Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/2KmAiGqK-DNdIWwqQ3WX1HDnEec.roa
File: 2KmAiGqK-DNdIWwqQ3WX1HDnEec.roa (raw, json)
Hash identifier: yOXda0Ia9XvMfK+qgpKG68v8FF8qQhqdkrDbhaf4fVc=
Subject key identifier: D8:A9:80:88:6A:8A:F8:33:5D:21:6C:2A:43:75:97:D4:70:E7:11:E7
Certificate issuer: /CN=d1f5d55a1bb009d181992e241851d5f9939237cc
Certificate serial: 0186A24DEBB4181217E3CA3E8606C9A29989
Authority key identifier: D1:F5:D5:5A:1B:B0:09:D1:81:99:2E:24:18:51:D5:F9:93:92:37:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fXVWhuwCdGBmS4kGFHV-ZOSN8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/2KmAiGqK-DNdIWwqQ3WX1HDnEec.roa
Signing time: Thu 02 Mar 2023 12:31:00 +0000
ROA not before: Thu 02 Mar 2023 12:31:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44053
IP address blocks: 31.15.16.0/21 maxlen: 32
92.53.224.0/21 maxlen: 21
31.177.104.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:4d:eb:b4:18:12:17:e3:ca:3e:86:06:c9:a2:99:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f5d55a1bb009d181992e241851d5f9939237cc
Validity
Not Before: Mar 2 12:31:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8a980886a8af8335d216c2a437597d470e711e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b9:e2:bb:36:48:85:49:52:57:3d:85:70:83:
90:1a:b9:f1:85:45:12:77:9d:91:2a:b9:ae:64:cc:
33:cf:dd:59:fd:b8:a1:df:4f:f1:c1:f0:c1:fd:a3:
98:75:c4:96:d4:af:b4:07:9a:b2:d4:d5:38:1b:9d:
c9:15:c4:60:9c:c4:ab:fa:70:08:43:e2:c2:a4:15:
55:e9:e6:da:39:cb:00:a3:a3:42:4f:33:af:e9:07:
ab:81:06:14:0f:7f:e7:50:11:09:10:b3:25:f0:7a:
18:01:c1:ff:34:44:0e:aa:14:e5:dc:28:25:93:de:
fb:29:1e:46:19:b4:7a:ef:cb:f8:5e:bc:88:d2:4f:
80:aa:7e:46:0e:4f:b8:4e:dd:ab:c8:19:d2:96:80:
9c:aa:7e:45:5b:45:bd:f4:39:4e:40:63:32:89:18:
e2:35:12:76:df:28:1c:aa:55:36:50:81:74:e3:aa:
b3:36:53:e3:ee:d8:b4:6f:cd:a7:9f:9f:26:86:64:
40:14:2b:31:fe:a5:da:af:8d:b6:a9:07:0c:68:d9:
94:c1:a1:14:42:01:3c:32:2b:d1:2e:8b:6c:a2:ba:
91:75:01:7c:15:42:fd:bb:3c:1c:3e:c5:c1:e5:d0:
88:de:23:db:92:c4:4b:b1:d6:1f:e8:8a:1c:a9:cc:
c9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A9:80:88:6A:8A:F8:33:5D:21:6C:2A:43:75:97:D4:70:E7:11:E7
X509v3 Authority Key Identifier:
keyid:D1:F5:D5:5A:1B:B0:09:D1:81:99:2E:24:18:51:D5:F9:93:92:37:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fXVWhuwCdGBmS4kGFHV-ZOSN8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/2KmAiGqK-DNdIWwqQ3WX1HDnEec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8c851-16ec-476f-9918-a62473abaa91/1/0fXVWhuwCdGBmS4kGFHV-ZOSN8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.16.0/21
