Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/kIDI2RbOX23-DgpmHk2obMVbmV4.roa
File: kIDI2RbOX23-DgpmHk2obMVbmV4.roa (raw, json)
Hash identifier: /Iv+oQXYEWrra5CL7uXhsQ9b0HcV3n9c26lzb71DJ+Y=
Subject key identifier: 90:80:C8:D9:16:CE:5F:6D:FE:0E:0A:66:1E:4D:A8:6C:C5:5B:99:5E
Certificate issuer: /CN=659375cfe748a9e413894f2e4f85fbd64fd1c776
Certificate serial: 0193B68BE87F6C70897D432489BF4ABF3AB0
Authority key identifier: 65:93:75:CF:E7:48:A9:E4:13:89:4F:2E:4F:85:FB:D6:4F:D1:C7:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZN1z-dIqeQTiU8uT4X71k_Rx3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/kIDI2RbOX23-DgpmHk2obMVbmV4.roa
Signing time: Wed 11 Dec 2024 16:27:22 +0000
ROA not before: Wed 11 Dec 2024 16:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 31.22.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:8b:e8:7f:6c:70:89:7d:43:24:89:bf:4a:bf:3a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659375cfe748a9e413894f2e4f85fbd64fd1c776
Validity
Not Before: Dec 11 16:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9080c8d916ce5f6dfe0e0a661e4da86cc55b995e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7c:2c:d2:2c:ca:3c:3b:e5:7c:15:59:72:95:
b5:57:99:4e:ec:22:38:bf:c1:4c:65:fb:17:ab:f4:
0f:dd:15:9a:75:54:fe:9c:46:b1:90:f4:e6:ea:17:
c7:40:5b:8e:49:e4:34:2c:4f:6a:52:94:e1:04:d0:
c7:ff:49:da:e7:63:89:de:ba:f1:5c:3a:59:f2:32:
ff:3d:f5:1a:6b:6b:4f:91:8e:06:58:e1:90:44:6f:
a7:0b:9c:35:2d:0a:b9:2c:82:4c:a7:d7:8e:64:c6:
8d:86:67:d7:0a:af:5f:ea:6d:2c:41:aa:c4:83:a8:
f6:54:ce:6f:9d:df:34:ce:ec:93:04:bb:14:4c:c8:
22:97:ba:88:d4:96:a3:ac:08:17:8e:07:c1:a7:78:
c2:d9:c5:35:a2:f8:27:75:bc:d9:40:c9:e6:4f:4b:
f5:05:f7:00:08:0e:40:f3:8b:b5:32:4d:9c:22:df:
ba:bd:fc:51:d6:10:cc:d7:96:af:4d:ca:c4:f3:6a:
63:91:01:85:db:20:79:9d:3d:b0:19:5b:a9:ca:22:
dd:a9:57:d9:4e:3a:f2:a1:9e:1a:da:37:90:c1:7c:
08:1a:c3:2f:e3:8b:74:6d:c8:10:46:3c:b3:34:aa:
8a:70:01:bd:98:d5:6f:b0:1b:5f:dd:96:ce:a8:72:
73:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:80:C8:D9:16:CE:5F:6D:FE:0E:0A:66:1E:4D:A8:6C:C5:5B:99:5E
X509v3 Authority Key Identifier:
keyid:65:93:75:CF:E7:48:A9:E4:13:89:4F:2E:4F:85:FB:D6:4F:D1:C7:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZN1z-dIqeQTiU8uT4X71k_Rx3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/kIDI2RbOX23-DgpmHk2obMVbmV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/ZZN1z-dIqeQTiU8uT4X71k_Rx3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.107.0/24
Signature Algorithm: sha256WithRSAEncryption
