Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3EWMvQlpK0np-dLTV1llGTwhjsk.roa
File: 3EWMvQlpK0np-dLTV1llGTwhjsk.roa (raw, json)
Hash identifier: cW6QDswaHBh5Y13Kne4L7b5c44JQmZgNXKQ/3xPHSMw=
Subject key identifier: DC:45:8C:BD:09:69:2B:49:E9:F9:D2:D3:57:59:65:19:3C:21:8E:C9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195CDBDEA958B13F21E5553F4576878753E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3EWMvQlpK0np-dLTV1llGTwhjsk.roa
Signing time: Tue 25 Mar 2025 14:38:50 +0000
ROA not before: Tue 25 Mar 2025 14:38:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.156.0/24 maxlen: 24
31.57.92.0/22 maxlen: 22
31.57.129.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.142.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.58.33.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.92.0/22 maxlen: 22
31.58.157.0/24 maxlen: 24
31.58.160.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.58.220.0/22 maxlen: 22
31.58.224.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.58.231.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.108.0/24 maxlen: 24
31.59.109.0/24 maxlen: 24
31.59.110.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:bd:ea:95:8b:13:f2:1e:55:53:f4:57:68:78:75:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 25 14:38:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc458cbd09692b49e9f9d2d3575965193c218ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:58:35:05:cb:e6:fa:df:87:17:bf:1b:c3:8e:
9d:00:ee:3e:51:24:6d:f5:63:b1:f0:d5:92:bb:3b:
bb:e0:c9:e8:80:fb:d6:ec:e4:24:b0:15:f3:a6:fd:
31:c6:01:58:85:5f:c5:70:9a:03:aa:85:de:0c:c7:
8b:f1:99:61:57:a2:f9:2b:5b:a8:ff:39:3b:5c:71:
37:42:f1:1b:ed:68:84:f2:b8:74:1e:d2:9a:7d:72:
5d:d4:38:f2:89:9d:2d:e3:03:74:33:cd:8f:23:a1:
f5:67:0b:1f:ca:b3:b9:3a:66:48:ce:c7:0f:31:2e:
43:27:b9:cb:d6:fb:f9:c8:0a:66:ef:30:66:35:60:
34:79:d5:6b:a7:25:42:a9:c9:3b:e8:b3:79:7a:71:
76:f9:8a:09:96:ac:a5:52:66:49:00:81:b5:8c:34:
e6:e0:43:12:a2:8a:00:7b:09:bf:1b:9e:16:3c:85:
2c:7a:2c:4b:d2:c5:70:27:d4:e3:45:49:02:ee:d3:
fa:bd:9a:d5:02:f7:da:d9:f1:8b:22:84:b1:dd:12:
dd:56:ae:e7:6d:64:af:c1:84:49:5b:2b:6f:9b:e2:
ad:ff:4d:15:2a:2a:f5:65:49:6a:16:b5:91:38:1a:
2b:c2:ca:c3:15:d4:bf:3e:ec:75:a4:35:3a:c1:15:
a3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:45:8C:BD:09:69:2B:49:E9:F9:D2:D3:57:59:65:19:3C:21:8E:C9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3EWMvQlpK0np-dLTV1llGTwhjsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.156.0/24
31.57.92.0/22
31.57.129.0/24
31.57.132.0/24
31.57.142.0/24
31.57.151.0/24
31.57.191.0/24
