Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/GLMA7Q6nznWYJpnWXPI_4hysgi4.roa
File: GLMA7Q6nznWYJpnWXPI_4hysgi4.roa (raw, json)
Hash identifier: jjx58/PmPYsmqzEaG1TjZX7HRH6WsCNiuLm0VSqbXuU=
Subject key identifier: 18:B3:00:ED:0E:A7:CE:75:98:26:99:D6:5C:F2:3F:E2:1C:AC:82:2E
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0194D6CD5885D4F9CDDF5FEA6EEEB4A87C66
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/GLMA7Q6nznWYJpnWXPI_4hysgi4.roa
Signing time: Wed 05 Feb 2025 15:49:29 +0000
ROA not before: Wed 05 Feb 2025 15:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12302
IP address blocks: 31.14.34.0/24 maxlen: 24
31.14.49.0/24 maxlen: 24
86.104.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:cd:58:85:d4:f9:cd:df:5f:ea:6e:ee:b4:a8:7c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Feb 5 15:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18b300ed0ea7ce75982699d65cf23fe21cac822e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:09:83:c8:aa:68:2b:75:7c:bd:5f:75:4b:76:
3a:8d:d3:74:f8:b1:b0:bc:0c:87:33:cb:45:64:e1:
69:06:49:c9:24:60:10:63:77:1c:f7:e0:b4:49:6a:
80:9b:68:0f:79:ed:76:83:e1:21:a8:a7:9b:9b:ce:
c7:66:83:25:e7:01:6c:de:2c:41:96:a1:cc:ed:18:
79:3e:c6:15:3a:b8:fe:32:31:23:4f:4b:d9:59:8f:
e7:2b:9b:de:47:8a:d0:28:e7:a3:a3:c2:8e:9a:71:
3b:71:a8:04:6a:3b:d9:12:44:31:5f:40:87:ed:02:
93:33:5d:dc:ce:e7:0e:c4:4d:65:ad:b5:9a:7f:27:
f5:38:a9:de:74:e5:21:a0:44:89:51:1d:46:18:eb:
0f:d5:49:a4:20:59:3a:72:e1:34:89:87:ff:f2:48:
eb:e6:7a:2b:ad:49:a5:01:68:ec:8f:46:87:67:3c:
0f:ba:c4:d1:2c:44:7b:69:9d:78:e8:6d:1f:0f:5a:
bc:c2:88:d9:06:5b:c2:67:47:df:da:50:da:ed:45:
e8:f8:75:d3:33:81:fc:61:3e:23:83:ec:d9:3f:b9:
d2:f4:dc:7a:7a:10:3c:f2:85:77:69:fb:ef:5b:02:
a7:20:45:ba:32:5a:50:11:4c:b2:8c:d8:81:d7:d2:
99:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B3:00:ED:0E:A7:CE:75:98:26:99:D6:5C:F2:3F:E2:1C:AC:82:2E
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/GLMA7Q6nznWYJpnWXPI_4hysgi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.34.0/24
31.14.49.0/24
86.104.193.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f2:3b:56:0d:cc:5d:a4:ce:81:0f:e0:56:c6:aa:3e:a3:24:
5f:eb:a3:be:5c:02:04:e0:ae:ae:ce:71:1c:1e:9c:32:93:5c:
24:6b:bc:29:84:de:e6:6d:00:03:07:de:1c:4d:0a:14:f5:b9:
8b:7b:46:6f:a8:90:ec:54:93:88:49:62:00:ef:11:1e:fd:5e:
65:a3:5e:f1:db:8a:50:86:12:db:7b:5a:ab:6d:5e:95:1a:21:
2c:8e:9b:27:71:ea:a3:7f:3f:d8:38:8f:8d:e2:74:e1:c1:4e:
a3:5f:5f:c3:63:b1:8a:fc:95:7f:45:d7:b2:9a:ed:47:7d:29:
38:bb:b4:d6:fe:4e:5d:92:ea:77:ce:65:2d:8c:cb:a7:31:23:
72:6d:b3:91:92:d9:93:61:d6:2a:f3:4c:8d:76:f6:d2:dc:61:
12:77:03:39:ee:e2:ab:c0:b1:df:d7:f9:5f:b2:a1:83:5d:bf:
b8:f0:b3:0e:ef:82:28:6b:2e:ff:1a:02:26:c1:4e:8d:43:ac:
e6:ba:fd:b9:c1:b4:3b:bd:5a:fe:dc:de:de:ae:ff:63:88:18:
42:52:ab:ea:ee:d7:a3:57:91:e1:b4:c9:31:b5:8d:30:9f:e5:
c7:4d:47:1d:c1:4b:e5:66:20:e1:41:d2:b9:0b:4b:30:b8:fb:
d3:61:21:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTWzViF1PnN31/qbu60qHxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMjA1MTU0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGIzMDBlZDBlYTdjZTc1OTgyNjk5ZDY1Y2YyM2ZlMjFjYWM4MjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgmDyKpoK3V8vV91S3Y6jdN0+LGw
vAyHM8tFZOFpBknJJGAQY3cc9+C0SWqAm2gPee12g+EhqKebm87HZoMl5wFs3ixB
lqHM7Rh5PsYVOrj+MjEjT0vZWY/nK5veR4rQKOejo8KOmnE7cagEajvZEkQxX0CH
7QKTM13czucOxE1lrbWafyf1OKnedOUhoESJUR1GGOsP1UmkIFk6cuE0iYf/8kjr
5norrUmlAWjsj0aHZzwPusTRLER7aZ146G0fD1q8wojZBlvCZ0ff2lDa7UXo+HXT
M4H8YT4jg+zZP7nS9Nx6ehA88oV3afvvWwKnIEW6MlpQEUyyjNiB19KZCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBizAO0Op851mCaZ1lzyP+IcrIIuMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0dMTUE3UTZuem5XWUpwbldYUElfNGh5c2dpNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAAfDiID
BAAfDjEDBABWaMEwDQYJKoZIhvcNAQELBQADggEBABryO1YNzF2kzoEP4FbGqj6j
JF/ro75cAgTgrq7OcRwenDKTXCRrvCmE3uZtAAMH3hxNChT1uYt7Rm+okOxUk4hJ
YgDvER79XmWjXvHbilCGEtt7WqttXpUaISyOmydx6qN/P9g4j43idOHBTqNfX8Nj
sYr8lX9F17Ka7Ud9KTi7tNb+Tl2S6nfOZS2My6cxI3Jts5GS2ZNh1irzTI129tLc
YRJ3Aznu4qvAsd/X+V+yoYNdv7jwsw7vgihrLv8aAibBTo1DrOa6/bnBtDu9Wv7c
3t6u/2OIGEJSq+ru16NXkeG0yTG1jTCf5cdNRx3BS+VmIOFB0rkLSzC4+9NhIbM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:45 2025 by rpki-client