Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/97484a-f001-46f2-b64b-b67abd87a24a/1/Cvcxm7Q5YwDT_XSR85e8Mu3sc-s.roa
File: Cvcxm7Q5YwDT_XSR85e8Mu3sc-s.roa (raw, json)
Hash identifier: c+bhTRYMgJ9Bp3AntxJjbf+B2keDhIz737EcjeGdTaw=
Subject key identifier: 0A:F7:31:9B:B4:39:63:00:D3:FD:74:91:F3:97:BC:32:ED:EC:73:EB
Certificate issuer: /CN=928ae806317c4c8224ed42f9bef04cee9f88c0e0
Certificate serial: 0186E4D5E1E444ECAD46C1E9DCB1FB0E5FC0
Authority key identifier: 92:8A:E8:06:31:7C:4C:82:24:ED:42:F9:BE:F0:4C:EE:9F:88:C0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koroBjF8TIIk7UL5vvBM7p-IwOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/97484a-f001-46f2-b64b-b67abd87a24a/1/Cvcxm7Q5YwDT_XSR85e8Mu3sc-s.roa
Signing time: Wed 15 Mar 2023 10:34:27 +0000
ROA not before: Wed 15 Mar 2023 10:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43088
IP address blocks: 46.31.16.0/21 maxlen: 24
193.200.225.0/24 maxlen: 24
2a02:2530::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:d5:e1:e4:44:ec:ad:46:c1:e9:dc:b1:fb:0e:5f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=928ae806317c4c8224ed42f9bef04cee9f88c0e0
Validity
Not Before: Mar 15 10:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0af7319bb4396300d3fd7491f397bc32edec73eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:04:93:37:9c:ba:7d:e5:8c:80:7b:89:0d:
05:19:89:8a:32:ca:59:91:5c:f7:d7:a5:84:9d:41:
28:a8:38:ac:18:56:6d:5d:03:fe:95:33:d6:3d:3b:
12:ee:a3:6c:20:70:39:d7:9d:f6:6c:3a:b3:49:c0:
b3:d0:e5:c1:07:57:6f:56:70:da:53:d7:ea:30:f5:
db:50:b9:39:57:67:84:2a:3b:9a:69:b8:d4:48:9a:
d1:a0:82:90:8b:ad:79:f7:f3:e7:3b:bf:42:1d:49:
a9:3d:47:88:b7:82:be:6f:be:02:fd:e6:bb:70:90:
72:99:30:60:de:74:c2:10:ae:75:52:e0:75:bd:b9:
bc:29:f4:db:39:20:cf:b0:bf:0d:41:5d:63:64:a4:
9a:97:82:60:12:1c:55:cb:fd:45:b1:a4:21:dc:36:
c7:46:52:2c:71:d8:5e:9a:ec:58:25:bc:d6:2f:b1:
a2:82:4e:fb:47:8d:64:13:6f:3a:a4:47:b9:c3:c6:
ae:45:7d:eb:2e:ac:e0:a4:e0:3d:75:f7:f8:78:5c:
a4:db:ad:91:90:cc:df:b9:41:2f:d9:ff:70:10:9d:
27:41:a1:9e:1c:1a:77:3a:cd:d4:44:50:e3:66:bc:
c5:29:49:55:a8:26:99:f9:9a:57:79:e2:ec:79:1a:
7f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F7:31:9B:B4:39:63:00:D3:FD:74:91:F3:97:BC:32:ED:EC:73:EB
X509v3 Authority Key Identifier:
keyid:92:8A:E8:06:31:7C:4C:82:24:ED:42:F9:BE:F0:4C:EE:9F:88:C0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koroBjF8TIIk7UL5vvBM7p-IwOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/97484a-f001-46f2-b64b-b67abd87a24a/1/Cvcxm7Q5YwDT_XSR85e8Mu3sc-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/97484a-f001-46f2-b64b-b67abd87a24a/1/koroBjF8TIIk7UL5vvBM7p-IwOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.16.0/21
