Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/l5s3zTjQ3dsO0URGrfpFG5K_BaI.roa
File: l5s3zTjQ3dsO0URGrfpFG5K_BaI.roa (raw, json)
Hash identifier: yGmzCCgoMyPqRnTWF0FE0cj58rBq9sdaVADoZno+OUo=
Subject key identifier: 97:9B:37:CD:38:D0:DD:DB:0E:D1:44:46:AD:FA:45:1B:92:BF:05:A2
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095326812E7EAAB0E6E03613028F547
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/l5s3zTjQ3dsO0URGrfpFG5K_BaI.roa
Signing time: Mon 02 Jan 2023 03:45:03 +0000
ROA not before: Mon 02 Jan 2023 03:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44975
IP address blocks: 31.148.1.0/24 maxlen: 24
31.148.174.0/24 maxlen: 24
31.148.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:32:68:12:e7:ea:ab:0e:6e:03:61:30:28:f5:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=979b37cd38d0dddb0ed14446adfa451b92bf05a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:02:9a:12:43:48:72:27:fa:c9:99:70:56:7e:
c3:af:4a:46:bb:9b:93:a2:31:c7:80:62:0d:37:50:
1a:bb:62:ed:4f:e4:5c:e1:f4:90:2f:54:07:ce:e4:
cd:ca:4d:1a:c2:22:86:88:ac:50:bd:89:1f:ab:7f:
49:b8:2e:3a:3b:af:60:d2:d3:5e:4e:f5:dc:d4:65:
92:2d:16:e8:a9:d2:d9:8a:f9:00:4c:c7:57:4f:b2:
77:8f:58:0b:7b:7b:df:31:0a:12:81:e5:7f:be:dc:
c9:b9:4d:9b:44:e4:a9:52:8d:e7:c5:3a:9b:fd:86:
cf:2f:a6:9a:3e:53:7b:e9:29:1a:ce:cc:dd:89:1d:
98:e7:ba:50:05:e2:19:15:f4:f2:f5:2c:32:4a:d2:
e8:24:d7:9d:5e:06:37:82:ff:58:fa:af:af:3d:0c:
88:f1:00:bb:a6:14:76:1d:ad:f6:d7:81:4b:51:4c:
81:31:24:f7:d5:83:70:15:e9:fa:54:7f:78:77:f1:
24:87:90:4b:d8:4f:88:2a:5e:8b:4d:96:5e:77:79:
a8:b4:1e:d2:38:7f:00:8e:fb:ad:ea:03:7f:54:45:
00:02:3f:29:65:0c:3f:71:21:08:9d:dc:45:6f:db:
35:88:30:99:ec:ba:37:1a:75:7f:5b:3f:f6:d8:39:
f3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:9B:37:CD:38:D0:DD:DB:0E:D1:44:46:AD:FA:45:1B:92:BF:05:A2
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/l5s3zTjQ3dsO0URGrfpFG5K_BaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.1.0/24
31.148.174.0/24
31.148.204.0/24
Signature Algorithm: sha256WithRSAEncryption
28:db:8e:a7:5e:26:a9:c8:ef:a5:b3:f8:33:65:bb:fc:72:72:
06:4f:d4:b6:87:2e:b9:40:ae:9a:1e:ce:1b:c9:df:95:e1:47:
e1:7f:f7:0c:ff:3a:c6:a3:fb:f9:26:6e:67:1d:d4:a3:89:d5:
9d:a9:12:1f:bf:99:d8:37:85:9c:04:3d:0e:aa:60:8b:94:6e:
1f:de:f6:37:3a:47:98:7d:69:a7:af:4f:83:e3:94:d5:29:17:
6a:d7:8e:d9:b4:52:9b:91:97:d0:f9:cd:c0:76:5b:0a:46:4a:
47:5a:b9:0d:b6:af:67:7d:7e:80:83:bd:0b:27:cf:bb:40:7c:
a2:0b:28:74:29:f4:3d:e0:49:49:c4:4a:14:2b:ae:74:fd:43:
79:02:f2:33:34:d7:8b:82:a9:07:a8:f0:a8:a1:a1:f4:f0:f9:
41:93:1b:50:6b:bb:15:42:d7:20:c2:f0:22:ec:82:de:fa:ad:
d8:4d:39:c3:f7:16:87:06:c3:49:57:44:b0:33:5a:ba:c3:c5:
39:0a:71:bf:93:7f:a9:8e:c6:a5:21:27:76:17:67:6f:d0:3f:
48:2e:a0:a5:86:ce:95:ad:86:f5:fd:9b:1e:c5:dd:79:01:c5:
35:8f:17:d3:47:a6:6f:72:93:e3:6b:5b:d8:94:80:c8:e5:1d:
85:e0:30:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwlTJoEufqqw5uA2EwKPVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzliMzdjZDM4ZDBkZGRiMGVkMTQ0NDZhZGZhNDUxYjkyYmYwNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAKaEkNIcif6yZlwVn7Dr0pGu5uT
ojHHgGINN1Aau2LtT+Rc4fSQL1QHzuTNyk0awiKGiKxQvYkfq39JuC46O69g0tNe
TvXc1GWSLRboqdLZivkATMdXT7J3j1gLe3vfMQoSgeV/vtzJuU2bROSpUo3nxTqb
/YbPL6aaPlN76SkazszdiR2Y57pQBeIZFfTy9SwyStLoJNedXgY3gv9Y+q+vPQyI
8QC7phR2Ha3214FLUUyBMST31YNwFen6VH94d/Ekh5BL2E+IKl6LTZZed3motB7S
OH8Ajvut6gN/VEUAAj8pZQw/cSEIndxFb9s1iDCZ7Lo3GnV/Wz/22DnzewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJebN8040N3bDtFERq36RRuSvwWiMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbDVzM3pUalEzZHNPMFVSR3JmcEZHNUtfQmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH5QBAwQA
H5SuAwQAH5TMMA0GCSqGSIb3DQEBCwUAA4IBAQAo246nXiapyO+ls/gzZbv8cnIG
T9S2hy65QK6aHs4byd+V4Ufhf/cM/zrGo/v5Jm5nHdSjidWdqRIfv5nYN4WcBD0O
qmCLlG4f3vY3OkeYfWmnr0+D45TVKRdq147ZtFKbkZfQ+c3AdlsKRkpHWrkNtq9n
fX6Ag70LJ8+7QHyiCyh0KfQ94ElJxEoUK650/UN5AvIzNNeLgqkHqPCooaH08PlB
kxtQa7sVQtcgwvAi7ILe+q3YTTnD9xaHBsNJV0SwM1q6w8U5CnG/k3+pjsalISd2
F2dv0D9ILqClhs6VrYb1/Zsexd15AcU1jxfTR6ZvcpPja1vYlIDI5R2F4DBZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:34 2025 by rpki-client