Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/c053duW9yVX04hvH9uI3J-eIkE4.roa
File: c053duW9yVX04hvH9uI3J-eIkE4.roa (raw, json)
Hash identifier: XRTPmRVBWHDOHpFSQkgtPCpg1cl8rrGstMwajzVZVD8=
Subject key identifier: 73:4E:77:76:E5:BD:C9:55:F4:E2:1B:C7:F6:E2:37:27:E7:88:90:4E
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 019422FC345DDCA59A38C46A9007638CAF94
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/c053duW9yVX04hvH9uI3J-eIkE4.roa
Signing time: Wed 01 Jan 2025 17:49:01 +0000
ROA not before: Wed 01 Jan 2025 17:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 31.223.192.0/21 maxlen: 24
31.223.200.0/21 maxlen: 24
109.238.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:34:5d:dc:a5:9a:38:c4:6a:90:07:63:8c:af:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=734e7776e5bdc955f4e21bc7f6e23727e788904e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:08:b2:62:bc:30:dd:d3:d7:a6:e4:7a:34:ef:
54:df:63:77:ae:8b:e2:f4:fd:e1:4f:5d:e1:1f:f4:
be:a4:37:73:73:b6:0a:32:53:6a:75:31:cb:2d:13:
60:23:15:0c:55:23:6c:49:df:19:8b:12:5b:bd:84:
94:84:b5:0d:ed:28:af:10:7f:e5:38:5e:b3:c4:51:
c8:bd:fe:57:30:63:56:5a:18:4e:93:9a:0b:ff:fa:
9a:35:a7:66:91:bb:c7:b6:59:1e:8a:45:d3:0c:e3:
c1:b3:2c:11:6f:be:0e:7c:d3:f6:2d:de:71:49:b0:
f8:c6:3d:d8:34:0a:86:c6:08:29:e3:f7:4b:35:01:
64:a4:4e:d2:d3:9e:da:ef:5a:c1:63:71:b8:a9:db:
ae:f1:3b:40:ff:f4:cf:2b:3d:0f:dd:a4:a8:99:7f:
78:74:28:77:9f:09:03:66:46:eb:20:d6:5b:32:96:
68:f4:be:5a:fb:c4:80:2b:66:09:16:8b:0a:44:4c:
89:e7:90:f7:6b:12:57:00:af:96:0c:f1:34:0e:87:
37:9c:05:e3:8e:ee:06:59:be:36:a1:e4:a3:ec:8c:
76:8a:3a:4d:e1:90:ec:29:4d:04:2f:00:ff:20:63:
69:73:53:c8:26:c9:d2:a3:ab:cd:2d:b3:9f:76:b2:
03:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:4E:77:76:E5:BD:C9:55:F4:E2:1B:C7:F6:E2:37:27:E7:88:90:4E
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/c053duW9yVX04hvH9uI3J-eIkE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.192.0/20
109.238.160.0/21
Signature Algorithm: sha256WithRSAEncryption
40:2d:67:5f:72:a7:65:3d:88:cf:dd:6a:27:48:85:a1:2b:06:
80:0a:98:42:d2:04:fa:46:2d:c5:d5:9a:cf:1b:ad:21:43:a0:
0a:22:6f:1f:71:45:88:f8:76:57:89:7f:64:40:49:6a:26:fe:
37:cc:6d:14:b8:fc:eb:07:7d:32:fd:ac:d0:a0:6c:e9:dd:fc:
0e:b5:83:da:e8:12:4b:a3:16:24:e4:68:6a:ad:3d:73:5c:12:
ec:9e:ba:6e:da:2c:cd:15:79:cd:8e:3a:f6:ba:a7:25:9c:84:
9b:b0:6d:a2:04:2b:c7:a1:13:00:a8:96:3d:e1:3d:cc:d2:fa:
57:32:36:4f:08:fa:60:bb:53:c6:e0:4f:ba:cc:ce:cb:26:d5:
59:98:ab:a1:12:bc:77:6e:0d:f7:50:16:b0:35:66:92:ae:c8:
d8:99:0d:2f:4a:d0:66:68:29:be:02:4a:fd:62:ed:15:07:44:
0f:e9:47:4d:8c:d2:6a:39:d0:fd:aa:c0:7c:20:da:6e:2d:ab:
04:49:27:09:27:60:4e:8c:82:b4:2a:85:45:3c:d4:fb:46:64:
97:fe:75:c3:29:6c:55:7d:bc:22:5a:90:46:f6:4e:4d:0e:dd:
ff:d8:d2:ac:54:9f:69:f1:80:cf:3c:15:d1:c9:92:ba:4f:60:
71:55:53:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/DRd3KWaOMRqkAdjjK+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzRlNzc3NmU1YmRjOTU1ZjRlMjFiYzdmNmUyMzcyN2U3ODg5MDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wiyYrww3dPXpuR6NO9U32N3rovi
9P3hT13hH/S+pDdzc7YKMlNqdTHLLRNgIxUMVSNsSd8ZixJbvYSUhLUN7SivEH/l
OF6zxFHIvf5XMGNWWhhOk5oL//qaNadmkbvHtlkeikXTDOPBsywRb74OfNP2Ld5x
SbD4xj3YNAqGxggp4/dLNQFkpE7S057a71rBY3G4qduu8TtA//TPKz0P3aSomX94
dCh3nwkDZkbrINZbMpZo9L5a+8SAK2YJFosKREyJ55D3axJXAK+WDPE0Doc3nAXj
ju4GWb42oeSj7Ix2ijpN4ZDsKU0ELwD/IGNpc1PIJsnSo6vNLbOfdrIDGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHNOd3blvclV9OIbx/biNyfniJBOMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvYzA1M2R1Vzl5VlgwNGh2SDl1STNKLWVJa0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH9/AAwQD
be6gMA0GCSqGSIb3DQEBCwUAA4IBAQBALWdfcqdlPYjP3WonSIWhKwaACphC0gT6
Ri3F1ZrPG60hQ6AKIm8fcUWI+HZXiX9kQElqJv43zG0UuPzrB30y/azQoGzp3fwO
tYPa6BJLoxYk5GhqrT1zXBLsnrpu2izNFXnNjjr2uqclnISbsG2iBCvHoRMAqJY9
4T3M0vpXMjZPCPpgu1PG4E+6zM7LJtVZmKuhErx3bg33UBawNWaSrsjYmQ0vStBm
aCm+Akr9Yu0VB0QP6UdNjNJqOdD9qsB8INpuLasESScJJ2BOjIK0KoVFPNT7RmSX
/nXDKWxVfbwiWpBG9k5NDt3/2NKsVJ9p8YDPPBXRyZK6T2BxVVP8
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:30:43 2025 by rpki-client