Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/0XKLHVF6OopWfkCp5SGDRjUGSwc.roa
File: 0XKLHVF6OopWfkCp5SGDRjUGSwc.roa (raw, json)
Hash identifier: LlbXk7YPxKtyITregmmE7lsrGbU25UL9jnRqhgrsqYQ=
Subject key identifier: D1:72:8B:1D:51:7A:3A:8A:56:7E:40:A9:E5:21:83:46:35:06:4B:07
Certificate issuer: /CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Certificate serial: 019420D634EF37F12A23F21D595AA22F9F4F
Authority key identifier: 47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/0XKLHVF6OopWfkCp5SGDRjUGSwc.roa
Signing time: Wed 01 Jan 2025 07:48:16 +0000
ROA not before: Wed 01 Jan 2025 07:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31020
IP address blocks: 31.186.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:34:ef:37:f1:2a:23:f2:1d:59:5a:a2:2f:9f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Validity
Not Before: Jan 1 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1728b1d517a3a8a567e40a9e521834635064b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:88:79:ba:59:78:1a:37:3e:8e:bd:bb:f6:50:
32:53:d0:f0:10:34:35:f3:a1:4c:cd:3b:9f:f5:96:
e8:05:14:42:26:15:b2:ac:4b:2b:aa:6a:2c:b0:8d:
bf:b7:ec:71:d6:88:2b:58:18:ed:cc:16:64:c2:a8:
ec:ad:fb:3c:64:75:3d:3f:f2:3f:22:da:2a:92:7a:
ce:b6:92:cb:25:0a:88:f2:a4:f4:dc:86:fa:5f:7d:
77:7a:1b:fe:be:d3:ff:82:1f:11:49:83:01:a3:f0:
27:51:0f:fe:99:aa:c2:70:e4:4e:33:d6:17:3b:f3:
8f:28:a2:7a:68:42:01:e3:74:dc:02:f4:4a:4d:90:
82:ff:f0:15:71:f3:6d:41:64:79:ef:92:0f:90:81:
92:e5:7e:95:2b:34:2c:3a:f5:1f:0a:ab:3e:90:24:
f2:df:7f:e3:4a:d4:42:ae:de:1a:7e:c8:6c:ac:63:
00:6a:17:5a:f3:56:3a:7a:b5:50:40:a6:0f:2e:ca:
ba:bf:8e:16:d9:33:c9:9a:55:8e:59:df:35:a5:be:
ad:76:05:19:9e:9c:47:6c:b6:8e:ba:73:dd:cf:30:
f7:6d:85:ec:ce:2d:29:ec:42:ee:ef:ad:d8:c5:4c:
c9:49:b2:7a:ee:aa:4a:4e:10:36:0d:0a:c7:4a:11:
56:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:72:8B:1D:51:7A:3A:8A:56:7E:40:A9:E5:21:83:46:35:06:4B:07
X509v3 Authority Key Identifier:
keyid:47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/0XKLHVF6OopWfkCp5SGDRjUGSwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/R39LbsQ0cVfE0T7w56vhKQoL9Xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.88.0/21
Signature Algorithm: sha256WithRSAEncryption
56:ae:db:93:22:2e:37:29:79:b8:d9:6a:e2:1a:4d:d6:39:fa:
65:12:dd:6d:35:e5:a8:80:de:01:df:f2:cc:a3:59:48:42:6e:
ef:5a:4e:68:99:42:04:0e:9e:a2:86:f2:74:7a:f8:c0:82:6b:
ea:f7:42:4f:42:18:ac:00:26:cf:89:df:08:e9:9d:2a:e6:28:
fb:6f:35:e7:ae:01:c4:fc:08:42:e1:3b:65:e3:2a:0d:e8:2b:
70:cb:3f:5b:b1:a1:09:ee:14:bd:73:4b:8c:bb:19:42:20:6b:
e6:d4:f8:ae:c9:f9:e3:36:68:29:86:c7:31:42:f0:e9:3d:fd:
dc:e4:79:8b:f3:87:52:b0:70:c0:30:12:0f:02:e1:b8:1d:87:
c1:d8:17:58:96:90:fa:5c:0d:8c:8e:1d:f6:96:94:4c:2c:c4:
73:d5:42:9c:0d:4c:ac:1d:41:c1:84:b7:be:a0:db:b7:0b:7c:
b3:20:79:a4:bb:f2:91:de:b3:1b:a0:6f:82:45:46:d1:c2:6b:
ef:48:b5:8f:6f:50:33:38:03:9a:c8:38:5c:e6:16:4c:e5:49:
ed:5d:d0:95:32:46:e6:31:51:c5:90:38:db:2c:dc:df:ce:22:
37:c7:f9:87:a8:e1:39:2f:42:2b:9b:b9:2c:bd:43:a4:ad:0a:
ed:6e:fa:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1jTvN/EqI/IdWVqiL59PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3N2Y0YjZlYzQzNDcxNTdjNGQxM2VmMGU3YWJlMTI5MGEw
YmY1N2MwHhcNMjUwMTAxMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTcyOGIxZDUxN2EzYThhNTY3ZTQwYTllNTIxODM0NjM1MDY0YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoh5ull4Gjc+jr279lAyU9DwEDQ1
86FMzTuf9ZboBRRCJhWyrEsrqmossI2/t+xx1ogrWBjtzBZkwqjsrfs8ZHU9P/I/
ItoqknrOtpLLJQqI8qT03Ib6X313ehv+vtP/gh8RSYMBo/AnUQ/+marCcOROM9YX
O/OPKKJ6aEIB43TcAvRKTZCC//AVcfNtQWR575IPkIGS5X6VKzQsOvUfCqs+kCTy
33/jStRCrt4afshsrGMAahda81Y6erVQQKYPLsq6v44W2TPJmlWOWd81pb6tdgUZ
npxHbLaOunPdzzD3bYXszi0p7ELu763YxUzJSbJ67qpKThA2DQrHShFWIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFyix1RejqKVn5AqeUhg0Y1BksHMB8GA1UdIwQY
MBaAFEd/S27ENHFXxNE+8Oer4SkKC/V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzIt
ZDhiZDI1MGI2NGY5LzEvMFhLTEhWRjZPb3BXZmtDcDVTR0RSalVHU3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzItZDhiZDI1MGI2NGY5
LzEvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH7pYMA0G
CSqGSIb3DQEBCwUAA4IBAQBWrtuTIi43KXm42WriGk3WOfplEt1tNeWogN4B3/LM
o1lIQm7vWk5omUIEDp6ihvJ0evjAgmvq90JPQhisACbPid8I6Z0q5ij7bzXnrgHE
/AhC4Ttl4yoN6Ctwyz9bsaEJ7hS9c0uMuxlCIGvm1PiuyfnjNmgphscxQvDpPf3c
5HmL84dSsHDAMBIPAuG4HYfB2BdYlpD6XA2Mjh32lpRMLMRz1UKcDUysHUHBhLe+
oNu3C3yzIHmku/KR3rMboG+CRUbRwmvvSLWPb1AzOAOayDhc5hZM5UntXdCVMkbm
MVHFkDjbLNzfziI3x/mHqOE5L0Irm7ksvUOkrQrtbvoD
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:34 2025 by rpki-client