Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/k95ChPlCuNK5VTufHxJKrNsRGGk.roa
File: k95ChPlCuNK5VTufHxJKrNsRGGk.roa (raw, json)
Hash identifier: SKD5wvvLgDe/joHPUddSSMpW9qf7S2SgrP0Ucotf80g=
Subject key identifier: 93:DE:42:84:F9:42:B8:D2:B9:55:3B:9F:1F:12:4A:AC:DB:11:18:69
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195CECDD2EB31BB52F864F717BC2103A9BC
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/k95ChPlCuNK5VTufHxJKrNsRGGk.roa
Signing time: Tue 25 Mar 2025 19:35:50 +0000
ROA not before: Tue 25 Mar 2025 19:35:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.46.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
31.210.54.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:cd:d2:eb:31:bb:52:f8:64:f7:17:bc:21:03:a9:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 25 19:35:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93de4284f942b8d2b9553b9f1f124aacdb111869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:2e:c0:48:c9:27:41:7e:24:b6:cc:8e:13:
3c:f0:02:90:d3:cc:f0:7e:f5:2e:14:df:f1:ed:f4:
66:b0:82:33:10:dc:31:9d:fb:5f:bd:a8:7b:81:4b:
c8:f0:c2:37:41:60:d2:2a:e9:51:e5:77:9b:19:15:
9c:26:eb:55:ba:33:ad:f0:88:30:e6:08:10:5c:0c:
08:3a:a5:6e:a4:b1:4e:a8:4e:2f:6b:d7:ac:04:49:
dd:25:1a:c2:79:4f:60:5e:8b:a2:83:25:81:48:82:
44:8e:9b:6d:83:33:39:ef:ab:64:73:d0:41:bd:97:
52:83:6d:c8:9b:f8:8f:d0:94:c1:a8:4c:e5:df:00:
d8:7e:6e:69:b0:d0:02:6c:4d:d0:06:35:43:16:9a:
97:9a:b1:73:6b:af:ab:99:4d:15:70:07:e8:7b:62:
fb:a4:68:49:84:0d:3f:bb:38:af:f8:5f:00:b8:8c:
5e:2f:a7:6d:0b:0c:c7:90:6d:f8:43:ec:9c:c0:66:
11:d0:ed:9b:9b:7b:ef:9f:49:52:0f:fe:cc:d4:f3:
75:cd:cc:04:47:44:56:28:c8:14:c2:31:c5:c8:06:
3b:b4:b2:57:54:4f:30:c3:82:19:d4:bf:fa:25:a9:
92:a1:c8:0f:52:86:d5:35:1c:f4:37:d2:ed:0c:86:
60:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DE:42:84:F9:42:B8:D2:B9:55:3B:9F:1F:12:4A:AC:DB:11:18:69
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/k95ChPlCuNK5VTufHxJKrNsRGGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.46.0/24
31.210.50.0/23
31.210.53.0-31.210.54.255
77.92.148.0/24
188.132.170.0/24
188.132.191.0/24
188.132.227.0-188.132.228.255
212.68.36.0/24
212.68.49.0/24
Signature Algorithm: sha256WithRSAEncryption
30:dc:25:35:a4:9d:18:f0:17:06:c3:83:2d:90:bf:0c:49:2d:
de:ab:ca:df:b0:61:b9:c0:6a:09:18:dd:5c:40:e2:6b:3c:07:
10:7f:07:e8:3d:22:be:9f:15:ba:74:8e:10:47:a5:b8:e2:0d:
ec:d9:e0:fa:a7:c5:89:02:41:7f:24:3e:a3:c8:85:60:05:ac:
4d:bf:ce:d3:b8:0d:21:23:f5:db:39:38:0c:30:d7:0a:8e:92:
06:e9:c7:c8:4f:fb:08:fd:b8:e3:82:93:2c:9b:d3:bc:8a:a2:
20:0a:f3:e9:9a:c5:52:f6:b3:96:be:07:4f:3b:f5:e7:44:01:
c7:b8:46:8d:c3:9c:2c:8b:94:da:6a:e6:1a:92:85:0e:0e:e7:
a7:0d:b1:32:8b:33:1b:d0:2a:30:82:62:8d:bc:bc:b0:df:e7:
83:ec:a0:77:50:24:f3:e9:77:90:5f:2e:c7:91:6e:c1:d9:89:
00:d2:17:a4:b6:4b:eb:bc:af:6d:e9:41:69:f9:40:49:f2:11:
ad:c7:43:6c:1d:28:66:82:79:f3:d9:66:5a:b0:3f:77:6f:b8:
6a:91:80:db:30:c3:1c:b0:d7:a4:ab:61:62:1c:92:b6:b0:5e:
4a:45:8c:b9:1f:57:1f:37:90:6f:8e:6c:5f:c0:c7:93:99:10:
af:ab:11:c9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZXOzdLrMbtS+GT3F7whA6m8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzI1MTkzNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RlNDI4NGY5NDJiOGQyYjk1NTNiOWYxZjEyNGFhY2RiMTExODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstcuwEjJJ0F+JLbMjhM88AKQ08zw
fvUuFN/x7fRmsIIzENwxnftfvah7gUvI8MI3QWDSKulR5XebGRWcJutVujOt8Igw
5ggQXAwIOqVupLFOqE4va9esBEndJRrCeU9gXouigyWBSIJEjpttgzM576tkc9BB
vZdSg23Im/iP0JTBqEzl3wDYfm5psNACbE3QBjVDFpqXmrFza6+rmU0VcAfoe2L7
pGhJhA0/uziv+F8AuIxeL6dtCwzHkG34Q+ycwGYR0O2bm3vvn0lSD/7M1PN1zcwE
R0RWKMgUwjHFyAY7tLJXVE8ww4IZ1L/6JamSocgPUobVNRz0N9LtDIZgKwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJPeQoT5QrjSuVU7nx8SSqzbERhpMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvazk1Q2hQbEN1Tks1VlR1Zkh4SktyTnNSR0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAH9IuAwQB
H9IyMAwDBAAf0jUDBAAf0jYDBABNXJQDBAC8hKoDBAC8hL8wDAMEALyE4wMEALyE
5AMEANREJAMEANREMTANBgkqhkiG9w0BAQsFAAOCAQEAMNwlNaSdGPAXBsODLZC/
DEkt3qvK37BhucBqCRjdXEDiazwHEH8H6D0ivp8VunSOEEeluOIN7Nng+qfFiQJB
fyQ+o8iFYAWsTb/O07gNISP12zk4DDDXCo6SBunHyE/7CP2444KTLJvTvIqiIArz
6ZrFUvazlr4HTzv150QBx7hGjcOcLIuU2mrmGpKFDg7npw2xMoszG9AqMIJijby8
sN/ng+ygd1Ak8+l3kF8ux5FuwdmJANIXpLZL67yvbelBaflASfIRrcdDbB0oZoJ5
89lmWrA/d2+4apGA2zDDHLDXpKthYhyStrBeSkWMuR9XHzeQb45sX8DHk5kQr6sR
yQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:25:12 2025 by rpki-client