Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Yax_tsLZ706l_fv3iOkkYIqKK30.roa
File: Yax_tsLZ706l_fv3iOkkYIqKK30.roa (raw, json)
Hash identifier: mizGr31yI1QOVka3j8geWLQQs3x9x+2v+RyvM90g8LA=
Subject key identifier: 61:AC:7F:B6:C2:D9:EF:4E:A5:FD:FB:F7:88:E9:24:60:8A:8A:2B:7D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29FB9593AB83CCDD6A0297C28FE3CC
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Yax_tsLZ706l_fv3iOkkYIqKK30.roa
Signing time: Tue 02 Jan 2024 12:33:18 +0000
ROA not before: Tue 02 Jan 2024 12:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44975
IP address blocks: 31.148.1.0/24 maxlen: 24
31.148.174.0/24 maxlen: 24
31.148.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:fb:95:93:ab:83:cc:dd:6a:02:97:c2:8f:e3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61ac7fb6c2d9ef4ea5fdfbf788e924608a8a2b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0f:42:d1:7d:57:d8:79:f0:f3:fb:35:26:68:
fc:86:75:3f:0e:a3:3c:f3:59:ce:4a:93:aa:31:95:
c5:24:11:76:13:25:3e:11:98:27:4d:dc:92:f1:2f:
22:4b:a9:82:b5:0e:67:7e:ac:55:f9:b9:39:73:ad:
6e:b6:c5:f7:80:3f:85:21:be:29:dd:c5:1b:ab:d3:
85:b7:57:54:f6:1a:ca:95:fe:b9:fd:7d:88:5d:3c:
07:a2:70:fe:64:e2:9d:e6:5e:ea:19:09:36:a4:f2:
24:48:46:fb:b9:61:ba:16:44:d5:46:d9:c9:64:ae:
18:7b:4a:a1:da:a6:f0:4c:ac:9f:be:9d:13:4b:ef:
70:49:83:7c:9c:58:06:76:48:88:8b:7d:39:39:5f:
4a:6e:52:5d:ae:a8:64:02:51:9c:b7:2e:a7:08:4e:
6f:6f:21:3b:84:91:1a:72:9c:45:4b:5a:20:2c:a9:
75:aa:d0:06:67:33:d0:11:b3:49:bb:d2:90:48:37:
d1:8f:74:0a:dd:11:5f:49:37:35:0f:fc:c5:95:44:
72:ee:01:55:ef:da:85:aa:a3:5b:a9:95:6a:b6:80:
de:44:f9:29:bc:2a:9b:e1:37:70:c3:37:a6:8a:25:
d7:b7:92:51:51:b8:50:1f:b4:35:2c:28:31:b9:7b:
e6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:AC:7F:B6:C2:D9:EF:4E:A5:FD:FB:F7:88:E9:24:60:8A:8A:2B:7D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Yax_tsLZ706l_fv3iOkkYIqKK30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.1.0/24
31.148.174.0/24
31.148.204.0/24
Signature Algorithm: sha256WithRSAEncryption
82:dd:6a:9c:31:ad:cc:d9:ad:8b:b6:ce:04:4c:ac:f8:8f:c3:
ef:96:bb:7e:cf:54:b9:94:3a:f0:43:f0:64:62:39:43:33:99:
8c:9b:11:bc:e0:d1:19:db:b0:3c:3f:e5:0c:20:ec:96:fe:9e:
14:a8:0b:df:5e:e9:02:85:c4:34:69:90:dc:0c:bd:9f:e9:2f:
46:5c:c7:f2:8b:75:ff:a9:5f:0d:94:a9:a9:50:38:13:4a:0c:
02:0d:7b:90:c1:44:a2:03:6d:4f:c3:cf:c5:f5:d9:30:a5:ce:
7a:19:63:43:27:29:95:b5:f2:56:26:57:82:4c:82:54:ab:a0:
06:f7:93:0c:08:78:ab:95:76:a9:32:5a:b2:d8:4e:5d:78:82:
1e:d7:67:a1:59:f6:a3:81:aa:ea:2e:e2:25:db:c6:11:f3:4a:
a0:cb:bd:d8:c2:5e:6d:11:0f:40:e6:7f:2b:e7:9d:2c:46:48:
bc:2a:28:9a:46:ff:ad:4c:fa:d1:45:e1:6b:4a:d8:21:ac:63:
0d:84:c3:5b:2e:08:b1:83:b0:58:33:f5:f0:6a:48:53:c9:55:
85:73:67:68:5d:ff:9c:ee:44:fc:30:ed:e9:4d:1a:df:86:07:
a4:28:6b:a5:17:1e:c0:96:1f:f1:3e:09:90:1f:93:71:87:b5:
53:1e:a5:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKfuVk6uDzN1qApfCj+PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWFjN2ZiNmMyZDllZjRlYTVmZGZiZjc4OGU5MjQ2MDhhOGEyYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg9C0X1X2Hnw8/s1Jmj8hnU/DqM8
81nOSpOqMZXFJBF2EyU+EZgnTdyS8S8iS6mCtQ5nfqxV+bk5c61utsX3gD+FIb4p
3cUbq9OFt1dU9hrKlf65/X2IXTwHonD+ZOKd5l7qGQk2pPIkSEb7uWG6FkTVRtnJ
ZK4Ye0qh2qbwTKyfvp0TS+9wSYN8nFgGdkiIi305OV9KblJdrqhkAlGcty6nCE5v
byE7hJEacpxFS1ogLKl1qtAGZzPQEbNJu9KQSDfRj3QK3RFfSTc1D/zFlURy7gFV
79qFqqNbqZVqtoDeRPkpvCqb4TdwwzemiiXXt5JRUbhQH7Q1LCgxuXvmrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGGsf7bC2e9Opf3794jpJGCKiit9MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWWF4X3RzTFo3MDZsX2Z2M2lPa2tZSXFLSzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5QBAwQA
H5SuAwQAH5TMMA0GCSqGSIb3DQEBCwUAA4IBAQCC3WqcMa3M2a2Lts4ETKz4j8Pv
lrt+z1S5lDrwQ/BkYjlDM5mMmxG84NEZ27A8P+UMIOyW/p4UqAvfXukChcQ0aZDc
DL2f6S9GXMfyi3X/qV8NlKmpUDgTSgwCDXuQwUSiA21Pw8/F9dkwpc56GWNDJymV
tfJWJleCTIJUq6AG95MMCHirlXapMlqy2E5deIIe12ehWfajgarqLuIl28YR80qg
y73Ywl5tEQ9A5n8r550sRki8KiiaRv+tTPrRReFrStghrGMNhMNbLgixg7BYM/Xw
akhTyVWFc2doXf+c7kT8MO3pTRrfhgekKGulFx7Alh/xPgmQH5Nxh7VTHqWj
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:06 2025 by rpki-client