Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/ELOApysxy0hC-jy8e_ue0EH6G2s.roa
File: ELOApysxy0hC-jy8e_ue0EH6G2s.roa (raw, json)
Hash identifier: PMFl8V8bM+cRXiF8bAmzvkxLHcVuZC1zyYL2fd7HOJU=
Subject key identifier: 10:B3:80:A7:2B:31:CB:48:42:FA:3C:BC:7B:FB:9E:D0:41:FA:1B:6B
Certificate issuer: /CN=ad82b2b42ed63e5b503b3cc33e24c21f447f1d74
Certificate serial: 1324B364
Authority key identifier: AD:82:B2:B4:2E:D6:3E:5B:50:3B:3C:C3:3E:24:C2:1F:44:7F:1D:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rYKytC7WPltQOzzDPiTCH0R_HXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/ELOApysxy0hC-jy8e_ue0EH6G2s.roa
Signing time: Sat 01 Jan 2022 16:10:52 +0000
ROA not before: Sat 01 Jan 2022 16:10:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201401
IP address blocks: 31.14.32.0/24 maxlen: 24
31.14.44.0/24 maxlen: 24
31.14.48.0/24 maxlen: 24
185.76.168.0/22 maxlen: 22
89.31.56.0/21 maxlen: 21
185.76.88.0/22 maxlen: 22
31.14.11.0/24 maxlen: 24
2a05:52a0::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321172324 (0x1324b364)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad82b2b42ed63e5b503b3cc33e24c21f447f1d74
Validity
Not Before: Jan 1 16:10:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10b380a72b31cb4842fa3cbc7bfb9ed041fa1b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:42:9e:f1:67:38:a3:f0:00:35:a4:8d:f3:9f:
34:e7:e3:73:3e:02:11:cb:0b:0a:27:e1:86:41:3d:
46:8c:e5:20:bb:27:27:f2:b1:a7:86:9e:e6:74:c9:
78:7e:27:73:15:81:ff:35:c0:41:31:68:99:40:06:
fc:4c:ae:3f:5b:7f:b9:40:e0:cf:fd:94:93:02:74:
27:b5:01:06:b5:5a:9f:f7:58:fd:8e:4d:09:1d:98:
fa:06:c0:b4:7f:da:a8:65:22:a1:9b:54:17:91:37:
3c:cb:fb:3d:a0:01:68:89:ad:bd:de:a6:52:7d:ec:
b6:23:26:0a:3d:03:38:84:79:7c:c1:ec:a1:58:a9:
7a:63:a0:ae:d0:2c:d0:9c:cc:a1:2f:6d:90:96:fa:
a1:47:7b:5d:08:e0:20:db:1d:61:87:8d:e7:4e:20:
9d:20:9e:72:df:43:88:5c:46:f2:98:45:42:89:34:
2d:de:5c:27:de:2a:07:d8:ae:86:3e:d2:5d:27:06:
6e:0a:13:8c:97:80:6e:02:81:12:58:a9:f7:97:b7:
a4:dc:9f:b0:36:ad:d4:7b:ca:6b:b7:19:fb:7c:26:
a2:76:f0:e2:53:77:f4:eb:f7:93:05:fa:67:6e:e9:
42:77:63:62:35:c2:f0:0c:35:cd:1f:c6:05:19:06:
fb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B3:80:A7:2B:31:CB:48:42:FA:3C:BC:7B:FB:9E:D0:41:FA:1B:6B
X509v3 Authority Key Identifier:
keyid:AD:82:B2:B4:2E:D6:3E:5B:50:3B:3C:C3:3E:24:C2:1F:44:7F:1D:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rYKytC7WPltQOzzDPiTCH0R_HXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/ELOApysxy0hC-jy8e_ue0EH6G2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/rYKytC7WPltQOzzDPiTCH0R_HXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.11.0/24
31.14.32.0/24
31.14.44.0/24
31.14.48.0/24
89.31.56.0/21
