Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/yjOVe9P9QCIOVlHjC2af6d5hY-c.roa
File: yjOVe9P9QCIOVlHjC2af6d5hY-c.roa (raw, json)
Hash identifier: nPJ2ri+28FWisJhJn6NbOyOwuKF7rYFdzWnbklaw+3E=
Subject key identifier: CA:33:95:7B:D3:FD:40:22:0E:56:51:E3:0B:66:9F:E9:DE:61:63:E7
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0194228D18BCB3D1A447D75D059F38F5D7AE
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/yjOVe9P9QCIOVlHjC2af6d5hY-c.roa
Signing time: Wed 01 Jan 2025 15:47:39 +0000
ROA not before: Wed 01 Jan 2025 15:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34476
IP address blocks: 31.169.75.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:18:bc:b3:d1:a4:47:d7:5d:05:9f:38:f5:d7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 1 15:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca33957bd3fd40220e5651e30b669fe9de6163e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:04:67:ce:75:d4:0a:81:4c:17:df:c3:33:2a:
6e:d2:ff:98:c7:40:79:2c:a7:72:79:90:22:04:03:
35:db:13:65:ec:fd:8a:5a:aa:54:2a:69:6d:6a:fa:
2e:02:d8:2e:dc:ab:55:68:8f:06:a7:45:e5:65:87:
0b:1b:85:f4:b0:78:d8:77:20:e8:72:b9:32:93:57:
75:10:f8:4b:e4:3c:26:3a:2f:09:af:9c:32:17:73:
cf:02:6f:8b:3c:07:f4:ea:65:5c:91:a2:a1:7e:f4:
b6:55:b1:e0:d5:b7:ce:3a:79:95:20:5f:05:af:89:
13:07:1b:16:22:3b:1b:2b:84:2f:68:7c:43:f0:5f:
aa:3a:5e:cd:fc:e9:80:cd:cd:5e:d0:2f:a3:c3:1c:
50:ca:86:7c:48:89:89:ac:16:c5:a3:8b:2f:df:82:
01:3d:da:86:a5:79:91:16:58:4d:d9:1a:36:b2:8e:
a8:71:e4:bc:40:e8:f0:50:ac:7e:7f:28:fa:5c:ac:
78:74:1d:8f:db:39:91:76:c0:ce:2e:57:16:fd:be:
f5:7e:15:b3:50:f7:d2:5d:31:7a:dc:ce:c2:65:8e:
66:e9:2a:42:e7:a6:c0:79:4c:c7:7c:17:cc:89:c0:
ae:10:36:5f:1d:58:44:60:a9:01:2b:c7:e8:e2:0e:
dd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:33:95:7B:D3:FD:40:22:0E:56:51:E3:0B:66:9F:E9:DE:61:63:E7
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/yjOVe9P9QCIOVlHjC2af6d5hY-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.75.0/24
31.169.85.0/24
31.169.87.0/24
Signature Algorithm: sha256WithRSAEncryption
94:87:7c:ea:4a:1a:ba:3b:76:77:33:77:15:ae:50:ff:1a:23:
69:28:a0:29:54:84:c9:e4:64:49:c7:31:d2:18:20:48:4a:72:
26:5e:43:48:2f:fc:17:d4:7b:db:53:a0:de:57:bc:1d:4a:e3:
0a:fd:a3:5f:56:e0:e1:90:f1:db:8c:5d:1b:7c:9b:7d:75:28:
08:1e:39:94:c8:f6:73:33:62:79:8f:5e:04:b2:a9:c0:01:1e:
29:b7:fa:03:6c:8b:61:5c:3a:1f:e4:5e:04:e6:f4:26:41:ed:
1a:c3:e4:f5:83:f5:a0:8a:bc:f5:68:3b:a1:0a:6e:5f:de:8d:
b6:14:73:04:06:92:94:b1:7d:9e:83:27:a2:98:5a:70:37:80:
a2:f1:2f:e3:af:e8:8c:1c:a6:e8:80:91:b6:bc:0a:29:e3:6e:
16:7b:d8:b0:56:da:b5:1e:d9:d8:63:3c:2a:5a:04:c8:01:4e:
5b:93:3e:52:ca:f3:76:24:ae:e1:11:82:d8:38:f1:16:42:d2:
c6:59:b4:b4:a7:38:17:86:c3:90:f4:f2:ee:4f:07:ef:21:cf:
7e:0c:9d:c7:44:66:01:a0:08:99:d4:c4:3b:a6:33:c1:ae:87:
95:ea:0f:90:13:ab:ff:3b:9b:1e:b5:25:0f:f8:f9:b2:c4:1f:
73:77:bf:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijRi8s9GkR9ddBZ849deuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwMTAxMTU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTMzOTU3YmQzZmQ0MDIyMGU1NjUxZTMwYjY2OWZlOWRlNjE2M2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwRnznXUCoFMF9/DMypu0v+Yx0B5
LKdyeZAiBAM12xNl7P2KWqpUKmltavouAtgu3KtVaI8Gp0XlZYcLG4X0sHjYdyDo
crkyk1d1EPhL5DwmOi8Jr5wyF3PPAm+LPAf06mVckaKhfvS2VbHg1bfOOnmVIF8F
r4kTBxsWIjsbK4QvaHxD8F+qOl7N/OmAzc1e0C+jwxxQyoZ8SImJrBbFo4sv34IB
PdqGpXmRFlhN2Ro2so6oceS8QOjwUKx+fyj6XKx4dB2P2zmRdsDOLlcW/b71fhWz
UPfSXTF63M7CZY5m6SpC56bAeUzHfBfMicCuEDZfHVhEYKkBK8fo4g7d+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMozlXvT/UAiDlZR4wtmn+neYWPnMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEveWpPVmU5UDlRQ0lPVmxIakMyYWY2ZDVoWS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6lLAwQA
H6lVAwQAH6lXMA0GCSqGSIb3DQEBCwUAA4IBAQCUh3zqShq6O3Z3M3cVrlD/GiNp
KKApVITJ5GRJxzHSGCBISnImXkNIL/wX1HvbU6DeV7wdSuMK/aNfVuDhkPHbjF0b
fJt9dSgIHjmUyPZzM2J5j14EsqnAAR4pt/oDbIthXDof5F4E5vQmQe0aw+T1g/Wg
irz1aDuhCm5f3o22FHMEBpKUsX2egyeimFpwN4Ci8S/jr+iMHKbogJG2vAop424W
e9iwVtq1HtnYYzwqWgTIAU5bkz5SyvN2JK7hEYLYOPEWQtLGWbS0pzgXhsOQ9PLu
TwfvIc9+DJ3HRGYBoAiZ1MQ7pjPBroeV6g+QE6v/O5setSUP+PmyxB9zd7/2
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:08:32 2025 by rpki-client