Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/U0IdBWYUAnp0C9MJKk4Ai4LhTpg.roa
File: U0IdBWYUAnp0C9MJKk4Ai4LhTpg.roa (raw, json)
Hash identifier: VJHg2FjO1KvYj0CDyJtHwAwOQG4SNpGAsdsq9czAkJA=
Subject key identifier: 53:42:1D:05:66:14:02:7A:74:0B:D3:09:2A:4E:00:8B:82:E1:4E:98
Certificate issuer: /CN=0324db1dcf0c2429e121516ae2792fc3253fd3ba
Certificate serial: 019422FC0FFF137911578C96BED9FE8C98BF
Authority key identifier: 03:24:DB:1D:CF:0C:24:29:E1:21:51:6A:E2:79:2F:C3:25:3F:D3:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyTbHc8MJCnhIVFq4nkvwyU_07o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/U0IdBWYUAnp0C9MJKk4Ai4LhTpg.roa
Signing time: Wed 01 Jan 2025 17:48:51 +0000
ROA not before: Wed 01 Jan 2025 17:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29486
IP address blocks: 31.24.128.0/21 maxlen: 21
81.27.32.0/20 maxlen: 20
178.21.128.0/21 maxlen: 21
2a00:1c90::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:0f:ff:13:79:11:57:8c:96:be:d9:fe:8c:98:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0324db1dcf0c2429e121516ae2792fc3253fd3ba
Validity
Not Before: Jan 1 17:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53421d056614027a740bd3092a4e008b82e14e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2e:d6:54:82:bf:6b:eb:d9:c8:17:16:fd:31:
7f:5e:44:c5:3c:18:03:99:6b:1d:79:06:91:cb:a7:
35:a0:2c:f4:04:d9:90:df:f2:2e:2b:b0:bf:24:eb:
01:d0:f8:fa:04:e5:86:9b:c5:25:eb:32:2c:b6:4d:
22:6b:5f:90:b9:c4:b4:ff:f3:b6:8c:4b:12:18:66:
88:fc:37:8a:e0:0e:8a:a4:82:0c:fa:82:4a:46:a2:
8e:1d:f1:20:51:b9:39:b2:a4:6f:d5:4e:57:24:b2:
4d:ca:d3:44:fb:f9:8d:af:38:d9:33:09:4a:5a:29:
79:35:1d:1e:a8:79:98:8f:59:b2:95:cd:bd:85:c2:
40:a6:09:1e:51:a3:3d:f9:8b:d1:a7:10:a2:99:32:
07:fe:3f:56:39:a5:0c:c0:23:a0:3e:b4:98:0f:cd:
8d:6f:04:e9:9d:b0:38:6f:b8:07:74:ef:fd:36:63:
af:b5:54:f2:e0:76:3c:a7:76:0d:f3:bb:ce:a1:c2:
11:87:8a:3e:a5:ff:b5:d7:7d:7e:cf:3b:70:8b:41:
4a:52:86:30:23:2b:14:e2:03:d2:c8:8b:04:ae:c7:
7e:4b:54:72:f3:06:fb:52:33:06:7e:dd:e2:93:84:
72:bd:4d:33:57:e7:73:1a:ee:1d:f6:0f:7e:61:51:
63:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:42:1D:05:66:14:02:7A:74:0B:D3:09:2A:4E:00:8B:82:E1:4E:98
X509v3 Authority Key Identifier:
keyid:03:24:DB:1D:CF:0C:24:29:E1:21:51:6A:E2:79:2F:C3:25:3F:D3:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyTbHc8MJCnhIVFq4nkvwyU_07o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/U0IdBWYUAnp0C9MJKk4Ai4LhTpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/90f942-6511-4054-94be-4d2c4da721d4/1/AyTbHc8MJCnhIVFq4nkvwyU_07o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.128.0/21
81.27.32.0/20
