Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/H0NXbi4jjD5a771IpXc-y6TvwDw.roa
File: H0NXbi4jjD5a771IpXc-y6TvwDw.roa (raw, json)
Hash identifier: tA61sbeAKrTj6O8stx8u4HuP06GmMlRisYF1ftK/HpY=
Subject key identifier: 1F:43:57:6E:2E:23:8C:3E:5A:EF:BD:48:A5:77:3E:CB:A4:EF:C0:3C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195AF753A6146385B5B90A8468AF623244F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/H0NXbi4jjD5a771IpXc-y6TvwDw.roa
Signing time: Wed 19 Mar 2025 17:30:50 +0000
ROA not before: Wed 19 Mar 2025 17:30:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215267
IP address blocks: 31.57.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:af:75:3a:61:46:38:5b:5b:90:a8:46:8a:f6:23:24:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 19 17:30:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f43576e2e238c3e5aefbd48a5773ecba4efc03c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:29:74:f9:a5:ea:77:75:af:33:0e:83:b5:
29:2c:b9:91:39:b6:54:1a:c2:d4:0c:81:97:01:4a:
1a:10:4a:eb:52:51:c4:0a:bb:56:83:af:27:d4:5a:
d2:bf:4d:8a:29:9e:7e:ff:40:26:8a:57:5a:d5:1b:
08:d5:f6:3e:51:d4:79:27:52:9f:1a:14:b9:37:5c:
8b:c0:33:cd:1f:6c:27:68:b1:cd:1b:70:f0:0d:d5:
4d:84:64:77:4c:4c:30:37:f8:23:bd:91:01:4e:a3:
70:a1:55:ec:01:c2:97:db:18:e5:2b:96:81:87:fd:
c2:14:07:9b:a3:2f:17:a8:b2:b7:a8:c2:07:19:2e:
e9:18:27:9d:4e:18:5f:cd:f1:f1:a4:4c:16:1d:eb:
17:46:08:a8:fb:7e:42:c9:23:aa:73:40:07:ae:27:
61:6c:81:77:76:d6:08:67:85:b3:ed:96:a9:16:77:
10:54:a0:85:12:b8:31:c2:84:a8:0f:ab:9c:e6:eb:
21:46:01:8f:a1:c7:80:a1:40:77:a2:2e:0d:f2:f3:
41:b8:43:75:2d:4b:76:bc:10:ef:17:7e:b6:23:e2:
90:a0:ed:51:d6:64:51:bc:a6:be:c9:06:e7:5f:7c:
07:dd:42:3a:b8:37:fa:f7:6c:7f:cc:47:70:6d:7e:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:43:57:6E:2E:23:8C:3E:5A:EF:BD:48:A5:77:3E:CB:A4:EF:C0:3C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/H0NXbi4jjD5a771IpXc-y6TvwDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.115.0/24
Signature Algorithm: sha256WithRSAEncryption
20:94:30:a9:67:16:a3:3e:03:83:7c:1b:cb:58:b7:dc:8f:d5:
b7:c5:2a:21:31:b2:64:7b:e4:ab:8d:d8:ff:dc:03:11:a0:42:
c0:12:8e:54:34:41:05:3e:45:92:1b:26:da:10:80:28:56:7a:
a8:90:e0:11:82:31:d7:52:33:c8:5e:2f:1d:73:65:a2:1e:c0:
05:99:b2:54:c2:84:1a:b8:76:57:00:dd:9a:e7:26:11:55:c0:
46:2a:64:84:63:64:11:59:04:11:dd:ab:d8:3c:8e:bf:d1:c9:
fb:ce:ff:7c:26:c8:4b:58:1a:9c:31:20:2d:72:55:7e:e8:9c:
8d:cf:b7:23:f5:f9:67:c1:d9:71:16:b7:35:d3:ee:d7:71:7c:
dc:7f:89:48:1f:48:05:76:35:2d:e5:ff:f9:1e:73:33:02:ba:
dc:14:e8:56:c9:28:71:94:05:c7:89:da:99:84:c7:84:5a:c5:
53:b2:09:89:47:24:b7:12:5b:85:97:a2:43:f8:8d:96:ce:1a:
04:f1:29:54:28:99:77:22:f6:77:ee:fe:d4:90:d4:bb:c5:de:
c3:a1:24:f4:98:f0:b4:87:4b:c4:b0:a4:b1:2c:70:ee:d3:83:
72:85:bf:7c:8d:81:9e:73:9e:d6:f0:fd:99:11:2e:69:66:d3:
f5:93:0a:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWvdTphRjhbW5CoRor2IyRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE5MTczMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQzNTc2ZTJlMjM4YzNlNWFlZmJkNDhhNTc3M2VjYmE0ZWZjMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBcpdPml6nd1rzMOg7UpLLmRObZU
GsLUDIGXAUoaEErrUlHECrtWg68n1FrSv02KKZ5+/0Amilda1RsI1fY+UdR5J1Kf
GhS5N1yLwDPNH2wnaLHNG3DwDdVNhGR3TEwwN/gjvZEBTqNwoVXsAcKX2xjlK5aB
h/3CFAeboy8XqLK3qMIHGS7pGCedThhfzfHxpEwWHesXRgio+35CySOqc0AHridh
bIF3dtYIZ4Wz7ZapFncQVKCFErgxwoSoD6uc5ushRgGPoceAoUB3oi4N8vNBuEN1
LUt2vBDvF362I+KQoO1R1mRRvKa+yQbnX3wH3UI6uDf692x/zEdwbX5gcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9DV24uI4w+Wu+9SKV3Psuk78A8MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSDBOWGJpNGpqRDVhNzcxSXBYYy15NlR2d0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzlzMA0G
CSqGSIb3DQEBCwUAA4IBAQAglDCpZxajPgODfBvLWLfcj9W3xSohMbJke+Srjdj/
3AMRoELAEo5UNEEFPkWSGybaEIAoVnqokOARgjHXUjPIXi8dc2WiHsAFmbJUwoQa
uHZXAN2a5yYRVcBGKmSEY2QRWQQR3avYPI6/0cn7zv98JshLWBqcMSAtclV+6JyN
z7cj9flnwdlxFrc10+7XcXzcf4lIH0gFdjUt5f/5HnMzArrcFOhWyShxlAXHidqZ
hMeEWsVTsgmJRyS3EluFl6JD+I2WzhoE8SlUKJl3IvZ37v7UkNS7xd7DoST0mPC0
h0vEsKSxLHDu04Nyhb98jYGec57W8P2ZES5pZtP1kwpV
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:53:26 2025 by rpki-client