Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/959e6c-8dc6-47a8-9171-ba09a5945c8e/1/L7KQbKw2rUYCNpNHGiTd_i0boHE.roa
File: L7KQbKw2rUYCNpNHGiTd_i0boHE.roa (raw, json)
Hash identifier: m+DRvpa1cb9oNQQX++vX59Oap1bk4Hmhxwgh8ODSO+0=
Subject key identifier: 2F:B2:90:6C:AC:36:AD:46:02:36:93:47:1A:24:DD:FE:2D:1B:A0:71
Certificate issuer: /CN=164c704e1a013644af74850c0bbf5b6f6cb71ae0
Certificate serial: 018570FBAAF06B3551E1F56E9978C89241A3
Authority key identifier: 16:4C:70:4E:1A:01:36:44:AF:74:85:0C:0B:BF:5B:6F:6C:B7:1A:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FkxwThoBNkSvdIUMC79bb2y3GuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/959e6c-8dc6-47a8-9171-ba09a5945c8e/1/L7KQbKw2rUYCNpNHGiTd_i0boHE.roa
Signing time: Mon 02 Jan 2023 05:36:59 +0000
ROA not before: Mon 02 Jan 2023 05:36:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202024
IP address blocks: 46.31.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:aa:f0:6b:35:51:e1:f5:6e:99:78:c8:92:41:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=164c704e1a013644af74850c0bbf5b6f6cb71ae0
Validity
Not Before: Jan 2 05:36:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fb2906cac36ad46023693471a24ddfe2d1ba071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a7:d8:85:65:39:04:f2:39:b1:53:c8:b9:d4:
40:b6:6e:70:a2:d2:58:bc:1b:9e:ce:e2:79:c8:bc:
e3:1c:7b:22:f1:0d:af:8e:20:48:7e:e4:5f:f5:7a:
46:d1:d8:87:3c:fb:97:18:d7:9c:5c:0d:1a:6d:0a:
c7:1f:2e:e7:5a:43:89:c3:07:62:96:91:41:55:a2:
7d:e0:79:a3:32:b8:17:a7:28:06:7c:9d:8a:fd:6b:
72:80:2e:58:f6:41:6e:7d:9e:65:50:0b:77:d8:d0:
c8:3f:aa:27:a2:ff:83:96:fe:2e:fe:ef:3a:e8:cc:
ac:80:b2:10:50:18:09:cc:c6:ae:8a:f7:64:68:85:
fd:59:7f:df:db:0b:5a:33:98:cd:3e:7d:d4:49:9d:
d5:c1:f8:d6:90:58:b4:08:bd:95:de:2d:00:d8:cb:
1b:89:78:07:c4:f8:13:60:ca:e1:7b:bc:04:89:c6:
7c:66:b1:31:c1:56:a8:2a:87:73:b2:37:cb:93:73:
e9:0f:26:d4:e9:1d:24:4b:48:d7:b8:e6:de:3f:20:
9f:b9:7f:9b:53:4e:dc:08:13:f6:71:ac:ab:64:82:
23:9e:a6:df:36:a9:c3:43:9a:e6:81:8b:64:28:3b:
82:6f:59:17:b1:81:66:83:3c:49:45:e4:f8:bb:d9:
77:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B2:90:6C:AC:36:AD:46:02:36:93:47:1A:24:DD:FE:2D:1B:A0:71
X509v3 Authority Key Identifier:
keyid:16:4C:70:4E:1A:01:36:44:AF:74:85:0C:0B:BF:5B:6F:6C:B7:1A:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FkxwThoBNkSvdIUMC79bb2y3GuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/959e6c-8dc6-47a8-9171-ba09a5945c8e/1/L7KQbKw2rUYCNpNHGiTd_i0boHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/959e6c-8dc6-47a8-9171-ba09a5945c8e/1/FkxwThoBNkSvdIUMC79bb2y3GuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:1b:7c:d9:43:d6:6a:6f:b4:38:70:f9:6e:cf:0d:02:57:eb:
5a:39:45:a2:c7:a0:0b:4f:d2:c6:fb:1e:0a:e9:2d:ac:45:4c:
7d:c3:e0:c7:0c:bf:c8:b8:f7:0b:db:e8:97:73:a2:f8:32:1a:
00:4a:a3:4a:c9:21:f8:db:c2:87:23:24:c8:00:2e:9b:f3:30:
b8:7b:32:aa:5d:27:0c:a6:a3:7e:9a:8c:be:b2:e1:60:f3:03:
30:a7:d8:a3:3e:a5:2f:fe:87:38:cf:da:18:3f:13:3d:f8:e8:
ea:ff:d6:34:f4:bc:ae:52:df:43:a5:f2:01:60:13:95:21:2c:
92:ce:cf:1a:ca:3f:71:bd:e6:91:a3:d6:3c:3c:a5:b0:40:62:
80:ec:5f:4e:a3:f6:86:df:8b:dc:54:d9:2a:26:99:a2:93:63:
ee:7b:e7:b0:e1:22:b7:c3:f8:49:0a:87:1f:bd:43:27:6f:60:
c3:ea:7c:e8:85:66:8d:85:32:5c:d1:d3:f7:1b:7a:aa:f8:44:
6d:e0:0b:d3:d7:c7:2a:f0:65:3d:68:ba:1f:d1:be:8e:5b:7e:
16:7d:b3:a7:16:21:e1:30:40:e2:a4:87:65:6b:70:91:fc:73:
fc:b0:b0:60:bb:09:63:8c:41:b3:28:fe:9b:d7:d9:ca:5f:87:
18:2a:23:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+6rwazVR4fVumXjIkkGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NGM3MDRlMWEwMTM2NDRhZjc0ODUwYzBiYmY1YjZmNmNi
NzFhZTAwHhcNMjMwMTAyMDUzNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmIyOTA2Y2FjMzZhZDQ2MDIzNjkzNDcxYTI0ZGRmZTJkMWJhMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyafYhWU5BPI5sVPIudRAtm5wotJY
vBuezuJ5yLzjHHsi8Q2vjiBIfuRf9XpG0diHPPuXGNecXA0abQrHHy7nWkOJwwdi
lpFBVaJ94HmjMrgXpygGfJ2K/WtygC5Y9kFufZ5lUAt32NDIP6onov+Dlv4u/u86
6MysgLIQUBgJzMauivdkaIX9WX/f2wtaM5jNPn3USZ3VwfjWkFi0CL2V3i0A2Msb
iXgHxPgTYMrhe7wEicZ8ZrExwVaoKodzsjfLk3PpDybU6R0kS0jXuObePyCfuX+b
U07cCBP2cayrZIIjnqbfNqnDQ5rmgYtkKDuCb1kXsYFmgzxJReT4u9l3nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+ykGysNq1GAjaTRxok3f4tG6BxMB8GA1UdIwQY
MBaAFBZMcE4aATZEr3SFDAu/W29stxrgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmt4d1Rob0JOa1N2ZElVTUM3OWJiMnkzR3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85NTllNmMtOGRjNi00N2E4LTkxNzEt
YmEwOWE1OTQ1YzhlLzEvTDdLUWJLdzJyVVlDTnBOSEdpVGRfaTBib0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85NTllNmMtOGRjNi00N2E4LTkxNzEtYmEwOWE1OTQ1Yzhl
LzEvRmt4d1Rob0JOa1N2ZElVTUM3OWJiMnkzR3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALh9GMA0G
CSqGSIb3DQEBCwUAA4IBAQCwG3zZQ9Zqb7Q4cPluzw0CV+taOUWix6ALT9LG+x4K
6S2sRUx9w+DHDL/IuPcL2+iXc6L4MhoASqNKySH428KHIyTIAC6b8zC4ezKqXScM
pqN+moy+suFg8wMwp9ijPqUv/oc4z9oYPxM9+Ojq/9Y09LyuUt9DpfIBYBOVISyS
zs8ayj9xveaRo9Y8PKWwQGKA7F9Oo/aG34vcVNkqJpmik2Pue+ew4SK3w/hJCocf
vUMnb2DD6nzohWaNhTJc0dP3G3qq+ERt4AvT18cq8GU9aLof0b6OW34WfbOnFiHh
MEDipIdla3CR/HP8sLBguwljjEGzKP6b19nKX4cYKiNL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:50 2025 by rpki-client