31:d0:61:74:31:cb:9a:e3:f6:06:9e:17:31:40:7c:2f:03:eb:
3a:b0:5d:91:47:e4:a7:b5:55:b5:80:22:19:e8:6b:52:8f:c3:
67:92:8d:81:60:5e:00:5d:14:89:b6:b8:0c:91:0f:25:b2:bc:
0d:74:e4:fa:a7:d5:af:2f:c0:b6:42:53:46:e3:1b:44:f4:74:
dd:59:43:2e:c0:15:97:89:f4:1e:bc:55:b8:b4:ab:ec:b4:13:
0d:aa:ce:1c:e5:1f:bf:c2:44:e7:73:b2:ff:f7:c8:03:c4:e9:
3c:1a:97:4c:a9:f2:fa:ad:49:62:ca:7e:d9:8f:22:ea:38:4c:
c9:70:11:7f:30:43:a9:b4:c1:21:23:66:00:d7:18:09:f9:ef:
34:d5:79:d6:33:23:dc:27:4c:ee:1f:c1:32:ed:fb:14:c6:54:
88:af:87:d9:5a:36:e4:75:bc:12:31:7b:bf:e4:82:14:b9:57:
bc:eb:6a:cf:23:26:0e:6a:a7:44:77:55:99:a7:f3:17:52:d5:
62:08:5d:a8:4f:eb:b8:3b:83:63:4e:70:fc:6a:cc:c8:df:3e:
ec:84:8b:ec:fd:5f:6e:72:f3:92:13:14:fc:57:c2:d5:90:3e:
9b:c3:13:44:ad:16:99:87:4a:29:41:e9:8b:f0:dc:ca:cc:64:
1d:0e:db:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO2i+h/bHCJfUMkib9KvzqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTM3NWNmZTc0OGE5ZTQxMzg5NGYyZTRmODVmYmQ2NGZk
MWM3NzYwHhcNMjQxMjExMTYyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDgwYzhkOTE2Y2U1ZjZkZmUwZTBhNjYxZTRkYTg2Y2M1NWI5OTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnws0izKPDvlfBVZcpW1V5lO7CI4
v8FMZfsXq/QP3RWadVT+nEaxkPTm6hfHQFuOSeQ0LE9qUpThBNDH/0na52OJ3rrx
XDpZ8jL/PfUaa2tPkY4GWOGQRG+nC5w1LQq5LIJMp9eOZMaNhmfXCq9f6m0sQarE
g6j2VM5vnd80zuyTBLsUTMgil7qI1JajrAgXjgfBp3jC2cU1ovgndbzZQMnmT0v1
BfcACA5A84u1Mk2cIt+6vfxR1hDM15avTcrE82pjkQGF2yB5nT2wGVupyiLdqVfZ
TjryoZ4a2jeQwXwIGsMv44t0bcgQRjyzNKqKcAG9mNVvsBtf3ZbOqHJzSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCAyNkWzl9t/g4KZh5NqGzFW5leMB8GA1UdIwQY
MBaAFGWTdc/nSKnkE4lPLk+F+9ZP0cd2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpOMXotZElxZVFUaVU4dVQ0WDcxa19SeDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iNTc4MDAtMzllMS00MWQwLWJkNDEt
ZmU5ZWY4ZmYwY2MxLzEva0lESTJSYk9YMjMtRGdwbUhrMm9iTVZibVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iNTc4MDAtMzllMS00MWQwLWJkNDEtZmU5ZWY4ZmYwY2Mx
LzEvWlpOMXotZElxZVFUaVU4dVQ0WDcxa19SeDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxZrMA0G
CSqGSIb3DQEBCwUAA4IBAQAx0GF0Mcua4/YGnhcxQHwvA+s6sF2RR+SntVW1gCIZ
6GtSj8Nnko2BYF4AXRSJtrgMkQ8lsrwNdOT6p9WvL8C2QlNG4xtE9HTdWUMuwBWX
ifQevFW4tKvstBMNqs4c5R+/wkTnc7L/98gDxOk8GpdMqfL6rUliyn7ZjyLqOEzJ
cBF/MEOptMEhI2YA1xgJ+e801XnWMyPcJ0zuH8Ey7fsUxlSIr4fZWjbkdbwSMXu/
5IIUuVe862rPIyYOaqdEd1WZp/MXUtViCF2oT+u4O4NjTnD8aszI3z7shIvs/V9u
cvOSExT8V8LVkD6bwxNErRaZh0opQemL8NzKzGQdDttZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:24 2025 by rpki-client