Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/pXJDsaj0ZUCw_GiSDcUZAr3Eqys.roa
File: pXJDsaj0ZUCw_GiSDcUZAr3Eqys.roa (raw, json)
Hash identifier: jxE0YH1Sz5qp4TF2g6NLi4CtXpHMgBECSGalZs0qi4A=
Subject key identifier: A5:72:43:B1:A8:F4:65:40:B0:FC:68:92:0D:C5:19:02:BD:C4:AB:2B
Certificate issuer: /CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Certificate serial: 019424B28F2A0B4CD03AB3E87DF9EBDC3CF9
Authority key identifier: 3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/pXJDsaj0ZUCw_GiSDcUZAr3Eqys.roa
Signing time: Thu 02 Jan 2025 01:47:49 +0000
ROA not before: Thu 02 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6663
IP address blocks: 31.210.8.0/21 maxlen: 21
86.106.122.0/23 maxlen: 23
89.43.132.0/22 maxlen: 22
128.0.4.0/22 maxlen: 22
185.74.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:8f:2a:0b:4c:d0:3a:b3:e8:7d:f9:eb:dc:3c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Validity
Not Before: Jan 2 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a57243b1a8f46540b0fc68920dc51902bdc4ab2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:73:a0:19:4e:e0:18:32:81:b8:ae:db:1f:f0:
45:6a:ec:7e:d7:82:5c:53:b5:85:ea:1e:e9:38:ee:
95:bf:18:84:17:c7:e2:f5:23:72:b4:ee:5c:33:8d:
43:6a:0f:13:2d:39:ef:18:f7:7e:a1:d4:1d:a7:6c:
a4:16:df:96:77:09:24:15:e4:d5:97:dd:c4:99:f9:
43:70:d3:96:45:5b:29:61:de:f1:1e:0e:2e:66:a8:
e4:63:72:c6:99:6e:d9:da:e3:a8:b1:20:3e:43:bf:
a6:40:31:bd:37:4f:a6:16:4f:68:56:96:e8:59:3f:
a9:7e:81:9d:d3:0b:75:d9:25:e4:31:11:2e:5c:e2:
b7:c9:f2:9f:9c:02:ac:60:08:e9:fb:28:f4:fa:3c:
16:ad:ce:f8:af:3a:ca:0b:e3:04:c1:2d:09:5e:b7:
02:a5:45:3e:75:78:f7:98:cc:05:e8:78:c6:c4:13:
3e:fd:1e:b3:86:12:0a:a7:20:7d:95:6d:1f:b9:ee:
f8:4b:6f:8d:b2:87:10:5e:c4:e9:4d:ba:9c:5f:54:
30:d8:3b:e7:be:6d:c3:91:84:23:a3:b3:b7:78:f5:
35:f1:2d:d0:b2:6f:00:ff:a4:68:0b:77:7d:73:8e:
09:79:6a:d9:f1:4f:fd:d7:bd:d8:02:f8:fb:a9:84:
0e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:72:43:B1:A8:F4:65:40:B0:FC:68:92:0D:C5:19:02:BD:C4:AB:2B
X509v3 Authority Key Identifier:
keyid:3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/pXJDsaj0ZUCw_GiSDcUZAr3Eqys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.8.0/21
86.106.122.0/23
89.43.132.0/22
128.0.4.0/22
185.74.20.0/22
Signature Algorithm: sha256WithRSAEncryption
e0:51:e3:dc:58:4a:37:0c:c4:2d:d6:dc:e8:6e:d8:31:fd:f2:
aa:66:bf:4e:1c:19:e2:1e:1a:0c:f8:be:99:2a:6d:61:ac:86:
86:e8:43:7d:73:d5:e0:3e:4b:14:e3:27:d6:eb:a9:ed:ac:22:
21:29:fb:fe:92:b9:82:4a:fd:49:95:f1:14:80:48:02:c8:85:
76:6d:31:f6:6c:41:b2:4b:6d:96:d6:f0:d4:da:19:53:f8:84:
16:db:96:a6:a7:dc:5e:a1:1c:08:58:7f:96:53:8a:d0:c2:3f:
d7:68:3f:19:c9:55:d6:e4:3d:6c:97:a2:07:2e:16:54:57:05:
2d:e0:20:02:d3:76:92:bf:ef:bf:f2:fb:89:7c:6c:ba:c6:6b:
74:d1:ba:16:69:09:15:4f:ff:6f:3e:40:a8:6f:5d:49:c9:bf:
b8:fe:7d:52:04:59:63:c7:b7:80:93:57:7d:30:85:dd:43:9a:
da:98:35:6e:e3:4d:47:3a:ac:dd:02:5d:3a:d8:b5:7f:0a:e3:
20:39:e7:4e:61:f4:38:fb:f2:c7:df:e1:3c:09:8b:7f:f9:87:
0c:88:85:38:c4:a8:00:82:0e:18:1a:50:f2:39:f1:b8:76:0a:
d6:7e:94:f4:db:f8:41:b0:5a:33:f6:51:23:b8:b6:44:03:02:
b5:c7:95:c1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQkso8qC0zQOrPoffnr3Dz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzVkNDlkZWQyMDU2NmNhNzQ1YzI4ZjgwY2ZkOWE5MmY0
YjdkNDcwHhcNMjUwMTAyMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTcyNDNiMWE4ZjQ2NTQwYjBmYzY4OTIwZGM1MTkwMmJkYzRhYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXOgGU7gGDKBuK7bH/BFaux+14Jc
U7WF6h7pOO6VvxiEF8fi9SNytO5cM41Dag8TLTnvGPd+odQdp2ykFt+WdwkkFeTV
l93EmflDcNOWRVspYd7xHg4uZqjkY3LGmW7Z2uOosSA+Q7+mQDG9N0+mFk9oVpbo
WT+pfoGd0wt12SXkMREuXOK3yfKfnAKsYAjp+yj0+jwWrc74rzrKC+MEwS0JXrcC
pUU+dXj3mMwF6HjGxBM+/R6zhhIKpyB9lW0fue74S2+NsocQXsTpTbqcX1Qw2Dvn
vm3DkYQjo7O3ePU18S3Qsm8A/6RoC3d9c44JeWrZ8U/9173YAvj7qYQOmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKVyQ7Go9GVAsPxokg3FGQK9xKsrMB8GA1UdIwQY
MBaAFD511J3tIFZsp0XCj4DP2akvS31HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2Qt
ODM2Mzg0NzVkOGFiLzEvcFhKRHNhajBaVUN3X0dpU0RjVVpBcjNFcXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2QtODM2Mzg0NzVkOGFi
LzEvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH9IIAwQB
Vmp6AwQCWSuEAwQCgAAEAwQCuUoUMA0GCSqGSIb3DQEBCwUAA4IBAQDgUePcWEo3
DMQt1tzobtgx/fKqZr9OHBniHhoM+L6ZKm1hrIaG6EN9c9XgPksU4yfW66ntrCIh
Kfv+krmCSv1JlfEUgEgCyIV2bTH2bEGyS22W1vDU2hlT+IQW25amp9xeoRwIWH+W
U4rQwj/XaD8ZyVXW5D1sl6IHLhZUVwUt4CAC03aSv++/8vuJfGy6xmt00boWaQkV
T/9vPkCob11Jyb+4/n1SBFljx7eAk1d9MIXdQ5ramDVu401HOqzdAl062LV/CuMg
OedOYfQ4+/LH3+E8CYt/+YcMiIU4xKgAgg4YGlDyOfG4dgrWfpT02/hBsFoz9lEj
uLZEAwK1x5XB
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:45:31 2025 by rpki-client