Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/DAXySVNqPCi6J3ZEkqsK6mQzEo0.roa
File: DAXySVNqPCi6J3ZEkqsK6mQzEo0.roa (raw, json)
Hash identifier: 1vdU575Nvmo4M5l6Ffsjy5KnIdgyA3pJiv+3qdMKIaQ=
Subject key identifier: 0C:05:F2:49:53:6A:3C:28:BA:27:76:44:92:AB:0A:EA:64:33:12:8D
Certificate issuer: /CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Certificate serial: 018927B0E3C2E69963915274C37F41DFECE0
Authority key identifier: FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/DAXySVNqPCi6J3ZEkqsK6mQzEo0.roa
Signing time: Wed 05 Jul 2023 20:14:11 +0000
ROA not before: Wed 05 Jul 2023 20:14:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43444
IP address blocks: 31.134.0.0/22 maxlen: 22
31.134.4.0/22 maxlen: 22
31.134.8.0/22 maxlen: 22
31.134.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:27:b0:e3:c2:e6:99:63:91:52:74:c3:7f:41:df:ec:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Validity
Not Before: Jul 5 20:14:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c05f249536a3c28ba27764492ab0aea6433128d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:53:cd:8f:95:ad:64:08:53:45:e6:01:48:0c:
67:98:0e:55:57:d1:4f:8d:61:7a:10:a7:93:43:7a:
78:43:a9:69:bb:57:b3:71:88:85:c6:7e:85:37:02:
a5:75:be:8a:1d:06:02:89:40:48:bc:ac:9f:18:bf:
2e:4c:54:90:d5:46:5f:3a:4b:c3:ac:ce:15:b7:6c:
2f:39:67:dd:24:0f:ee:9c:3e:a5:45:ba:b6:11:a0:
19:19:32:e9:89:c3:21:d6:c0:84:5b:47:2a:fd:83:
64:e0:54:b5:96:ab:97:f3:c6:90:6c:a2:16:31:3b:
31:7f:34:32:4b:6f:38:6e:ae:95:6c:c5:db:07:71:
8b:cc:09:52:3c:32:44:bd:54:b6:72:47:a3:b8:d5:
45:2d:e0:52:94:69:75:b6:b3:1a:fb:0f:2d:33:c5:
fe:ec:f3:3b:a1:77:35:66:8a:cd:49:57:97:ab:8a:
67:99:17:4d:cc:92:e3:bf:30:1a:7f:7f:eb:1f:9d:
f2:b3:9e:ce:76:fd:3c:ed:c2:ea:cb:09:83:e7:bc:
ca:ec:bc:b7:4c:d7:43:12:a0:18:17:85:42:aa:1c:
b4:df:24:5e:34:61:33:f2:fc:81:d7:70:15:15:cd:
61:2a:07:e3:11:da:d9:fe:ef:50:1f:1d:58:04:2b:
e8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:05:F2:49:53:6A:3C:28:BA:27:76:44:92:AB:0A:EA:64:33:12:8D
X509v3 Authority Key Identifier:
keyid:FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/DAXySVNqPCi6J3ZEkqsK6mQzEo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.0.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:89:90:bc:25:a2:f4:0d:8e:04:86:0a:50:ea:b0:e2:5f:a4:
8a:10:c4:f2:bf:0c:ac:22:38:30:95:81:56:d4:f9:d7:14:cd:
34:88:c4:43:bd:c4:40:03:14:c2:a0:fb:ff:7f:c4:39:ce:8a:
f1:8f:9d:2a:cf:66:2b:ef:52:4a:0c:55:86:38:fb:dd:7f:31:
05:0a:7a:b8:8c:04:9e:6c:67:69:d6:44:67:af:34:fc:12:96:
81:5c:c2:06:96:81:21:5c:ca:93:46:b3:10:6f:eb:f1:e4:62:
73:2e:17:ea:d4:0d:1c:11:4e:b5:cd:ff:a3:59:24:21:35:7b:
be:bf:48:e1:99:33:e8:2b:c0:da:af:9d:ad:0e:b3:a1:54:6c:
5a:32:89:10:18:05:d7:74:33:bf:39:b1:27:79:7b:bf:ee:75:
34:80:2d:9a:0c:52:19:9f:86:41:c1:d6:4d:ba:0e:70:0b:0f:
28:fd:80:44:6e:89:95:2d:95:a6:15:68:34:d1:d2:b6:a7:d6:
65:20:b7:8d:fa:96:24:86:52:ac:90:2c:b1:b4:ed:ea:d1:a7:
27:d1:a4:3a:59:b1:e6:63:73:b4:9f:8d:70:70:a3:ab:cd:f4:
5d:32:52:68:9d:2f:65:18:83:85:5d:0c:0c:6a:62:96:b9:c0:
98:78:e8:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYknsOPC5pljkVJ0w39B3+zgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWQ2OThlY2Y2NmFlNDZlZGUxZmM4MjMwYmZiZTIwOTZk
NTI0NWIwHhcNMjMwNzA1MjAxNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA1ZjI0OTUzNmEzYzI4YmEyNzc2NDQ5MmFiMGFlYTY0MzMxMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllPNj5WtZAhTReYBSAxnmA5VV9FP
jWF6EKeTQ3p4Q6lpu1ezcYiFxn6FNwKldb6KHQYCiUBIvKyfGL8uTFSQ1UZfOkvD
rM4Vt2wvOWfdJA/unD6lRbq2EaAZGTLpicMh1sCEW0cq/YNk4FS1lquX88aQbKIW
MTsxfzQyS284bq6VbMXbB3GLzAlSPDJEvVS2ckejuNVFLeBSlGl1trMa+w8tM8X+
7PM7oXc1ZorNSVeXq4pnmRdNzJLjvzAaf3/rH53ys57Odv087cLqywmD57zK7Ly3
TNdDEqAYF4VCqhy03yReNGEz8vyB13AVFc1hKgfjEdrZ/u9QHx1YBCvo2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwF8klTajwouid2RJKrCupkMxKNMB8GA1UdIwQY
MBaAFP5daY7PZq5G7eH8gjC/viCW1SRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUt
ZWNmMjMzZjhjZTgyLzEvREFYeVNWTnFQQ2k2SjNaRWtxc0s2bVF6RW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUtZWNmMjMzZjhjZTgy
LzEvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4YAMA0G
CSqGSIb3DQEBCwUAA4IBAQCLiZC8JaL0DY4EhgpQ6rDiX6SKEMTyvwysIjgwlYFW
1PnXFM00iMRDvcRAAxTCoPv/f8Q5zorxj50qz2Yr71JKDFWGOPvdfzEFCnq4jASe
bGdp1kRnrzT8EpaBXMIGloEhXMqTRrMQb+vx5GJzLhfq1A0cEU61zf+jWSQhNXu+
v0jhmTPoK8Dar52tDrOhVGxaMokQGAXXdDO/ObEneXu/7nU0gC2aDFIZn4ZBwdZN
ug5wCw8o/YBEbomVLZWmFWg00dK2p9ZlILeN+pYkhlKskCyxtO3q0acn0aQ6WbHm
Y3O0n41wcKOrzfRdMlJonS9lGIOFXQwMamKWucCYeOhI
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:08:15 2025 by rpki-client