Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/IyxtzukAghZCOIQ_NqemGwdUeY8.roa
File: IyxtzukAghZCOIQ_NqemGwdUeY8.roa (raw, json)
Hash identifier: NK+XAqQeutLAJ+GVEjZNvmCoo4uWhRCj0NiFKEAev6s=
Subject key identifier: 23:2C:6D:CE:E9:00:82:16:42:38:84:3F:36:A7:A6:1B:07:54:79:8F
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067F0A020336639CC9B459A3AB81AED
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/IyxtzukAghZCOIQ_NqemGwdUeY8.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210000
IP address blocks: 31.41.34.0/24 maxlen: 24
2a12:3fc0::/29 maxlen: 29
2a12:3fc1:1001::/48 maxlen: 48
2a12:3fc1:1002::/48 maxlen: 48
2a12:3fc1:2001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f0:a0:20:33:66:39:cc:9b:45:9a:3a:b8:1a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=232c6dcee90082164238843f36a7a61b0754798f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:be:60:5e:63:c1:77:35:a3:79:e4:a2:b9:7a:
18:cd:98:10:01:ba:9b:1c:e0:31:ab:c7:9e:61:74:
3c:3d:37:8f:8a:ef:cb:5f:60:7a:9b:bc:92:70:be:
6b:50:7f:da:74:c7:ac:28:47:eb:6e:93:ca:b4:e2:
da:cc:ec:db:80:8c:23:10:63:79:ea:4f:c0:7a:66:
f5:00:ba:99:33:1a:e4:2a:23:da:67:e5:ed:9b:85:
7d:70:c9:39:2b:72:d0:bd:3a:d9:88:0d:55:68:47:
c5:2a:0b:9c:be:22:28:12:37:ab:a7:c9:05:5c:b4:
11:b6:49:59:07:9d:b6:aa:2d:01:d4:5c:1d:68:4b:
57:df:a9:5f:92:9e:c4:a6:af:d6:03:d7:b1:8c:f1:
03:10:6a:41:35:fd:8d:c3:97:0f:6a:16:96:39:0c:
cd:a8:05:3e:50:8c:66:fd:31:35:0f:07:d2:3f:ec:
93:6f:8e:50:11:80:67:9f:6e:dc:24:88:90:4a:58:
23:38:be:b3:e6:1b:db:98:72:b5:8b:8e:94:4a:8a:
f0:cb:91:67:c1:ad:d7:af:c6:f8:48:a8:25:ac:56:
1b:45:c7:46:e5:40:fd:e2:ca:be:06:7e:bf:39:7d:
0b:c3:18:80:43:47:29:24:fe:19:ad:fc:4b:53:b0:
3c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2C:6D:CE:E9:00:82:16:42:38:84:3F:36:A7:A6:1B:07:54:79:8F
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/IyxtzukAghZCOIQ_NqemGwdUeY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.34.0/24
IPv6:
2a12:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
cf:df:e0:26:fe:cd:83:c2:15:7c:8d:8a:ab:90:3f:46:c1:a5:
44:18:81:b7:e4:2b:83:1e:90:cd:a7:0c:6d:00:bb:a4:8d:f1:
6c:d1:ce:32:de:1b:cb:6a:b8:5d:d1:95:b3:99:ec:99:5c:1f:
2f:d1:e8:b9:ec:bc:db:ce:05:d8:7b:93:56:0e:80:a7:84:74:
48:a0:51:67:7b:77:ff:0a:6b:aa:6d:0c:1f:b9:ea:b0:a8:c8:
95:f5:44:75:da:b3:37:e5:2f:3b:74:53:d6:a2:48:c6:17:16:
dd:d5:60:9c:2c:5a:11:85:ca:b1:68:55:8f:bd:e1:55:a5:8a:
3c:ac:50:7d:14:85:3d:df:53:13:37:8f:0d:b6:ad:97:88:72:
ec:04:72:f2:31:58:d2:ea:93:f6:83:8c:e2:70:81:1f:26:57:
97:56:70:0b:fb:3c:a4:b2:4f:a0:6c:81:20:6a:25:b9:34:d3:
0f:07:a4:cb:b6:2c:b5:6e:30:b1:a9:72:52:f4:16:21:8c:b3:
ae:97:5b:7f:49:47:cb:ca:df:3a:44:3c:0b:df:34:a3:8b:cb:
5f:4a:0c:f4:cd:da:90:32:22:05:6f:3f:6d:74:db:30:f7:c5:
b2:50:79:4e:23:84:b7:be:96:b0:43:ca:7b:42:d8:a1:37:88:
f3:35:66:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgZ/CgIDNmOcybRZo6uBrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJjNmRjZWU5MDA4MjE2NDIzODg0M2YzNmE3YTYxYjA3NTQ3OThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b5gXmPBdzWjeeSiuXoYzZgQAbqb
HOAxq8eeYXQ8PTePiu/LX2B6m7yScL5rUH/adMesKEfrbpPKtOLazOzbgIwjEGN5
6k/Aemb1ALqZMxrkKiPaZ+Xtm4V9cMk5K3LQvTrZiA1VaEfFKgucviIoEjerp8kF
XLQRtklZB522qi0B1FwdaEtX36lfkp7Epq/WA9exjPEDEGpBNf2Nw5cPahaWOQzN
qAU+UIxm/TE1DwfSP+yTb45QEYBnn27cJIiQSlgjOL6z5hvbmHK1i46USorwy5Fn
wa3Xr8b4SKglrFYbRcdG5UD94sq+Bn6/OX0LwxiAQ0cpJP4ZrfxLU7A8PwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCMsbc7pAIIWQjiEPzanphsHVHmPMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvSXl4dHp1a0FnaFpDT0lRX05xZW1Hd2RVZVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHykiMA0E
AgACMAcDBQMqEj/AMA0GCSqGSIb3DQEBCwUAA4IBAQDP3+Am/s2DwhV8jYqrkD9G
waVEGIG35CuDHpDNpwxtALukjfFs0c4y3hvLarhd0ZWzmeyZXB8v0ei57LzbzgXY
e5NWDoCnhHRIoFFne3f/CmuqbQwfueqwqMiV9UR12rM35S87dFPWokjGFxbd1WCc
LFoRhcqxaFWPveFVpYo8rFB9FIU931MTN48Ntq2XiHLsBHLyMVjS6pP2g4zicIEf
JleXVnAL+zyksk+gbIEgaiW5NNMPB6TLtiy1bjCxqXJS9BYhjLOul1t/SUfLyt86
RDwL3zSji8tfSgz0zdqQMiIFbz9tdNsw98WyUHlOI4S3vpawQ8p7QtihN4jzNWbi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:02 2025 by rpki-client