Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/a12b7a-2e4a-4f22-8811-099587c71bab/1/_1j-vq_YcHaEMFMbb53TSNwHgps.roa
File: _1j-vq_YcHaEMFMbb53TSNwHgps.roa (raw, json)
Hash identifier: FFNOOLLPGSug4NyRBtLQbxLYgOZN6JLp0mqYGuu/rHU=
Subject key identifier: FF:58:FE:BE:AF:D8:70:76:84:30:53:1B:6F:9D:D3:48:DC:07:82:9B
Certificate issuer: /CN=423535aa6c317ba76ccb81bbfee5d474b193e6e3
Certificate serial: 019425FC3CDE09014B9C6252C24B0F016A06
Authority key identifier: 42:35:35:AA:6C:31:7B:A7:6C:CB:81:BB:FE:E5:D4:74:B1:93:E6:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QjU1qmwxe6dsy4G7_uXUdLGT5uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/a12b7a-2e4a-4f22-8811-099587c71bab/1/_1j-vq_YcHaEMFMbb53TSNwHgps.roa
Signing time: Thu 02 Jan 2025 07:47:55 +0000
ROA not before: Thu 02 Jan 2025 07:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31505
IP address blocks: 83.151.32.0/22 maxlen: 22
83.151.36.0/22 maxlen: 22
83.151.40.0/22 maxlen: 22
83.151.44.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:3c:de:09:01:4b:9c:62:52:c2:4b:0f:01:6a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=423535aa6c317ba76ccb81bbfee5d474b193e6e3
Validity
Not Before: Jan 2 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff58febeafd870768430531b6f9dd348dc07829b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:91:ea:9a:92:85:d6:cb:33:8d:db:87:cd:cf:
00:07:80:5a:cf:8b:ca:a8:a6:42:cf:b4:e4:e4:d0:
c8:b3:85:64:1f:20:69:64:ae:e4:b7:0f:15:63:dd:
58:56:3b:db:1e:32:e3:38:4b:8d:2f:bb:3d:17:b3:
77:55:a5:b8:99:99:f5:a3:77:8d:e8:00:1c:ce:15:
a9:57:92:87:bc:2b:dc:33:e9:4b:95:2a:6e:75:61:
d9:cc:df:d4:51:5d:e4:ec:2a:76:40:67:12:60:a5:
16:9b:ad:09:8a:2c:91:46:4d:9a:8f:a7:5e:22:37:
59:ce:ff:10:58:b0:48:2f:54:f3:b4:dd:7b:5d:70:
94:33:9a:fc:5a:4f:31:33:20:05:c7:f9:40:84:cd:
79:e1:1d:99:2f:e9:0f:2e:b3:5e:33:fe:af:bc:6c:
34:fe:b1:7c:23:20:9e:2c:83:16:fd:37:88:ac:25:
f3:53:7a:e5:d8:4e:8f:70:64:88:f8:2b:13:87:48:
ce:3b:03:6d:0b:f1:e8:e9:8e:94:14:01:14:9d:75:
86:7f:37:f2:bd:82:c2:97:15:63:cf:fe:5c:f4:57:
a9:03:c6:a8:b4:52:13:58:c7:3e:c5:8f:f8:80:6d:
88:91:bc:ea:6b:2c:7e:1a:ae:d5:f9:a3:c1:07:34:
14:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:58:FE:BE:AF:D8:70:76:84:30:53:1B:6F:9D:D3:48:DC:07:82:9B
X509v3 Authority Key Identifier:
keyid:42:35:35:AA:6C:31:7B:A7:6C:CB:81:BB:FE:E5:D4:74:B1:93:E6:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QjU1qmwxe6dsy4G7_uXUdLGT5uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/a12b7a-2e4a-4f22-8811-099587c71bab/1/_1j-vq_YcHaEMFMbb53TSNwHgps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/a12b7a-2e4a-4f22-8811-099587c71bab/1/QjU1qmwxe6dsy4G7_uXUdLGT5uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.151.32.0/20
