Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/hBN8e7woOATeomlfQMH31bGw-Kg.roa
File: hBN8e7woOATeomlfQMH31bGw-Kg.roa (raw, json)
Hash identifier: QDWXY4Q63U6qalGIpj8absc/PjXBNHo2RSEMO5pxatA=
Subject key identifier: 84:13:7C:7B:BC:28:38:04:DE:A2:69:5F:40:C1:F7:D5:B1:B0:F8:A8
Certificate issuer: /CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Certificate serial: 0188875394331377D50F034D8EF194B65E60
Authority key identifier: 24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/hBN8e7woOATeomlfQMH31bGw-Kg.roa
Signing time: Sun 04 Jun 2023 16:53:01 +0000
ROA not before: Sun 04 Jun 2023 16:53:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212744
IP address blocks: 31.41.33.0/24 maxlen: 24
2a12:4047::/48 maxlen: 48
2a12:4040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:87:53:94:33:13:77:d5:0f:03:4d:8e:f1:94:b6:5e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Validity
Not Before: Jun 4 16:53:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84137c7bbc283804dea2695f40c1f7d5b1b0f8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7e:d7:78:a4:73:2a:d3:92:e5:92:72:e0:83:
23:58:b5:00:6f:04:62:52:c9:10:9a:8e:1b:92:63:
5c:2d:c0:52:55:28:ae:1d:02:b0:2f:12:a7:d2:0f:
80:a9:5b:84:5a:47:e6:7e:63:01:a0:59:48:df:b9:
0e:df:78:d6:f7:af:e5:44:05:b9:17:e6:2f:5d:3b:
5e:1f:b1:7d:27:6b:14:cc:b0:31:f0:a8:c6:79:40:
d8:0c:82:87:38:24:57:cb:a2:1e:02:dd:08:b0:68:
b2:24:d4:b9:ec:5a:0a:7b:d8:67:ab:98:ab:7c:f9:
5c:9a:69:68:53:cf:4a:ed:d9:1a:3f:46:7d:77:02:
d3:fc:94:e6:84:96:67:b8:3a:57:d8:ce:f6:fb:1f:
a4:fc:60:30:60:44:08:23:cd:f6:10:c5:3e:e4:5d:
86:b4:fb:13:51:5e:5e:8f:32:f7:a8:90:99:5a:2b:
8f:1e:cd:00:f4:27:56:cd:40:af:a3:83:54:18:4b:
12:b3:91:f3:51:83:48:55:f1:f8:bc:fc:94:1b:3b:
ff:1f:b5:b6:2a:17:e9:87:cd:0f:22:09:f2:5d:25:
a5:02:90:ed:69:7d:d0:d9:8a:94:65:a3:18:d5:3a:
bb:20:03:85:4f:f8:5f:50:ff:ea:98:12:41:46:30:
c5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:13:7C:7B:BC:28:38:04:DE:A2:69:5F:40:C1:F7:D5:B1:B0:F8:A8
X509v3 Authority Key Identifier:
keyid:24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/hBN8e7woOATeomlfQMH31bGw-Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/JDdzbm9VkArb-wRWxBZPZ7RTrI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
IPv6:
2a12:4040::/29
Signature Algorithm: sha256WithRSAEncryption
9d:3b:96:61:c6:66:a5:a5:e3:eb:dd:0f:53:20:95:03:ae:d0:
b9:6d:a0:d0:2b:51:30:bb:a6:d5:d0:68:b4:56:17:ba:4d:c3:
d9:88:c9:66:c1:67:c2:b2:67:be:7e:fe:21:11:ba:84:81:6b:
9d:71:6e:d1:1a:e5:59:69:87:aa:01:d5:80:b1:08:d4:c5:c4:
ab:7d:74:54:d7:a3:66:76:ae:2a:02:39:cc:29:57:25:92:f8:
aa:3d:66:09:e5:e5:fd:5f:1a:23:57:bc:d0:3b:04:55:26:93:
41:0c:07:73:2e:1c:15:b5:07:63:f7:56:ee:27:48:85:10:c8:
1e:e6:01:69:a6:cb:3c:02:62:38:7b:37:bf:d3:b2:d4:51:9e:
47:2b:25:d8:13:5c:94:89:f1:cc:51:51:5e:26:49:b2:8c:5c:
e3:19:6f:a7:b2:d6:91:c0:13:a3:12:b4:d6:2d:27:7c:f4:51:
b6:ec:8a:17:6a:ce:dc:74:65:56:56:d6:b1:9c:f7:f7:38:d6:
ed:0a:88:74:77:98:fa:2c:71:a4:b9:ec:ff:6c:d5:b7:95:a2:
95:a0:4e:28:48:83:dd:b2:e7:6d:71:79:db:93:d6:d3:fa:05:
05:48:62:db:bc:72:29:c8:f0:0a:43:40:0c:c4:f6:e2:0b:46:
ce:da:23:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiHU5QzE3fVDwNNjvGUtl5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mzc3MzZlNmY1NTkwMGFkYmZiMDQ1NmM0MTY0ZjY3YjQ1
M2FjOGYwHhcNMjMwNjA0MTY1MzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEzN2M3YmJjMjgzODA0ZGVhMjY5NWY0MGMxZjdkNWIxYjBmOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX7XeKRzKtOS5ZJy4IMjWLUAbwRi
UskQmo4bkmNcLcBSVSiuHQKwLxKn0g+AqVuEWkfmfmMBoFlI37kO33jW96/lRAW5
F+YvXTteH7F9J2sUzLAx8KjGeUDYDIKHOCRXy6IeAt0IsGiyJNS57FoKe9hnq5ir
fPlcmmloU89K7dkaP0Z9dwLT/JTmhJZnuDpX2M72+x+k/GAwYEQII832EMU+5F2G
tPsTUV5ejzL3qJCZWiuPHs0A9CdWzUCvo4NUGEsSs5HzUYNIVfH4vPyUGzv/H7W2
Khfph80PIgnyXSWlApDtaX3Q2YqUZaMY1Tq7IAOFT/hfUP/qmBJBRjDFDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIQTfHu8KDgE3qJpX0DB99WxsPioMB8GA1UdIwQY
MBaAFCQ3c25vVZAK2/sEVsQWT2e0U6yPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMt
MzE2NjhhZTNiMTY2LzEvaEJOOGU3d29PQVRlb21sZlFNSDMxYkd3LUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMtMzE2NjhhZTNiMTY2
LzEvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHykhMA0E
AgACMAcDBQMqEkBAMA0GCSqGSIb3DQEBCwUAA4IBAQCdO5ZhxmalpePr3Q9TIJUD
rtC5baDQK1Ewu6bV0Gi0Vhe6TcPZiMlmwWfCsme+fv4hEbqEgWudcW7RGuVZaYeq
AdWAsQjUxcSrfXRU16Nmdq4qAjnMKVclkviqPWYJ5eX9XxojV7zQOwRVJpNBDAdz
LhwVtQdj91buJ0iFEMge5gFppss8AmI4eze/07LUUZ5HKyXYE1yUifHMUVFeJkmy
jFzjGW+nstaRwBOjErTWLSd89FG27IoXas7cdGVWVtaxnPf3ONbtCoh0d5j6LHGk
uez/bNW3laKVoE4oSIPdsudtcXnbk9bT+gUFSGLbvHIpyPAKQ0AMxPbiC0bO2iNm
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:24:33 2025 by rpki-client