Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/j3U8pawPf_tUGsFhiJ7YRJGZKKU.roa
File: j3U8pawPf_tUGsFhiJ7YRJGZKKU.roa (raw, json)
Hash identifier: UhCOtw+LGQ9OGEVM8508bbXRfR9ZmkjlXwACVG5n7eI=
Subject key identifier: 8F:75:3C:A5:AC:0F:7F:FB:54:1A:C1:61:88:9E:D8:44:91:99:28:A5
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0193B1C9567665536BBD93B32BD85818A8B2
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/j3U8pawPf_tUGsFhiJ7YRJGZKKU.roa
Signing time: Tue 10 Dec 2024 18:16:22 +0000
ROA not before: Tue 10 Dec 2024 18:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 31.133.88.0/24 maxlen: 24
31.133.89.0/24 maxlen: 24
31.133.90.0/24 maxlen: 24
31.133.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:c9:56:76:65:53:6b:bd:93:b3:2b:d8:58:18:a8:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Dec 10 18:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f753ca5ac0f7ffb541ac161889ed844919928a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ea:e5:1b:e7:f0:ed:3d:35:49:36:fe:ea:25:
33:3b:a5:55:c4:34:d9:31:73:fa:7b:40:e1:1c:16:
90:6c:d5:46:84:48:2c:9f:32:88:18:fc:20:c9:34:
96:30:ab:fd:70:ee:d4:55:85:ed:92:99:27:10:50:
85:84:40:be:76:f8:18:f8:fd:35:a7:92:b2:d4:7f:
50:ff:5d:15:9c:6f:2b:60:6a:0b:fd:2c:5f:14:42:
b4:33:0f:80:19:1e:73:f7:60:b3:62:93:4d:fd:3c:
d2:84:e8:3d:ab:e6:5d:01:bf:4f:8b:55:3e:5c:00:
6e:4b:20:70:6b:c5:e5:a4:2a:8c:4f:e2:4f:6b:0b:
92:28:a9:0b:b3:dc:33:51:5a:3e:80:04:65:8a:ca:
b5:6e:6f:d8:27:75:39:91:9e:8b:a0:9d:4e:c1:84:
27:27:8f:bc:27:df:4f:f4:16:ca:13:64:35:af:91:
cb:0b:eb:d2:b6:d8:91:1a:73:7f:5c:88:4f:7c:40:
d3:4a:6c:0b:58:e0:73:ee:18:b0:3a:f1:9f:ff:41:
ed:27:a1:df:b3:b3:18:b4:da:5e:fb:85:9b:fe:4e:
ad:9f:90:e1:8c:ae:29:b2:69:57:9e:b5:e4:2d:17:
b1:91:6c:e5:39:58:92:11:e2:0d:7a:28:2e:78:e8:
df:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:75:3C:A5:AC:0F:7F:FB:54:1A:C1:61:88:9E:D8:44:91:99:28:A5
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/j3U8pawPf_tUGsFhiJ7YRJGZKKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.88.0/22
Signature Algorithm: sha256WithRSAEncryption
99:47:28:9f:83:6d:6d:6d:44:e6:78:2a:63:7a:f9:9f:ef:ee:
8f:ca:54:2d:ff:b6:e6:ee:59:95:f6:7c:3f:ea:c1:2c:1e:41:
0a:4c:37:3e:a5:9a:c2:4f:be:e2:b5:01:0d:c4:49:fd:46:55:
1b:d2:9a:69:6c:52:5d:2f:22:58:c8:80:d4:40:8a:52:1b:de:
ef:ce:9c:ca:b1:d7:05:04:0f:ec:3d:fb:6e:be:75:de:ed:d7:
0e:9c:cc:3e:e4:34:c3:d0:85:c7:ab:cd:07:42:86:8b:d2:8a:
48:8c:dd:89:b0:63:a3:9f:87:b9:f6:20:9e:a4:bc:77:61:4a:
f6:96:58:0e:e3:fc:c5:5b:d1:52:95:4a:64:e9:45:7f:7b:a3:
6f:0f:01:23:a4:8b:eb:4a:1f:c6:f9:61:71:d0:71:e6:61:f3:
59:eb:a5:a2:c6:2b:77:6a:86:5e:9a:d3:f5:e0:22:d0:a4:3a:
14:e4:ad:4a:c2:47:c4:0b:8c:45:24:15:05:c3:bb:12:93:1f:
e3:9e:a1:6b:14:8b:b7:f8:d6:02:86:fd:7f:ed:b5:51:4c:a4:
47:ed:bc:95:44:b2:0b:2d:38:c0:a2:6a:f1:ef:f9:f9:20:79:
2b:79:9a:e8:c0:fa:18:4d:b8:8c:53:54:45:9b:be:02:a5:8c:
85:ff:42:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOxyVZ2ZVNrvZOzK9hYGKiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQxMjEwMTgxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc1M2NhNWFjMGY3ZmZiNTQxYWMxNjE4ODllZDg0NDkxOTkyOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+rlG+fw7T01STb+6iUzO6VVxDTZ
MXP6e0DhHBaQbNVGhEgsnzKIGPwgyTSWMKv9cO7UVYXtkpknEFCFhEC+dvgY+P01
p5Ky1H9Q/10VnG8rYGoL/SxfFEK0Mw+AGR5z92CzYpNN/TzShOg9q+ZdAb9Pi1U+
XABuSyBwa8XlpCqMT+JPawuSKKkLs9wzUVo+gARlisq1bm/YJ3U5kZ6LoJ1OwYQn
J4+8J99P9BbKE2Q1r5HLC+vSttiRGnN/XIhPfEDTSmwLWOBz7hiwOvGf/0HtJ6Hf
s7MYtNpe+4Wb/k6tn5DhjK4psmlXnrXkLRexkWzlOViSEeINeigueOjfowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI91PKWsD3/7VBrBYYie2ESRmSilMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvajNVOHBhd1BmX3RVR3NGaGlKN1lSSkdaS0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH4VYMA0G
CSqGSIb3DQEBCwUAA4IBAQCZRyifg21tbUTmeCpjevmf7+6PylQt/7bm7lmV9nw/
6sEsHkEKTDc+pZrCT77itQENxEn9RlUb0pppbFJdLyJYyIDUQIpSG97vzpzKsdcF
BA/sPftuvnXe7dcOnMw+5DTD0IXHq80HQoaL0opIjN2JsGOjn4e59iCepLx3YUr2
llgO4/zFW9FSlUpk6UV/e6NvDwEjpIvrSh/G+WFx0HHmYfNZ66Wixit3aoZemtP1
4CLQpDoU5K1KwkfEC4xFJBUFw7sSkx/jnqFrFIu3+NYChv1/7bVRTKRH7byVRLIL
LTjAomrx7/n5IHkreZrowPoYTbiMU1RFm74CpYyF/0IW
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:12:05 2025 by rpki-client