Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/1-bDKpqd9IKO5rqqIeQW8oQ51t34.roa
File: 1-bDKpqd9IKO5rqqIeQW8oQ51t34.roa (raw, json)
Hash identifier: 9sRAYb2cLVUUELUPyHX1OFnXLEKmKwd0nv4wx8tY0+U=
Subject key identifier: F9:B0:CA:A6:A7:7D:20:A3:B9:AE:AA:88:79:05:BC:A1:0E:75:B7:7E
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 01941F8C7E1F04801573E46054FAA0C84DFC
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/1-bDKpqd9IKO5rqqIeQW8oQ51t34.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208324
IP address blocks: 31.133.80.0/24 maxlen: 24
31.133.81.0/24 maxlen: 24
31.133.82.0/24 maxlen: 24
31.133.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7e:1f:04:80:15:73:e4:60:54:fa:a0:c8:4d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9b0caa6a77d20a3b9aeaa887905bca10e75b77e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4c:61:69:ea:af:02:15:bb:a9:15:77:41:c9:
76:97:bc:85:d4:7c:47:13:0b:d4:7b:6d:dc:ae:18:
ca:4d:a3:20:a2:ad:68:0f:23:df:ca:fb:cf:78:54:
2a:2c:b4:49:27:d7:f1:04:98:b6:1b:89:2b:97:1b:
0d:77:24:b3:f1:74:4e:31:b5:62:0a:eb:30:3f:a1:
d4:2d:69:f2:e0:44:0c:61:fb:a8:53:1b:77:07:1f:
51:5d:bb:f5:0b:44:fa:e6:72:7c:ee:51:1c:bd:b8:
e4:04:1b:07:09:1c:87:9d:ce:be:63:ca:72:13:de:
23:a3:f1:2a:8e:a9:07:9d:95:8e:2e:38:72:2d:1e:
2c:9a:93:ef:eb:24:c7:90:36:8a:23:f9:ce:ca:3b:
2e:97:a0:7b:1d:dc:2e:28:75:86:4f:03:65:48:9f:
36:f3:cf:45:c0:c5:7d:93:49:75:49:01:fa:e7:1f:
19:66:aa:57:f0:23:5f:c8:36:90:ed:f5:2c:e0:15:
df:69:e7:6b:9b:79:67:d0:d6:7f:14:dd:9e:cc:a1:
81:52:6a:46:15:eb:de:40:2f:de:87:51:68:6c:d7:
94:8e:db:2b:1d:1d:3e:be:b3:9a:37:80:64:b1:4b:
d7:2b:32:b5:e3:04:46:79:b0:cc:52:14:d3:3c:82:
03:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B0:CA:A6:A7:7D:20:A3:B9:AE:AA:88:79:05:BC:A1:0E:75:B7:7E
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/1-bDKpqd9IKO5rqqIeQW8oQ51t34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:3a:e2:8a:d6:45:23:21:52:68:3b:65:87:29:39:74:f8:e4:
73:ce:3d:c7:15:cb:9d:3a:8a:87:cf:a4:8c:6d:55:cf:64:d0:
de:fd:79:4b:ee:2f:4d:ea:58:20:04:72:3a:4f:91:af:6e:d6:
9d:d4:03:fd:e4:d4:d6:15:84:9a:3e:95:5f:24:cf:1b:94:fb:
d2:e8:ce:2b:93:87:d5:cc:e4:8c:46:10:a8:46:ba:af:07:0c:
d8:95:ee:f4:04:5e:3a:c1:bc:db:84:0b:14:7d:af:7f:1c:5c:
5e:bf:c3:e0:8a:3f:4a:e7:8f:6c:be:30:d2:32:f0:6e:6e:f3:
d9:d0:28:a7:b0:4f:45:71:94:7a:9e:76:b0:a6:65:a1:10:7a:
20:91:52:8e:07:b9:48:9f:4e:97:6c:64:96:a2:ab:39:d3:e9:
e8:14:18:58:13:4b:4e:cf:0c:98:29:2e:f0:88:ac:0b:b4:06:
94:c6:43:b0:36:b4:22:d5:08:f4:1c:93:d7:b8:0f:b1:6c:88:
8c:9b:ad:e2:de:fc:3e:21:15:71:b4:20:01:e3:74:9d:8d:14:
f9:32:e8:bf:9e:72:9a:08:fc:c3:67:db:e7:1f:a7:32:68:63:
f7:bc:2a:24:3e:f0:b6:c3:45:7c:d7:7f:a2:4d:1f:51:37:c2:
bc:af:f6:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjH4fBIAVc+RgVPqgyE38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWIwY2FhNmE3N2QyMGEzYjlhZWFhODg3OTA1YmNhMTBlNzViNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0xhaeqvAhW7qRV3Qcl2l7yF1HxH
EwvUe23crhjKTaMgoq1oDyPfyvvPeFQqLLRJJ9fxBJi2G4krlxsNdySz8XROMbVi
CuswP6HULWny4EQMYfuoUxt3Bx9RXbv1C0T65nJ87lEcvbjkBBsHCRyHnc6+Y8py
E94jo/EqjqkHnZWOLjhyLR4smpPv6yTHkDaKI/nOyjsul6B7HdwuKHWGTwNlSJ82
889FwMV9k0l1SQH65x8ZZqpX8CNfyDaQ7fUs4BXfaedrm3ln0NZ/FN2ezKGBUmpG
FeveQC/eh1FobNeUjtsrHR0+vrOaN4BksUvXKzK14wRGebDMUhTTPIIDLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmwyqanfSCjua6qiHkFvKEOdbd+MB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvMS1iREtwcWQ5SUtPNXJxcUllUVc4b1E1MXQzNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjMvMTRmMzA1LTAxM2ItNDUzZS1hYzUzLTA4MWNiMmIxN2Fi
NS8xLzlMbnFUWjJEcHlqZFFRS2VocS1LRXcwNG50US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh+FUDAN
BgkqhkiG9w0BAQsFAAOCAQEACzriitZFIyFSaDtlhyk5dPjkc849xxXLnTqKh8+k
jG1Vz2TQ3v15S+4vTepYIARyOk+Rr27WndQD/eTU1hWEmj6VXyTPG5T70ujOK5OH
1czkjEYQqEa6rwcM2JXu9AReOsG824QLFH2vfxxcXr/D4Io/SuePbL4w0jLwbm7z
2dAop7BPRXGUep52sKZloRB6IJFSjge5SJ9Ol2xklqKrOdPp6BQYWBNLTs8MmCku
8IisC7QGlMZDsDa0ItUI9ByT17gPsWyIjJut4t78PiEVcbQgAeN0nY0U+TLov55y
mgj8w2fb5x+nMmhj97wqJD7wtsNFfNd/ok0fUTfCvK/2Qw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:20:50 2025 by rpki-client