Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/78ogkZ5LdenOvrPpKmpYEotN54c.roa
File: 78ogkZ5LdenOvrPpKmpYEotN54c.roa (raw, json)
Hash identifier: zfN8ZovcLaGaQzBcTWdnlM8h2i+XFTdrMK9FJUohSCw=
Subject key identifier: EF:CA:20:91:9E:4B:75:E9:CE:BE:B3:E9:2A:6A:58:12:8B:4D:E7:87
Certificate issuer: /CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Certificate serial: 0183F64970BBEF995F1B9FD1E64C0C79DE14
Authority key identifier: 24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/78ogkZ5LdenOvrPpKmpYEotN54c.roa
Signing time: Thu 20 Oct 2022 16:45:51 +0000
ROA not before: Thu 20 Oct 2022 16:45:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212744
IP address blocks: 31.41.33.0/24 maxlen: 24
2a12:4040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:49:70:bb:ef:99:5f:1b:9f:d1:e6:4c:0c:79:de:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Validity
Not Before: Oct 20 16:45:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efca20919e4b75e9cebeb3e92a6a58128b4de787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:15:4a:61:72:9c:79:a9:de:e0:90:d0:8f:a3:
f5:27:43:af:73:c3:d9:a0:e9:28:90:9d:85:6f:90:
15:36:15:df:84:09:39:c6:eb:28:f9:db:1f:ee:f6:
a3:2a:0b:18:b0:ee:7a:31:6f:88:26:01:37:09:a7:
a9:89:26:59:5c:c5:fe:5f:33:9d:8a:b4:d0:34:37:
9a:0a:69:d2:b3:b4:58:f8:ba:01:9f:2b:90:39:15:
ff:6b:b6:24:0c:c5:c6:ec:d5:3f:71:cd:ea:eb:5d:
1a:df:dd:48:84:8a:b6:0f:65:3b:6c:71:dd:f8:a4:
fc:a3:f6:6d:44:6c:80:30:20:ab:bf:06:f5:1c:56:
38:0d:a3:e2:d1:58:2e:18:02:4b:04:50:d2:70:60:
90:ed:2d:58:24:fb:0f:b5:b2:c8:6b:e4:da:29:43:
c2:70:9b:e9:47:ec:79:d7:b9:7b:61:30:7a:34:04:
ba:2b:d1:72:35:e1:06:07:78:8e:ba:97:ba:98:ff:
c7:34:97:e7:b0:fc:31:5b:3a:17:53:8c:95:9d:e6:
d7:72:9c:da:c3:97:a2:99:e9:cf:c7:e1:59:b4:ca:
a9:1a:ff:a6:18:aa:35:d7:2c:57:e9:fd:f6:13:96:
7e:5b:45:6b:b0:a5:e3:75:4a:1b:64:dd:1d:77:1d:
ad:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CA:20:91:9E:4B:75:E9:CE:BE:B3:E9:2A:6A:58:12:8B:4D:E7:87
X509v3 Authority Key Identifier:
keyid:24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/78ogkZ5LdenOvrPpKmpYEotN54c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/JDdzbm9VkArb-wRWxBZPZ7RTrI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
IPv6:
2a12:4040::/29
Signature Algorithm: sha256WithRSAEncryption
14:fa:c9:75:f3:d4:a0:40:19:45:bc:bd:f6:b0:cf:17:58:e7:
4b:bf:59:3f:30:9e:cd:5f:1a:f0:69:5a:c7:02:a1:42:e8:00:
2c:33:44:b4:4b:70:d5:6f:53:b0:78:79:f5:47:bf:d3:06:c4:
02:24:7b:17:ce:89:73:5c:ac:4f:b4:85:40:1c:9f:7d:72:27:
13:24:3a:a8:39:bc:6b:9a:3f:44:79:44:5a:9e:df:3e:41:09:
52:f4:df:a4:d8:51:d3:b8:3f:bb:ad:5d:64:00:f4:8b:82:05:
13:2b:4e:dc:cb:a4:dc:cd:8e:a7:0f:b3:64:84:cc:24:bb:ca:
9e:50:52:f3:89:68:b8:3f:69:74:d6:e0:81:6d:be:10:f7:1c:
66:3a:0d:98:46:47:8b:9e:d0:85:57:39:da:e3:53:31:62:42:
e4:71:35:c2:85:28:cc:21:9a:2d:1f:c8:43:13:71:e2:9d:ce:
8f:a7:97:cc:a0:bf:51:32:a1:7b:d1:20:a8:ef:88:9a:6b:49:
62:45:6f:d7:7e:c8:9c:de:2c:a7:38:27:b3:45:df:57:29:b6:
bb:b7:29:a1:9b:c1:88:0c:2c:b9:5d:ab:99:af:b9:09:e5:7e:
8e:24:02:d6:0b:a6:74:f5:89:b0:61:d8:a9:93:4e:f6:12:3c:
87:5e:3d:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYP2SXC775lfG5/R5kwMed4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mzc3MzZlNmY1NTkwMGFkYmZiMDQ1NmM0MTY0ZjY3YjQ1
M2FjOGYwHhcNMjIxMDIwMTY0NTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmNhMjA5MTllNGI3NWU5Y2ViZWIzZTkyYTZhNTgxMjhiNGRlNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhVKYXKceane4JDQj6P1J0Ovc8PZ
oOkokJ2Fb5AVNhXfhAk5xuso+dsf7vajKgsYsO56MW+IJgE3CaepiSZZXMX+XzOd
irTQNDeaCmnSs7RY+LoBnyuQORX/a7YkDMXG7NU/cc3q610a391IhIq2D2U7bHHd
+KT8o/ZtRGyAMCCrvwb1HFY4DaPi0VguGAJLBFDScGCQ7S1YJPsPtbLIa+TaKUPC
cJvpR+x517l7YTB6NAS6K9FyNeEGB3iOupe6mP/HNJfnsPwxWzoXU4yVnebXcpza
w5eimenPx+FZtMqpGv+mGKo11yxX6f32E5Z+W0VrsKXjdUobZN0ddx2tsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO/KIJGeS3Xpzr6z6SpqWBKLTeeHMB8GA1UdIwQY
MBaAFCQ3c25vVZAK2/sEVsQWT2e0U6yPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMt
MzE2NjhhZTNiMTY2LzEvNzhvZ2taNUxkZW5PdnJQcEttcFlFb3RONTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMtMzE2NjhhZTNiMTY2
LzEvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHykhMA0E
AgACMAcDBQMqEkBAMA0GCSqGSIb3DQEBCwUAA4IBAQAU+sl189SgQBlFvL32sM8X
WOdLv1k/MJ7NXxrwaVrHAqFC6AAsM0S0S3DVb1OweHn1R7/TBsQCJHsXzolzXKxP
tIVAHJ99cicTJDqoObxrmj9EeURant8+QQlS9N+k2FHTuD+7rV1kAPSLggUTK07c
y6TczY6nD7NkhMwku8qeUFLziWi4P2l01uCBbb4Q9xxmOg2YRkeLntCFVzna41Mx
YkLkcTXChSjMIZotH8hDE3Hinc6Pp5fMoL9RMqF70SCo74iaa0liRW/Xfsic3iyn
OCezRd9XKba7tymhm8GIDCy5XauZr7kJ5X6OJALWC6Z09YmwYdipk072EjyHXj1o
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:03 2025 by rpki-client