Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/VXa8-lEUtJcQ4aMtPiAwVckzue8.roa
File: VXa8-lEUtJcQ4aMtPiAwVckzue8.roa (raw, json)
Hash identifier: fIDgyPOY0ZcwWsR/YXb8gKNwWwlgsysF03KdynH/dbU=
Subject key identifier: 55:76:BC:FA:51:14:B4:97:10:E1:A3:2D:3E:20:30:55:C9:33:B9:EF
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 019426D9FCBE16BA059294A7F0C983FDF598
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/VXa8-lEUtJcQ4aMtPiAwVckzue8.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44043
IP address blocks: 31.14.12.0/24 maxlen: 24
31.14.13.0/24 maxlen: 24
31.14.14.0/24 maxlen: 24
31.14.15.0/24 maxlen: 24
31.14.22.0/24 maxlen: 24
31.14.23.0/24 maxlen: 24
46.102.249.0/24 maxlen: 24
89.44.47.0/24 maxlen: 24
89.44.120.0/24 maxlen: 24
89.44.138.0/24 maxlen: 24
89.44.139.0/24 maxlen: 24
89.46.7.0/24 maxlen: 24
91.195.28.0/24 maxlen: 24
91.195.29.0/24 maxlen: 24
92.114.94.0/24 maxlen: 24
92.114.95.0/24 maxlen: 24
94.176.104.0/24 maxlen: 24
94.176.105.0/24 maxlen: 24
176.126.200.0/24 maxlen: 24
176.126.201.0/24 maxlen: 24
176.126.202.0/24 maxlen: 24
176.126.203.0/24 maxlen: 24
176.223.120.0/23 maxlen: 23
176.223.122.0/23 maxlen: 23
176.223.124.0/23 maxlen: 23
176.223.126.0/23 maxlen: 23
185.92.192.0/24 maxlen: 24
185.92.193.0/24 maxlen: 24
185.92.194.0/24 maxlen: 24
185.92.195.0/24 maxlen: 24
188.212.156.0/24 maxlen: 24
188.213.20.0/23 maxlen: 23
188.215.244.0/23 maxlen: 23
188.215.250.0/23 maxlen: 23
188.240.2.0/23 maxlen: 23
188.240.235.0/24 maxlen: 24
188.241.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fc:be:16:ba:05:92:94:a7:f0:c9:83:fd:f5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5576bcfa5114b49710e1a32d3e203055c933b9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b7:b4:94:39:79:b3:59:66:eb:7e:97:9e:16:
91:e4:e9:a8:f6:d0:2d:28:a9:c9:9a:66:ce:c0:b1:
55:5e:5e:e4:03:d1:c4:05:68:7f:a8:e1:5a:0f:fd:
9d:cb:5a:6c:8a:a8:6b:32:60:d5:78:1f:53:90:2e:
a8:fc:31:c8:a5:ab:bd:2c:80:ec:8f:28:fa:47:50:
98:07:f3:d1:67:40:8b:88:ac:1d:b1:16:6b:1f:4f:
7d:32:ea:63:da:c4:84:b4:7a:ff:66:fd:7f:ed:1f:
ec:17:5c:4a:18:92:01:9a:7c:c1:5d:36:98:3c:58:
cc:ba:dc:81:14:44:85:54:d3:02:cf:2a:48:9f:80:
df:47:38:f5:6d:3e:66:c6:3e:56:19:0c:c5:23:66:
23:9d:93:23:58:95:b7:cb:20:fb:81:88:9d:28:3a:
db:a5:3f:94:de:eb:dc:16:06:09:26:2c:0a:40:ae:
a8:4c:9a:17:81:24:27:72:f7:28:75:09:6b:d2:ff:
9e:d6:b2:40:ec:cb:8d:c1:c4:0b:67:3b:62:a5:85:
c0:2f:9e:55:12:cb:bc:74:9d:69:cb:a8:af:8f:1e:
f0:54:b3:c6:b1:f3:cb:32:1b:0f:33:18:2d:af:41:
14:13:4e:1f:be:a2:24:68:b5:ff:d9:7b:d1:f2:4e:
80:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:76:BC:FA:51:14:B4:97:10:E1:A3:2D:3E:20:30:55:C9:33:B9:EF
