Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/WYTqj2Ru4b6Ds31lFp0qL0GBiG0.roa
File: WYTqj2Ru4b6Ds31lFp0qL0GBiG0.roa (raw, json)
Hash identifier: TiMpifh1/6heVxOwrxdYBK/lz/TeczLDX2jTHHgJqNw=
Subject key identifier: 59:84:EA:8F:64:6E:E1:BE:83:B3:7D:65:16:9D:2A:2F:41:81:88:6D
Certificate issuer: /CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Certificate serial: 019425213557DDCFA9229AFFCC970B074359
Authority key identifier: 95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/WYTqj2Ru4b6Ds31lFp0qL0GBiG0.roa
Signing time: Thu 02 Jan 2025 03:48:40 +0000
ROA not before: Thu 02 Jan 2025 03:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49461
IP address blocks: 31.42.160.0/20 maxlen: 20
31.42.160.0/24 maxlen: 24
31.42.161.0/24 maxlen: 24
31.42.162.0/24 maxlen: 24
31.42.163.0/24 maxlen: 24
31.42.164.0/24 maxlen: 24
31.42.165.0/24 maxlen: 24
31.42.166.0/24 maxlen: 24
31.42.167.0/24 maxlen: 24
31.42.168.0/24 maxlen: 24
31.42.169.0/24 maxlen: 24
31.42.170.0/24 maxlen: 24
31.42.171.0/24 maxlen: 24
31.42.172.0/23 maxlen: 23
31.42.172.0/24 maxlen: 24
31.42.173.0/24 maxlen: 24
31.42.174.0/24 maxlen: 24
31.42.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:35:57:dd:cf:a9:22:9a:ff:cc:97:0b:07:43:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Validity
Not Before: Jan 2 03:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5984ea8f646ee1be83b37d65169d2a2f4181886d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c7:3a:1c:64:b9:92:43:af:3b:09:c4:37:01:
18:03:20:52:16:b7:ba:ed:ec:c4:90:ac:55:40:6b:
aa:f2:37:72:7d:55:93:c8:a2:14:4b:81:c3:bc:ff:
8c:88:0d:52:37:19:4f:c5:17:18:d0:5c:7f:38:12:
22:ce:dd:3a:af:c4:e4:1b:b9:f7:d8:b4:4e:19:a4:
39:fc:40:55:f2:7c:7f:9f:62:c3:d8:45:70:4a:f7:
a4:99:56:4c:70:95:33:13:8a:32:26:b2:67:f1:87:
af:6c:20:26:e2:81:4b:d1:70:5d:99:ba:96:70:e1:
22:40:22:f3:f5:62:a2:e9:c5:cf:07:e2:4a:ea:40:
ee:25:5e:c6:30:3a:9a:98:a7:e4:5f:ed:27:9d:92:
27:0e:ea:c2:d2:51:38:70:8b:f2:88:dc:40:24:94:
38:06:81:66:15:a5:4f:85:5c:07:8e:3f:81:65:cc:
ce:cd:44:0a:48:22:eb:3d:ec:25:b4:74:56:94:5e:
56:96:97:b0:4a:98:94:a7:4f:c4:9b:dc:af:5a:3e:
4e:2e:80:d1:6e:12:52:72:5f:dd:7f:82:6a:7e:f9:
60:c5:78:49:54:ce:80:26:e7:8c:c8:9e:10:c9:f8:
92:9f:2b:fc:3e:a7:56:f7:3e:c5:84:5b:14:d0:06:
0d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:84:EA:8F:64:6E:E1:BE:83:B3:7D:65:16:9D:2A:2F:41:81:88:6D
X509v3 Authority Key Identifier:
