Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/MAvCp2BevHuSqHaP1myGsJKM6BU.roa
File: MAvCp2BevHuSqHaP1myGsJKM6BU.roa (raw, json)
Hash identifier: SxatI7IIFIlQbLT7wiZFmScz8EsYfJPa1qTxttQ1mYo=
Subject key identifier: 30:0B:C2:A7:60:5E:BC:7B:92:A8:76:8F:D6:6C:86:B0:92:8C:E8:15
Certificate issuer: /CN=ad82b2b42ed63e5b503b3cc33e24c21f447f1d74
Certificate serial: 0185720C5D066C6E74FBA8B282EB1D43123D
Authority key identifier: AD:82:B2:B4:2E:D6:3E:5B:50:3B:3C:C3:3E:24:C2:1F:44:7F:1D:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rYKytC7WPltQOzzDPiTCH0R_HXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/MAvCp2BevHuSqHaP1myGsJKM6BU.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201401
IP address blocks: 31.14.32.0/24 maxlen: 24
31.14.44.0/24 maxlen: 24
31.14.48.0/24 maxlen: 24
185.76.168.0/22 maxlen: 22
89.31.56.0/21 maxlen: 21
185.76.88.0/22 maxlen: 22
31.14.11.0/24 maxlen: 24
2a05:52a0::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5d:06:6c:6e:74:fb:a8:b2:82:eb:1d:43:12:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad82b2b42ed63e5b503b3cc33e24c21f447f1d74
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300bc2a7605ebc7b92a8768fd66c86b0928ce815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:11:29:5d:45:60:f1:8c:0c:7b:30:92:dc:a5:
aa:f7:c9:62:6e:39:74:9b:32:4e:49:ee:dc:2e:5b:
05:13:9d:fd:72:40:b7:b8:ba:2f:e6:65:63:3f:64:
57:2a:82:70:56:58:ad:67:55:b1:0f:2d:f3:ee:d8:
7a:b4:4e:12:ac:73:2a:48:ae:8c:05:5c:38:7d:11:
96:0a:e0:a0:86:98:9d:17:97:c7:d5:77:5f:f3:0a:
86:64:a0:08:0d:8a:d5:93:7b:3c:bf:d4:24:1b:76:
58:a4:9e:27:6d:21:fa:95:a0:62:3a:c7:b3:2e:53:
3c:60:f7:68:8b:66:59:4a:09:d9:f8:c1:e8:3b:ec:
2a:4f:ac:54:3a:20:94:a1:7f:f6:4d:82:ab:9e:eb:
e9:5e:b7:62:1a:ab:8b:a2:35:df:f2:de:be:bd:1d:
b5:ca:08:6a:6e:ff:60:c7:df:05:dc:75:b1:d1:ed:
8d:de:e4:a0:d1:d1:1e:10:7b:ed:6e:ed:8c:b6:d6:
fb:38:06:43:47:37:4e:6f:03:ea:cf:5a:5f:b2:ce:
32:20:37:c1:11:bb:d9:06:b7:e5:42:10:e1:ad:e4:
0c:bd:37:53:f9:60:19:f6:3e:60:c7:1c:9e:a0:d1:
ae:ec:e7:95:a2:e2:94:85:cf:2a:e7:af:3a:99:9b:
52:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0B:C2:A7:60:5E:BC:7B:92:A8:76:8F:D6:6C:86:B0:92:8C:E8:15
X509v3 Authority Key Identifier:
keyid:AD:82:B2:B4:2E:D6:3E:5B:50:3B:3C:C3:3E:24:C2:1F:44:7F:1D:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rYKytC7WPltQOzzDPiTCH0R_HXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/MAvCp2BevHuSqHaP1myGsJKM6BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e88347-5ea9-4669-8386-91244c543caa/1/rYKytC7WPltQOzzDPiTCH0R_HXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.11.0/24
31.14.32.0/24
31.14.44.0/24
31.14.48.0/24
89.31.56.0/21
185.76.88.0/22
