Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xxaHt4ZF1Epw2oFd7bbQBhjBqW0.roa
File: xxaHt4ZF1Epw2oFd7bbQBhjBqW0.roa (raw, json)
Hash identifier: qPHjU7fmP74kjT5si1WnGJqU5PYA20h+7c/FDy35dkc=
Subject key identifier: C7:16:87:B7:86:45:D4:4A:70:DA:81:5D:ED:B6:D0:06:18:C1:A9:6D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195C977B880CEBC62DB11DB4F8445836BE4
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xxaHt4ZF1Epw2oFd7bbQBhjBqW0.roa
Signing time: Mon 24 Mar 2025 18:43:41 +0000
ROA not before: Mon 24 Mar 2025 18:43:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26737
IP address blocks: 31.57.212.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:77:b8:80:ce:bc:62:db:11:db:4f:84:45:83:6b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 24 18:43:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c71687b78645d44a70da815dedb6d00618c1a96d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f9:c9:03:48:cd:a0:1b:f8:96:19:5a:7e:f8:
36:0a:d5:ce:34:0a:26:51:2b:70:bc:e0:30:0c:3a:
35:e4:f3:72:d1:f2:f3:48:fa:04:b2:ab:e5:9d:30:
9a:c4:1a:a9:92:ef:38:cd:6b:b2:35:e0:c6:c2:37:
e8:5d:d4:15:4e:99:0a:71:aa:cc:2b:12:b9:fe:20:
32:e8:57:27:fd:22:83:c1:26:79:43:0c:f7:d3:ab:
c6:00:4f:ea:cd:9a:d3:b9:c1:f2:ad:27:f7:5e:a1:
87:71:c6:70:e2:e0:65:82:74:ce:31:92:c8:07:ad:
15:b9:1b:0d:23:53:de:94:1d:35:5b:80:07:c0:6e:
14:16:61:04:55:59:d6:2a:a5:13:bc:b2:5f:a8:15:
21:fc:70:8b:46:a8:9b:b3:1c:a2:81:f9:c5:62:6b:
2e:96:f6:62:66:56:ec:eb:d1:84:88:b7:51:9d:4c:
74:bd:99:2d:16:8c:0f:6e:7b:67:06:83:d2:89:f1:
0c:02:6b:31:62:28:29:c6:0a:83:bc:92:26:dc:9e:
9a:5d:1a:fb:78:24:af:d6:65:85:96:f0:93:19:d0:
f1:4b:c6:67:01:41:3b:43:6e:ac:29:fd:9d:d8:e4:
94:27:9c:1c:4e:61:f4:a7:25:63:d2:c7:a9:de:2a:
51:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:16:87:B7:86:45:D4:4A:70:DA:81:5D:ED:B6:D0:06:18:C1:A9:6D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xxaHt4ZF1Epw2oFd7bbQBhjBqW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.212.0/23
Signature Algorithm: sha256WithRSAEncryption
35:78:9c:d8:76:d3:3f:81:87:e9:01:f6:6b:6b:49:13:2b:30:
87:b7:dd:0d:a5:d0:45:60:d6:f9:e1:a4:82:99:ce:81:7a:7e:
bf:09:a5:70:1e:73:e8:4e:3d:33:f4:b7:b3:b2:df:2f:49:50:
b3:4d:a4:66:1a:ee:b2:43:03:ed:cf:2c:21:26:52:1f:a1:cb:
aa:ee:d7:14:fe:4c:72:af:6d:c2:35:aa:05:8f:ce:d9:6b:fd:
f7:87:ed:26:8b:ff:42:86:0d:aa:80:ef:58:d2:f8:d5:dc:60:
e5:c5:a5:16:8b:bc:d0:c5:e5:c7:3e:e6:d2:bf:ff:90:84:a8:
8d:70:46:f0:6c:21:8a:e1:be:ba:13:8d:d4:82:9a:75:58:c2:
44:ff:5a:90:20:8b:0f:ad:dd:d7:e0:fb:ba:55:5f:b4:1f:33:
38:78:32:3c:ba:2f:eb:2c:03:f6:00:da:22:02:b5:b6:c7:b9:
10:8a:b9:3c:a2:de:2e:2a:ad:4c:97:dc:de:52:cf:3f:4e:6c:
51:55:25:1b:13:33:e5:41:8d:34:2e:5a:56:d3:cb:94:fd:da:
a2:c9:64:ab:7e:32:5b:bc:4b:65:ad:ba:73:79:c4:2a:73:e0:
2a:1a:14:a3:64:a3:15:1f:78:de:f1:11:67:20:21:65:f1:0d:
b5:78:f1:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXJd7iAzrxi2xHbT4RFg2vkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzI0MTg0MzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzE2ODdiNzg2NDVkNDRhNzBkYTgxNWRlZGI2ZDAwNjE4YzFhOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vnJA0jNoBv4lhlafvg2CtXONAom
UStwvOAwDDo15PNy0fLzSPoEsqvlnTCaxBqpku84zWuyNeDGwjfoXdQVTpkKcarM
KxK5/iAy6Fcn/SKDwSZ5Qwz306vGAE/qzZrTucHyrSf3XqGHccZw4uBlgnTOMZLI
B60VuRsNI1PelB01W4AHwG4UFmEEVVnWKqUTvLJfqBUh/HCLRqibsxyigfnFYmsu
lvZiZlbs69GEiLdRnUx0vZktFowPbntnBoPSifEMAmsxYigpxgqDvJIm3J6aXRr7
eCSv1mWFlvCTGdDxS8ZnAUE7Q26sKf2d2OSUJ5wcTmH0pyVj0sep3ipRjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcWh7eGRdRKcNqBXe220AYYwaltMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveHhhSHQ0WkYxRXB3Mm9GZDdiYlFCaGpCcVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBHznUMA0G
CSqGSIb3DQEBCwUAA4IBAQA1eJzYdtM/gYfpAfZra0kTKzCHt90NpdBFYNb54aSC
mc6Ben6/CaVwHnPoTj0z9Lezst8vSVCzTaRmGu6yQwPtzywhJlIfocuq7tcU/kxy
r23CNaoFj87Za/33h+0mi/9Chg2qgO9Y0vjV3GDlxaUWi7zQxeXHPubSv/+QhKiN
cEbwbCGK4b66E43Ugpp1WMJE/1qQIIsPrd3X4Pu6VV+0HzM4eDI8ui/rLAP2ANoi
ArW2x7kQirk8ot4uKq1Ml9zeUs8/TmxRVSUbEzPlQY00LlpW08uU/dqiyWSrfjJb
vEtlrbpzecQqc+AqGhSjZKMVH3je8RFnICFl8Q21ePEq
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:53:30 2025 by rpki-client