Signature Algorithm: sha256WithRSAEncryption
96:b3:62:66:0a:9a:67:6e:a9:5c:17:d9:b9:74:32:65:d2:fa:
ca:69:72:18:5e:6f:be:dc:f4:af:21:b8:86:d4:e3:4c:78:0e:
12:5a:12:b8:6f:a5:c7:2e:41:f4:6e:c8:1b:87:9d:fe:5d:02:
17:5e:37:4b:a5:ba:39:70:73:48:16:c9:19:cb:97:02:7e:f7:
fe:51:22:15:2a:07:68:ba:05:59:9e:a2:10:b5:1a:22:39:df:
52:80:a8:d2:46:49:ae:37:94:8a:c8:3c:ad:c5:20:be:c2:f5:
0b:82:04:55:9b:e2:75:d7:ff:b4:e3:d5:4e:09:2d:23:f8:4d:
f0:0d:29:e7:cb:73:a3:45:fd:fd:7f:c9:4e:e6:be:fb:87:12:
ed:a0:92:c2:41:f5:48:87:f0:85:29:62:61:ce:06:04:9b:47:
20:3d:ea:7b:d6:9b:8b:97:1d:72:68:e0:09:0f:9f:a4:75:e6:
74:2d:36:44:28:e5:78:53:c2:10:d4:3d:66:50:6d:00:d6:00:
9a:6d:52:ba:5e:87:fb:c2:de:da:41:4a:2f:06:41:8d:5c:fa:
43:19:df:21:7d:e4:a3:17:07:ae:8c:3f:1e:92:9d:f1:e1:66:
d3:8e:11:f0:ac:80:40:e7:57:6b:41:03:cd:5c:09:e9:81:42:
8b:7f:43:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/DzeCQFLnGJSwksPAWoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMzUzNWFhNmMzMTdiYTc2Y2NiODFiYmZlZTVkNDc0YjE5
M2U2ZTMwHhcNMjUwMTAyMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU4ZmViZWFmZDg3MDc2ODQzMDUzMWI2ZjlkZDM0OGRjMDc4MjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZHqmpKF1sszjduHzc8AB4Baz4vK
qKZCz7Tk5NDIs4VkHyBpZK7ktw8VY91YVjvbHjLjOEuNL7s9F7N3VaW4mZn1o3eN
6AAczhWpV5KHvCvcM+lLlSpudWHZzN/UUV3k7Cp2QGcSYKUWm60JiiyRRk2aj6de
IjdZzv8QWLBIL1TztN17XXCUM5r8Wk8xMyAFx/lAhM154R2ZL+kPLrNeM/6vvGw0
/rF8IyCeLIMW/TeIrCXzU3rl2E6PcGSI+CsTh0jOOwNtC/Ho6Y6UFAEUnXWGfzfy
vYLClxVjz/5c9FepA8aotFITWMc+xY/4gG2Ikbzqayx+Gq7V+aPBBzQUpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9Y/r6v2HB2hDBTG2+d00jcB4KbMB8GA1UdIwQY
MBaAFEI1NapsMXunbMuBu/7l1HSxk+bjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWpVMXFtd3hlNmRzeTRHN191WFVkTEdUNXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9hMTJiN2EtMmU0YS00ZjIyLTg4MTEt
MDk5NTg3YzcxYmFiLzEvXzFqLXZxX1ljSGFFTUZNYmI1M1RTTndIZ3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9hMTJiN2EtMmU0YS00ZjIyLTg4MTEtMDk5NTg3YzcxYmFi
LzEvUWpVMXFtd3hlNmRzeTRHN191WFVkTEdUNXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEU5cgMA0G
CSqGSIb3DQEBCwUAA4IBAQCWs2JmCppnbqlcF9m5dDJl0vrKaXIYXm++3PSvIbiG
1ONMeA4SWhK4b6XHLkH0bsgbh53+XQIXXjdLpbo5cHNIFskZy5cCfvf+USIVKgdo
ugVZnqIQtRoiOd9SgKjSRkmuN5SKyDytxSC+wvULggRVm+J11/+049VOCS0j+E3w
DSnny3OjRf39f8lO5r77hxLtoJLCQfVIh/CFKWJhzgYEm0cgPep71puLlx1yaOAJ
D5+kdeZ0LTZEKOV4U8IQ1D1mUG0A1gCabVK6Xof7wt7aQUovBkGNXPpDGd8hfeSj
FweujD8ekp3x4WbTjhHwrIBA51drQQPNXAnpgUKLf0Pa
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:33:49 2025 by rpki-client