Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kS82w4MIRBuEPOYo7fTA1NVvv44.roa
File: kS82w4MIRBuEPOYo7fTA1NVvv44.roa (raw, json)
Hash identifier: 5mD0a0xPxoFbHmakt5Qa06fdAluCtLxRfwVMeWPQkek=
Subject key identifier: 91:2F:36:C3:83:08:44:1B:84:3C:E6:28:ED:F4:C0:D4:D5:6F:BF:8E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570953B7286DBF3E44FA76D9901747CD1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kS82w4MIRBuEPOYo7fTA1NVvv44.roa
Signing time: Mon 02 Jan 2023 03:45:06 +0000
ROA not before: Mon 02 Jan 2023 03:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48709
IP address blocks: 31.148.24.0/24 maxlen: 24
2a02:128:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:3b:72:86:db:f3:e4:4f:a7:6d:99:01:74:7c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=912f36c38308441b843ce628edf4c0d4d56fbf8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ee:aa:b2:59:c5:8b:c4:49:3c:f2:a3:88:ae:
4d:c0:8d:04:84:ab:33:f6:fc:ca:93:b1:03:54:e9:
c3:8a:e5:a4:c8:d0:f5:7e:63:9c:ca:ba:f1:22:9b:
b1:a6:70:18:b4:cd:77:db:50:57:fa:90:6b:d1:af:
93:74:d3:25:24:d1:4d:2a:a5:26:4a:d8:c0:3c:53:
59:08:81:0a:8c:a2:c9:e5:fb:fa:ed:27:46:47:50:
e5:86:b1:33:dd:f0:5f:4b:6b:8b:b2:49:9a:98:79:
e2:57:db:1c:92:94:ef:44:cf:6f:d6:41:e1:90:bf:
b8:6b:df:2d:d6:83:13:15:f8:6f:c3:29:ee:70:64:
f4:b8:7b:90:68:b5:eb:f6:e8:86:63:c2:d2:7c:3e:
b2:cc:83:ee:a4:05:9f:a9:19:f1:17:a7:64:a6:b3:
d3:5d:09:f3:12:a4:20:4b:8e:8a:11:f6:f4:36:08:
f7:f0:b2:ff:ce:07:36:c3:79:85:cf:c8:3a:b2:6e:
6d:0d:a1:19:f1:cc:ca:e4:cb:44:10:49:71:6f:b2:
ab:51:0a:7f:b1:e3:9e:10:01:63:39:8b:21:9e:09:
4e:d4:6d:8f:d4:29:0e:1a:84:9e:17:9a:c8:b6:c2:
dd:17:51:b9:2b:d6:ee:20:58:a2:46:ce:81:32:f1:
b4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2F:36:C3:83:08:44:1B:84:3C:E6:28:ED:F4:C0:D4:D5:6F:BF:8E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kS82w4MIRBuEPOYo7fTA1NVvv44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.24.0/24
IPv6:
2a02:128:10::/48
Signature Algorithm: sha256WithRSAEncryption
0b:95:35:99:84:eb:45:37:97:6c:41:83:5e:c6:94:8b:f5:ab:
30:4b:d2:a4:27:7d:2a:af:7f:7b:16:05:af:7c:09:a7:e0:20:
c9:dd:7e:37:1a:5c:1d:02:6e:50:c7:c7:7f:1e:e8:c6:5d:bb:
29:f9:60:ec:fe:87:cf:be:95:79:d4:02:bc:03:67:40:c3:0e:
e1:06:69:67:32:50:0e:87:40:13:97:ee:a4:7b:cd:73:45:9d:
83:e9:7b:b2:e2:3c:f6:35:6a:c0:d6:c8:cd:c8:65:f8:b5:4b:
cf:98:b0:92:08:6b:79:32:dd:82:38:d7:ff:7b:1e:67:a6:8e:
a2:09:5c:f0:e2:f6:65:cf:e9:89:f4:16:c0:57:64:35:87:04:
0e:e9:61:0e:4e:67:15:d9:d9:1e:4a:ea:24:86:97:a8:cc:f3:
c0:09:2b:c4:ae:af:4a:4c:7a:35:13:db:18:01:9b:5b:b5:19:
f7:20:66:bd:43:66:be:8e:95:0d:56:ea:1d:fc:26:16:c9:a4:
21:19:91:fe:2b:d6:ef:9e:9b:1e:ec:00:5a:80:85:8a:f1:62:
4a:3e:55:67:1d:79:55:69:eb:fb:92:2f:b0:0e:65:fc:e6:66:
1b:c4:38:2f:89:3b:75:3f:1a:8e:83:42:55:6b:23:42:f5:b3:
89:34:90:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwlTtyhtvz5E+nbZkBdHzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJmMzZjMzgzMDg0NDFiODQzY2U2MjhlZGY0YzBkNGQ1NmZiZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu6qslnFi8RJPPKjiK5NwI0EhKsz
9vzKk7EDVOnDiuWkyND1fmOcyrrxIpuxpnAYtM1321BX+pBr0a+TdNMlJNFNKqUm
StjAPFNZCIEKjKLJ5fv67SdGR1DlhrEz3fBfS2uLskmamHniV9sckpTvRM9v1kHh
kL+4a98t1oMTFfhvwynucGT0uHuQaLXr9uiGY8LSfD6yzIPupAWfqRnxF6dkprPT
XQnzEqQgS46KEfb0Ngj38LL/zgc2w3mFz8g6sm5tDaEZ8czK5MtEEElxb7KrUQp/
seOeEAFjOYshnglO1G2P1CkOGoSeF5rItsLdF1G5K9buIFiiRs6BMvG0iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEvNsODCEQbhDzmKO30wNTVb7+OMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEva1M4Mnc0TUlSQnVFUE9ZbzdmVEExTlZ2djQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAH5QYMA8E
AgACMAkDBwAqAgEoABAwDQYJKoZIhvcNAQELBQADggEBAAuVNZmE60U3l2xBg17G
lIv1qzBL0qQnfSqvf3sWBa98CafgIMndfjcaXB0CblDHx38e6MZduyn5YOz+h8++
lXnUArwDZ0DDDuEGaWcyUA6HQBOX7qR7zXNFnYPpe7LiPPY1asDWyM3IZfi1S8+Y
sJIIa3ky3YI41/97HmemjqIJXPDi9mXP6Yn0FsBXZDWHBA7pYQ5OZxXZ2R5K6iSG
l6jM88AJK8Sur0pMejUT2xgBm1u1GfcgZr1DZr6OlQ1W6h38JhbJpCEZkf4r1u+e
mx7sAFqAhYrxYko+VWcdeVVp6/uSL7AOZfzmZhvEOC+JO3U/Go6DQlVrI0L1s4k0
kCU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:31 2025 by rpki-client