185.76.168.0/22
IPv6:
2a05:52a0::/30
Signature Algorithm: sha256WithRSAEncryption
6a:71:8e:01:58:65:bb:a9:d5:6d:a4:4a:5f:3d:ac:0f:33:51:
57:bc:6e:85:61:b1:2f:63:47:cd:ce:0f:fe:46:46:4d:c0:ac:
5f:6c:29:8c:ed:56:85:37:32:77:c1:aa:29:35:30:e9:5d:48:
0a:fb:3e:1d:15:54:22:a6:3b:55:ef:56:a4:55:44:50:da:c6:
59:75:c9:e0:06:14:0e:25:db:3e:bb:cc:6e:ea:ce:54:69:1d:
f5:e4:dd:b1:28:56:7b:8f:3b:03:0d:f0:b7:ba:a4:95:eb:f6:
2d:04:f7:95:a4:fc:b9:89:e1:db:9d:e5:cb:21:04:55:8a:66:
5c:20:dc:24:b8:7b:5b:47:82:2a:5b:af:4b:73:63:5e:f0:22:
26:e7:1d:04:f8:e4:73:db:b8:0f:ab:c5:64:f9:ce:a3:d3:44:
33:92:ca:72:b2:4a:73:48:ae:90:78:ef:d5:50:77:9e:54:78:
29:b7:59:e6:02:e6:8f:29:33:52:4a:84:e4:38:92:ff:fd:24:
de:ff:cb:ce:81:b6:f9:3b:d9:c7:11:75:41:df:c3:ed:d4:61:
79:04:1c:e4:8b:ff:ea:24:c3:40:0c:67:e5:4b:ef:6d:85:f8:
20:41:99:6a:56:3e:68:4d:1c:32:9c:9b:8a:45:c8:93:78:1a:
ea:91:b5:8a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVyDF0GbG50+6iygusdQxI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkODJiMmI0MmVkNjNlNWI1MDNiM2NjMzNlMjRjMjFmNDQ3
ZjFkNzQwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBiYzJhNzYwNWViYzdiOTJhODc2OGZkNjZjODZiMDkyOGNlODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihEpXUVg8YwMezCS3KWq98libjl0
mzJOSe7cLlsFE539ckC3uLov5mVjP2RXKoJwVlitZ1WxDy3z7th6tE4SrHMqSK6M
BVw4fRGWCuCghpidF5fH1Xdf8wqGZKAIDYrVk3s8v9QkG3ZYpJ4nbSH6laBiOsez
LlM8YPdoi2ZZSgnZ+MHoO+wqT6xUOiCUoX/2TYKrnuvpXrdiGquLojXf8t6+vR21
yghqbv9gx98F3HWx0e2N3uSg0dEeEHvtbu2Mttb7OAZDRzdObwPqz1pfss4yIDfB
EbvZBrflQhDhreQMvTdT+WAZ9j5gxxyeoNGu7OeVouKUhc8q5686mZtStQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDALwqdgXrx7kqh2j9ZshrCSjOgVMB8GA1UdIwQY
MBaAFK2CsrQu1j5bUDs8wz4kwh9Efx10MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcllLeXRDN1dQbHRRT3p6RFBpVENIMFJfSFhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lODgzNDctNWVhOS00NjY5LTgzODYt
OTEyNDRjNTQzY2FhLzEvTUF2Q3AyQmV2SHVTcUhhUDFteUdzSktNNkJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lODgzNDctNWVhOS00NjY5LTgzODYtOTEyNDRjNTQzY2Fh
LzEvcllLeXRDN1dQbHRRT3p6RFBpVENIMFJfSFhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAHw4LAwQA
Hw4gAwQAHw4sAwQAHw4wAwQDWR84AwQCuUxYAwQCuUyoMA0EAgACMAcDBQIqBVKg
MA0GCSqGSIb3DQEBCwUAA4IBAQBqcY4BWGW7qdVtpEpfPawPM1FXvG6FYbEvY0fN
zg/+RkZNwKxfbCmM7VaFNzJ3waopNTDpXUgK+z4dFVQipjtV71akVURQ2sZZdcng
BhQOJds+u8xu6s5UaR315N2xKFZ7jzsDDfC3uqSV6/YtBPeVpPy5ieHbneXLIQRV
imZcINwkuHtbR4IqW69Lc2Ne8CIm5x0E+ORz27gPq8Vk+c6j00QzkspyskpzSK6Q
eO/VUHeeVHgpt1nmAuaPKTNSSoTkOJL//STe/8vOgbb5O9nHEXVB38Pt1GF5BBzk
i//qJMNADGflS+9thfggQZlqVj5oTRwynJuKRciTeBrqkbWK
-----END CERTIFICATE-----
Generated at Wed Nov 1 13:39:04 2023 by rpki-client on console-ams.rpki-client.org