keyid:95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/WYTqj2Ru4b6Ds31lFp0qL0GBiG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.160.0/20
Signature Algorithm: sha256WithRSAEncryption
98:f8:4f:97:11:d4:5c:ae:72:55:20:39:ea:91:61:6b:5f:28:
bd:2b:57:e6:f0:ec:6e:14:94:ff:69:41:db:b4:c7:ac:03:ea:
a2:bf:a0:5d:c8:95:b2:e2:b2:8d:c1:de:ac:03:23:70:13:78:
96:9c:31:0b:f8:85:34:ad:c9:ab:ae:f9:a2:ea:56:5e:1c:f4:
60:42:23:f9:20:83:0a:81:44:41:b7:b1:b7:9e:6a:b4:d9:0e:
31:82:1e:3d:23:b8:fe:18:02:8e:1b:00:29:8f:3c:66:a5:e0:
dd:ab:f9:48:b8:45:ba:52:0a:f7:c1:a6:63:6a:18:e9:56:5d:
c4:45:f2:fa:4b:92:a9:45:e1:c1:3f:8e:76:0e:59:60:7c:6d:
d9:2e:26:c6:ec:25:ee:29:a3:54:57:e4:21:77:30:77:3b:73:
ac:e2:a4:af:89:6b:7b:02:91:8d:c4:3c:83:52:96:8b:94:79:
e4:1c:91:b7:bf:5c:77:9d:4b:64:e4:e7:a1:4b:dc:52:5b:d5:
e9:bf:6b:56:a0:a1:9f:25:f4:90:da:7b:a7:40:af:93:20:72:
b5:5b:4b:5c:08:3c:3a:1c:4a:9b:f7:4d:9a:ae:35:e6:81:0f:
85:12:bf:46:09:d5:4b:f0:14:14:a5:79:a7:89:42:b1:50:b8:
a2:7f:18:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlITVX3c+pIpr/zJcLB0NZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTgxMzExZWYxZDM2ZWNjNmQxMjVlMzZjODJjMjZmOTE1
YjBkZjcwHhcNMjUwMTAyMDM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTg0ZWE4ZjY0NmVlMWJlODNiMzdkNjUxNjlkMmEyZjQxODE4ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcc6HGS5kkOvOwnENwEYAyBSFre6
7ezEkKxVQGuq8jdyfVWTyKIUS4HDvP+MiA1SNxlPxRcY0Fx/OBIizt06r8TkG7n3
2LROGaQ5/EBV8nx/n2LD2EVwSvekmVZMcJUzE4oyJrJn8YevbCAm4oFL0XBdmbqW
cOEiQCLz9WKi6cXPB+JK6kDuJV7GMDqamKfkX+0nnZInDurC0lE4cIvyiNxAJJQ4
BoFmFaVPhVwHjj+BZczOzUQKSCLrPewltHRWlF5WlpewSpiUp0/Em9yvWj5OLoDR
bhJScl/df4JqfvlgxXhJVM6AJueMyJ4QyfiSnyv8PqdW9z7FhFsU0AYNVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmE6o9kbuG+g7N9ZRadKi9BgYhtMB8GA1UdIwQY
MBaAFJXoExHvHTbsxtEl42yCwm+RWw33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgt
NzM0ZmFiNmZlYzZmLzEvV1lUcWoyUnU0YjZEczMxbEZwMHFMMEdCaUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgtNzM0ZmFiNmZlYzZm
LzEvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEHyqgMA0G
CSqGSIb3DQEBCwUAA4IBAQCY+E+XEdRcrnJVIDnqkWFrXyi9K1fm8OxuFJT/aUHb
tMesA+qiv6BdyJWy4rKNwd6sAyNwE3iWnDEL+IU0rcmrrvmi6lZeHPRgQiP5IIMK
gURBt7G3nmq02Q4xgh49I7j+GAKOGwApjzxmpeDdq/lIuEW6Ugr3waZjahjpVl3E
RfL6S5KpReHBP452DllgfG3ZLibG7CXuKaNUV+QhdzB3O3Os4qSviWt7ApGNxDyD
UpaLlHnkHJG3v1x3nUtk5OehS9xSW9Xpv2tWoKGfJfSQ2nunQK+TIHK1W0tcCDw6
HEqb902arjXmgQ+FEr9GCdVL8BQUpXmniUKxULiifxgj
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:21:07 2025 by rpki-client