Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-EkjhmmVxC6R0KI4Fi0PPUV_6Q8.roa
File: 1-EkjhmmVxC6R0KI4Fi0PPUV_6Q8.roa (raw, json)
Hash identifier: DL9VVvi4fWVEXrieg1lp5OHHfSZaGejz+uCaVJ/dnP4=
Subject key identifier: F8:49:23:86:69:95:C4:2E:91:D0:A2:38:16:2D:0F:3D:45:7F:E9:0F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F9FD22CD5386328502D3EDBB806C7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-EkjhmmVxC6R0KI4Fi0PPUV_6Q8.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43533
IP address blocks: 31.148.100.0/22 maxlen: 24
31.148.144.0/22 maxlen: 24
92.38.16.0/22 maxlen: 24
92.38.24.0/22 maxlen: 24
92.38.52.0/22 maxlen: 24
92.253.196.0/22 maxlen: 24
93.170.16.0/21 maxlen: 24
93.170.168.0/23 maxlen: 24
93.170.208.0/22 maxlen: 24
93.171.210.0/23 maxlen: 24
146.158.20.0/22 maxlen: 24
146.158.28.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:9f:d2:2c:d5:38:63:28:50:2d:3e:db:b8:06:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f84923866995c42e91d0a238162d0f3d457fe90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9b:66:15:e7:99:d0:1e:8b:13:74:e3:b6:20:
b2:2e:d4:4d:b6:05:40:8d:e8:9c:3c:da:46:88:e5:
75:ee:2b:b2:ec:a9:32:d9:56:15:a8:5d:44:11:ec:
0a:8e:14:52:7e:24:f1:6c:de:05:1a:73:a6:b3:4d:
14:07:3c:9b:36:81:ea:22:94:75:5f:fb:14:5b:08:
c5:a7:53:b9:c5:78:ac:bc:60:9d:51:8e:2a:cf:85:
6b:fb:b4:46:f0:e6:c9:51:07:ea:b7:62:79:04:af:
3c:a2:70:65:59:18:f9:b3:c6:4e:c6:31:01:d2:1c:
0d:a7:f0:c0:10:79:cf:4b:b2:e7:b6:57:fa:a9:0a:
12:fe:8a:d6:2c:0e:52:0d:81:45:b6:82:04:86:b3:
3a:8b:7a:cb:23:58:2a:30:b5:0c:b9:74:53:d3:17:
9a:f8:44:bb:11:81:03:27:3a:d9:52:c4:4b:40:23:
2c:7b:22:96:2c:9f:26:df:87:be:a7:b1:d7:d2:7a:
7b:71:a3:63:f1:b5:fd:f7:40:8e:af:97:2a:f9:31:
77:2b:18:80:e8:b4:64:55:79:ec:81:d6:09:65:78:
91:64:5d:e2:7e:5d:c8:1b:8a:71:4f:8b:e9:b8:17:
dc:d9:42:c4:42:e9:81:17:6b:b4:fa:9b:d0:10:a0:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:49:23:86:69:95:C4:2E:91:D0:A2:38:16:2D:0F:3D:45:7F:E9:0F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-EkjhmmVxC6R0KI4Fi0PPUV_6Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.100.0/22
31.148.144.0/22
92.38.16.0/22
92.38.24.0/22
92.38.52.0/22
92.253.196.0/22
93.170.16.0/21
93.170.168.0/23
93.170.208.0/22
93.171.210.0/23
146.158.20.0/22
146.158.28.0/23
Signature Algorithm: sha256WithRSAEncryption
71:af:06:2f:77:b6:76:97:ad:07:e7:c6:68:c0:a4:a0:7e:94:
28:04:6c:40:bc:81:f6:3a:04:7b:d5:ab:66:b0:01:48:ae:a7:
fd:b4:73:fc:93:86:fe:89:c5:e8:2a:eb:9a:49:89:f0:69:48:
85:3c:5f:98:f9:c0:c3:9b:8c:a1:4e:99:e9:5c:02:60:60:37:
41:d6:5b:34:57:dc:b0:1e:2a:13:9f:99:a8:5d:e1:c0:b2:dd:
64:67:64:d4:f5:56:f8:4e:2d:4c:b9:e0:a1:8e:1e:30:9b:aa:
3f:fe:f7:28:42:1b:be:71:7e:38:37:cf:9a:14:d7:da:69:87:
a8:c8:2f:d1:3f:69:03:93:b0:06:75:4e:66:a6:47:38:91:9f:
c3:59:82:ce:53:2a:de:9d:6c:bb:20:6e:58:75:cd:0f:1a:ee:
fc:b9:e9:f0:fb:c3:b9:4a:1e:df:e5:6a:60:da:1e:77:89:50:
05:93:73:23:72:dc:f9:1b:0e:dd:5e:4b:ba:be:c7:9a:46:d1:
88:dd:ca:db:48:6c:20:f2:af:eb:ca:48:1c:28:e8:54:0d:00:
30:ec:46:b6:8e:4d:2e:3e:d2:27:f0:a4:5f:f0:85:86:7f:85:
70:7a:01:ea:3f:eb:bb:d7:3e:a2:0e:3a:d2:ec:98:41:9a:df:
90:94:82:d2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZQlj5/SLNU4YyhQLT7buAbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQ5MjM4NjY5OTVjNDJlOTFkMGEyMzgxNjJkMGYzZDQ1N2ZlOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZtmFeeZ0B6LE3TjtiCyLtRNtgVA
jeicPNpGiOV17iuy7Kky2VYVqF1EEewKjhRSfiTxbN4FGnOms00UBzybNoHqIpR1
X/sUWwjFp1O5xXisvGCdUY4qz4Vr+7RG8ObJUQfqt2J5BK88onBlWRj5s8ZOxjEB
0hwNp/DAEHnPS7Lntlf6qQoS/orWLA5SDYFFtoIEhrM6i3rLI1gqMLUMuXRT0xea
+ES7EYEDJzrZUsRLQCMseyKWLJ8m34e+p7HX0np7caNj8bX990COr5cq+TF3KxiA
6LRkVXnsgdYJZXiRZF3ifl3IG4pxT4vpuBfc2ULEQumBF2u0+pvQEKDq1QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPhJI4ZplcQukdCiOBYtDz1Ff+kPMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS1Fa2pobW1WeEM2UjBLSTRGaTBQUFVWXzZROC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAh+UZAME
Ah+UkAMEAlwmEAMEAlwmGAMEAlwmNAMEAlz9xAMEA12qEAMEAV2qqAMEAl2q0AME
AV2r0gMEApKeFAMEAZKeHDANBgkqhkiG9w0BAQsFAAOCAQEAca8GL3e2dpetB+fG
aMCkoH6UKARsQLyB9joEe9WrZrABSK6n/bRz/JOG/onF6CrrmkmJ8GlIhTxfmPnA
w5uMoU6Z6VwCYGA3QdZbNFfcsB4qE5+ZqF3hwLLdZGdk1PVW+E4tTLngoY4eMJuq
P/73KEIbvnF+ODfPmhTX2mmHqMgv0T9pA5OwBnVOZqZHOJGfw1mCzlMq3p1suyBu
WHXNDxru/Lnp8PvDuUoe3+VqYNoed4lQBZNzI3Lc+RsO3V5Lur7HmkbRiN3K20hs
IPKv68pIHCjoVA0AMOxGto5NLj7SJ/CkX/CFhn+FcHoB6j/ru9c+og460uyYQZrf
kJSC0g==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:07 2025 by rpki-client