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/VXa8-lEUtJcQ4aMtPiAwVckzue8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.12.0/22
31.14.22.0/23
46.102.249.0/24
89.44.47.0/24
89.44.120.0/24
89.44.138.0/23
89.46.7.0/24
91.195.28.0/23
92.114.94.0/23
94.176.104.0/23
176.126.200.0/22
176.223.120.0/21
185.92.192.0/22
188.212.156.0/24
188.213.20.0/23
188.215.244.0/23
188.215.250.0/23
188.240.2.0/23
188.240.235.0/24
188.241.183.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:3c:b5:33:fd:48:ad:a7:80:5c:62:d0:ce:20:82:e0:7e:c7:
86:38:e3:4f:76:b6:33:27:ef:df:a6:71:57:f8:71:a9:fa:c4:
81:2a:48:a5:4e:a2:0f:09:a3:61:2e:da:52:7d:0f:c6:a8:04:
09:ee:10:d6:c2:2a:07:64:d6:82:a2:f6:8a:20:6b:7f:a6:7a:
74:70:ab:50:50:d9:f2:28:67:73:3a:be:f0:30:09:a5:2a:98:
a4:52:25:f4:4f:0f:9a:5a:c0:88:32:7d:59:ed:b1:53:c1:c2:
f5:f0:4a:b8:11:8c:bf:78:90:e3:cd:1b:e5:8a:44:8e:94:80:
b4:68:37:e6:c6:3f:0c:ea:2d:fd:92:3e:27:9c:5c:45:61:cf:
ca:87:b6:b5:16:dc:ff:52:a0:bf:a9:4a:86:c8:af:ee:b1:69:
55:2d:11:b9:26:10:25:ba:65:e3:ae:75:61:2c:50:02:7d:60:
f1:a8:b4:ca:54:37:cd:54:a3:ba:ed:3d:ae:75:e8:00:5a:2b:
6b:a4:fb:79:d8:0d:7d:93:55:c5:1e:68:a8:49:78:5d:cd:09:
24:ab:f0:5c:ec:5c:65:78:00:cd:be:a9:a4:b4:58:82:38:15:
53:3a:3d:ee:dd:ce:25:7f:33:0a:92:76:2c:33:e3:17:56:05:
b9:27:66:e3
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZQm2fy+FroFkpSn8MmD/fWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTc2YmNmYTUxMTRiNDk3MTBlMWEzMmQzZTIwMzA1NWM5MzNiOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7e0lDl5s1lm636XnhaR5Omo9tAt
KKnJmmbOwLFVXl7kA9HEBWh/qOFaD/2dy1psiqhrMmDVeB9TkC6o/DHIpau9LIDs
jyj6R1CYB/PRZ0CLiKwdsRZrH099Mupj2sSEtHr/Zv1/7R/sF1xKGJIBmnzBXTaY
PFjMutyBFESFVNMCzypIn4DfRzj1bT5mxj5WGQzFI2YjnZMjWJW3yyD7gYidKDrb
pT+U3uvcFgYJJiwKQK6oTJoXgSQncvcodQlr0v+e1rJA7MuNwcQLZztipYXAL55V
Esu8dJ1py6ivjx7wVLPGsfPLMhsPMxgtr0EUE04fvqIkaLX/2XvR8k6AowIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFFV2vPpRFLSXEOGjLT4gMFXJM7nvMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvVlhhOC1sRVV0SmNRNGFNdFBpQXdWY2t6dWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCHw4M
AwQBHw4WAwQALmb5AwQAWSwvAwQAWSx4AwQBWSyKAwQAWS4HAwQBW8McAwQBXHJe
AwQBXrBoAwQCsH7IAwQDsN94AwQCuVzAAwQAvNScAwQBvNUUAwQBvNf0AwQBvNf6
AwQBvPACAwQAvPDrAwQAvPG3MA0GCSqGSIb3DQEBCwUAA4IBAQAuPLUz/Uitp4Bc
YtDOIILgfseGOONPdrYzJ+/fpnFX+HGp+sSBKkilTqIPCaNhLtpSfQ/GqAQJ7hDW
wioHZNaCovaKIGt/pnp0cKtQUNnyKGdzOr7wMAmlKpikUiX0Tw+aWsCIMn1Z7bFT
wcL18Eq4EYy/eJDjzRvlikSOlIC0aDfmxj8M6i39kj4nnFxFYc/Kh7a1Ftz/UqC/
qUqGyK/usWlVLRG5JhAlumXjrnVhLFACfWDxqLTKVDfNVKO67T2udegAWitrpPt5
2A19k1XFHmioSXhdzQkkq/Bc7FxleADNvqmktFiCOBVTOj3u3c4lfzMKknYsM+MX
VgW5J2bj
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:40:17 2025 by rpki-client