Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VXuZkRLoEcdAW1J7RtAxdgrcSzo.roa
File: VXuZkRLoEcdAW1J7RtAxdgrcSzo.roa (raw, json)
Hash identifier: dJX4lpj20W+7pafsIHml8SOFrK8bjcSrzM7WjN8BZk8=
Subject key identifier: 55:7B:99:91:12:E8:11:C7:40:5B:52:7B:46:D0:31:76:0A:DC:4B:3A
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 01941FFA58DB42D0759698774E5FDADEC964
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VXuZkRLoEcdAW1J7RtAxdgrcSzo.roa
Signing time: Wed 01 Jan 2025 03:48:07 +0000
ROA not before: Wed 01 Jan 2025 03:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209565
IP address blocks: 131.117.224.0/24 maxlen: 24
131.117.225.0/24 maxlen: 24
131.117.228.0/24 maxlen: 24
131.117.233.0/24 maxlen: 24
185.21.136.0/24 maxlen: 24
185.21.137.0/24 maxlen: 24
185.21.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:58:db:42:d0:75:96:98:77:4e:5f:da:de:c9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=557b999112e811c7405b527b46d031760adc4b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3d:9c:a0:89:8a:2a:4c:e7:76:a4:12:e8:ca:
84:01:d3:d0:21:de:53:82:6b:37:1a:49:e4:c7:e5:
8c:f1:f3:7a:c4:3d:be:04:ae:4f:00:61:b5:be:3e:
25:05:68:01:72:3f:ae:fa:03:e6:ba:de:19:b8:e5:
57:68:df:a8:64:74:03:20:79:5a:01:45:74:16:67:
68:48:1c:19:8d:0e:83:fa:db:8e:93:7c:97:33:a5:
81:43:55:d5:07:5e:78:c3:c7:0c:1e:07:98:7f:2e:
c2:07:45:5a:3e:18:57:1a:c4:e4:70:a8:17:57:b1:
19:2a:de:41:a0:88:09:53:dd:85:27:3d:16:13:81:
b7:6d:f3:e3:a6:65:79:db:c0:ed:e4:4b:b0:d0:c5:
f3:a2:24:37:64:6f:32:0e:01:46:31:58:22:95:5f:
8a:af:b6:11:2a:b0:b7:6c:50:d5:d6:95:7d:ed:93:
f5:d7:b0:60:e4:1d:4f:01:87:ba:b9:3a:2d:8e:8f:
e4:63:1a:52:8f:c1:1e:23:db:2e:68:40:cd:53:80:
a6:f9:0d:25:3d:ca:d4:8c:0f:da:4a:b3:b4:2a:4d:
7c:90:fd:48:9d:9d:b5:c1:8f:fb:d1:3d:fe:70:d0:
92:70:5f:22:1d:08:7c:ca:33:47:b1:7e:5a:9f:63:
4f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:7B:99:91:12:E8:11:C7:40:5B:52:7B:46:D0:31:76:0A:DC:4B:3A
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VXuZkRLoEcdAW1J7RtAxdgrcSzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.224.0/23
131.117.228.0/24
131.117.233.0/24
185.21.136.0-185.21.138.255
Signature Algorithm: sha256WithRSAEncryption
14:2c:6b:9e:77:96:db:7e:78:3c:2c:7d:56:7f:0e:1f:a5:d1:
7c:1c:40:ea:f3:71:69:99:1b:9a:f7:8c:ae:59:45:70:b1:90:
ab:ad:49:5f:65:de:99:cb:8f:e6:d3:10:bd:c2:c4:64:2e:f8:
e3:a6:6a:fc:a8:9f:fd:36:eb:67:6c:aa:1b:6a:45:4e:3f:a8:
9a:d6:7b:29:6e:15:8f:40:81:83:fa:ee:16:d7:c1:df:b5:40:
05:bf:de:83:45:df:67:90:fc:4b:bd:8f:fe:6d:14:a6:2e:14:
4e:34:8e:1b:8d:42:f3:7d:cf:b5:53:8f:cf:71:5e:e6:b0:70:
be:02:ed:c4:c2:37:0c:41:95:e0:df:a3:01:00:3d:23:20:fb:
05:03:d6:37:87:8e:75:42:97:75:3e:2f:11:21:d3:3d:65:61:
e5:ac:90:0f:37:22:99:f5:4d:3f:05:df:d9:db:21:e2:9d:7a:
9f:92:4b:10:60:62:89:b3:14:42:ce:66:2c:9d:e7:06:b8:5e:
2c:c3:ef:4f:81:e7:23:d1:76:da:ad:e9:c5:63:ee:aa:93:58:
d9:d8:87:b3:f5:20:f9:24:09:15:22:c3:9c:4d:df:2d:ed:46:
b7:ce:b7:5c:75:39:7e:32:71:a2:c2:83:8b:12:49:b2:f9:4c:
91:b0:82:d7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQf+ljbQtB1lph3Tl/a3slkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTdiOTk5MTEyZTgxMWM3NDA1YjUyN2I0NmQwMzE3NjBhZGM0YjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz2coImKKkzndqQS6MqEAdPQId5T
gms3Gknkx+WM8fN6xD2+BK5PAGG1vj4lBWgBcj+u+gPmut4ZuOVXaN+oZHQDIHla
AUV0FmdoSBwZjQ6D+tuOk3yXM6WBQ1XVB154w8cMHgeYfy7CB0VaPhhXGsTkcKgX
V7EZKt5BoIgJU92FJz0WE4G3bfPjpmV528Dt5Euw0MXzoiQ3ZG8yDgFGMVgilV+K
r7YRKrC3bFDV1pV97ZP117Bg5B1PAYe6uTotjo/kYxpSj8EeI9suaEDNU4Cm+Q0l
PcrUjA/aSrO0Kk18kP1InZ21wY/70T3+cNCScF8iHQh8yjNHsX5an2NPywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFV7mZES6BHHQFtSe0bQMXYK3Es6MB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL1ZYdVprUkxvRWNkQVcxSjdSdEF4ZGdyY1N6by5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBAGDdeAD
BACDdeQDBACDdekwDAMEA7kViAMEALkVijANBgkqhkiG9w0BAQsFAAOCAQEAFCxr
nneW2354PCx9Vn8OH6XRfBxA6vNxaZkbmveMrllFcLGQq61JX2XemcuP5tMQvcLE
ZC7446Zq/Kif/TbrZ2yqG2pFTj+omtZ7KW4Vj0CBg/ruFtfB37VABb/eg0XfZ5D8
S72P/m0Upi4UTjSOG41C833PtVOPz3Fe5rBwvgLtxMI3DEGV4N+jAQA9IyD7BQPW
N4eOdUKXdT4vESHTPWVh5ayQDzcimfVNPwXf2dsh4p16n5JLEGBiibMUQs5mLJ3n
BrheLMPvT4HnI9F22q3pxWPuqpNY2diHs/Ug+SQJFSLDnE3fLe1Gt863XHU5fjJx
osKDixJJsvlMkbCC1w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:24:43 2025 by rpki-client