Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/rwFlopf5Xa6Dqk29FmnWdxdlBsc.roa
File: rwFlopf5Xa6Dqk29FmnWdxdlBsc.roa (raw, json)
Hash identifier: sHbPcAOKBddNPUyuRRzIjyvQe1AGIhhOwA82JfuKSsE=
Subject key identifier: AF:01:65:A2:97:F9:5D:AE:83:AA:4D:BD:16:69:D6:77:17:65:06:C7
Certificate issuer: /CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Certificate serial: 019427471B7A4CD839A5B4BF3283B20733D0
Authority key identifier: 20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/rwFlopf5Xa6Dqk29FmnWdxdlBsc.roa
Signing time: Thu 02 Jan 2025 13:49:19 +0000
ROA not before: Thu 02 Jan 2025 13:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208365
IP address blocks: 31.223.186.0/24 maxlen: 24
45.151.76.0/24 maxlen: 24
45.151.77.0/24 maxlen: 24
45.151.78.0/24 maxlen: 24
45.151.79.0/24 maxlen: 24
81.22.32.0/24 maxlen: 24
81.22.33.0/24 maxlen: 24
81.22.34.0/24 maxlen: 24
81.22.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:1b:7a:4c:d8:39:a5:b4:bf:32:83:b2:07:33:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Validity
Not Before: Jan 2 13:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af0165a297f95dae83aa4dbd1669d677176506c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5c:ea:38:b8:12:4b:9d:c2:86:78:40:23:c1:
16:fb:ab:5b:a8:3a:d9:f1:7d:81:86:f9:97:f3:e8:
d6:d5:5b:99:f4:10:17:7a:eb:e3:59:60:90:41:c9:
cc:a4:9f:f4:5e:62:d7:d7:73:55:15:9d:18:5b:cd:
23:72:7b:38:74:48:b9:f4:29:32:49:e2:a5:ef:a0:
18:7d:b6:44:b0:86:2f:c1:60:72:03:06:22:92:ff:
98:cd:79:59:a5:1a:9b:20:f8:ac:1a:b6:12:92:f4:
3c:ba:97:05:11:51:18:11:ab:cd:4c:49:ba:8f:73:
d9:e0:31:93:99:bc:23:b9:8d:96:b6:b8:73:40:31:
87:3f:9c:07:18:c1:3f:91:90:f7:39:5f:0d:ed:14:
eb:64:48:8c:ea:80:ee:6a:03:4f:be:9a:8b:34:27:
fb:ab:34:a7:fa:eb:15:a4:c5:aa:b1:19:47:44:2d:
b6:33:52:f6:5b:b8:90:6d:61:73:a3:1e:ab:a5:a5:
65:8e:ea:35:6a:e9:78:d9:c0:a9:07:8f:a9:cc:99:
e4:51:24:ac:20:a7:a5:dc:33:7f:28:e6:de:ad:92:
17:9c:21:5a:ca:bf:b8:92:72:77:cc:2d:42:1e:2f:
bb:a3:96:ea:7b:b6:f2:bd:a1:8e:d5:9b:f0:5f:e4:
7c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:01:65:A2:97:F9:5D:AE:83:AA:4D:BD:16:69:D6:77:17:65:06:C7
X509v3 Authority Key Identifier:
keyid:20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/rwFlopf5Xa6Dqk29FmnWdxdlBsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.186.0/24
45.151.76.0/22
81.22.32.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:5e:57:da:df:c0:8a:96:6c:44:83:7f:43:65:ee:e9:72:d2:
0f:64:02:aa:44:b7:53:ba:a2:22:4c:41:86:d3:d9:d0:5b:48:
78:fc:c1:2d:12:b5:20:32:a9:e8:42:26:26:c8:03:a2:b7:a8:
0b:ef:19:40:a0:01:b4:e8:3a:a0:64:14:3a:38:78:cc:3a:a2:
bd:3e:6e:9f:ba:d5:4f:d6:65:c3:e5:34:64:ea:bf:49:c4:a0:
c3:39:19:f8:b8:1f:1d:95:02:39:3e:34:34:c5:de:df:66:70:
9b:92:2b:d6:13:64:c1:f7:84:d5:24:09:2e:4e:b7:e0:15:5f:
ab:33:64:ef:c8:8a:40:b1:24:85:67:7a:7c:e8:fe:5f:65:a7:
10:82:5b:8d:9d:b9:e3:af:19:1a:43:db:14:a2:fc:cb:a6:0c:
a2:63:c6:bb:43:05:3f:db:ea:b6:2e:1d:43:63:e7:eb:f4:4f:
18:a8:b7:a2:9f:52:e2:21:4b:3e:97:ba:b9:40:70:cb:68:47:
5e:71:c6:47:94:6d:d8:ae:d3:45:25:ee:88:19:fe:4c:80:aa:
d2:3b:69:a4:9e:a5:da:0c:d0:ab:5c:39:14:47:f8:e3:fd:bf:
0c:e6:57:89:4e:d5:b3:d6:28:48:86:00:fd:f8:96:b1:28:a1:
7c:b0:57:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnRxt6TNg5pbS/MoOyBzPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTdmY2JlNTkzMTRjMzcyYjY4ZjIzMjIyMzgyOGIxZTMz
YTAzZWMwHhcNMjUwMTAyMTM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjAxNjVhMjk3Zjk1ZGFlODNhYTRkYmQxNjY5ZDY3NzE3NjUwNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FzqOLgSS53ChnhAI8EW+6tbqDrZ
8X2BhvmX8+jW1VuZ9BAXeuvjWWCQQcnMpJ/0XmLX13NVFZ0YW80jcns4dEi59Cky
SeKl76AYfbZEsIYvwWByAwYikv+YzXlZpRqbIPisGrYSkvQ8upcFEVEYEavNTEm6
j3PZ4DGTmbwjuY2WtrhzQDGHP5wHGME/kZD3OV8N7RTrZEiM6oDuagNPvpqLNCf7
qzSn+usVpMWqsRlHRC22M1L2W7iQbWFzox6rpaVljuo1aul42cCpB4+pzJnkUSSs
IKel3DN/KOberZIXnCFayr+4knJ3zC1CHi+7o5bqe7byvaGO1ZvwX+R8UwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK8BZaKX+V2ug6pNvRZp1ncXZQbHMB8GA1UdIwQY
MBaAFCCn/L5ZMUw3K2jyMiI4KLHjOgPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTIt
NDI2MDM5Nzg4OTE5LzEvcndGbG9wZjVYYTZEcWsyOUZtbldkeGRsQnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTItNDI2MDM5Nzg4OTE5
LzEvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH9+6AwQC
LZdMAwQCURYgMA0GCSqGSIb3DQEBCwUAA4IBAQA7Xlfa38CKlmxEg39DZe7pctIP
ZAKqRLdTuqIiTEGG09nQW0h4/MEtErUgMqnoQiYmyAOit6gL7xlAoAG06DqgZBQ6
OHjMOqK9Pm6futVP1mXD5TRk6r9JxKDDORn4uB8dlQI5PjQ0xd7fZnCbkivWE2TB
94TVJAkuTrfgFV+rM2TvyIpAsSSFZ3p86P5fZacQgluNnbnjrxkaQ9sUovzLpgyi
Y8a7QwU/2+q2Lh1DY+fr9E8YqLein1LiIUs+l7q5QHDLaEdeccZHlG3YrtNFJe6I
Gf5MgKrSO2mknqXaDNCrXDkUR/jj/b8M5leJTtWz1ihIhgD9+JaxKKF8sFfX
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:16 2025 by rpki-client