Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lUR6fUxvMwXDTb69KCbrVDS1JBo.roa
File: lUR6fUxvMwXDTb69KCbrVDS1JBo.roa (raw, json)
Hash identifier: RlbPoH4c+i2Re9ZCSuw99lHpysc+JQZLlgXfWJcxQao=
Subject key identifier: 95:44:7A:7D:4C:6F:33:05:C3:4D:BE:BD:28:26:EB:54:34:B5:24:1A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FAFF554F786EBC5DA84946CC89E1D
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lUR6fUxvMwXDTb69KCbrVDS1JBo.roa
Signing time: Thu 02 Jan 2025 05:49:21 +0000
ROA not before: Thu 02 Jan 2025 05:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48709
IP address blocks: 31.148.24.0/24 maxlen: 24
2a02:128:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:af:f5:54:f7:86:eb:c5:da:84:94:6c:c8:9e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95447a7d4c6f3305c34dbebd2826eb5434b5241a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5d:47:2f:e9:4f:59:ff:bb:ee:4c:7d:a7:fc:
16:6f:71:13:0a:fa:cd:00:95:a5:a9:e3:67:5e:db:
be:98:8a:0d:f3:19:16:fa:48:e3:e7:88:43:5a:6f:
88:c5:b2:bf:2a:37:e6:12:89:7c:2b:3a:d6:db:4f:
69:54:60:67:06:04:10:1a:14:10:41:94:b0:3a:d4:
63:50:ae:6e:75:13:ee:5c:19:4b:4f:b8:dd:82:4d:
9c:e4:90:54:f3:6c:1f:e9:42:b3:15:60:86:af:f8:
96:5e:b5:26:ea:12:cd:de:94:d1:0d:48:df:31:33:
e7:1c:2a:7d:49:d4:e4:e3:71:22:00:93:52:37:01:
db:72:e6:75:20:15:fd:2e:69:b4:df:6f:db:84:4a:
48:de:8c:83:0d:b8:ea:c2:35:45:78:c1:29:5b:43:
28:c2:e6:0e:eb:34:10:02:ae:a0:e8:fc:4c:4b:5b:
3f:b0:88:72:eb:a4:ff:57:29:d8:7b:78:f0:51:71:
18:91:5f:e4:58:cf:61:6d:04:ca:2e:d1:18:6c:5b:
fe:d8:a2:04:6b:a8:1c:c8:4a:83:d5:d8:17:3e:30:
ed:b2:a1:5a:f3:ff:b2:21:a0:f5:75:0d:83:98:b5:
2b:f3:9e:3e:d3:60:64:e5:05:e1:bd:03:1f:69:59:
63:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:44:7A:7D:4C:6F:33:05:C3:4D:BE:BD:28:26:EB:54:34:B5:24:1A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/lUR6fUxvMwXDTb69KCbrVDS1JBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.24.0/24
IPv6:
2a02:128:10::/48
Signature Algorithm: sha256WithRSAEncryption
ae:4c:f3:2e:08:22:14:15:6d:c6:79:86:9e:1b:ea:21:b9:3d:
72:68:41:1f:a2:ba:e9:6f:29:3a:63:14:39:e7:2c:a4:45:15:
75:4d:84:fa:c4:02:95:79:3e:39:7b:c1:6c:59:08:f1:72:ad:
1e:ea:21:40:22:ec:af:50:9b:56:ab:89:14:04:ee:e5:15:18:
af:cb:5c:e3:bb:cc:47:3b:fe:a2:f8:5b:0b:db:c6:b7:9a:21:
c0:a8:5a:36:05:fd:16:a8:5b:5c:d8:b1:a5:a9:a3:b7:64:61:
80:66:4f:9c:5e:a5:f7:47:48:e6:bf:7c:8f:cf:25:02:a7:85:
4f:e3:df:06:33:c2:71:1b:f2:6d:ce:be:97:00:ce:a3:f7:44:
d3:70:4e:76:29:75:c0:cc:6c:a1:b9:cd:72:ea:a0:ec:46:0e:
92:00:1a:f3:93:e7:77:6e:90:74:db:7c:bb:00:8f:12:47:d9:
72:e9:e4:d7:10:0f:ed:95:9c:88:a9:81:c3:05:c2:e7:8f:e0:
94:6a:30:16:c8:36:ac:f6:7b:6a:e3:ad:67:bc:a7:b3:e3:66:
5f:36:ba:93:e7:a8:a2:84:61:29:3b:39:22:be:62:3a:7b:6f:
e4:f5:c9:c1:52:5c:06:8b:77:f7:4a:38:cd:e2:b3:31:0e:6d:
9b:c1:b9:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlj6/1VPeG68XahJRsyJ4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ0N2E3ZDRjNmYzMzA1YzM0ZGJlYmQyODI2ZWI1NDM0YjUyNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk11HL+lPWf+77kx9p/wWb3ETCvrN
AJWlqeNnXtu+mIoN8xkW+kjj54hDWm+IxbK/KjfmEol8KzrW209pVGBnBgQQGhQQ
QZSwOtRjUK5udRPuXBlLT7jdgk2c5JBU82wf6UKzFWCGr/iWXrUm6hLN3pTRDUjf
MTPnHCp9SdTk43EiAJNSNwHbcuZ1IBX9Lmm032/bhEpI3oyDDbjqwjVFeMEpW0Mo
wuYO6zQQAq6g6PxMS1s/sIhy66T/VynYe3jwUXEYkV/kWM9hbQTKLtEYbFv+2KIE
a6gcyEqD1dgXPjDtsqFa8/+yIaD1dQ2DmLUr854+02Bk5QXhvQMfaVljkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVEen1MbzMFw02+vSgm61Q0tSQaMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbFVSNmZVeHZNd1hEVGI2OUtDYnJWRFMxSkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAH5QYMA8E
AgACMAkDBwAqAgEoABAwDQYJKoZIhvcNAQELBQADggEBAK5M8y4IIhQVbcZ5hp4b
6iG5PXJoQR+iuulvKTpjFDnnLKRFFXVNhPrEApV5Pjl7wWxZCPFyrR7qIUAi7K9Q
m1ariRQE7uUVGK/LXOO7zEc7/qL4WwvbxreaIcCoWjYF/RaoW1zYsaWpo7dkYYBm
T5xepfdHSOa/fI/PJQKnhU/j3wYzwnEb8m3OvpcAzqP3RNNwTnYpdcDMbKG5zXLq
oOxGDpIAGvOT53dukHTbfLsAjxJH2XLp5NcQD+2VnIipgcMFwueP4JRqMBbINqz2
e2rjrWe8p7PjZl82upPnqKKEYSk7OSK+Yjp7b+T1ycFSXAaLd/dKOM3iszEObZvB
uew=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:50 2025 by rpki-client