Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/DKJzxVdxG4XR5l7FxXAAyx5I1Rk.roa
File: DKJzxVdxG4XR5l7FxXAAyx5I1Rk.roa (raw, json)
Hash identifier: 4ghl70yHJAoVjEKNWqwj051SvU2leduNg3iYVO+DazY=
Subject key identifier: 0C:A2:73:C5:57:71:1B:85:D1:E6:5E:C5:C5:70:00:CB:1E:48:D5:19
Certificate issuer: /CN=34a2ea557b42a9fd3a80211506193c2b3389dc6f
Certificate serial: 018CC793F948F4995A5CF084AF964FECC698
Authority key identifier: 34:A2:EA:55:7B:42:A9:FD:3A:80:21:15:06:19:3C:2B:33:89:DC:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKLqVXtCqf06gCEVBhk8KzOJ3G8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/DKJzxVdxG4XR5l7FxXAAyx5I1Rk.roa
Signing time: Tue 02 Jan 2024 00:30:12 +0000
ROA not before: Tue 02 Jan 2024 00:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 31.193.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f9:48:f4:99:5a:5c:f0:84:af:96:4f:ec:c6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a2ea557b42a9fd3a80211506193c2b3389dc6f
Validity
Not Before: Jan 2 00:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ca273c557711b85d1e65ec5c57000cb1e48d519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ca:a3:84:39:7e:69:8c:e9:c9:eb:68:49:4c:
a8:c5:f7:c9:d7:25:3f:c2:d2:ba:a9:6a:1f:6e:a3:
4a:c0:cd:53:42:c1:eb:06:9f:60:9a:ab:8c:a9:ab:
7d:69:c2:85:57:46:29:06:68:91:c8:02:4a:8c:9a:
c8:24:6d:81:4c:ff:3a:d1:ac:26:6e:06:41:a2:82:
16:b8:55:4d:29:9b:2c:f9:91:21:13:53:1c:61:44:
c5:1a:89:69:87:6c:17:72:e7:f1:ea:8f:16:38:68:
9d:35:37:35:bd:5d:90:90:79:11:2e:c5:98:e4:33:
72:91:0c:75:35:b3:5f:50:a0:1c:ed:ef:36:bc:31:
2d:33:3e:46:6c:db:7d:fd:82:65:72:bc:9b:f5:6e:
0b:df:82:55:74:15:f8:02:ad:48:a7:71:7d:f0:45:
f5:db:42:4b:68:bd:81:de:b0:65:f3:65:8c:5e:01:
af:dd:bb:e5:24:f4:16:5c:c7:d9:7f:23:5a:97:8e:
40:14:e4:6a:07:0e:63:68:f7:4e:12:d2:f4:05:dc:
5f:af:e7:58:d5:c5:70:92:d4:46:34:66:6b:13:af:
c9:dd:b1:cb:e6:5e:1b:30:58:d6:0f:0c:a3:81:69:
e6:47:bd:50:ab:65:90:03:da:f7:9e:db:71:c7:d3:
db:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A2:73:C5:57:71:1B:85:D1:E6:5E:C5:C5:70:00:CB:1E:48:D5:19
X509v3 Authority Key Identifier:
keyid:34:A2:EA:55:7B:42:A9:FD:3A:80:21:15:06:19:3C:2B:33:89:DC:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKLqVXtCqf06gCEVBhk8KzOJ3G8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/DKJzxVdxG4XR5l7FxXAAyx5I1Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/NKLqVXtCqf06gCEVBhk8KzOJ3G8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.191.0/24
Signature Algorithm: sha256WithRSAEncryption
