Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/tGl_oVEvMu4RFTKmUhxguGv0x7g.roa
File: tGl_oVEvMu4RFTKmUhxguGv0x7g.roa (raw, json)
Hash identifier: PRe0KxLn8TbTqjw2TmvSuGH/Q6PyqmSXeZcJLI07VdI=
Subject key identifier: B4:69:7F:A1:51:2F:32:EE:11:15:32:A6:52:1C:60:B8:6B:F4:C7:B8
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0194228D1B2D430AE43AD691498152054F4C
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/tGl_oVEvMu4RFTKmUhxguGv0x7g.roa
Signing time: Wed 01 Jan 2025 15:47:40 +0000
ROA not before: Wed 01 Jan 2025 15:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208594
IP address blocks: 31.169.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:1b:2d:43:0a:e4:3a:d6:91:49:81:52:05:4f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 1 15:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4697fa1512f32ee111532a6521c60b86bf4c7b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:44:06:6b:20:3c:d2:b1:ae:9d:f1:c6:6b:
16:49:2c:92:9d:64:ac:b0:83:bd:64:5d:c6:a1:2c:
6a:4c:85:9c:6a:69:3f:71:b8:05:55:66:60:2f:24:
d5:72:06:b3:21:3e:57:63:a5:c2:eb:43:e7:15:08:
a6:22:ed:9c:fe:41:6b:b3:52:48:8d:f4:1a:04:04:
95:99:a4:43:9f:86:15:eb:82:81:1a:f9:64:2f:20:
ee:2c:1a:da:e0:b4:96:4b:f1:db:48:7a:c9:84:9c:
34:80:bb:69:c0:ba:87:5b:43:64:41:29:cc:1e:f3:
13:32:44:06:5d:bd:97:a0:3d:53:2b:c5:29:9b:01:
bc:3e:23:8a:1e:87:7c:db:9e:ce:00:95:4f:47:4b:
e8:70:f8:90:97:17:7e:a1:f5:2a:f8:85:fc:cd:c4:
e5:0c:13:76:4e:c8:c1:2f:e6:28:3b:ad:46:9d:f0:
36:03:f1:25:d4:2c:0b:8e:c8:08:89:72:22:5a:fe:
bd:ea:66:e0:1a:87:bf:56:1c:8f:5f:05:b9:65:c1:
14:70:6e:cb:ef:dd:3b:73:c9:b5:6a:0d:df:1e:aa:
08:35:b8:e0:f3:47:e4:a9:0a:3d:8b:31:d4:b6:12:
51:ea:b7:60:30:1d:ca:7c:67:6d:f6:f8:99:9b:30:
aa:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:69:7F:A1:51:2F:32:EE:11:15:32:A6:52:1C:60:B8:6B:F4:C7:B8
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/tGl_oVEvMu4RFTKmUhxguGv0x7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.79.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:96:eb:5a:d6:02:68:7d:47:0d:3e:32:08:8c:aa:de:d0:fb:
51:01:85:64:2a:5f:2b:e1:33:8c:a1:19:b4:25:c2:6c:93:2c:
21:39:22:9e:e6:fb:19:20:f1:1c:11:2c:bc:13:1f:ea:41:7e:
45:f2:89:37:25:b1:c1:9f:7c:36:ac:63:4d:f4:a4:ed:66:e3:
89:e0:b6:76:ea:d9:3b:dc:5b:0f:50:04:31:c4:18:50:4b:89:
fc:47:73:bd:05:ba:da:36:ed:68:47:52:14:57:46:0c:97:44:
d2:e9:1b:41:fb:c2:6a:6f:2a:71:dd:a1:6b:60:4e:0f:d9:b2:
cd:31:2e:b0:0e:16:3d:e6:d0:08:5c:da:60:56:ee:53:f8:ee:
78:43:ea:35:1f:9e:17:e4:28:c6:5a:e1:dd:66:25:ee:50:68:
52:93:1c:af:12:6b:45:f3:39:e4:17:42:3b:67:7b:78:69:39:
35:e6:77:eb:54:28:4f:90:0b:4d:d9:f4:1f:ac:65:22:07:25:
58:b9:84:ec:09:af:79:63:66:ee:a2:ef:48:fa:85:18:4e:74:
5e:e0:b2:e4:1d:fd:d3:d2:27:7e:a1:b1:9f:9b:86:1a:a8:f0:
aa:91:75:eb:76:ca:19:5b:bb:cf:64:d1:b2:34:47:0d:9d:d2:
62:84:3e:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijRstQwrkOtaRSYFSBU9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwMTAxMTU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY5N2ZhMTUxMmYzMmVlMTExNTMyYTY1MjFjNjBiODZiZjRjN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr5EBmsgPNKxrp3xxmsWSSySnWSs
sIO9ZF3GoSxqTIWcamk/cbgFVWZgLyTVcgazIT5XY6XC60PnFQimIu2c/kFrs1JI
jfQaBASVmaRDn4YV64KBGvlkLyDuLBra4LSWS/HbSHrJhJw0gLtpwLqHW0NkQSnM
HvMTMkQGXb2XoD1TK8UpmwG8PiOKHod8257OAJVPR0vocPiQlxd+ofUq+IX8zcTl
DBN2TsjBL+YoO61GnfA2A/El1CwLjsgIiXIiWv696mbgGoe/VhyPXwW5ZcEUcG7L
7907c8m1ag3fHqoINbjg80fkqQo9izHUthJR6rdgMB3KfGdt9viZmzCqtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRpf6FRLzLuERUyplIcYLhr9Me4MB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvdEdsX29WRXZNdTRSRlRLbVVoeGd1R3YweDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6lPMA0G
CSqGSIb3DQEBCwUAA4IBAQAeluta1gJofUcNPjIIjKre0PtRAYVkKl8r4TOMoRm0
JcJskywhOSKe5vsZIPEcESy8Ex/qQX5F8ok3JbHBn3w2rGNN9KTtZuOJ4LZ26tk7
3FsPUAQxxBhQS4n8R3O9BbraNu1oR1IUV0YMl0TS6RtB+8Jqbypx3aFrYE4P2bLN
MS6wDhY95tAIXNpgVu5T+O54Q+o1H54X5CjGWuHdZiXuUGhSkxyvEmtF8znkF0I7
Z3t4aTk15nfrVChPkAtN2fQfrGUiByVYuYTsCa95Y2buou9I+oUYTnRe4LLkHf3T
0id+obGfm4YaqPCqkXXrdsoZW7vPZNGyNEcNndJihD4i
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:22:49 2025 by rpki-client