Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/_4iJCnTkrZTLi3Znw6No51nUp0U.roa
File: _4iJCnTkrZTLi3Znw6No51nUp0U.roa (raw, json)
Hash identifier: q5ypixYuURsWaauidvKopOxQLyMvMh9Ff8agaEGE8Z8=
Subject key identifier: FF:88:89:0A:74:E4:AD:94:CB:8B:76:67:C3:A3:68:E7:59:D4:A7:45
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01941F8C985A7029890A4E43A4F314DCB7C9
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/_4iJCnTkrZTLi3Znw6No51nUp0U.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198934
IP address blocks: 31.31.88.0/23 maxlen: 23
31.31.88.0/24 maxlen: 24
31.31.89.0/24 maxlen: 24
37.252.97.0/24 maxlen: 24
91.242.243.0/24 maxlen: 24
188.214.225.0/24 maxlen: 24
212.237.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:98:5a:70:29:89:0a:4e:43:a4:f3:14:dc:b7:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff88890a74e4ad94cb8b7667c3a368e759d4a745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:29:2c:65:ec:b9:25:3e:bf:f1:53:fe:a0:47:
79:bc:81:a7:0c:27:1a:e2:49:c1:e8:ca:4d:62:e3:
ee:6f:ea:0d:42:e9:93:62:8c:a2:96:53:11:c4:19:
21:85:f0:5e:f9:2a:a7:41:6c:55:71:32:ef:b6:64:
7e:1d:4a:a8:5b:e8:26:42:52:15:a5:86:e8:94:ab:
e9:20:5e:48:27:1d:aa:57:94:d9:9b:d4:59:27:a0:
9d:4c:69:db:e8:53:80:03:f6:a8:3a:ea:16:65:f6:
a0:1c:6a:54:89:5c:a0:6e:88:8d:c7:ca:33:83:91:
4f:5d:a6:d0:0b:22:01:ad:a9:54:40:c3:e9:34:20:
4d:8b:83:8f:44:5d:20:41:f8:33:19:70:16:fd:33:
d7:39:34:ed:00:9a:8f:b2:5f:e5:15:41:36:76:82:
33:9f:d9:27:99:af:bf:41:95:49:a6:8d:82:5e:65:
0c:e6:b2:c9:fc:8a:00:43:0e:e7:75:04:db:d2:e1:
f8:a1:50:ce:e4:85:89:87:be:9c:42:30:2d:d3:44:
5c:d8:f4:39:cc:84:3b:39:99:d5:87:90:b8:ab:64:
96:75:a6:cc:e0:a6:93:63:1f:3f:53:ed:1d:75:86:
c3:21:54:6c:72:60:9a:d9:42:27:72:51:14:33:8a:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:88:89:0A:74:E4:AD:94:CB:8B:76:67:C3:A3:68:E7:59:D4:A7:45
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/_4iJCnTkrZTLi3Znw6No51nUp0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.88.0/23
37.252.97.0/24
91.242.243.0/24
188.214.225.0/24
212.237.230.0/24
Signature Algorithm: sha256WithRSAEncryption
21:17:2f:69:f0:da:d8:ba:96:5d:c3:91:38:17:65:13:73:ea:
74:0c:8c:02:54:96:92:1f:f5:81:a7:af:55:ef:20:23:a6:e6:
1f:6f:66:bb:f6:a7:2f:ee:af:bb:eb:68:37:bb:84:82:62:71:
b2:6f:fe:5c:3c:90:d7:9e:41:4a:7f:a4:fa:06:08:8a:1f:58:
03:2d:78:a8:20:f6:5c:c6:e5:04:7c:5a:a9:02:3c:4f:6c:56:
d6:02:5b:ea:e8:88:c8:2b:6e:00:28:89:4c:82:e1:a2:a3:70:
97:ed:0c:6e:66:ba:0c:20:90:b4:55:45:78:d1:ac:2a:fc:ea:
5b:e6:d2:d0:d5:e0:2c:5e:e8:a0:96:de:09:67:21:a8:cd:17:
da:6f:b6:88:c6:6c:fc:3e:d2:85:eb:7b:81:0f:fa:9b:d2:fc:
e5:78:67:15:8f:f7:93:12:b0:f7:44:00:46:6f:d3:8d:05:e9:
9b:93:8b:2c:54:23:58:ad:68:fe:b2:4a:33:ac:1e:bc:1d:e1:
e7:2b:b6:96:3f:47:a7:56:51:33:07:f0:9f:e4:7d:f9:2f:64:
0a:1e:3c:c6:15:e6:6c:74:13:a2:99:fa:3c:ec:03:e4:3a:ed:
5c:d8:66:ed:12:97:0d:2b:29:a9:e4:db:9e:7a:d3:52:b8:b6:
2a:f6:e0:01
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQfjJhacCmJCk5DpPMU3LfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg4ODkwYTc0ZTRhZDk0Y2I4Yjc2NjdjM2EzNjhlNzU5ZDRhNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiksZey5JT6/8VP+oEd5vIGnDCca
4knB6MpNYuPub+oNQumTYoyillMRxBkhhfBe+SqnQWxVcTLvtmR+HUqoW+gmQlIV
pYbolKvpIF5IJx2qV5TZm9RZJ6CdTGnb6FOAA/aoOuoWZfagHGpUiVygboiNx8oz
g5FPXabQCyIBralUQMPpNCBNi4OPRF0gQfgzGXAW/TPXOTTtAJqPsl/lFUE2doIz
n9knma+/QZVJpo2CXmUM5rLJ/IoAQw7ndQTb0uH4oVDO5IWJh76cQjAt00Rc2PQ5
zIQ7OZnVh5C4q2SWdabM4KaTYx8/U+0ddYbDIVRscmCa2UInclEUM4qwbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP+IiQp05K2Uy4t2Z8OjaOdZ1KdFMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvXzRpSkNuVGtyWlRMaTNabnc2Tm81MW5VcDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHx9YAwQA
JfxhAwQAW/LzAwQAvNbhAwQA1O3mMA0GCSqGSIb3DQEBCwUAA4IBAQAhFy9p8NrY
upZdw5E4F2UTc+p0DIwCVJaSH/WBp69V7yAjpuYfb2a79qcv7q+762g3u4SCYnGy
b/5cPJDXnkFKf6T6BgiKH1gDLXioIPZcxuUEfFqpAjxPbFbWAlvq6IjIK24AKIlM
guGio3CX7QxuZroMIJC0VUV40awq/Opb5tLQ1eAsXuiglt4JZyGozRfab7aIxmz8
PtKF63uBD/qb0vzleGcVj/eTErD3RABGb9ONBembk4ssVCNYrWj+skozrB68HeHn
K7aWP0enVlEzB/Cf5H35L2QKHjzGFeZsdBOimfo87APkOu1c2GbtEpcNKymp5Nue
etNSuLYq9uAB
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:35 2025 by rpki-client