31.57.206.0/24
31.57.208.0/22
31.58.33.0/24
31.58.90.0/24
31.58.92.0/22
31.58.157.0/24
31.58.160.0/24
31.58.163.0/24
31.58.168.0/24
31.58.220.0-31.58.224.255
31.58.230.0/23
31.59.57.0/24
31.59.108.0-31.59.110.255
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:1d:43:4c:e9:55:4f:7d:be:7e:62:82:c6:b9:b0:89:47:44:
b1:73:fc:63:56:c1:69:9d:fa:99:a7:89:33:96:9d:1a:c7:c9:
e9:37:d4:05:f0:58:1f:44:aa:9e:a1:ce:84:4f:79:ea:28:42:
81:57:6c:fb:74:9a:a3:94:09:b6:9b:57:69:30:2a:70:3f:48:
e0:d1:a9:60:e0:ce:59:b2:52:9b:46:6d:62:3c:7c:7a:77:2b:
55:65:0e:fe:5f:48:b9:b7:06:ae:2a:05:4f:e4:21:27:70:f2:
8c:45:2a:96:e2:6c:6d:22:26:4d:c5:ca:21:99:bc:63:23:84:
1d:75:70:54:00:9d:16:c1:ab:10:b2:97:39:a6:e0:59:65:12:
49:b9:97:64:b5:44:73:e4:f1:c5:17:4c:21:6d:45:1b:57:90:
76:82:9f:4f:f5:1f:02:ac:ea:63:7f:a2:c5:e8:c7:c9:e6:df:
75:fc:89:de:47:f8:2e:f7:92:de:7e:83:3e:55:14:ae:06:19:
9b:e0:75:09:44:82:d1:a0:72:47:93:52:a8:37:13:7b:0f:78:
56:06:b7:ea:a2:b3:cd:ea:b2:60:ce:fd:05:77:86:98:d0:3a:
a9:3c:a8:8e:0a:ff:fa:27:c3:3a:5f:2a:af:3a:02:ed:84:16:
88:16:a7:2b
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZXNveqVixPyHlVT9FdoeHU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI1MTQzODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ1OGNiZDA5NjkyYjQ5ZTlmOWQyZDM1NzU5NjUxOTNjMjE4ZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1g1Bcvm+t+HF78bw46dAO4+USRt
9WOx8NWSuzu74MnogPvW7OQksBXzpv0xxgFYhV/FcJoDqoXeDMeL8ZlhV6L5K1uo
/zk7XHE3QvEb7WiE8rh0HtKafXJd1DjyiZ0t4wN0M82PI6H1ZwsfyrO5OmZIzscP
MS5DJ7nL1vv5yApm7zBmNWA0edVrpyVCqck76LN5enF2+YoJlqylUmZJAIG1jDTm
4EMSoooAewm/G54WPIUseixL0sVwJ9TjRUkC7tP6vZrVAvfa2fGLIoSx3RLdVq7n
bWSvwYRJWytvm+Kt/00VKir1ZUlqFrWROBorwsrDFdS/Pux1pDU6wRWjkQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFNxFjL0JaStJ6fnS01dZZRk8IY7JMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvM0VXTXZRbHBLMG5wLWRMVFYxbGxHVHdoanNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAf
OJwDBAIfOVwDBAAfOYEDBAAfOYQDBAAfOY4DBAAfOZcDBAAfOb8DBAAfOc4DBAIf
OdADBAAfOiEDBAAfOloDBAIfOlwDBAAfOp0DBAAfOqADBAAfOqMDBAAfOqgwDAME
Ah863AMEAB864AMEAR865gMEAB87OTAMAwQCHztsAwQAHztuAwQCHzvsMA0GCSqG
SIb3DQEBCwUAA4IBAQCKHUNM6VVPfb5+YoLGubCJR0Sxc/xjVsFpnfqZp4kzlp0a
x8npN9QF8FgfRKqeoc6ET3nqKEKBV2z7dJqjlAm2m1dpMCpwP0jg0alg4M5ZslKb
Rm1iPHx6dytVZQ7+X0i5twauKgVP5CEncPKMRSqW4mxtIiZNxcohmbxjI4QddXBU
AJ0WwasQspc5puBZZRJJuZdktURz5PHFF0whbUUbV5B2gp9P9R8CrOpjf6LF6MfJ
5t91/IneR/gu95LefoM+VRSuBhmb4HUJRILRoHJHk1KoNxN7D3hWBrfqorPN6rJg
zv0Fd4aY0DqpPKiOCv/6J8M6XyqvOgLthBaIFqcr
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:12:38 2025 by rpki-client