Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/wCVsvqWRahQ-a8qZpU_P5hfC6fo.roa
File: wCVsvqWRahQ-a8qZpU_P5hfC6fo.roa (raw, json)
Hash identifier: zXnXIwQPC/ukVsvs/CWHd4opckhB/IeyNk2RyXjvBzs=
Subject key identifier: C0:25:6C:BE:A5:91:6A:14:3E:6B:CA:99:A5:4F:CF:E6:17:C2:E9:FA
Certificate issuer: /CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Certificate serial: 0194236A0AD8FDD0207AA0645263A3F5E857
Authority key identifier: AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/wCVsvqWRahQ-a8qZpU_P5hfC6fo.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20454
IP address blocks: 31.24.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0a:d8:fd:d0:20:7a:a0:64:52:63:a3:f5:e8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0256cbea5916a143e6bca99a54fcfe617c2e9fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:86:69:94:5e:af:fd:81:ac:e1:0a:14:3b:7d:
57:3f:99:bc:ab:b9:84:fc:87:34:cc:f5:f1:d5:2c:
0c:a6:7e:e1:3c:23:06:18:d8:66:f5:06:59:b0:9b:
6c:69:15:96:72:9c:2b:bd:ca:d5:fb:72:5d:56:39:
90:5f:1c:63:21:37:62:9c:76:e7:c2:0c:e9:60:c9:
ca:13:81:e8:6c:b4:2a:77:c0:05:0d:86:af:bd:10:
75:db:b7:58:d4:7c:9a:95:38:dc:5e:a4:2e:ee:41:
11:f6:93:2d:b7:5d:25:b8:e5:b5:37:b6:d2:33:39:
cd:d9:9f:1f:1e:8a:f6:34:67:af:e6:10:6c:b6:7f:
57:d4:72:ee:72:ac:a1:6f:68:98:44:9a:68:97:7f:
fa:5c:03:43:d5:ab:7e:d0:be:0c:58:a8:47:36:75:
a3:c4:6c:01:ec:07:44:bf:40:35:d5:de:f8:8a:70:
5b:29:81:f1:ab:d5:de:14:bb:ee:50:ca:0a:2a:ec:
b8:f8:f8:42:04:d6:69:51:45:16:9d:90:4e:a9:83:
19:be:78:4d:5d:65:a5:bd:f5:69:e3:c1:24:22:f3:
b2:64:3d:53:86:5e:e3:81:91:5e:fa:48:13:cd:c6:
99:74:24:20:f8:a2:f2:34:b3:37:e4:ba:08:67:bc:
dd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:25:6C:BE:A5:91:6A:14:3E:6B:CA:99:A5:4F:CF:E6:17:C2:E9:FA
X509v3 Authority Key Identifier:
keyid:AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/wCVsvqWRahQ-a8qZpU_P5hfC6fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/qs5nJaCg3dFoBICoN4XSzVe_arA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.82.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:2e:1b:d9:04:f3:b4:a6:a0:5c:b4:32:de:ba:52:a7:4f:ab:
b4:b1:24:09:e6:23:6f:7a:f9:ac:2b:71:af:2a:c2:af:35:46:
72:c4:1b:39:25:8c:28:b4:59:3f:30:e3:24:83:fa:f7:1d:39:
7c:72:86:67:b2:d0:20:d1:f5:8a:63:b9:63:ba:7f:96:67:22:
4e:a3:1e:7f:a5:5e:72:94:fb:8f:f2:01:e8:2a:bb:0a:2e:e6:
0f:10:ef:a2:86:97:d2:0a:65:3a:bd:2a:c0:a0:df:4d:2f:52:
35:31:24:99:27:47:22:da:84:e7:12:03:68:63:af:31:fe:e2:
0a:cf:c7:92:3e:76:55:e0:6e:04:a0:7e:a3:29:24:86:3c:42:
b2:7a:02:96:07:00:72:d2:d2:0d:53:a7:ca:1e:65:de:31:19:
b3:32:50:98:d3:8a:b1:5b:bf:96:b6:3b:a6:65:78:d6:4b:74:
61:fe:8f:39:ab:96:9c:e6:5f:8e:5c:06:cd:27:de:e2:f8:03:
b2:6e:ac:2e:27:01:18:23:2f:07:db:0b:ca:c0:fd:57:79:9a:
4f:7f:46:d8:72:07:b0:f6:2c:1d:b5:37:3f:c3:9f:de:9c:a2:
c2:47:20:ac:61:b4:90:63:16:60:86:a0:be:58:85:18:51:f0:
ea:30:91:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagrY/dAgeqBkUmOj9ehXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2U2NzI1YTBhMGRkZDE2ODA0ODBhODM3ODVkMmNkNTdi
ZjZhYjAwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDI1NmNiZWE1OTE2YTE0M2U2YmNhOTlhNTRmY2ZlNjE3YzJlOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoZplF6v/YGs4QoUO31XP5m8q7mE
/Ic0zPXx1SwMpn7hPCMGGNhm9QZZsJtsaRWWcpwrvcrV+3JdVjmQXxxjITdinHbn
wgzpYMnKE4HobLQqd8AFDYavvRB127dY1HyalTjcXqQu7kER9pMtt10luOW1N7bS
MznN2Z8fHor2NGev5hBstn9X1HLucqyhb2iYRJpol3/6XAND1at+0L4MWKhHNnWj
xGwB7AdEv0A11d74inBbKYHxq9XeFLvuUMoKKuy4+PhCBNZpUUUWnZBOqYMZvnhN
XWWlvfVp48EkIvOyZD1Thl7jgZFe+kgTzcaZdCQg+KLyNLM35LoIZ7zdywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAlbL6lkWoUPmvKmaVPz+YXwun6MB8GA1UdIwQY
MBaAFKrOZyWgoN3RaASAqDeF0s1Xv2qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTkt
NzJhMDgyY2RiMTgyLzEvd0NWc3ZxV1JhaFEtYThxWnBVX1A1aGZDNmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTktNzJhMDgyY2RiMTgy
LzEvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxhSMA0G
CSqGSIb3DQEBCwUAA4IBAQDOLhvZBPO0pqBctDLeulKnT6u0sSQJ5iNvevmsK3Gv
KsKvNUZyxBs5JYwotFk/MOMkg/r3HTl8coZnstAg0fWKY7ljun+WZyJOox5/pV5y
lPuP8gHoKrsKLuYPEO+ihpfSCmU6vSrAoN9NL1I1MSSZJ0ci2oTnEgNoY68x/uIK
z8eSPnZV4G4EoH6jKSSGPEKyegKWBwBy0tINU6fKHmXeMRmzMlCY04qxW7+Wtjum
ZXjWS3Rh/o85q5ac5l+OXAbNJ97i+AOybqwuJwEYIy8H2wvKwP1XeZpPf0bYcgew
9iwdtTc/w5/enKLCRyCsYbSQYxZghqC+WIUYUfDqMJHr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:33 2025 by rpki-client