Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/88-z3TtTaG6DOYMStNg8VI7E5ac.roa
File: 88-z3TtTaG6DOYMStNg8VI7E5ac.roa (raw, json)
Hash identifier: OVFlhTRZpHnY4EF0xItxtJlgugit8OCg4C+8jd7gxPA=
Subject key identifier: F3:CF:B3:DD:3B:53:68:6E:83:39:83:12:B4:D8:3C:54:8E:C4:E5:A7
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F9F0A695595D20BE3DF3D8A8A58BA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/88-z3TtTaG6DOYMStNg8VI7E5ac.roa
Signing time: Thu 02 Jan 2025 05:49:16 +0000
ROA not before: Thu 02 Jan 2025 05:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43301
IP address blocks: 31.148.206.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:9f:0a:69:55:95:d2:0b:e3:df:3d:8a:8a:58:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3cfb3dd3b53686e83398312b4d83c548ec4e5a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:71:8f:af:6d:8c:f8:a5:c2:93:96:0d:11:00:
6d:f1:60:01:9b:97:cb:59:4b:33:ef:9f:3a:42:81:
80:0c:27:b7:17:85:41:23:87:8d:6a:72:8e:59:21:
24:ea:10:08:aa:55:4a:16:9b:2d:55:ed:bc:d5:a3:
41:ce:e2:09:c5:8d:71:19:69:ac:c0:fd:a5:ba:36:
98:ff:f0:67:0d:0c:57:71:d8:1b:6f:47:8c:22:c9:
30:9c:b1:57:9f:7c:53:3e:40:b0:78:44:64:b4:a4:
2c:82:64:91:c5:f8:24:12:cf:86:50:61:f2:34:a7:
c6:57:74:14:e7:8c:80:19:ca:2d:8f:a4:d3:ba:fe:
65:5b:18:40:23:df:a1:be:d5:3f:ad:f5:ed:84:04:
79:79:20:1c:8d:84:b2:4c:81:49:97:37:66:9a:f4:
8f:42:2a:cc:2a:81:cf:23:a6:87:b3:bb:c3:f3:9c:
a7:8e:de:ca:de:5f:f7:09:e9:c2:5f:b4:55:ad:e0:
d0:6e:c5:75:38:f7:07:14:f2:93:9a:a7:ea:ee:27:
2f:e2:a4:1f:f0:50:73:28:7c:01:77:94:c2:8a:3b:
1a:ec:0a:d7:d5:f5:1f:ea:12:5d:d7:5b:7c:04:39:
89:08:61:97:cd:fb:f4:83:f9:e7:f9:9d:de:65:d9:
1c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CF:B3:DD:3B:53:68:6E:83:39:83:12:B4:D8:3C:54:8E:C4:E5:A7
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/88-z3TtTaG6DOYMStNg8VI7E5ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.206.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:da:76:93:60:46:56:a2:08:84:d2:b1:9b:e8:30:40:a0:08:
95:6b:22:b2:83:eb:77:76:9a:88:6a:1c:f9:fc:75:67:39:05:
a4:66:db:1d:26:e5:e0:16:a5:98:59:90:18:86:5e:3f:44:c7:
cf:66:31:e6:88:88:ca:19:7d:00:71:ac:02:7e:a0:fd:a3:3e:
9c:56:c8:03:af:d6:7e:c3:c8:67:c6:82:d7:e5:c6:cb:d4:54:
7b:fd:e3:e4:d0:10:c0:ae:b1:88:54:b9:6a:35:d1:b8:da:e0:
27:b3:ca:84:10:a7:14:c1:6c:5b:1c:7a:3e:89:2b:01:6f:2f:
d8:1f:65:be:ad:a6:19:6b:6c:c7:59:00:75:66:ac:2f:d2:a8:
fb:73:21:e3:19:94:61:ba:d1:aa:4c:c7:a6:26:07:97:a8:09:
94:97:f1:99:2d:d0:2f:18:f6:74:d9:54:ad:8a:18:8b:81:b5:
67:2c:47:df:a0:cd:61:ab:b7:2f:bf:55:9e:4e:0e:2d:b4:3b:
0b:c6:74:64:3d:a3:47:22:2b:5c:bc:6e:7f:7b:71:f0:2a:10:
a7:07:4e:66:22:fb:18:0f:28:14:83:26:36:fb:ad:b0:43:4b:
93:82:9e:86:fc:68:22:8b:c2:11:8d:2d:be:44:d1:c8:07:d4:
58:20:d7:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj58KaVWV0gvj3z2Kili6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NmYjNkZDNiNTM2ODZlODMzOTgzMTJiNGQ4M2M1NDhlYzRlNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3GPr22M+KXCk5YNEQBt8WABm5fL
WUsz7586QoGADCe3F4VBI4eNanKOWSEk6hAIqlVKFpstVe281aNBzuIJxY1xGWms
wP2lujaY//BnDQxXcdgbb0eMIskwnLFXn3xTPkCweERktKQsgmSRxfgkEs+GUGHy
NKfGV3QU54yAGcotj6TTuv5lWxhAI9+hvtU/rfXthAR5eSAcjYSyTIFJlzdmmvSP
QirMKoHPI6aHs7vD85ynjt7K3l/3CenCX7RVreDQbsV1OPcHFPKTmqfq7icv4qQf
8FBzKHwBd5TCijsa7ArX1fUf6hJd11t8BDmJCGGXzfv0g/nn+Z3eZdkcYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPPs907U2hugzmDErTYPFSOxOWnMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvODgtejNUdFRhRzZET1lNU3ROZzhWSTdFNWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBH5TOMA0G
CSqGSIb3DQEBCwUAA4IBAQBK2naTYEZWogiE0rGb6DBAoAiVayKyg+t3dpqIahz5
/HVnOQWkZtsdJuXgFqWYWZAYhl4/RMfPZjHmiIjKGX0AcawCfqD9oz6cVsgDr9Z+
w8hnxoLX5cbL1FR7/ePk0BDArrGIVLlqNdG42uAns8qEEKcUwWxbHHo+iSsBby/Y
H2W+raYZa2zHWQB1Zqwv0qj7cyHjGZRhutGqTMemJgeXqAmUl/GZLdAvGPZ02VSt
ihiLgbVnLEffoM1hq7cvv1WeTg4ttDsLxnRkPaNHIitcvG5/e3HwKhCnB05mIvsY
DygUgyY2+62wQ0uTgp6G/Ggii8IRjS2+RNHIB9RYINfH
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:54 2025 by rpki-client