Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/bcuI4VtehGutNiqMUxvdz72C_Z8.roa
File: bcuI4VtehGutNiqMUxvdz72C_Z8.roa (raw, json)
Hash identifier: W8i/mV4FtAHLFFjTJNq7//PS4LVvLOrAyWtE8lHu4ds=
Subject key identifier: 6D:CB:88:E1:5B:5E:84:6B:AD:36:2A:8C:53:1B:DD:CF:BD:82:FD:9F
Certificate issuer: /CN=b61d9e8c9a08b23a98b14c308b80dcfbf55e5cd1
Certificate serial: 01856C53DE7241FD1E613635DC5BA7BE7BB5
Authority key identifier: B6:1D:9E:8C:9A:08:B2:3A:98:B1:4C:30:8B:80:DC:FB:F5:5E:5C:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/th2ejJoIsjqYsUwwi4Dc-_VeXNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/bcuI4VtehGutNiqMUxvdz72C_Z8.roa
Signing time: Sun 01 Jan 2023 07:55:13 +0000
ROA not before: Sun 01 Jan 2023 07:55:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31020
IP address blocks: 31.186.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:de:72:41:fd:1e:61:36:35:dc:5b:a7:be:7b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b61d9e8c9a08b23a98b14c308b80dcfbf55e5cd1
Validity
Not Before: Jan 1 07:55:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dcb88e15b5e846bad362a8c531bddcfbd82fd9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:be:06:32:39:91:07:82:d9:87:0e:63:4e:34:
58:6d:54:d1:38:d3:db:9b:32:35:65:11:4e:1b:e2:
08:09:38:7a:29:69:9a:02:97:ea:97:84:82:a0:d0:
8c:9b:2c:e9:f1:9d:8c:38:84:12:8f:d3:a9:84:3e:
c7:1f:8c:1d:1d:be:94:df:6f:81:dd:7c:cc:07:5d:
02:56:bc:45:98:aa:07:b0:94:e7:5d:55:2e:a6:7e:
4b:fd:34:a7:1b:46:d3:9b:21:b8:3a:d8:d3:f7:cf:
c9:63:e5:9e:e4:b4:11:7b:ad:e6:fe:0c:5e:8a:24:
0c:0b:48:0d:36:0e:9a:09:cd:a2:a0:d0:c2:ce:00:
32:71:1d:31:43:e5:2b:e2:29:06:1f:68:c4:7f:2e:
e1:19:a8:0e:a7:d3:44:bb:3b:92:4f:1e:cb:9d:a2:
16:e2:cb:46:eb:90:bb:d3:f0:02:b3:a9:e4:ae:fc:
09:52:e7:fe:93:2d:32:e9:f7:34:4a:b6:19:6e:87:
8c:6f:8c:0d:0b:39:73:b5:ad:e6:98:68:ab:05:6e:
56:c9:39:d9:63:9f:13:9f:27:d5:de:c9:b6:df:b8:
d8:a8:27:7b:fc:1c:23:03:25:9a:95:5c:eb:5a:14:
e3:13:be:05:eb:19:45:99:67:c0:4a:3d:bc:88:19:
64:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:CB:88:E1:5B:5E:84:6B:AD:36:2A:8C:53:1B:DD:CF:BD:82:FD:9F
X509v3 Authority Key Identifier:
keyid:B6:1D:9E:8C:9A:08:B2:3A:98:B1:4C:30:8B:80:DC:FB:F5:5E:5C:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/th2ejJoIsjqYsUwwi4Dc-_VeXNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/bcuI4VtehGutNiqMUxvdz72C_Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1a6f83-4ab4-4a43-a491-18ae75981d1d/1/th2ejJoIsjqYsUwwi4Dc-_VeXNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.88.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:16:48:8f:3a:f4:07:ec:34:f0:b9:51:cb:87:63:ce:c8:b7:
d3:a3:19:28:ce:39:1a:c9:0e:2f:fb:90:50:6e:26:b6:24:f9:
5a:29:d3:22:bf:d3:c9:18:bc:ce:44:3d:09:55:e0:20:f4:e9:
7d:b8:e2:5f:8a:3d:12:d3:8a:9d:0b:c2:c3:8e:ca:4c:d1:69:
55:83:48:2f:18:59:52:c7:ad:d5:93:be:70:88:d3:19:a6:fe:
8f:e2:94:30:43:e7:c2:4f:c5:a8:c9:99:58:c5:ba:b0:bb:1e:
9f:e8:d3:f2:54:89:f0:6f:1a:30:9f:0b:0d:dc:c6:19:f1:4c:
d6:8d:59:01:6e:42:ec:99:d2:f1:58:3a:62:6d:60:1f:e5:b5:
a8:b4:db:f2:02:89:59:4e:82:b6:48:49:57:87:91:f3:ad:3e:
44:93:06:13:b6:c7:b6:9b:6b:19:01:25:67:db:b6:03:db:62:
d7:43:4b:8f:de:f5:ed:e6:44:a2:f3:ee:8d:77:92:c6:75:53:
21:30:16:56:97:21:25:62:f7:f1:58:ed:5d:fa:07:6b:d6:e4:
4d:49:32:cf:a4:b9:96:fd:6d:4d:b5:2c:1f:bf:a0:14:57:9a:
65:7c:c3:55:c2:5b:3b:35:c4:24:51:34:44:2a:82:f6:2a:ae:
e5:d4:ea:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU95yQf0eYTY13Funvnu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MWQ5ZThjOWEwOGIyM2E5OGIxNGMzMDhiODBkY2ZiZjU1
ZTVjZDEwHhcNMjMwMTAxMDc1NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGNiODhlMTViNWU4NDZiYWQzNjJhOGM1MzFiZGRjZmJkODJmZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb4GMjmRB4LZhw5jTjRYbVTRONPb
mzI1ZRFOG+IICTh6KWmaApfql4SCoNCMmyzp8Z2MOIQSj9OphD7HH4wdHb6U32+B
3XzMB10CVrxFmKoHsJTnXVUupn5L/TSnG0bTmyG4OtjT98/JY+We5LQRe63m/gxe
iiQMC0gNNg6aCc2ioNDCzgAycR0xQ+Ur4ikGH2jEfy7hGagOp9NEuzuSTx7LnaIW
4stG65C70/ACs6nkrvwJUuf+ky0y6fc0SrYZboeMb4wNCzlzta3mmGirBW5WyTnZ
Y58TnyfV3sm237jYqCd7/BwjAyWalVzrWhTjE74F6xlFmWfASj28iBlkLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3LiOFbXoRrrTYqjFMb3c+9gv2fMB8GA1UdIwQY
MBaAFLYdnoyaCLI6mLFMMIuA3Pv1XlzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGgyZWpKb0lzanFZc1V3d2k0RGMtX1ZlWE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xYTZmODMtNGFiNC00YTQzLWE0OTEt
MThhZTc1OTgxZDFkLzEvYmN1STRWdGVoR3V0TmlxTVV4dmR6NzJDX1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xYTZmODMtNGFiNC00YTQzLWE0OTEtMThhZTc1OTgxZDFk
LzEvdGgyZWpKb0lzanFZc1V3d2k0RGMtX1ZlWE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH7pYMA0G
CSqGSIb3DQEBCwUAA4IBAQCiFkiPOvQH7DTwuVHLh2POyLfToxkozjkayQ4v+5BQ
bia2JPlaKdMiv9PJGLzORD0JVeAg9Ol9uOJfij0S04qdC8LDjspM0WlVg0gvGFlS
x63Vk75wiNMZpv6P4pQwQ+fCT8WoyZlYxbqwux6f6NPyVInwbxownwsN3MYZ8UzW
jVkBbkLsmdLxWDpibWAf5bWotNvyAolZToK2SElXh5HzrT5EkwYTtse2m2sZASVn
27YD22LXQ0uP3vXt5kSi8+6Nd5LGdVMhMBZWlyElYvfxWO1d+gdr1uRNSTLPpLmW
/W1NtSwfv6AUV5plfMNVwls7NcQkUTREKoL2Kq7l1Oqs
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:27 2025 by rpki-client