89:30:8c:9e:cc:c2:cc:8a:82:97:cc:ba:97:86:f7:d6:82:e6:
18:7f:da:89:f7:85:40:5f:80:a3:51:bb:1a:58:0b:a1:1d:1c:
25:cd:3c:f1:b8:4d:c4:dc:c6:93:bb:e4:8b:12:c2:9b:5d:ae:
57:65:27:fc:04:b2:03:7d:13:8f:5a:10:1f:06:4b:13:fa:d9:
db:b9:9a:22:ee:50:7c:c7:b6:98:98:1e:e9:e7:1a:4c:da:08:
c0:a1:14:df:43:e3:fb:c8:2b:cb:a4:5e:d5:e4:88:ae:63:5a:
a8:a7:7e:56:34:6c:36:55:c9:15:0b:c7:2c:5f:74:0b:73:ed:
4b:6f:e5:85:4c:c3:b3:65:ae:0e:af:af:9a:51:4b:f0:c7:d4:
55:84:60:a6:78:4d:1f:a7:7d:7e:a8:72:8d:8f:05:d1:50:3d:
e1:fa:51:b8:a9:af:de:75:0b:1d:07:72:26:fc:7a:63:eb:ba:
85:f7:13:a7:45:10:fd:7e:48:7b:e4:37:c1:4d:77:70:5b:29:
73:60:34:d8:66:da:14:c6:62:e3:8e:bb:4b:8c:f6:82:9d:f6:
06:09:29:cf:22:4a:80:d2:ca:61:99:03:f0:17:f5:71:11:0a:
57:16:ac:d3:fa:d2:ce:10:07:c0:b9:03:19:c5:12:df:3c:50:
c2:b1:e1:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk/lI9JlaXPCEr5ZP7MaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTJlYTU1N2I0MmE5ZmQzYTgwMjExNTA2MTkzYzJiMzM4
OWRjNmYwHhcNMjQwMTAyMDAzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2EyNzNjNTU3NzExYjg1ZDFlNjVlYzVjNTcwMDBjYjFlNDhkNTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsqjhDl+aYzpyetoSUyoxffJ1yU/
wtK6qWofbqNKwM1TQsHrBp9gmquMqat9acKFV0YpBmiRyAJKjJrIJG2BTP860awm
bgZBooIWuFVNKZss+ZEhE1McYUTFGolph2wXcufx6o8WOGidNTc1vV2QkHkRLsWY
5DNykQx1NbNfUKAc7e82vDEtMz5GbNt9/YJlcryb9W4L34JVdBX4Aq1Ip3F98EX1
20JLaL2B3rBl82WMXgGv3bvlJPQWXMfZfyNal45AFORqBw5jaPdOEtL0Bdxfr+dY
1cVwktRGNGZrE6/J3bHL5l4bMFjWDwyjgWnmR71Qq2WQA9r3nttxx9PbTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyic8VXcRuF0eZexcVwAMseSNUZMB8GA1UdIwQY
MBaAFDSi6lV7Qqn9OoAhFQYZPCszidxvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktMcVZYdENxZjA2Z0NFVkJoazhLek9KM0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zMTMxNWMtODFhNC00OTY5LTg1NzEt
ZDc2MzQ2YTdhZGM2LzEvREtKenhWZHhHNFhSNWw3RnhYQUF5eDVJMVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zMTMxNWMtODFhNC00OTY5LTg1NzEtZDc2MzQ2YTdhZGM2
LzEvTktMcVZYdENxZjA2Z0NFVkJoazhLek9KM0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH8G/MA0G
CSqGSIb3DQEBCwUAA4IBAQCJMIyezMLMioKXzLqXhvfWguYYf9qJ94VAX4CjUbsa
WAuhHRwlzTzxuE3E3MaTu+SLEsKbXa5XZSf8BLIDfROPWhAfBksT+tnbuZoi7lB8
x7aYmB7p5xpM2gjAoRTfQ+P7yCvLpF7V5IiuY1qop35WNGw2VckVC8csX3QLc+1L
b+WFTMOzZa4Or6+aUUvwx9RVhGCmeE0fp31+qHKNjwXRUD3h+lG4qa/edQsdB3Im
/Hpj67qF9xOnRRD9fkh75DfBTXdwWylzYDTYZtoUxmLjjrtLjPaCnfYGCSnPIkqA
0sphmQPwF/VxEQpXFqzT+tLOEAfAuQMZxRLfPFDCseEF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:16 2025 by rpki-client