSg6q7CSPS
uiAqIMCurM/ctKptRATU1XjasFVAgYKs2ctXglZlMHW56pEW8O1Qr6I3ROJ0Z2D9
2b1+qMdyHf3cSIVq+tTKyUjDxBttC0264JabXWnzVztI+khueufH7z7qImgEtl68
YhlgOeDo6bZAdT00xH/PZPGLJtCtih3IZwMc0oqScUBuS1NuuzsI9OiM2q9267uk
rjGdMD89QZOprkWjfPxBXwla
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:44:22 2025 by rpki-client