Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/piyG_4pLweIpFIJp244sQ3YLI3M.roa
File: piyG_4pLweIpFIJp244sQ3YLI3M.roa (raw, json)
Hash identifier: yuMmrMBvXUR0TS0lNqk4ZJrc0tskyVrHhBjRTlP7+Vw=
Subject key identifier: A6:2C:86:FF:8A:4B:C1:E2:29:14:82:69:DB:8E:2C:43:76:0B:23:73
Certificate issuer: /CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Certificate serial: 019424449E7C452A4B3552E35927203C47FC
Authority key identifier: DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/piyG_4pLweIpFIJp244sQ3YLI3M.roa
Signing time: Wed 01 Jan 2025 23:47:44 +0000
ROA not before: Wed 01 Jan 2025 23:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25455
IP address blocks: 31.210.169.0/24 maxlen: 24
83.143.68.0/22 maxlen: 22
91.90.200.0/21 maxlen: 21
92.43.164.0/23 maxlen: 23
94.232.30.0/24 maxlen: 24
185.79.40.0/22 maxlen: 22
2a05:7140::/32 maxlen: 32
2a05:7141::/32 maxlen: 32
2a05:7142::/31 maxlen: 31
2a05:7144::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9e:7c:45:2a:4b:35:52:e3:59:27:20:3c:47:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Validity
Not Before: Jan 1 23:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a62c86ff8a4bc1e229148269db8e2c43760b2373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a5:c0:8f:8a:3e:3d:d7:16:53:41:a4:37:d1:
e0:24:11:ed:0c:e3:0f:2a:d4:74:80:a9:06:99:28:
27:52:bc:e9:51:1c:23:4c:9b:e0:0d:4d:c0:68:12:
bd:4f:92:14:1f:96:a2:62:38:f5:b4:96:ae:17:67:
ab:b2:c8:47:7b:0a:3d:73:f3:66:6d:bf:24:95:77:
61:69:19:28:b2:cf:22:3e:c2:be:e7:cd:e5:8b:58:
36:da:de:50:96:d6:4d:aa:39:cd:23:08:13:08:65:
c0:3a:fb:24:99:f5:e2:bf:6b:2e:64:4c:2d:0a:35:
a9:b3:c2:89:ba:76:55:7b:ea:fa:80:91:92:28:5a:
c4:3e:f9:00:8a:ef:85:3a:e4:d0:81:8a:97:b7:c1:
8e:2c:f6:35:1e:10:80:78:27:fc:1f:c7:e3:34:4d:
db:f2:5d:45:af:f7:91:02:e4:a2:71:e8:e9:0f:2f:
f0:88:86:0f:29:04:0d:1c:1a:10:37:d6:84:83:18:
13:a7:b8:19:2f:c3:15:3a:b2:78:8d:cc:5d:55:1a:
7c:43:22:1a:b3:70:b3:f4:e4:38:5c:2d:47:46:25:
ba:c8:c0:07:9d:da:b9:1e:a8:01:be:0f:92:fa:70:
49:0d:46:ad:cb:be:3e:1f:f2:ca:3f:2c:b2:d9:ac:
16:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2C:86:FF:8A:4B:C1:E2:29:14:82:69:DB:8E:2C:43:76:0B:23:73
X509v3 Authority Key Identifier:
keyid:DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/piyG_4pLweIpFIJp244sQ3YLI3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.169.0/24
83.143.68.0/22
91.90.200.0/21
92.43.164.0/23
94.232.30.0/24
185.79.40.0/22
IPv6:
2a05:7140::/29
Signature Algorithm: sha256WithRSAEncryption
1d:5d:bb:69:30:13:b9:9d:c9:8d:96:bd:86:6e:cf:65:b3:94:
e9:59:ea:49:9d:69:a6:41:47:9d:c9:41:69:53:3b:e4:61:46:
e4:f5:b8:d3:0f:ac:5d:c7:86:4a:0c:ae:f0:b7:bd:68:1f:3c:
6e:c5:dd:ca:ac:cd:be:9e:73:50:e9:15:7d:0d:fc:a8:d8:7a:
ee:65:5a:8c:ac:03:c1:9a:6c:3c:4b:3b:13:b4:a6:93:fa:01:
d3:17:8b:77:e7:02:67:3c:79:0c:20:dc:38:35:60:98:ab:f3:
16:7f:08:53:7c:70:62:67:6a:0e:c9:35:0a:f7:34:37:83:0a:
c6:69:f9:c9:aa:9a:03:1a:d5:44:bf:ff:41:82:3d:ed:b1:b3:
34:6e:14:62:2c:56:99:0d:86:cc:44:1f:a8:33:f4:4f:a1:d6:
00:cc:d7:65:30:a1:59:51:6b:e0:1d:82:19:a6:52:14:d4:8d:
4b:35:3e:f0:27:37:d7:5e:74:dd:8d:47:16:c8:0e:94:cb:db:
8c:98:ed:77:43:c8:3d:5c:2f:9f:5c:d4:57:44:19:89:d7:13:
fa:0d:99:34:1d:d6:d1:70:08:f7:e2:e3:8a:b4:8b:5c:5a:5a:
5c:c2:1e:74:8d:81:3d:12:e0:b8:be:08:f4:37:9b:da:47:88:
a5:75:06:2c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQkRJ58RSpLNVLjWScgPEf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGE5NzhiOWNlNWQyNmViY2FhZDBjY2I2NzkxOGE5ZGYz
MThmODYwHhcNMjUwMTAxMjM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJjODZmZjhhNGJjMWUyMjkxNDgyNjlkYjhlMmM0Mzc2MGIyMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6XAj4o+PdcWU0GkN9HgJBHtDOMP
KtR0gKkGmSgnUrzpURwjTJvgDU3AaBK9T5IUH5aiYjj1tJauF2ersshHewo9c/Nm
bb8klXdhaRkoss8iPsK+583li1g22t5QltZNqjnNIwgTCGXAOvskmfXiv2suZEwt
CjWps8KJunZVe+r6gJGSKFrEPvkAiu+FOuTQgYqXt8GOLPY1HhCAeCf8H8fjNE3b
8l1Fr/eRAuSicejpDy/wiIYPKQQNHBoQN9aEgxgTp7gZL8MVOrJ4jcxdVRp8QyIa
s3Cz9OQ4XC1HRiW6yMAHndq5HqgBvg+S+nBJDUaty74+H/LKPyyy2awWewIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKYshv+KS8HiKRSCaduOLEN2CyNzMB8GA1UdIwQY
MBaAFNqKl4uc5dJuvKrQzLZ5GKnfMY+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEt
Yjc4ZGFjMzdlYWM4LzEvcGl5R180cEx3ZUlwRklKcDI0NHNRM1lMSTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEtYjc4ZGFjMzdlYWM4
LzEvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAH9KpAwQC
U49EAwQDW1rIAwQBXCukAwQAXugeAwQCuU8oMA0EAgACMAcDBQMqBXFAMA0GCSqG
SIb3DQEBCwUAA4IBAQAdXbtpMBO5ncmNlr2Gbs9ls5TpWepJnWmmQUedyUFpUzvk
YUbk9bjTD6xdx4ZKDK7wt71oHzxuxd3KrM2+nnNQ6RV9Dfyo2HruZVqMrAPBmmw8
SzsTtKaT+gHTF4t35wJnPHkMINw4NWCYq/MWfwhTfHBiZ2oOyTUK9zQ3gwrGafnJ
qpoDGtVEv/9Bgj3tsbM0bhRiLFaZDYbMRB+oM/RPodYAzNdlMKFZUWvgHYIZplIU
1I1LNT7wJzfXXnTdjUcWyA6Uy9uMmO13Q8g9XC+fXNRXRBmJ1xP6DZk0HdbRcAj3
4uOKtItcWlpcwh50jYE9EuC4vgj0N5vaR4ildQYs
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:08 2025 by rpki-client