Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vBww7nm555KG7VT3pYf4IXTfrAQ.roa
File: vBww7nm555KG7VT3pYf4IXTfrAQ.roa (raw, json)
Hash identifier: h5y3tRb03pCJQQJVaTNbWUa9T6jZESw+CGY8K2tY1M8=
Subject key identifier: BC:1C:30:EE:79:B9:E7:92:86:ED:54:F7:A5:87:F8:21:74:DF:AC:04
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FBDF9104251815EC35CDD619F4CD0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vBww7nm555KG7VT3pYf4IXTfrAQ.roa
Signing time: Thu 02 Jan 2025 05:49:24 +0000
ROA not before: Thu 02 Jan 2025 05:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51962
IP address blocks: 31.148.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:bd:f9:10:42:51:81:5e:c3:5c:dd:61:9f:4c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc1c30ee79b9e79286ed54f7a587f82174dfac04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e3:0b:9e:ef:82:53:36:e2:53:44:de:56:db:
bd:10:43:a7:b7:21:f8:a5:8c:f3:2c:3e:46:5c:cb:
9f:16:e2:a5:6c:83:da:39:20:d9:bb:e7:2a:ee:45:
10:3e:c1:ad:74:c9:ce:7f:9c:7c:8e:f1:2c:ae:68:
83:b9:53:35:90:69:15:7e:ca:01:30:a4:9b:7b:03:
30:b8:da:5b:3c:45:2e:f2:08:59:a1:94:8b:10:95:
85:0c:fd:cb:9c:3c:78:9b:43:0d:f2:7c:9b:58:d1:
c5:56:f7:b8:aa:4b:8e:6c:c0:e7:f8:33:f9:dd:28:
97:46:e4:f5:20:57:ad:4f:27:cf:2a:ec:7d:d0:6c:
d8:8c:93:09:2d:20:3a:55:e0:44:ac:c0:7a:5a:f2:
28:68:3e:49:67:ef:e1:7a:08:b9:64:4f:77:69:77:
6d:b1:43:cd:83:57:64:2c:2c:08:02:2c:89:78:61:
c9:9c:dc:ab:59:d1:11:b9:19:46:de:e1:ed:41:bc:
7d:ab:22:3c:5f:29:6c:bd:a8:99:a6:29:1f:2e:d8:
ea:70:ff:0c:83:72:c9:46:04:31:a1:89:68:97:fc:
31:ef:f1:1c:07:c9:0a:76:4c:21:a8:0f:0c:27:94:
cf:16:ce:45:6c:eb:19:0d:9b:1b:92:14:37:18:ca:
34:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1C:30:EE:79:B9:E7:92:86:ED:54:F7:A5:87:F8:21:74:DF:AC:04
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vBww7nm555KG7VT3pYf4IXTfrAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:06:5b:a9:25:34:16:62:5f:48:e6:e4:b5:5a:fe:16:31:5b:
e4:ad:d8:8c:e2:a1:58:8e:90:10:f9:ac:7f:16:b8:4e:ca:3a:
b5:4f:f5:cb:e8:19:c9:7e:6d:f1:35:25:da:c0:cf:e9:d9:76:
13:80:f2:90:3c:78:9f:31:36:81:4c:bb:e8:f1:17:1c:ce:cb:
fb:3a:42:05:c0:cd:f3:70:c5:a1:a4:a7:b6:c5:85:bb:b7:8f:
96:ef:72:9f:cd:2a:51:46:c9:e7:87:34:df:60:a2:08:7d:48:
e6:de:ad:5a:59:42:a9:c0:75:a8:90:8b:64:40:be:6f:c8:24:
d0:02:ad:36:16:4d:da:00:32:ef:30:f2:fe:fa:b5:a5:c0:c6:
4e:3e:1d:b3:8f:14:2f:2c:d4:0e:bd:b9:37:d9:da:b3:77:7b:
8a:ad:87:2c:3f:25:4d:4e:d1:72:4b:89:67:8f:79:5e:03:0c:
91:6a:ab:9a:d8:19:60:b5:b0:d1:6f:ec:93:51:3b:fd:74:27:
9d:93:4b:b3:83:1b:33:5c:d9:c2:de:90:af:59:a8:da:3e:32:
d2:ce:60:9b:f6:20:39:6c:ed:b1:3a:7e:18:89:77:f4:e2:06:
08:ec:c9:ff:f4:73:ef:63:ea:2c:d9:34:f7:97:73:2b:d3:d4:
64:7d:b9:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj735EEJRgV7DXN1hn0zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFjMzBlZTc5YjllNzkyODZlZDU0ZjdhNTg3ZjgyMTc0ZGZhYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+MLnu+CUzbiU0TeVtu9EEOntyH4
pYzzLD5GXMufFuKlbIPaOSDZu+cq7kUQPsGtdMnOf5x8jvEsrmiDuVM1kGkVfsoB
MKSbewMwuNpbPEUu8ghZoZSLEJWFDP3LnDx4m0MN8nybWNHFVve4qkuObMDn+DP5
3SiXRuT1IFetTyfPKux90GzYjJMJLSA6VeBErMB6WvIoaD5JZ+/hegi5ZE93aXdt
sUPNg1dkLCwIAiyJeGHJnNyrWdERuRlG3uHtQbx9qyI8XylsvaiZpikfLtjqcP8M
g3LJRgQxoYlol/wx7/EcB8kKdkwhqA8MJ5TPFs5FbOsZDZsbkhQ3GMo0CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLwcMO55ueeShu1U96WH+CF036wEMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdkJ3dzdubTU1NUtHN1ZUM3BZZjRJWFRmckFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5TdMA0G
CSqGSIb3DQEBCwUAA4IBAQCaBlupJTQWYl9I5uS1Wv4WMVvkrdiM4qFYjpAQ+ax/
FrhOyjq1T/XL6BnJfm3xNSXawM/p2XYTgPKQPHifMTaBTLvo8Rcczsv7OkIFwM3z
cMWhpKe2xYW7t4+W73KfzSpRRsnnhzTfYKIIfUjm3q1aWUKpwHWokItkQL5vyCTQ
Aq02Fk3aADLvMPL++rWlwMZOPh2zjxQvLNQOvbk32dqzd3uKrYcsPyVNTtFyS4ln
j3leAwyRaqua2BlgtbDRb+yTUTv9dCedk0uzgxszXNnC3pCvWajaPjLSzmCb9iA5
bO2xOn4YiXf04gYI7Mn/9HPvY+os2TT3l3Mr09RkfbnP
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:25 2025 by rpki-client