Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/PXKLJWRK5JT5xqHPiU1wVHkKhag.roa
File: PXKLJWRK5JT5xqHPiU1wVHkKhag.roa (raw, json)
Hash identifier: f7UVVCkNNrYtkhi2nz2OzhGEpHRkcJKbi1gQjPZ3lQk=
Subject key identifier: 3D:72:8B:25:64:4A:E4:94:F9:C6:A1:CF:89:4D:70:54:79:0A:85:A8
Certificate issuer: /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Certificate serial: 019456C9C587C99EB4AC16E5F2150C116878
Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/PXKLJWRK5JT5xqHPiU1wVHkKhag.roa
Signing time: Sat 11 Jan 2025 19:14:11 +0000
ROA not before: Sat 11 Jan 2025 19:14:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60802
IP address blocks: 31.42.183.0/24 maxlen: 24
2001:67c:bcc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:56:c9:c5:87:c9:9e:b4:ac:16:e5:f2:15:0c:11:68:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Validity
Not Before: Jan 11 19:14:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d728b25644ae494f9c6a1cf894d7054790a85a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:31:cb:eb:80:d5:96:e8:21:b0:b2:df:c9:
8e:8b:73:85:ac:d0:e2:bc:87:b7:be:33:f0:56:b9:
71:52:60:ac:30:7e:4a:45:6a:dd:54:c3:94:e9:e3:
e2:49:1a:c6:fa:a1:46:20:c4:49:26:31:ed:0f:82:
7e:fe:54:be:c1:df:db:df:8f:6f:f1:3b:c4:a3:22:
a1:12:c7:0a:5a:18:db:7e:8a:d6:7a:75:65:b2:00:
7a:30:35:74:6c:c8:2c:c5:fa:df:71:fc:39:cb:6f:
05:8a:cd:59:c0:e8:d2:60:ac:24:31:bb:c8:b6:a7:
64:f4:d7:83:61:d3:20:1f:8f:96:da:44:2d:88:d9:
33:5a:70:ec:19:30:b1:5c:09:53:c3:ab:5e:b0:de:
74:4c:b7:ff:79:e9:54:89:42:05:69:83:6d:c1:93:
ce:a1:79:77:d0:c0:c7:16:7b:60:dd:0c:2b:f0:2f:
f9:72:09:ae:e8:93:a8:12:41:73:84:46:12:f9:13:
82:f0:bc:fd:cd:64:05:8f:65:81:67:82:ea:0e:c2:
0b:6e:fa:59:bc:44:85:38:71:0c:7a:84:7b:8f:46:
92:13:84:f9:f2:36:ed:29:1d:61:f2:5b:e0:38:99:
a2:a3:32:b4:c4:a7:56:79:e1:a8:43:a2:9e:b1:7c:
2d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:72:8B:25:64:4A:E4:94:F9:C6:A1:CF:89:4D:70:54:79:0A:85:A8
X509v3 Authority Key Identifier:
keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/PXKLJWRK5JT5xqHPiU1wVHkKhag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
IPv6:
2001:67c:bcc::/48
Signature Algorithm: sha256WithRSAEncryption
bb:71:42:42:f5:62:ab:37:99:cc:2d:25:f8:f3:1b:94:5b:fe:
66:7a:f4:90:ab:b5:3b:39:2f:5b:e9:4d:b2:ba:40:bf:a0:6c:
07:e4:b6:65:60:05:76:97:ec:19:4e:cc:40:a3:c5:79:c7:97:
38:5a:22:68:8b:59:06:cd:e3:41:b3:b9:ea:0f:98:51:92:51:
5d:9c:0f:9d:74:50:30:51:53:ee:c3:34:f5:dd:39:1c:55:c4:
51:0c:61:19:45:45:24:ec:51:74:8c:3f:0d:21:8d:6e:dd:9b:
ef:99:47:a3:95:1d:91:34:ae:08:f8:8d:24:8a:e6:5a:d8:37:
12:0d:50:1c:91:5d:04:a2:2a:49:9b:67:25:94:9a:27:73:2a:
b1:ed:78:1f:30:02:0e:ec:7a:d5:d1:f1:92:44:fc:37:de:9d:
9f:0e:84:08:85:ea:31:a5:42:a4:47:1c:3b:ec:be:0b:21:6e:
7a:23:e3:87:07:c4:eb:d2:fe:63:78:ad:d3:31:1e:9a:3f:96:
a7:bb:65:f0:54:a0:87:f4:a2:0e:8d:e3:0e:35:d2:c5:34:ea:
bc:79:eb:a9:dc:18:33:aa:69:79:5f:d7:cb:3e:5a:f9:19:c2:
d8:b9:22:c2:38:52:42:19:7b:0c:3b:c0:0f:54:a3:4c:af:ab:
9b:d3:90:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZRWycWHyZ60rBbl8hUMEWh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl
MmNjNGEwHhcNMjUwMTExMTkxNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDcyOGIyNTY0NGFlNDk0ZjljNmExY2Y4OTRkNzA1NDc5MGE4NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVYxy+uA1ZboIbCy38mOi3OFrNDi
vIe3vjPwVrlxUmCsMH5KRWrdVMOU6ePiSRrG+qFGIMRJJjHtD4J+/lS+wd/b349v
8TvEoyKhEscKWhjbforWenVlsgB6MDV0bMgsxfrfcfw5y28Fis1ZwOjSYKwkMbvI
tqdk9NeDYdMgH4+W2kQtiNkzWnDsGTCxXAlTw6tesN50TLf/eelUiUIFaYNtwZPO
oXl30MDHFntg3Qwr8C/5cgmu6JOoEkFzhEYS+ROC8Lz9zWQFj2WBZ4LqDsILbvpZ
vESFOHEMeoR7j0aSE4T58jbtKR1h8lvgOJmiozK0xKdWeeGoQ6KesXwtDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1yiyVkSuSU+cahz4lNcFR5CoWoMB8GA1UdIwQY
MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt
N2JjZWZhOWY1OWU4LzEvUFhLTEpXUks1SlQ1eHFIUGlVMXdWSGtLaGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4
LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAHyq3MA8E
AgACMAkDBwAgAQZ8C8wwDQYJKoZIhvcNAQELBQADggEBALtxQkL1Yqs3mcwtJfjz
G5Rb/mZ69JCrtTs5L1vpTbK6QL+gbAfktmVgBXaX7BlOzECjxXnHlzhaImiLWQbN
40GzueoPmFGSUV2cD510UDBRU+7DNPXdORxVxFEMYRlFRSTsUXSMPw0hjW7dm++Z
R6OVHZE0rgj4jSSK5lrYNxINUByRXQSiKkmbZyWUmidzKrHteB8wAg7setXR8ZJE
/DfenZ8OhAiF6jGlQqRHHDvsvgshbnoj44cHxOvS/mN4rdMxHpo/lqe7ZfBUoIf0
og6N4w410sU06rx566ncGDOqaXlf18s+WvkZwti5IsI4UkIZeww7wA9Uo0yvq5vT
kH4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:31 2025 by rpki-client