Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rdtfnVmS-9UOIg39AFWt88dqxRQ.roa
File: rdtfnVmS-9UOIg39AFWt88dqxRQ.roa (raw, json)
Hash identifier: V6sK+oqfRV962R+ijBHA1AUCIemBluiGERU6DIzo/b8=
Subject key identifier: AD:DB:5F:9D:59:92:FB:D5:0E:22:0D:FD:00:55:AD:F3:C7:6A:C5:14
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018DF40F223C7B8A0289D3CE2EAEC998ACDB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rdtfnVmS-9UOIg39AFWt88dqxRQ.roa
Signing time: Thu 29 Feb 2024 08:50:48 +0000
ROA not before: Thu 29 Feb 2024 08:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31224
IP address blocks: 31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.100.0/24 maxlen: 24
31.173.101.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
78.25.88.0/22 maxlen: 22
83.149.32.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.36.0/22 maxlen: 22
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
178.176.104.0/21 maxlen: 21
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
2a03:d000:5000::/40 maxlen: 40
2a03:d000:5100::/40 maxlen: 40
2a03:d000:5270::/44 maxlen: 44
2a03:d000:52f0::/44 maxlen: 44
2a03:d000:5301::/48 maxlen: 48
2a03:d000:5302::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:0f:22:3c:7b:8a:02:89:d3:ce:2e:ae:c9:98:ac:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Feb 29 08:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=addb5f9d5992fbd50e220dfd0055adf3c76ac514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6c:7a:e2:d8:6f:4b:06:af:75:62:c0:9b:7f:
a3:98:89:0f:f7:9e:70:0f:bc:1e:1d:f6:2d:30:09:
83:ec:b1:98:ed:72:df:60:47:12:15:ab:69:4a:9b:
2f:5b:04:bd:eb:50:35:bc:be:62:ef:63:56:91:a2:
fc:c2:6e:7f:11:df:28:42:a2:d6:4a:02:d4:4e:89:
d5:39:82:cf:2f:54:f6:54:b5:eb:7a:fb:c2:79:b7:
8c:40:76:4e:5a:5e:d7:2d:d7:59:e6:9b:7a:2e:7a:
de:12:46:d4:44:61:a7:c4:1b:62:f3:35:c4:e8:d1:
f6:1e:6a:e8:da:bf:ad:43:9f:4b:a5:11:03:96:ae:
f4:83:eb:99:b8:42:53:dd:88:4b:b9:a9:11:a1:d3:
e3:a1:1f:03:6f:8d:54:b1:14:a3:de:e3:05:12:cf:
bb:25:82:05:ce:c9:97:db:ca:db:6b:ec:f7:c7:11:
25:b7:e2:b4:de:6c:57:37:64:b4:8a:fc:36:41:d6:
ac:8a:5e:19:b5:99:d3:dd:16:f9:55:dc:fa:21:ce:
c4:36:88:53:f1:83:c2:9e:01:c9:1b:6d:3f:f6:20:
5a:f3:49:cc:0d:5e:14:1a:91:61:e6:25:fd:ae:5f:
04:b7:89:30:b4:ea:80:ab:f8:bc:12:00:44:b5:99:
73:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DB:5F:9D:59:92:FB:D5:0E:22:0D:FD:00:55:AD:F3:C7:6A:C5:14
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rdtfnVmS-9UOIg39AFWt88dqxRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
IPv6:
2a03:d000:5000::/39
2a03:d000:5270::/44
2a03:d000:52f0::/44
2a03:d000:5301::-2a03:d000:5302:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0d:2d:a1:79:f0:83:71:c6:cb:7d:68:5c:98:ee:f1:be:c9:23:
ea:ba:93:7c:b5:75:a0:bf:88:e3:89:7e:28:29:62:99:b5:38:
85:88:3e:74:39:ad:d8:67:b5:21:36:05:80:a8:a2:a2:0f:1f:
bb:f5:c7:a8:5c:18:0c:46:9f:d0:bd:e3:07:d1:7c:69:96:35:
97:d5:61:59:28:e9:b5:50:a8:60:72:ae:8f:ed:b2:a9:6d:76:
01:4b:55:b8:b3:4c:bf:58:87:1b:e3:c9:7d:7c:6f:55:90:68:
00:f4:2a:f0:98:68:c6:d5:db:c8:e3:ac:5a:3e:64:4c:ab:d2:
be:e7:20:af:2f:75:76:3b:48:42:08:d0:e9:e9:53:ef:70:b6:
6c:c6:2e:8a:0a:e6:b4:f2:c9:9c:cd:5b:9f:d9:f9:a6:77:da:
70:84:39:cd:01:1c:2a:c1:dc:a8:56:45:1f:08:98:20:2a:f2:
60:42:13:79:d9:7a:c1:81:e5:26:a8:fd:ec:4b:3d:a5:31:fe:
11:8b:69:ba:27:37:ca:9e:d5:5e:00:a7:4e:82:f7:b2:53:cb:
fd:c9:06:a1:7f:77:28:12:37:2a:0e:6d:0d:c9:9a:ad:f3:62:
e5:bb:49:b9:25:17:82:89:8b:05:3d:e1:97:34:e0:73:43:bc:
5d:9a:e3:bd
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAY30DyI8e4oCidPOLq7JmKzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMjI5MDg1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGRiNWY5ZDU5OTJmYmQ1MGUyMjBkZmQwMDU1YWRmM2M3NmFjNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmx64thvSwavdWLAm3+jmIkP955w
D7weHfYtMAmD7LGY7XLfYEcSFatpSpsvWwS961A1vL5i72NWkaL8wm5/Ed8oQqLW
SgLUTonVOYLPL1T2VLXrevvCebeMQHZOWl7XLddZ5pt6LnreEkbURGGnxBti8zXE
6NH2Hmro2r+tQ59LpREDlq70g+uZuEJT3YhLuakRodPjoR8Db41UsRSj3uMFEs+7
JYIFzsmX28rba+z3xxElt+K03mxXN2S0ivw2Qdasil4ZtZnT3Rb5Vdz6Ic7ENohT
8YPCngHJG20/9iBa80nMDV4UGpFh5iX9rl8Et4kwtOqAq/i8EgBEtZlzYQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFK3bX51ZkvvVDiIN/QBVrfPHasUUMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcmR0Zm5WbVMtOVVPSWczOUFGV3Q4OGRxeFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljBeBAIAATBYAwQBH61g
MAwDBAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABT
qdgDBAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWDA0BAIAAjAuAwYBKgPQ
AFADBwQqA9AAUnADBwQqA9AAUvAwEgMHACoD0ABTAQMHACoD0ABTAjANBgkqhkiG
9w0BAQsFAAOCAQEADS2hefCDccbLfWhcmO7xvskj6rqTfLV1oL+I44l+KClimbU4
hYg+dDmt2Ge1ITYFgKiiog8fu/XHqFwYDEaf0L3jB9F8aZY1l9VhWSjptVCoYHKu
j+2yqW12AUtVuLNMv1iHG+PJfXxvVZBoAPQq8JhoxtXbyOOsWj5kTKvSvucgry91
djtIQgjQ6elT73C2bMYuigrmtPLJnM1bn9n5pnfacIQ5zQEcKsHcqFZFHwiYICry
YEITedl6wYHlJqj97Es9pTH+EYtpuic3yp7VXgCnToL3slPL/ckGoX93KBI3Kg5t
DcmarfNi5btJuSUXgomLBT3hlzTgc0O8XZrjvQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:38 2025 by rpki-client