Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4jc4mBhf6v_9D9DXlHgZYdcfByc.roa
File: 4jc4mBhf6v_9D9DXlHgZYdcfByc.roa (raw, json)
Hash identifier: EVNvVTNihJfh3EcZU3J0Pi+4cHoC7bSO6V0BPFoWDt0=
Subject key identifier: E2:37:38:98:18:5F:EA:FF:FD:0F:D0:D7:94:78:19:61:D7:1F:07:27
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709590DFFB0AF2E33A2DF28BCF1D2FA9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4jc4mBhf6v_9D9DXlHgZYdcfByc.roa
Signing time: Mon 02 Jan 2023 03:45:28 +0000
ROA not before: Mon 02 Jan 2023 03:45:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201469
IP address blocks: 31.148.21.0/24 maxlen: 24
31.148.31.0/24 maxlen: 24
95.46.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:90:df:fb:0a:f2:e3:3a:2d:f2:8b:cf:1d:2f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2373898185feafffd0fd0d794781961d71f0727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:fa:40:3f:44:cd:a8:1e:d1:78:30:6d:8d:
56:46:cd:93:f3:45:58:5a:43:be:92:47:dd:2e:fb:
cc:27:b6:28:f9:82:92:cf:94:f9:ee:93:bb:9e:56:
7e:13:d6:75:97:01:5d:bd:e0:b3:c1:4a:84:bc:71:
88:5f:25:9c:66:bf:59:e0:4a:63:a3:18:2d:f2:a9:
2f:28:09:ca:f6:d2:cf:00:c9:91:35:bd:5e:bb:52:
a3:a8:d5:e5:0b:8c:8b:32:db:57:2f:28:a4:f7:74:
d6:76:13:5d:21:98:bc:db:4f:c1:00:11:d9:2a:11:
ce:98:f8:74:50:63:9c:0b:0b:02:7e:6f:14:ac:d1:
e9:65:92:63:f5:50:42:af:c6:50:72:06:b1:55:86:
40:3e:c3:12:e3:6f:00:46:bd:6d:8d:44:2c:0a:a6:
9e:0a:d4:58:8e:5b:cf:a8:67:fc:4d:0c:9a:22:21:
6e:b4:ad:3b:f4:76:f2:a5:44:28:09:93:c2:bd:38:
45:a0:4f:dd:9e:25:f8:a0:a2:bd:49:36:64:30:2f:
8f:54:b0:1d:79:2e:bb:58:4c:c9:a3:72:38:45:36:
f7:c2:fc:37:79:2e:9e:c9:1d:e6:08:97:66:c5:3a:
c8:2e:b4:4f:ea:88:8e:2f:75:03:d1:84:c9:b5:40:
52:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:37:38:98:18:5F:EA:FF:FD:0F:D0:D7:94:78:19:61:D7:1F:07:27
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4jc4mBhf6v_9D9DXlHgZYdcfByc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.21.0/24
31.148.31.0/24
95.46.4.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:08:50:2c:b4:41:25:2b:b6:85:52:bf:5e:4a:2a:14:58:83:
b5:10:02:a2:71:6f:89:55:83:74:60:84:2c:d7:aa:85:ac:2f:
69:6d:66:6e:f5:c9:84:d0:7c:10:ad:a0:53:2c:54:79:52:68:
52:89:a8:8f:62:de:94:83:0b:5e:72:51:03:db:8b:99:56:17:
11:46:b5:df:20:fd:4c:cc:17:ef:c5:44:ec:9d:65:b2:69:d9:
48:05:c3:1e:2d:92:ec:7f:97:a0:bb:75:f0:f2:ce:1c:9c:d0:
8e:46:8a:16:bf:a0:56:11:64:31:51:52:02:b4:0f:2c:e5:c9:
98:81:6a:00:3b:bb:67:16:63:4f:9f:74:72:13:2d:ff:ad:8d:
bd:72:83:3c:85:91:68:79:4b:5d:57:ad:e2:12:bf:d2:07:81:
1f:ec:a6:6b:b3:49:15:63:99:1c:5a:ab:98:d3:09:36:42:f1:
1d:bd:a1:7a:e2:d6:90:09:1b:aa:cd:3d:ad:df:e7:07:a8:60:
aa:cc:b5:8a:bb:79:6c:22:6b:92:78:c4:b0:00:c0:a5:59:82:
8b:1a:31:09:98:ac:35:4f:29:8e:2e:d8:88:c6:57:d8:b0:4d:
14:05:f2:e5:60:52:3a:d4:20:f9:df:f4:14:90:8b:40:28:e3:
85:c9:01:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlZDf+wry4zot8ovPHS+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjM3Mzg5ODE4NWZlYWZmZmQwZmQwZDc5NDc4MTk2MWQ3MWYwNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3b6QD9Ezage0XgwbY1WRs2T80VY
WkO+kkfdLvvMJ7Yo+YKSz5T57pO7nlZ+E9Z1lwFdveCzwUqEvHGIXyWcZr9Z4Epj
oxgt8qkvKAnK9tLPAMmRNb1eu1KjqNXlC4yLMttXLyik93TWdhNdIZi820/BABHZ
KhHOmPh0UGOcCwsCfm8UrNHpZZJj9VBCr8ZQcgaxVYZAPsMS428ARr1tjUQsCqae
CtRYjlvPqGf8TQyaIiFutK079HbypUQoCZPCvThFoE/dniX4oKK9STZkMC+PVLAd
eS67WEzJo3I4RTb3wvw3eS6eyR3mCJdmxTrILrRP6oiOL3UD0YTJtUBSvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOI3OJgYX+r//Q/Q15R4GWHXHwcnMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvNGpjNG1CaGY2dl85RDlEWGxIZ1pZZGNmQnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5QVAwQA
H5QfAwQAXy4EMA0GCSqGSIb3DQEBCwUAA4IBAQCuCFAstEElK7aFUr9eSioUWIO1
EAKicW+JVYN0YIQs16qFrC9pbWZu9cmE0HwQraBTLFR5UmhSiaiPYt6UgwteclED
24uZVhcRRrXfIP1MzBfvxUTsnWWyadlIBcMeLZLsf5egu3Xw8s4cnNCORooWv6BW
EWQxUVICtA8s5cmYgWoAO7tnFmNPn3RyEy3/rY29coM8hZFoeUtdV63iEr/SB4Ef
7KZrs0kVY5kcWquY0wk2QvEdvaF64taQCRuqzT2t3+cHqGCqzLWKu3lsImuSeMSw
AMClWYKLGjEJmKw1TymOLtiIxlfYsE0UBfLlYFI61CD53/QUkItAKOOFyQFk
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:28 2025 by rpki-client