185.76.88.0/22
185.76.168.0/22
IPv6:
2a05:52a0::/30
Signature Algorithm: sha256WithRSAEncryption
42:28:89:74:c2:44:71:93:1e:fd:46:4a:00:2a:30:b0:21:32:
ab:e5:d3:89:f6:88:7f:91:d2:9f:6e:40:9d:ce:19:04:1f:62:
bc:39:db:53:3c:18:b9:97:a8:87:1b:3c:72:5b:53:49:29:c1:
b2:f7:b1:6f:ff:80:d3:a0:35:14:0a:20:30:8e:ad:dc:a6:9c:
7f:d8:a2:d8:b8:8d:74:47:27:45:b7:5e:a4:5d:e5:c2:08:5c:
7b:fe:c7:94:31:35:ea:88:77:52:1c:7e:30:02:f4:2f:3f:d3:
fd:7c:73:a6:72:50:76:68:d9:a1:e5:b6:57:3d:71:4d:bb:82:
b9:61:70:d2:37:10:7f:ef:70:56:1c:8a:3b:6c:b5:a5:96:20:
ea:1e:94:06:51:67:48:8d:b3:82:0c:fd:f9:27:00:f9:e0:bb:
bc:92:e1:dd:50:98:12:94:f1:e0:9d:de:4d:ae:7a:4d:0c:0c:
f1:17:69:fa:a0:33:d7:96:57:7a:a8:09:9a:1f:8d:c3:d4:29:
fd:9a:f7:78:26:f2:ef:71:c1:7e:bb:a3:a0:0a:9f:bc:03:d4:
fc:66:6b:e2:42:2a:0e:6d:9a:fb:40:4b:78:e2:f7:b4:10:96:
70:5b:40:60:3c:78:4c:07:77:ed:0a:b9:24:8b:65:90:56:fa:
09:38:f6:28
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEEySzZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDgyYjJiNDJlZDYzZTViNTAzYjNjYzMzZTI0YzIxZjQ0N2YxZDc0MB4XDTIyMDEw
MTE2MTA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBiMzgwYTcyYjMx
Y2I0ODQyZmEzY2JjN2JmYjllZDA0MWZhMWI2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1CnvFnOKPwADWkjfOfNOfjcz4CEcsLCifhhkE9RozlILsn
J/Kxp4ae5nTJeH4ncxWB/zXAQTFomUAG/EyuP1t/uUDgz/2UkwJ0J7UBBrVan/dY
/Y5NCR2Y+gbAtH/aqGUioZtUF5E3PMv7PaABaImtvd6mUn3stiMmCj0DOIR5fMHs
oVipemOgrtAs0JzMoS9tkJb6oUd7XQjgINsdYYeN504gnSCect9DiFxG8phFQok0
Ld5cJ94qB9iuhj7SXScGbgoTjJeAbgKBElip95e3pNyfsDat1HvKa7cZ+3wmonbw
4lN39Ov3kwX6Z27pQndjYjXC8Aw1zR/GBRkG+2cCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQQs4CnKzHLSEL6PLx7+57QQfobazAfBgNVHSMEGDAWgBStgrK0LtY+W1A7
PMM+JMIfRH8ddDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JZS3l0QzdXUGx0UU96ekRQaVRDSDBSX0hYUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvZTg4MzQ3LTVlYTktNDY2OS04Mzg2LTkxMjQ0YzU0M2NhYS8x
L0VMT0FweXN4eTBoQy1qeThlX3VlMEVINkcycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
ZTg4MzQ3LTVlYTktNDY2OS04Mzg2LTkxMjQ0YzU0M2NhYS8xL3JZS3l0QzdXUGx0
UU96ekRQaVRDSDBSX0hYUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAB8OCwMEAB8OIAMEAB8OLAMEAB8O
MAMEA1kfOAMEArlMWAMEArlMqDANBAIAAjAHAwUCKgVSoDANBgkqhkiG9w0BAQsF
AAOCAQEAQiiJdMJEcZMe/UZKACowsCEyq+XTifaIf5HSn25Anc4ZBB9ivDnbUzwY
uZeohxs8cltTSSnBsvexb/+A06A1FAogMI6t3Kacf9ii2LiNdEcnRbdepF3lwghc
e/7HlDE16oh3Uhx+MAL0Lz/T/XxzpnJQdmjZoeW2Vz1xTbuCuWFw0jcQf+9wVhyK
O2y1pZYg6h6UBlFnSI2zggz9+ScA+eC7vJLh3VCYEpTx4J3eTa56TQwM8Rdp+qAz
15ZXeqgJmh+Nw9Qp/Zr3eCby73HBfrujoAqfvAPU/GZr4kIqDm2a+0BLeOL3tBCW
cFtAYDx4TAd37Qq5JItlkFb6CTj2KA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:15 2024 by rpki-client on console-ams.rpki-client.org