Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/qU8x0KpRs1BkUbG7xiuT_oNQoHQ.roa
File: qU8x0KpRs1BkUbG7xiuT_oNQoHQ.roa (raw, json)
Hash identifier: 7s5jG0HJ9Jbf5OKJLemVXKIs7YvAubwHkSd8AadaBjI=
Subject key identifier: A9:4F:31:D0:AA:51:B3:50:64:51:B1:BB:C6:2B:93:FE:83:50:A0:74
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01946F4825850D18495654787834F63879AA
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/qU8x0KpRs1BkUbG7xiuT_oNQoHQ.roa
Signing time: Thu 16 Jan 2025 13:23:06 +0000
ROA not before: Thu 16 Jan 2025 13:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213588
IP address blocks: 31.210.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:48:25:85:0d:18:49:56:54:78:78:34:f6:38:79:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 16 13:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a94f31d0aa51b3506451b1bbc62b93fe8350a074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c6:96:9b:ab:84:ba:3d:d6:87:c0:b5:5f:77:
4d:a0:0a:54:bd:c8:ee:c6:0a:43:83:2d:ff:b4:94:
39:fb:84:25:33:72:f2:1c:93:9a:89:7d:01:ce:3d:
76:06:5c:28:23:81:3b:7a:a5:11:5c:78:cb:25:82:
85:6a:ed:0b:da:b8:36:7a:83:92:41:a3:10:30:b3:
ee:0e:65:4a:6b:22:1f:43:a1:e1:4e:29:17:e0:bb:
b3:17:5d:f0:4b:b9:eb:3a:98:e4:1c:0d:b8:1f:b5:
6b:0d:d7:2a:2c:ac:5e:c5:1a:40:df:4e:75:a0:85:
2a:13:99:40:bf:30:d2:ed:81:fc:6d:c6:a5:fb:21:
4b:09:0a:62:61:df:0c:e9:6c:9a:16:ed:da:73:ac:
32:1f:0a:a1:43:1e:e8:51:f6:f2:b6:db:b9:f4:fd:
63:db:bc:27:d0:d6:b0:f3:1b:76:54:f2:74:b9:d5:
64:e3:39:05:88:9a:77:e6:4e:55:ae:e1:d6:ea:4f:
51:5f:06:a4:bb:18:15:31:63:ef:7d:5b:d2:cf:66:
dc:f8:9a:1d:1e:4c:c9:39:ae:c7:5e:f0:d9:f2:d4:
ef:39:b7:80:b6:eb:9b:63:6b:6d:4c:c2:86:b5:ab:
4a:41:82:00:93:87:a3:81:a3:6f:16:8c:3e:7e:44:
37:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4F:31:D0:AA:51:B3:50:64:51:B1:BB:C6:2B:93:FE:83:50:A0:74
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/qU8x0KpRs1BkUbG7xiuT_oNQoHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.45.0/24
Signature Algorithm: sha256WithRSAEncryption
78:84:1d:2a:10:f6:a6:a8:4b:ac:a2:68:cc:86:aa:2e:f2:0a:
61:d2:f3:a7:fa:99:46:68:a5:a2:79:66:1d:78:bc:bb:2d:2a:
bd:ba:40:53:48:5c:04:ef:3e:4c:d8:14:dd:c6:cd:12:85:db:
6e:e4:66:b8:ab:ad:36:bb:f3:33:33:db:a3:7a:2a:6f:4e:10:
49:e3:2b:2d:2c:dc:0e:bb:cb:f6:c2:55:5a:49:14:46:17:c5:
51:33:f6:b9:24:3e:91:3d:ed:67:db:bc:ea:fb:28:df:2b:a0:
6f:7f:22:ef:1e:cb:da:d0:5b:4d:7b:37:ce:4c:cd:00:34:8a:
cc:fa:cd:a4:5c:10:52:47:25:c6:bf:72:69:c9:4e:7b:aa:3d:
2e:e7:8a:3f:25:18:82:ae:b7:2f:35:1e:c6:8f:7a:e1:7f:f4:
c9:3b:f9:e3:17:a9:5c:05:3c:9a:43:2f:a0:4b:50:9d:a3:c3:
b2:6b:9b:1e:9f:b2:1f:1b:7b:a8:74:32:e5:34:1f:cd:18:34:
4a:f9:4a:9f:d8:ee:e5:29:4c:9d:6f:d1:2a:b3:20:ce:8e:4d:
d9:2f:26:4a:98:93:ac:da:da:f5:ab:22:9c:fd:d9:89:4d:53:
82:74:64:a5:e5:7e:81:87:4a:06:bc:80:8f:66:f8:f3:b3:a1:
37:15:ed:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRvSCWFDRhJVlR4eDT2OHmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTE2MTMyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRmMzFkMGFhNTFiMzUwNjQ1MWIxYmJjNjJiOTNmZTgzNTBhMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysaWm6uEuj3Wh8C1X3dNoApUvcju
xgpDgy3/tJQ5+4QlM3LyHJOaiX0Bzj12BlwoI4E7eqURXHjLJYKFau0L2rg2eoOS
QaMQMLPuDmVKayIfQ6HhTikX4LuzF13wS7nrOpjkHA24H7VrDdcqLKxexRpA3051
oIUqE5lAvzDS7YH8bcal+yFLCQpiYd8M6WyaFu3ac6wyHwqhQx7oUfbyttu59P1j
27wn0Naw8xt2VPJ0udVk4zkFiJp35k5VruHW6k9RXwakuxgVMWPvfVvSz2bc+Jod
HkzJOa7HXvDZ8tTvObeAtuubY2ttTMKGtatKQYIAk4ejgaNvFow+fkQ3RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlPMdCqUbNQZFGxu8Yrk/6DUKB0MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvcVU4eDBLcFJzMUJrVWJHN3hpdVRfb05Rb0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH9ItMA0G
CSqGSIb3DQEBCwUAA4IBAQB4hB0qEPamqEusomjMhqou8gph0vOn+plGaKWieWYd
eLy7LSq9ukBTSFwE7z5M2BTdxs0Shdtu5Ga4q602u/MzM9ujeipvThBJ4ystLNwO
u8v2wlVaSRRGF8VRM/a5JD6RPe1n27zq+yjfK6BvfyLvHsva0FtNezfOTM0ANIrM
+s2kXBBSRyXGv3JpyU57qj0u54o/JRiCrrcvNR7Gj3rhf/TJO/njF6lcBTyaQy+g
S1Cdo8Oya5sen7IfG3uodDLlNB/NGDRK+Uqf2O7lKUydb9EqsyDOjk3ZLyZKmJOs
2tr1qyKc/dmJTVOCdGSl5X6Bh0oGvICPZvjzs6E3Fe2I
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:10:12 2025 by rpki-client