Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/tPH78P19OMyg8GNH0L_VBBgKycE.roa
File: tPH78P19OMyg8GNH0L_VBBgKycE.roa (raw, json)
Hash identifier: lwoKVsQS8cNkbPndBQpdH6UBk/fM9ynr6BdoedkZHAM=
Subject key identifier: B4:F1:FB:F0:FD:7D:38:CC:A0:F0:63:47:D0:BF:D5:04:18:0A:C9:C1
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0195D2EE5623D294031C6930AA0482C5EEBC
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/tPH78P19OMyg8GNH0L_VBBgKycE.roa
Signing time: Wed 26 Mar 2025 14:49:49 +0000
ROA not before: Wed 26 Mar 2025 14:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 31.42.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:ee:56:23:d2:94:03:1c:69:30:aa:04:82:c5:ee:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Mar 26 14:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4f1fbf0fd7d38cca0f06347d0bfd504180ac9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:3c:31:c8:7b:45:ac:6d:46:00:9a:ed:2b:
8f:37:1e:cf:b8:3c:1b:f8:bd:2d:ec:5a:f3:b6:73:
4e:fc:59:78:bf:09:07:49:74:ca:fe:c0:5b:52:fc:
03:48:a1:58:8d:59:02:24:63:ff:43:ec:2c:9d:d5:
ed:02:3b:6a:8c:6c:24:de:b3:2c:d7:e7:6f:d7:9f:
6e:b7:80:3b:2f:b2:ad:1f:ee:d1:8a:fb:d1:d9:3d:
0e:78:18:b0:4e:e7:a4:32:d7:76:ef:d4:5a:8a:2e:
b4:e0:75:44:31:f7:24:80:30:a7:49:49:55:4d:d8:
95:57:5e:df:02:4c:79:37:a1:72:86:2d:90:51:9d:
82:1b:67:70:8f:33:5f:09:8f:2b:6a:31:ac:08:b8:
e4:c8:fb:7d:d9:e8:4b:55:d9:75:1d:81:6c:ea:60:
ca:d4:34:73:74:ed:e6:ed:72:b7:ce:87:08:c0:7d:
15:03:80:d8:27:00:6c:fd:26:80:a8:7e:88:0a:1c:
a0:cb:f2:58:da:3a:01:c6:14:17:54:77:8a:3e:d0:
29:66:c3:8f:d4:dd:42:c6:66:01:b0:b4:45:cc:db:
05:4e:14:ca:4b:a1:1b:4f:49:d9:22:dd:6e:1a:06:
9c:7d:31:e4:fc:51:e7:cb:6b:5a:d8:00:4f:87:19:
c1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F1:FB:F0:FD:7D:38:CC:A0:F0:63:47:D0:BF:D5:04:18:0A:C9:C1
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/tPH78P19OMyg8GNH0L_VBBgKycE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.120.0/24
Signature Algorithm: sha256WithRSAEncryption
be:61:fc:3b:7d:09:0b:12:41:c9:ce:15:14:c7:7f:a4:ca:2c:
5a:4e:6e:03:05:9b:af:00:3a:af:32:19:cc:04:fa:23:84:8c:
78:46:4e:56:35:93:af:bf:d2:5b:b8:b8:15:3b:96:f2:2f:5b:
39:5c:13:ae:30:f4:96:49:86:25:44:13:39:d1:dd:00:73:58:
88:a5:e7:11:5b:57:4e:3c:f0:7f:0b:81:fd:7a:d0:d1:e2:93:
06:34:74:3c:0d:87:39:6b:65:e6:8d:29:42:db:bb:a8:0f:f6:
37:1c:2c:a3:dc:19:a3:c7:f3:d4:88:01:ee:f7:7e:f7:51:37:
1f:c0:2d:71:c7:78:7d:c6:16:c8:64:09:25:0e:ab:fb:28:64:
41:92:6d:2d:e2:1a:2c:61:1d:f0:c7:3f:aa:5d:27:41:ab:7a:
0a:34:69:16:73:1d:f5:8f:03:01:a8:b8:8e:90:7b:62:fe:37:
1d:3c:d9:b9:dd:e9:f8:cf:54:44:94:15:20:45:d2:d2:7f:2a:
77:3d:df:73:26:c5:99:84:b2:2b:13:47:cd:92:eb:e7:63:15:
69:3e:d1:7a:73:ef:32:c4:b0:fe:72:f6:57:79:51:8f:23:4b:
ef:09:c4:7d:e9:8e:30:f6:3c:11:28:85:46:ed:aa:aa:3c:99:
71:fe:a2:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXS7lYj0pQDHGkwqgSCxe68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwMzI2MTQ0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGYxZmJmMGZkN2QzOGNjYTBmMDYzNDdkMGJmZDUwNDE4MGFjOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw88Mch7RaxtRgCa7SuPNx7PuDwb
+L0t7FrztnNO/Fl4vwkHSXTK/sBbUvwDSKFYjVkCJGP/Q+wsndXtAjtqjGwk3rMs
1+dv159ut4A7L7KtH+7RivvR2T0OeBiwTuekMtd279Raii604HVEMfckgDCnSUlV
TdiVV17fAkx5N6Fyhi2QUZ2CG2dwjzNfCY8rajGsCLjkyPt92ehLVdl1HYFs6mDK
1DRzdO3m7XK3zocIwH0VA4DYJwBs/SaAqH6IChygy/JY2joBxhQXVHeKPtApZsOP
1N1CxmYBsLRFzNsFThTKS6EbT0nZIt1uGgacfTHk/FHny2ta2ABPhxnBlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTx+/D9fTjMoPBjR9C/1QQYCsnBMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvdFBINzhQMTlPTXlnOEdOSDBMX1ZCQmdLeWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyp4MA0G
CSqGSIb3DQEBCwUAA4IBAQC+Yfw7fQkLEkHJzhUUx3+kyixaTm4DBZuvADqvMhnM
BPojhIx4Rk5WNZOvv9JbuLgVO5byL1s5XBOuMPSWSYYlRBM50d0Ac1iIpecRW1dO
PPB/C4H9etDR4pMGNHQ8DYc5a2XmjSlC27uoD/Y3HCyj3Bmjx/PUiAHu9373UTcf
wC1xx3h9xhbIZAklDqv7KGRBkm0t4hosYR3wxz+qXSdBq3oKNGkWcx31jwMBqLiO
kHti/jcdPNm53en4z1RElBUgRdLSfyp3Pd9zJsWZhLIrE0fNkuvnYxVpPtF6c+8y
xLD+cvZXeVGPI0vvCcR96Y4w9jwRKIVG7aqqPJlx/qLS
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:27 2025 by rpki-client