193.200.225.0/24
IPv6:
2a02:2530::/32
Signature Algorithm: sha256WithRSAEncryption
49:9d:b1:0b:8f:22:16:37:5a:9e:9a:c2:17:7c:c6:4f:8d:82:
31:84:de:02:71:b2:0e:5d:7c:05:ff:14:36:3b:60:b8:0d:93:
4a:86:d6:a9:be:4e:11:47:48:23:0e:a0:36:8c:36:43:c3:63:
74:5b:e9:8c:db:50:93:2e:c7:52:b3:69:63:ec:11:2c:55:f5:
bc:d1:6e:0b:a3:65:bc:20:d7:b6:8a:48:0a:42:4b:6d:f5:bb:
07:d8:08:9d:90:8b:4a:80:03:ff:1e:d7:a1:e6:80:66:4b:f7:
ad:37:5e:5c:a5:60:2f:e3:bc:a2:02:11:6d:3f:d5:70:c8:35:
f4:99:4c:fd:c1:3a:19:09:d0:0a:84:07:e1:e7:94:94:71:82:
13:2f:fb:f8:d6:eb:d9:d9:47:eb:35:04:50:27:15:2c:df:6e:
4c:e3:c2:09:5d:f6:80:25:b3:98:b9:74:74:96:08:a1:7b:71:
13:ce:7a:29:5f:3f:18:aa:ca:4d:dd:9a:4c:0c:3e:d3:c5:36:
37:c6:95:fa:f0:69:3b:8e:4e:e1:7a:47:00:71:68:ed:c4:a9:
79:b1:f2:28:be:6a:02:47:e3:5d:24:22:a2:38:79:e2:ef:fa:
43:8d:67:23:d1:9e:ad:c3:61:38:dc:b6:81:86:e4:de:c0:3b:
d9:08:f7:bc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbk1eHkROytRsHp3LH7Dl/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOGFlODA2MzE3YzRjODIyNGVkNDJmOWJlZjA0Y2VlOWY4
OGMwZTAwHhcNMjMwMzE1MTAzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY3MzE5YmI0Mzk2MzAwZDNmZDc0OTFmMzk3YmMzMmVkZWM3M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr8Ekzecun3ljIB7iQ0FGYmKMspZ
kVz316WEnUEoqDisGFZtXQP+lTPWPTsS7qNsIHA51532bDqzScCz0OXBB1dvVnDa
U9fqMPXbULk5V2eEKjuaabjUSJrRoIKQi6159/PnO79CHUmpPUeIt4K+b74C/ea7
cJBymTBg3nTCEK51UuB1vbm8KfTbOSDPsL8NQV1jZKSal4JgEhxVy/1FsaQh3DbH
RlIscdhemuxYJbzWL7Gigk77R41kE286pEe5w8auRX3rLqzgpOA9dff4eFyk262R
kMzfuUEv2f9wEJ0nQaGeHBp3Os3URFDjZrzFKUlVqCaZ+ZpXeeLseRp/bQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAr3MZu0OWMA0/10kfOXvDLt7HPrMB8GA1UdIwQY
MBaAFJKK6AYxfEyCJO1C+b7wTO6fiMDgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29yb0JqRjhUSUlrN1VMNXZ2Qk03cC1Jd09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85NzQ4NGEtZjAwMS00NmYyLWI2NGIt
YjY3YWJkODdhMjRhLzEvQ3ZjeG03UTVZd0RUX1hTUjg1ZThNdTNzYy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC85NzQ4NGEtZjAwMS00NmYyLWI2NGItYjY3YWJkODdhMjRh
LzEva29yb0JqRjhUSUlrN1VMNXZ2Qk03cC1Jd09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLh8QAwQA
wcjhMA0EAgACMAcDBQAqAiUwMA0GCSqGSIb3DQEBCwUAA4IBAQBJnbELjyIWN1qe
msIXfMZPjYIxhN4CcbIOXXwF/xQ2O2C4DZNKhtapvk4RR0gjDqA2jDZDw2N0W+mM
21CTLsdSs2lj7BEsVfW80W4Lo2W8INe2ikgKQktt9bsH2AidkItKgAP/Hteh5oBm
S/etN15cpWAv47yiAhFtP9VwyDX0mUz9wToZCdAKhAfh55SUcYITL/v41uvZ2Ufr
NQRQJxUs325M48IJXfaAJbOYuXR0lgihe3ETznopXz8YqspN3ZpMDD7TxTY3xpX6
8Gk7jk7hekcAcWjtxKl5sfIovmoCR+NdJCKiOHni7/pDjWcj0Z6tw2E43LaBhuTe
wDvZCPe8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:49 2025 by rpki-client