Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/31N8L3oQi4qP8d7xlXps6ZluX8o.roa
File: 31N8L3oQi4qP8d7xlXps6ZluX8o.roa (raw, json)
Hash identifier: y7j5Xlkss4L89K4UETD5WZ19rxHK10MREe3VYMS3I24=
Subject key identifier: DF:53:7C:2F:7A:10:8B:8A:8F:F1:DE:F1:95:7A:6C:E9:99:6E:5F:CA
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 0190E0AA23E01817893147954E0375CA8E0E
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/31N8L3oQi4qP8d7xlXps6ZluX8o.roa
Signing time: Tue 23 Jul 2024 17:36:04 +0000
ROA not before: Tue 23 Jul 2024 17:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29075
IP address blocks: 45.10.224.0/23 maxlen: 23
45.10.226.0/24 maxlen: 24
45.94.124.0/22 maxlen: 22
45.94.128.0/22 maxlen: 22
45.94.128.0/23 maxlen: 23
45.94.130.0/23 maxlen: 23
85.118.32.0/19 maxlen: 19
91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
178.20.48.0/21 maxlen: 21
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
185.177.180.0/22 maxlen: 22
188.121.224.0/19 maxlen: 19
212.85.144.0/20 maxlen: 20
2a00:1b88::/32 maxlen: 32
2a02:2178::/29 maxlen: 29
2a02:2178::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e0:aa:23:e0:18:17:89:31:47:95:4e:03:75:ca:8e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jul 23 17:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df537c2f7a108b8a8ff1def1957a6ce9996e5fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9b:a4:7b:74:5a:fc:bc:43:7c:75:e2:60:27:
f7:3f:03:65:e7:9a:c3:84:9b:59:1f:f5:d0:76:37:
84:0e:ae:72:50:d7:fd:6a:59:2c:fb:8f:00:2e:48:
39:d6:3c:da:e5:72:1e:e3:ec:9b:bd:87:40:f9:df:
41:22:8f:5d:da:c4:3a:6c:a8:51:fa:4a:ee:9a:63:
78:7d:1a:02:82:b5:b3:e2:1d:f9:c4:98:ce:9e:fa:
66:c5:31:39:97:8f:5b:8f:9f:d4:81:d2:7c:b0:52:
a4:44:f8:ea:8a:95:92:93:d6:33:a0:86:08:a4:6a:
c0:c8:ef:37:2f:96:40:91:ae:a6:86:b1:11:ff:ed:
7e:ef:1a:25:8c:fd:3e:81:31:42:32:21:01:fc:b2:
1c:e1:2e:1c:9a:64:af:0a:0d:75:cd:c5:63:c7:a2:
0a:bc:8c:46:9d:b9:97:2e:64:e1:c7:36:20:96:42:
c4:1c:63:ba:eb:20:3c:3a:72:24:e3:81:44:b8:bc:
2b:e4:71:2a:4f:b1:bd:4f:bb:be:6c:00:b3:f5:c7:
e5:38:b9:82:df:49:a7:42:dd:7a:b7:43:8b:3c:3d:
11:57:f1:f3:bf:2f:f9:ca:54:7d:59:75:96:02:8e:
b7:92:9e:c3:1e:12:d2:cf:fd:ec:cf:25:34:cd:ee:
6d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:53:7C:2F:7A:10:8B:8A:8F:F1:DE:F1:95:7A:6C:E9:99:6E:5F:CA
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/31N8L3oQi4qP8d7xlXps6ZluX8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0-45.10.226.255
45.94.124.0-45.94.131.255
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
7d:2b:0d:2d:c7:02:53:e4:b6:04:27:00:68:a8:7a:77:34:c8:
e4:38:36:dd:bd:15:3e:74:dc:03:fb:70:6f:d6:73:e0:f6:02:
ad:04:33:67:fc:c7:9c:2d:76:f6:c9:fb:61:99:bc:4c:19:b5:
1e:b1:ea:c3:b5:30:84:c2:25:eb:95:a7:a0:bc:9a:22:bc:d9:
df:84:58:f0:70:54:d3:80:3b:c5:14:8e:7b:c6:61:bd:73:64:
4a:a9:74:84:eb:2c:c3:1b:a7:31:ee:4b:d0:1d:34:15:5a:26:
ea:34:27:3a:b6:d5:68:fb:5b:78:92:d9:8e:98:f1:62:ea:f4:
c3:07:18:44:dd:94:10:eb:05:94:ae:34:a5:aa:09:97:7c:22:
0e:de:a9:7b:bd:b0:af:1a:db:02:34:2f:54:c0:64:58:70:f4:
55:ed:3f:36:30:ed:03:44:18:0b:1d:5b:a7:a1:92:c5:68:e5:
d9:fa:29:75:05:10:67:5c:08:b0:d6:17:fb:6c:10:38:7b:11:
7f:24:6b:84:b5:66:99:d8:45:55:b2:91:8c:18:35:76:b1:07:
57:4b:ae:17:b1:a5:07:09:e4:cc:14:ad:1d:8b:e6:12:07:8b:
43:09:60:24:43:8e:ca:c9:3a:64:41:e4:fd:9d:48:c3:ff:db:
f0:e3:38:a8
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZDgqiPgGBeJMUeVTgN1yo4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjQwNzIzMTczNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjUzN2MyZjdhMTA4YjhhOGZmMWRlZjE5NTdhNmNlOTk5NmU1ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZuke3Ra/LxDfHXiYCf3PwNl55rD
hJtZH/XQdjeEDq5yUNf9alks+48ALkg51jza5XIe4+ybvYdA+d9BIo9d2sQ6bKhR
+krummN4fRoCgrWz4h35xJjOnvpmxTE5l49bj5/UgdJ8sFKkRPjqipWSk9YzoIYI
pGrAyO83L5ZAka6mhrER/+1+7xoljP0+gTFCMiEB/LIc4S4cmmSvCg11zcVjx6IK
vIxGnbmXLmThxzYglkLEHGO66yA8OnIk44FEuLwr5HEqT7G9T7u+bACz9cflOLmC
30mnQt16t0OLPD0RV/Hzvy/5ylR9WXWWAo63kp7DHhLSz/3szyU0ze5tbwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFN9TfC96EIuKj/He8ZV6bOmZbl/KMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvMzFOOEwzb1FpNHFQOGQ3eGxYcHM2Wmx1WDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWDAMAwQFLQrg
AwQALQriMAwDBAItXnwDBAItXoADBAVVdiADBARbbbADBASAzOADBASN/5ADBAOy
FDADBAK5dgADBAK5exgDBAK5sbQDBAW8eeADBATUVZAwFAQCAAIwDgMFACoAG4gD
BQMqAiF4MA0GCSqGSIb3DQEBCwUAA4IBAQB9Kw0txwJT5LYEJwBoqHp3NMjkODbd
vRU+dNwD+3Bv1nPg9gKtBDNn/MecLXb2yfthmbxMGbUeserDtTCEwiXrlaegvJoi
vNnfhFjwcFTTgDvFFI57xmG9c2RKqXSE6yzDG6cx7kvQHTQVWibqNCc6ttVo+1t4
ktmOmPFi6vTDBxhE3ZQQ6wWUrjSlqgmXfCIO3ql7vbCvGtsCNC9UwGRYcPRV7T82
MO0DRBgLHVunoZLFaOXZ+il1BRBnXAiw1hf7bBA4exF/JGuEtWaZ2EVVspGMGDV2
sQdXS64XsaUHCeTMFK0di+YSB4tDCWAkQ47KyTpkQeT9nUjD/9vw4zio
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:52:58 2025 by rpki-client