Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/GgIYtuXJ-zjknMgyNDkHTlDx41c.roa
File: GgIYtuXJ-zjknMgyNDkHTlDx41c.roa (raw, json)
Hash identifier: Hyukwf9ipmgSsenYKUlXQhXLYy0p6+OjpRcBgtIMSe8=
Subject key identifier: 1A:02:18:B6:E5:C9:FB:38:E4:9C:C8:32:34:39:07:4E:50:F1:E3:57
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0195C867066D73AAB110C8C27FE72B43485C
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/GgIYtuXJ-zjknMgyNDkHTlDx41c.roa
Signing time: Mon 24 Mar 2025 13:45:49 +0000
ROA not before: Mon 24 Mar 2025 13:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 31.40.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:67:06:6d:73:aa:b1:10:c8:c2:7f:e7:2b:43:48:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 24 13:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a0218b6e5c9fb38e49cc8323439074e50f1e357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:17:2b:fa:de:30:9a:5a:26:a3:38:7a:28:13:
45:80:d7:56:06:80:0d:d0:94:bf:99:68:c0:88:95:
d9:19:4b:d2:9a:fb:3e:f8:6c:76:cd:fd:fc:f3:b7:
e3:ec:04:04:bb:df:47:88:a6:a4:2a:1e:9a:ae:fb:
c0:d3:f4:be:50:fd:25:29:e5:27:11:cb:7d:84:1d:
5d:ad:87:26:59:31:b4:e4:68:c4:a1:20:7c:ad:c1:
73:58:6e:0c:c5:5d:66:11:27:50:63:11:c6:ae:40:
ff:ec:3e:bd:d1:79:90:76:89:45:c4:e6:37:b2:f9:
f3:a2:bd:62:67:70:80:89:77:ad:7f:a2:c6:58:d4:
17:69:af:01:4e:ad:ab:bb:33:ab:0a:da:a1:79:e0:
7c:c3:1f:97:58:ef:3e:b2:ab:bd:6f:3f:ac:90:85:
e8:5d:b1:f8:a5:cb:2a:86:a5:ad:0d:ad:08:0b:8b:
06:9d:e4:f5:2d:52:26:5d:9f:95:9b:92:13:08:0f:
1c:c5:22:2c:e1:52:27:84:fd:29:9c:51:75:07:3e:
eb:f4:a5:05:55:29:66:43:95:93:c4:ff:93:69:68:
9d:da:77:eb:b2:85:fb:78:a8:88:25:f1:18:47:cd:
49:74:7d:5b:7b:7f:2a:15:4e:53:32:72:39:d6:69:
2e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:02:18:B6:E5:C9:FB:38:E4:9C:C8:32:34:39:07:4E:50:F1:E3:57
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/GgIYtuXJ-zjknMgyNDkHTlDx41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.194.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:88:a5:cb:d1:76:22:b2:75:99:c7:54:7c:59:79:b0:02:c8:
a0:35:ac:52:fc:0b:f0:80:dc:4f:25:88:69:80:48:ed:18:58:
02:10:fb:f8:a1:9e:2b:ab:00:fb:33:6e:40:3e:82:44:2e:24:
74:3a:89:27:11:d6:f1:d1:d9:65:4c:08:44:ee:b1:f4:3f:51:
00:a3:73:86:ef:1b:cd:1a:45:ad:68:f3:37:15:62:47:fb:d7:
b2:63:12:15:a3:5c:2e:15:12:06:ae:d5:9d:ad:e0:d0:63:45:
57:a8:75:93:e9:e2:36:ed:3e:8f:6d:dc:1a:ea:5d:25:e4:38:
ad:e6:f0:67:54:05:13:52:a6:fa:a2:7d:62:01:32:39:64:06:
17:86:28:ee:dc:f0:65:de:2f:99:3f:39:c3:5b:17:e7:3b:45:
36:c1:a8:14:f9:c4:d7:7f:1a:95:7d:d1:a0:6f:80:05:7b:58:
6b:c0:bf:ce:c6:0e:1e:32:4e:cd:b3:50:b0:08:29:b8:ea:a7:
fa:3a:cb:fa:ed:b1:7e:b7:26:ac:e5:2d:3c:cc:25:a3:19:01:
c4:c0:d6:02:4b:ac:f3:78:d9:db:aa:36:cc:ad:35:e0:a0:ad:
83:d5:c6:28:ea:8b:68:da:3a:fd:89:26:e7:93:7d:e1:89:92:
8f:1b:22:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXIZwZtc6qxEMjCf+crQ0hcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMzI0MTM0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTAyMThiNmU1YzlmYjM4ZTQ5Y2M4MzIzNDM5MDc0ZTUwZjFlMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRcr+t4wmlomozh6KBNFgNdWBoAN
0JS/mWjAiJXZGUvSmvs++Gx2zf3887fj7AQEu99HiKakKh6arvvA0/S+UP0lKeUn
Ect9hB1drYcmWTG05GjEoSB8rcFzWG4MxV1mESdQYxHGrkD/7D690XmQdolFxOY3
svnzor1iZ3CAiXetf6LGWNQXaa8BTq2ruzOrCtqheeB8wx+XWO8+squ9bz+skIXo
XbH4pcsqhqWtDa0IC4sGneT1LVImXZ+Vm5ITCA8cxSIs4VInhP0pnFF1Bz7r9KUF
VSlmQ5WTxP+TaWid2nfrsoX7eKiIJfEYR81JdH1be38qFU5TMnI51mku3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBoCGLblyfs45JzIMjQ5B05Q8eNXMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvR2dJWXR1WEotemprbk1neU5Ea0hUbER4NDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyjCMA0G
CSqGSIb3DQEBCwUAA4IBAQA9iKXL0XYisnWZx1R8WXmwAsigNaxS/AvwgNxPJYhp
gEjtGFgCEPv4oZ4rqwD7M25APoJELiR0OoknEdbx0dllTAhE7rH0P1EAo3OG7xvN
GkWtaPM3FWJH+9eyYxIVo1wuFRIGrtWdreDQY0VXqHWT6eI27T6Pbdwa6l0l5Dit
5vBnVAUTUqb6on1iATI5ZAYXhiju3PBl3i+ZPznDWxfnO0U2wagU+cTXfxqVfdGg
b4AFe1hrwL/Oxg4eMk7Ns1CwCCm46qf6Osv67bF+tyas5S08zCWjGQHEwNYCS6zz
eNnbqjbMrTXgoK2D1cYo6oto2jr9iSbnk33hiZKPGyIe
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:52:14 2025 by rpki-client