Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O5haBPrHDj211Q-WT2r01BhrxWE.roa
File: O5haBPrHDj211Q-WT2r01BhrxWE.roa (raw, json)
Hash identifier: U49a7fn6nA6lk3wrwfnKEcM2vvntor8mc8sajicpIZw=
Subject key identifier: 3B:98:5A:04:FA:C7:0E:3D:B5:D5:0F:96:4F:6A:F4:D4:18:6B:C5:61
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0189D590B98E1CB87942E05B871D02B5337A
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O5haBPrHDj211Q-WT2r01BhrxWE.roa
Signing time: Tue 08 Aug 2023 14:32:58 +0000
ROA not before: Tue 08 Aug 2023 14:32:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49491
IP address blocks: 31.148.134.0/23 maxlen: 24
31.148.150.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:90:b9:8e:1c:b8:79:42:e0:5b:87:1d:02:b5:33:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Aug 8 14:32:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b985a04fac70e3db5d50f964f6af4d4186bc561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1f:1e:1a:4e:09:59:5f:a4:6b:2b:8e:dd:fd:
44:2e:b4:1c:29:cd:53:77:9d:ab:e5:a1:02:65:d9:
c3:20:86:7d:4c:4f:e1:a1:d7:f4:3b:97:a9:0b:9e:
e1:b5:ef:15:36:d8:ed:83:e9:01:9a:0c:ab:9e:16:
e4:6f:cc:4a:28:47:67:1c:86:d4:5b:a1:f8:b3:f2:
76:3d:68:2d:9f:60:e4:df:c1:fb:d9:67:40:81:a4:
c4:5c:c7:11:3b:a4:d3:98:e8:1b:b7:35:ae:6e:eb:
2d:27:17:b7:45:51:06:56:ae:60:00:0d:dc:d8:73:
7f:e8:17:22:26:9f:11:b2:54:6d:d8:a2:b0:e2:ee:
74:21:da:52:d3:0e:5e:f5:6d:65:07:59:30:70:61:
0f:72:8b:23:e2:90:7b:1b:9d:ee:fe:43:0d:68:ea:
7d:98:73:e9:25:53:63:27:f1:23:91:e6:0f:76:cc:
4e:c1:8a:83:33:be:e6:d2:1a:21:71:31:77:87:af:
a3:15:c1:0b:13:ed:71:34:30:d7:86:05:84:2b:06:
81:17:fb:c6:44:d1:5c:e5:08:3a:25:5f:0a:3f:42:
17:85:9d:d8:4c:58:91:b6:3c:6b:7a:d4:39:9a:ee:
ed:8a:9e:a9:13:7b:08:37:71:f7:d9:23:1d:7e:24:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:98:5A:04:FA:C7:0E:3D:B5:D5:0F:96:4F:6A:F4:D4:18:6B:C5:61
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O5haBPrHDj211Q-WT2r01BhrxWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.134.0/23
31.148.150.0/23
Signature Algorithm: sha256WithRSAEncryption
af:32:ca:df:55:41:af:47:a9:bb:02:a0:a7:30:a6:0e:50:19:
69:73:cf:6a:d3:be:17:7a:5a:70:0f:d8:ce:89:bd:b1:b8:80:
ff:ee:9e:c0:83:9d:b0:e9:59:69:bd:af:3a:26:58:52:01:cc:
02:f7:e9:16:20:46:47:b1:6c:16:7e:f3:64:fd:c6:ed:bd:fa:
ff:3d:e3:40:5d:a0:6f:37:57:2a:db:ae:9d:a9:bb:0b:cf:ee:
f7:c7:a8:65:98:57:85:c2:6d:fa:e2:a8:5d:76:20:fc:c9:9d:
61:51:9c:85:cb:dd:df:68:ca:d6:b9:89:a7:eb:98:9d:83:a7:
1e:0f:2f:ab:c4:f6:f5:7a:e5:d0:50:23:76:66:df:92:f8:e2:
df:86:09:36:eb:bb:71:0c:bb:77:b0:7b:e3:bf:38:80:92:6a:
12:1f:96:38:e6:9a:c7:96:23:54:93:c5:7b:aa:f1:39:89:38:
76:93:f2:9b:7b:58:92:45:4f:ee:27:18:22:39:64:e1:c0:ad:
97:b8:23:e2:d1:40:99:f6:14:86:7a:22:ef:24:0b:4c:20:fe:
13:61:0f:46:1b:2c:bd:4f:25:ae:ae:8a:70:f7:73:f3:2d:de:
86:f7:75:db:fa:49:4d:13:ea:2b:1e:49:8b:c6:fb:4f:2f:19:
8d:a8:8b:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnVkLmOHLh5QuBbhx0CtTN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwODA4MTQzMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk4NWEwNGZhYzcwZTNkYjVkNTBmOTY0ZjZhZjRkNDE4NmJjNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh8eGk4JWV+kayuO3f1ELrQcKc1T
d52r5aECZdnDIIZ9TE/hodf0O5epC57hte8VNtjtg+kBmgyrnhbkb8xKKEdnHIbU
W6H4s/J2PWgtn2Dk38H72WdAgaTEXMcRO6TTmOgbtzWubustJxe3RVEGVq5gAA3c
2HN/6BciJp8RslRt2KKw4u50IdpS0w5e9W1lB1kwcGEPcosj4pB7G53u/kMNaOp9
mHPpJVNjJ/EjkeYPdsxOwYqDM77m0hohcTF3h6+jFcELE+1xNDDXhgWEKwaBF/vG
RNFc5Qg6JV8KP0IXhZ3YTFiRtjxretQ5mu7tip6pE3sIN3H32SMdfiT73QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDuYWgT6xw49tdUPlk9q9NQYa8VhMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTzVoYUJQckhEajIxMVEtV1QycjAxQmhyeFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH5SGAwQB
H5SWMA0GCSqGSIb3DQEBCwUAA4IBAQCvMsrfVUGvR6m7AqCnMKYOUBlpc89q074X
elpwD9jOib2xuID/7p7Ag52w6Vlpva86JlhSAcwC9+kWIEZHsWwWfvNk/cbtvfr/
PeNAXaBvN1cq266dqbsLz+73x6hlmFeFwm364qhddiD8yZ1hUZyFy93faMrWuYmn
65idg6ceDy+rxPb1euXQUCN2Zt+S+OLfhgk267txDLt3sHvjvziAkmoSH5Y45prH
liNUk8V7qvE5iTh2k/Kbe1iSRU/uJxgiOWThwK2XuCPi0UCZ9hSGeiLvJAtMIP4T
YQ9GGyy9TyWuropw93PzLd6G93Xb+klNE+orHkmLxvtPLxmNqIvj
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:08 2025 by rpki-client