Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/BFNHxMvu6o_pd190MA5kHo9K38o.roa
File: BFNHxMvu6o_pd190MA5kHo9K38o.roa (raw, json)
Hash identifier: FcPSU/d4/c62liqKr9vyijfDqdlxWMulLIte1dKOTFI=
Subject key identifier: 04:53:47:C4:CB:EE:EA:8F:E9:77:5F:74:30:0E:64:1E:8F:4A:DF:CA
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 01941FFA1A3A7D6C5CA4A5E708D7A2572069
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/BFNHxMvu6o_pd190MA5kHo9K38o.roa
Signing time: Wed 01 Jan 2025 03:47:51 +0000
ROA not before: Wed 01 Jan 2025 03:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213191
IP address blocks: 31.40.131.0/24 maxlen: 24
31.40.139.0/24 maxlen: 24
31.40.168.0/22 maxlen: 22
31.40.174.0/23 maxlen: 23
31.40.176.0/23 maxlen: 23
31.40.180.0/22 maxlen: 22
31.40.184.0/22 maxlen: 22
91.214.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:1a:3a:7d:6c:5c:a4:a5:e7:08:d7:a2:57:20:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 1 03:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=045347c4cbeeea8fe9775f74300e641e8f4adfca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:01:89:b9:75:ac:9b:aa:75:ea:a1:1b:db:f8:
49:91:c3:32:b3:91:b9:ac:9f:11:d9:7b:ec:05:6a:
a3:ea:62:73:31:8c:18:29:c9:8a:87:cd:7f:c0:a5:
fa:45:6e:52:98:9f:0f:c3:7a:99:07:34:37:d6:99:
f0:a3:16:e9:75:4c:b1:f2:a0:c7:79:c8:7f:71:7c:
9e:6f:d4:bb:02:27:61:fc:66:fd:1a:20:82:a6:54:
d9:39:ae:8d:3d:31:ae:e5:17:39:0d:3a:78:43:e7:
25:fb:74:d6:0a:20:c6:db:89:60:96:39:77:e3:a6:
b3:49:1e:57:58:27:5a:b3:32:82:9b:cc:6a:e1:0d:
fe:57:0b:74:13:15:02:a8:0d:c6:33:c1:af:38:14:
fb:c0:2b:d5:0d:d8:84:ea:71:92:78:2b:46:db:05:
3c:d4:92:39:d1:ca:26:cc:04:86:96:a6:19:dc:d6:
ea:29:00:01:8f:0f:ec:7a:fd:70:2c:a8:6c:04:3b:
1b:53:72:84:6a:ce:26:1c:44:69:cc:df:9b:b9:ac:
47:bf:bf:de:2d:75:1c:2d:cd:c5:7b:d6:17:28:1e:
3b:fd:ff:f1:7b:8d:32:55:c7:7d:d2:c3:05:68:1b:
1d:ea:14:6e:2d:5a:9c:56:b3:b3:66:85:48:39:17:
04:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:53:47:C4:CB:EE:EA:8F:E9:77:5F:74:30:0E:64:1E:8F:4A:DF:CA
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/BFNHxMvu6o_pd190MA5kHo9K38o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.131.0/24
31.40.139.0/24
31.40.168.0/22
31.40.174.0-31.40.177.255
31.40.180.0-31.40.187.255
91.214.80.0/24
Signature Algorithm: sha256WithRSAEncryption
90:7d:51:be:f0:7d:7c:87:84:bc:66:f2:1d:ee:b7:96:99:f7:
01:fc:40:8e:cb:f1:80:76:9a:90:c5:73:67:50:a5:a4:34:dd:
e0:d2:51:20:46:b7:8c:b8:9e:85:57:25:04:62:60:2e:ff:83:
2a:fa:23:dc:e5:fd:f5:83:fa:d9:6d:44:e3:39:02:af:7d:2a:
3b:70:3b:23:d0:d6:e3:ea:7f:8d:43:79:5e:ef:72:1b:21:4f:
f7:42:64:ca:45:d0:0d:59:25:a2:25:af:b2:f5:c9:08:f1:90:
3f:a9:46:83:54:ad:0f:27:53:48:ac:bd:9d:f7:e0:f1:84:24:
15:9b:ae:e2:a4:e3:cb:e9:48:30:e6:24:63:19:eb:b8:7d:f5:
31:0c:48:16:51:ad:b5:af:f3:6b:e3:67:92:3e:c3:93:ba:dd:
07:a9:a0:7a:c9:a1:d6:36:64:c3:89:12:68:24:8c:aa:69:ee:
74:8d:7d:4e:50:0b:48:53:1e:37:52:0b:96:63:c3:83:23:75:
ad:fe:67:ba:e2:59:4b:81:c6:95:14:39:cc:98:12:9e:6e:3d:
d2:ac:ce:7f:a4:be:1a:0a:69:30:93:cb:c9:44:e1:56:8d:b7:
1d:c2:ea:67:c8:14:fc:e4:53:c7:d3:d9:8b:99:45:95:d6:24:
12:44:4e:2f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQf+ho6fWxcpKXnCNeiVyBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjUwMTAxMDM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDUzNDdjNGNiZWVlYThmZTk3NzVmNzQzMDBlNjQxZThmNGFkZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwGJuXWsm6p16qEb2/hJkcMys5G5
rJ8R2XvsBWqj6mJzMYwYKcmKh81/wKX6RW5SmJ8Pw3qZBzQ31pnwoxbpdUyx8qDH
ech/cXyeb9S7Aidh/Gb9GiCCplTZOa6NPTGu5Rc5DTp4Q+cl+3TWCiDG24lgljl3
46azSR5XWCdaszKCm8xq4Q3+Vwt0ExUCqA3GM8GvOBT7wCvVDdiE6nGSeCtG2wU8
1JI50comzASGlqYZ3NbqKQABjw/sev1wLKhsBDsbU3KEas4mHERpzN+buaxHv7/e
LXUcLc3Fe9YXKB47/f/xe40yVcd90sMFaBsd6hRuLVqcVrOzZoVIORcEDQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFARTR8TL7uqP6XdfdDAOZB6PSt/KMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvQkZOSHhNdnU2b19wZDE5ME1BNWtIbzlLMzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAHyiDAwQA
HyiLAwQCHyioMAwDBAEfKK4DBAEfKLAwDAMEAh8otAMEAh8ouAMEAFvWUDANBgkq
hkiG9w0BAQsFAAOCAQEAkH1RvvB9fIeEvGbyHe63lpn3AfxAjsvxgHaakMVzZ1Cl
pDTd4NJRIEa3jLiehVclBGJgLv+DKvoj3OX99YP62W1E4zkCr30qO3A7I9DW4+p/
jUN5Xu9yGyFP90JkykXQDVkloiWvsvXJCPGQP6lGg1StDydTSKy9nffg8YQkFZuu
4qTjy+lIMOYkYxnruH31MQxIFlGtta/za+Nnkj7Dk7rdB6mgesmh1jZkw4kSaCSM
qmnudI19TlALSFMeN1ILlmPDgyN1rf5nuuJZS4HGlRQ5zJgSnm490qzOf6S+Ggpp
MJPLyUThVo23HcLqZ8gU/ORTx9PZi5lFldYkEkROLw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:53 2025 by rpki-client