Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/l0NLsYRPvphsINGWVfL3YivZnC8.roa
File: l0NLsYRPvphsINGWVfL3YivZnC8.roa (raw, json)
Hash identifier: fpu85nK8kXScCHeGNYZ98wh+JDlF/BXC45N7DAXPvvI=
Subject key identifier: 97:43:4B:B1:84:4F:BE:98:6C:20:D1:96:55:F2:F7:62:2B:D9:9C:2F
Certificate issuer: /CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Certificate serial: 018C913A9C3827B921568BDB774CD799731A
Authority key identifier: 24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/l0NLsYRPvphsINGWVfL3YivZnC8.roa
Signing time: Fri 22 Dec 2023 11:13:06 +0000
ROA not before: Fri 22 Dec 2023 11:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48014
IP address blocks: 31.41.33.0/24 maxlen: 24
2a12:4047::/32 maxlen: 32
2a12:4040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:3a:9c:38:27:b9:21:56:8b:db:77:4c:d7:99:73:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Validity
Not Before: Dec 22 11:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97434bb1844fbe986c20d19655f2f7622bd99c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4c:42:e1:a7:0f:9d:61:ce:cd:af:b5:d6:23:
14:4c:a0:ce:b3:82:08:8c:ab:c5:29:48:98:91:5a:
2a:be:db:71:f7:39:9f:45:56:9a:f0:a9:ee:ce:d1:
48:36:52:80:9f:59:31:54:71:d7:b0:82:c4:fa:af:
b4:0f:c5:8d:20:ae:97:c0:eb:b1:c1:b1:ca:0e:21:
36:5d:2c:40:13:1c:87:d0:97:c8:bb:6f:e2:01:b3:
0b:3c:8e:2c:a0:c6:52:bf:3f:f5:8e:89:d9:c8:5a:
34:0b:34:ee:4f:27:71:e4:e5:21:0d:39:f9:97:cb:
c5:e0:88:2e:d2:9a:5b:9d:6c:48:63:b7:5c:a1:86:
cd:e4:b7:61:d3:dd:61:7e:7a:d4:59:78:72:71:92:
e8:64:55:3c:48:89:eb:91:b5:a4:d5:f5:c1:6c:d1:
c2:26:9f:d3:54:46:08:a0:64:70:65:9d:31:c7:1f:
d3:4c:8f:26:52:16:f3:94:1c:c2:da:85:9a:5c:25:
89:79:f2:f3:0a:aa:1f:c8:1e:e8:5e:01:e3:fc:c7:
f4:6d:1d:fa:46:46:7a:29:1e:90:9b:56:df:4f:6b:
1e:f1:f7:19:c7:86:1b:8e:bb:1c:a0:dc:23:7c:a8:
37:f8:98:fa:a7:d5:d1:db:b5:9f:81:20:6b:aa:a1:
c8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:43:4B:B1:84:4F:BE:98:6C:20:D1:96:55:F2:F7:62:2B:D9:9C:2F
X509v3 Authority Key Identifier:
keyid:24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/l0NLsYRPvphsINGWVfL3YivZnC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/JDdzbm9VkArb-wRWxBZPZ7RTrI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
IPv6:
2a12:4040::/29
Signature Algorithm: sha256WithRSAEncryption
5e:81:ea:5e:49:a2:1b:88:7c:c6:25:6c:50:9d:38:22:ea:df:
fe:e8:1f:6e:00:40:f6:5f:10:18:13:03:9f:6a:01:e9:78:b8:
8b:d5:f1:87:fe:d7:64:96:56:3f:85:1b:57:76:fb:d2:30:91:
3c:18:e5:5e:f7:39:ae:68:cb:72:46:54:b8:cd:64:e0:61:f1:
c2:b8:e8:ee:8d:ae:b5:fd:aa:dc:29:dc:3b:99:d3:a4:eb:1f:
51:a7:fb:3b:31:38:30:8e:e1:6b:0b:f4:03:2b:21:54:8c:77:
09:1c:e8:9f:cd:3b:2c:16:64:17:e8:74:6b:45:b1:b0:98:12:
a2:6e:12:6f:92:c3:e8:8a:7e:b5:00:48:27:11:c6:39:95:c1:
4e:71:70:f3:67:41:af:a2:41:b8:73:79:40:a2:d8:a6:30:dc:
2f:dc:97:2c:0d:5b:b5:22:83:9f:59:d3:50:8b:32:9a:4f:99:
5a:2d:39:19:f4:4e:bd:e2:c3:15:c0:08:fd:5d:e7:68:33:5e:
77:f2:b7:3a:6b:46:18:05:d8:9d:13:bb:47:87:b8:6f:df:3c:
45:06:5b:58:1d:a5:01:ed:98:8f:d0:38:30:cb:25:bc:e0:aa:
11:8d:f9:be:06:9d:d1:b6:d9:71:39:9d:e2:2e:15:1f:b2:62:
28:c6:ce:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyROpw4J7khVovbd0zXmXMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mzc3MzZlNmY1NTkwMGFkYmZiMDQ1NmM0MTY0ZjY3YjQ1
M2FjOGYwHhcNMjMxMjIyMTExMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQzNGJiMTg0NGZiZTk4NmMyMGQxOTY1NWYyZjc2MjJiZDk5YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkxC4acPnWHOza+11iMUTKDOs4II
jKvFKUiYkVoqvttx9zmfRVaa8KnuztFINlKAn1kxVHHXsILE+q+0D8WNIK6XwOux
wbHKDiE2XSxAExyH0JfIu2/iAbMLPI4soMZSvz/1jonZyFo0CzTuTydx5OUhDTn5
l8vF4Igu0ppbnWxIY7dcoYbN5Ldh091hfnrUWXhycZLoZFU8SInrkbWk1fXBbNHC
Jp/TVEYIoGRwZZ0xxx/TTI8mUhbzlBzC2oWaXCWJefLzCqofyB7oXgHj/Mf0bR36
RkZ6KR6Qm1bfT2se8fcZx4YbjrscoNwjfKg3+Jj6p9XR27WfgSBrqqHIiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJdDS7GET76YbCDRllXy92Ir2ZwvMB8GA1UdIwQY
MBaAFCQ3c25vVZAK2/sEVsQWT2e0U6yPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMt
MzE2NjhhZTNiMTY2LzEvbDBOTHNZUlB2cGhzSU5HV1ZmTDNZaXZabkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMtMzE2NjhhZTNiMTY2
LzEvSkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHykhMA0E
AgACMAcDBQMqEkBAMA0GCSqGSIb3DQEBCwUAA4IBAQBegepeSaIbiHzGJWxQnTgi
6t/+6B9uAED2XxAYEwOfagHpeLiL1fGH/tdkllY/hRtXdvvSMJE8GOVe9zmuaMty
RlS4zWTgYfHCuOjuja61/arcKdw7mdOk6x9Rp/s7MTgwjuFrC/QDKyFUjHcJHOif
zTssFmQX6HRrRbGwmBKibhJvksPoin61AEgnEcY5lcFOcXDzZ0GvokG4c3lAotim
MNwv3JcsDVu1IoOfWdNQizKaT5laLTkZ9E694sMVwAj9XedoM1538rc6a0YYBdid
E7tHh7hv3zxFBltYHaUB7ZiP0DgwyyW84KoRjfm+Bp3RttlxOZ3iLhUfsmIoxs4o
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:16 2025 by rpki-client