178.21.128.0/21
IPv6:
2a00:1c90::/32
Signature Algorithm: sha256WithRSAEncryption
93:20:1c:0b:9d:21:54:1e:50:71:23:52:c5:5c:85:a4:a7:50:
98:f6:77:0a:55:7b:b3:61:32:ca:0e:ae:b6:1b:6b:6f:8b:1b:
ea:86:17:8d:a7:80:8a:67:be:d9:bb:83:99:3f:f0:43:bb:dc:
11:69:25:64:01:0b:80:c2:0c:a6:77:db:b7:37:3e:5a:92:5f:
ee:4a:72:0b:8a:3f:31:f9:5f:9b:9f:46:18:48:f8:a6:91:e4:
60:b9:73:ef:b7:4d:33:0f:27:7f:74:ea:c1:e7:28:56:69:1b:
be:ee:8e:f3:21:cc:f8:33:88:03:c7:a9:e4:88:8d:76:0d:fb:
34:fb:1d:fb:1c:4d:c6:63:a3:aa:4a:87:88:60:15:f0:03:28:
22:fc:67:0c:06:95:e2:c3:6e:8a:6e:d8:f5:a9:3a:84:6f:ff:
89:02:65:cc:5b:91:aa:d1:87:2d:d2:3b:ea:e6:fd:23:82:59:
69:aa:b4:03:71:30:f3:87:20:45:dc:8f:82:b7:63:10:fa:76:
b0:ae:6a:3c:9c:f2:8a:e5:9f:27:cb:8f:24:dc:a9:fe:36:71:
1f:b9:27:26:a3:a5:4c:4b:8b:82:2d:67:6f:cd:89:3a:e0:3f:
39:6c:47:57:86:4a:01:81:3f:df:82:e8:f5:28:aa:07:e7:8d:
c2:0c:38:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi/A//E3kRV4yWvtn+jJi/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjRkYjFkY2YwYzI0MjllMTIxNTE2YWUyNzkyZmMzMjUz
ZmQzYmEwHhcNMjUwMTAxMTc0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzQyMWQwNTY2MTQwMjdhNzQwYmQzMDkyYTRlMDA4YjgyZTE0ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC7WVIK/a+vZyBcW/TF/XkTFPBgD
mWsdeQaRy6c1oCz0BNmQ3/IuK7C/JOsB0Pj6BOWGm8Ul6zIstk0ia1+QucS0//O2
jEsSGGaI/DeK4A6KpIIM+oJKRqKOHfEgUbk5sqRv1U5XJLJNytNE+/mNrzjZMwlK
Wil5NR0eqHmYj1mylc29hcJApgkeUaM9+YvRpxCimTIH/j9WOaUMwCOgPrSYD82N
bwTpnbA4b7gHdO/9NmOvtVTy4HY8p3YN87vOocIRh4o+pf+1131+zztwi0FKUoYw
IysU4gPSyIsErsd+S1Ry8wb7UjMGft3ik4RyvU0zV+dzGu4d9g9+YVFjxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFNCHQVmFAJ6dAvTCSpOAIuC4U6YMB8GA1UdIwQY
MBaAFAMk2x3PDCQp4SFRauJ5L8MlP9O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlUYkhjOE1KQ25oSVZGcTRua3Z3eVVfMDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85MGY5NDItNjUxMS00MDU0LTk0YmUt
NGQyYzRkYTcyMWQ0LzEvVTBJZEJXWVVBbnAwQzlNSktrNEFpNExoVHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85MGY5NDItNjUxMS00MDU0LTk0YmUtNGQyYzRkYTcyMWQ0
LzEvQXlUYkhjOE1KQ25oSVZGcTRua3Z3eVVfMDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHxiAAwQE
URsgAwQDshWAMA0EAgACMAcDBQAqAByQMA0GCSqGSIb3DQEBCwUAA4IBAQCTIBwL
nSFUHlBxI1LFXIWkp1CY9ncKVXuzYTLKDq62G2tvixvqhheNp4CKZ77Zu4OZP/BD
u9wRaSVkAQuAwgymd9u3Nz5akl/uSnILij8x+V+bn0YYSPimkeRguXPvt00zDyd/
dOrB5yhWaRu+7o7zIcz4M4gDx6nkiI12Dfs0+x37HE3GY6OqSoeIYBXwAygi/GcM
BpXiw26Kbtj1qTqEb/+JAmXMW5Gq0Yct0jvq5v0jgllpqrQDcTDzhyBF3I+Ct2MQ
+nawrmo8nPKK5Z8ny48k3Kn+NnEfuScmo6VMS4uCLWdvzYk64D85bEdXhkoBgT/f
guj1KKoH543CDDhk
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:35:06 2025 by rpki-client