Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/r1KzO2xl8ICSO7mqxB698PRuZNw.roa
File: r1KzO2xl8ICSO7mqxB698PRuZNw.roa (raw, json)
Hash identifier: kEobsRqs12mPpmxJMO043I+VfPOn+9gNzHlkxfMSy8w=
Subject key identifier: AF:52:B3:3B:6C:65:F0:80:92:3B:B9:AA:C4:1E:BD:F0:F4:6E:64:DC
Certificate issuer: /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial: 0194228D16DED2D0174B87AD18F0A713F9C1
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/r1KzO2xl8ICSO7mqxB698PRuZNw.roa
Signing time: Wed 01 Jan 2025 15:47:39 +0000
ROA not before: Wed 01 Jan 2025 15:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212541
IP address blocks: 31.24.249.0/24 maxlen: 32
2a12:4946:4050::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:16:de:d2:d0:17:4b:87:ad:18:f0:a7:13:f9:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Validity
Not Before: Jan 1 15:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af52b33b6c65f080923bb9aac41ebdf0f46e64dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:70:a2:cd:81:c0:41:5d:ac:49:76:62:25:
d3:f9:e1:ed:ca:37:dc:6d:a8:a0:63:be:c0:d1:08:
02:37:8a:ff:1b:60:a5:ae:e2:fc:ea:38:5a:38:77:
35:14:2c:e1:db:aa:47:54:8f:7e:5f:ae:83:72:54:
1f:46:0b:b0:c9:75:95:1e:ff:3d:60:e7:ec:51:10:
94:84:30:4e:ac:f3:02:dd:03:1d:5b:95:c4:f5:ec:
8d:77:28:2a:05:5e:22:4a:a1:28:5f:80:22:e6:2d:
1e:ed:8c:06:ac:22:0a:f0:9d:65:c7:bc:f9:34:fa:
83:7a:a7:65:ab:ec:f2:ad:2f:a0:04:12:08:d9:11:
86:6d:6b:07:b0:38:6c:f2:57:31:67:6e:81:d4:bf:
33:1c:86:44:57:e1:b0:20:50:59:8b:43:f9:83:13:
41:2c:55:3f:2d:7b:68:7b:eb:64:65:9b:56:47:93:
ca:84:30:5f:ac:cd:50:94:7d:7a:1e:48:cb:3b:5e:
4a:c7:07:85:54:17:95:5f:83:4e:55:48:bd:f3:ce:
59:02:89:22:6e:28:70:52:00:46:40:c0:e9:d7:af:
1b:ce:cd:87:25:cd:9e:35:17:9f:54:13:31:5a:76:
4e:6e:0e:68:7c:80:a7:24:d5:2f:ed:2c:7e:9f:4b:
6b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:52:B3:3B:6C:65:F0:80:92:3B:B9:AA:C4:1E:BD:F0:F4:6E:64:DC
X509v3 Authority Key Identifier:
keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/r1KzO2xl8ICSO7mqxB698PRuZNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.249.0/24
IPv6:
2a12:4946:4050::/44
Signature Algorithm: sha256WithRSAEncryption
1e:89:b6:75:23:ab:c1:71:4b:16:83:45:b6:7d:50:fe:0b:1c:
27:3e:7d:e6:a0:ff:f1:98:10:93:d5:fb:60:4b:32:db:7c:84:
da:3f:ab:36:96:fe:c5:51:d2:ab:28:17:95:39:2d:00:8c:2c:
a1:ef:75:78:a2:d5:28:63:05:42:38:68:c6:76:b2:ce:42:32:
1e:b0:84:96:1f:a5:4a:4e:de:26:a0:4d:6a:4f:8e:0c:6b:36:
8f:34:6d:43:33:24:c8:87:2a:d3:0f:19:db:ec:ba:84:24:fc:
86:b6:21:06:04:65:22:7b:f4:94:cc:19:fa:cd:f2:c1:16:cc:
33:23:3c:54:38:c7:17:76:85:df:82:43:cc:95:13:4b:e6:c5:
1c:a2:c2:4c:83:97:60:9b:23:74:a0:e7:cb:23:28:79:ab:90:
cb:cf:c8:1f:5e:1e:f8:52:4a:c2:b1:3d:79:40:8c:1b:da:a2:
00:8d:06:aa:32:66:3c:ca:8a:7b:0c:64:b0:ad:9c:1f:0c:8d:
6e:d6:0e:7d:ee:c0:10:47:a3:58:44:f8:32:0b:7d:71:0d:37:
9f:be:34:52:ef:24:af:4b:31:36:30:b7:9e:6c:80:23:50:26:
94:a3:1d:37:31:10:80:d2:cc:29:2f:d8:70:fc:2f:df:59:48:
0f:e7:2f:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijRbe0tAXS4etGPCnE/nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhh
NjhhOWYwHhcNMjUwMTAxMTU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUyYjMzYjZjNjVmMDgwOTIzYmI5YWFjNDFlYmRmMGY0NmU2NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc9wos2BwEFdrEl2YiXT+eHtyjfc
baigY77A0QgCN4r/G2ClruL86jhaOHc1FCzh26pHVI9+X66DclQfRguwyXWVHv89
YOfsURCUhDBOrPMC3QMdW5XE9eyNdygqBV4iSqEoX4Ai5i0e7YwGrCIK8J1lx7z5
NPqDeqdlq+zyrS+gBBII2RGGbWsHsDhs8lcxZ26B1L8zHIZEV+GwIFBZi0P5gxNB
LFU/LXtoe+tkZZtWR5PKhDBfrM1QlH16HkjLO15KxweFVBeVX4NOVUi9885ZAoki
bihwUgBGQMDp168bzs2HJc2eNRefVBMxWnZObg5ofICnJNUv7Sx+n0trdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK9SsztsZfCAkju5qsQevfD0bmTcMB8GA1UdIwQY
MBaAFHRjlcEmcq2ViSG2K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMt
ZmI3NzRhYmRmYWMyLzEvcjFLek8yeGw4SUNTTzdtcXhCNjk4UFJ1Wk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMy
LzEvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAHxj5MA8E
AgACMAkDBwQqEklGQFAwDQYJKoZIhvcNAQELBQADggEBAB6JtnUjq8FxSxaDRbZ9
UP4LHCc+feag//GYEJPV+2BLMtt8hNo/qzaW/sVR0qsoF5U5LQCMLKHvdXii1Shj
BUI4aMZ2ss5CMh6whJYfpUpO3iagTWpPjgxrNo80bUMzJMiHKtMPGdvsuoQk/Ia2
IQYEZSJ79JTMGfrN8sEWzDMjPFQ4xxd2hd+CQ8yVE0vmxRyiwkyDl2CbI3Sg58sj
KHmrkMvPyB9eHvhSSsKxPXlAjBvaogCNBqoyZjzKinsMZLCtnB8MjW7WDn3uwBBH
o1hE+DILfXENN5++NFLvJK9LMTYwt55sgCNQJpSjHTcxEIDSzCkv2HD8L99ZSA/n
Lwc=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:16:09 2025 by rpki-client