31.177.104.0/21
92.53.224.0/21
Signature Algorithm: sha256WithRSAEncryption
d3:84:34:49:e3:b6:79:25:a2:86:6b:df:1f:79:41:33:89:03:
9f:02:96:52:ea:30:5c:33:1e:6c:11:88:90:8c:0f:08:3a:92:
22:e2:d0:fe:a2:31:52:01:b3:28:df:fd:8f:08:f9:8e:b9:5e:
50:cd:a4:16:10:ef:63:c5:79:d5:9f:31:25:12:74:48:52:84:
5e:94:62:01:59:c5:b1:37:33:06:76:1f:b8:9b:1a:4d:cb:15:
b1:8f:14:37:08:f8:da:8f:da:de:93:86:f4:03:80:09:91:9e:
fb:ca:53:95:6e:82:45:46:c9:d7:dd:38:c0:89:9d:32:00:22:
68:17:ba:ce:dc:5f:1e:f3:13:9a:86:1d:c6:9b:60:22:86:f9:
9b:e1:cb:12:68:18:02:ce:6f:3f:eb:1c:5c:ad:9a:ee:a8:d4:
93:01:88:98:ce:58:ed:5d:ef:59:c3:4b:d2:3b:f2:55:e4:ba:
5b:0c:1b:e1:73:c7:6d:c2:fa:ac:10:03:09:e0:e3:90:a3:6c:
c5:4d:c4:77:01:8c:b8:9b:a0:fc:c7:db:3c:4a:d8:82:27:01:
db:df:ee:7b:27:30:df:2f:b7:ed:a5:f1:fe:62:17:3b:1f:c1:
cd:08:c1:86:19:32:73:5c:10:4b:82:9d:6e:47:72:1e:07:27:
6a:73:6b:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaiTeu0GBIX48o+hgbJopmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjVkNTVhMWJiMDA5ZDE4MTk5MmUyNDE4NTFkNWY5OTM5
MjM3Y2MwHhcNMjMwMzAyMTIzMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE5ODA4ODZhOGFmODMzNWQyMTZjMmE0Mzc1OTdkNDcwZTcxMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7niuzZIhUlSVz2FcIOQGrnxhUUS
d52RKrmuZMwzz91Z/bih30/xwfDB/aOYdcSW1K+0B5qy1NU4G53JFcRgnMSr+nAI
Q+LCpBVV6ebaOcsAo6NCTzOv6QergQYUD3/nUBEJELMl8HoYAcH/NEQOqhTl3Cgl
k977KR5GGbR678v4XryI0k+Aqn5GDk+4Tt2ryBnSloCcqn5FW0W99DlOQGMyiRji
NRJ23ygcqlU2UIF046qzNlPj7ti0b82nn58mhmRAFCsx/qXar422qQcMaNmUwaEU
QgE8MivRLotsorqRdQF8FUL9uzwcPsXB5dCI3iPbksRLsdYf6IocqczJRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNipgIhqivgzXSFsKkN1l9Rw5xHnMB8GA1UdIwQY
MBaAFNH11VobsAnRgZkuJBhR1fmTkjfMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZYVldodXdDZEdCbVM0a0dGSFYtWk9TTjh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iOGM4NTEtMTZlYy00NzZmLTk5MTgt
YTYyNDczYWJhYTkxLzEvMkttQWlHcUstRE5kSVd3cVEzV1gxSERuRWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iOGM4NTEtMTZlYy00NzZmLTk5MTgtYTYyNDczYWJhYTkx
LzEvMGZYVldodXdDZEdCbVM0a0dGSFYtWk9TTjh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHw8QAwQD
H7FoAwQDXDXgMA0GCSqGSIb3DQEBCwUAA4IBAQDThDRJ47Z5JaKGa98feUEziQOf
ApZS6jBcMx5sEYiQjA8IOpIi4tD+ojFSAbMo3/2PCPmOuV5QzaQWEO9jxXnVnzEl
EnRIUoRelGIBWcWxNzMGdh+4mxpNyxWxjxQ3CPjaj9rek4b0A4AJkZ77ylOVboJF
RsnX3TjAiZ0yACJoF7rO3F8e8xOahh3Gm2Aihvmb4csSaBgCzm8/6xxcrZruqNST
AYiYzljtXe9Zw0vSO/JV5LpbDBvhc8dtwvqsEAMJ4OOQo2zFTcR3AYy4m6D8x9s8
StiCJwHb3+57JzDfL7ftpfH+Yhc7H8HNCMGGGTJzXBBLgp1uR3IeBydqc2uG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:10 2025 by rpki-client