Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/XXc1R4QzqDrW8SviK6xRNkQ-hUM.roa
File: XXc1R4QzqDrW8SviK6xRNkQ-hUM.roa (raw, json)
Hash identifier: YZxuonbhRtd70cdMZUvtG4tx6j8PhsH2pz0J9ByQ1UQ=
Subject key identifier: 5D:77:35:47:84:33:A8:3A:D6:F1:2B:E2:2B:AC:51:36:44:3E:85:43
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 019424B3CD028925DB24B6E10ECF69BCAC76
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/XXc1R4QzqDrW8SviK6xRNkQ-hUM.roa
Signing time: Thu 02 Jan 2025 01:49:10 +0000
ROA not before: Thu 02 Jan 2025 01:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31333
IP address blocks: 31.15.64.0/21 maxlen: 24
79.140.32.0/20 maxlen: 24
80.244.240.0/20 maxlen: 24
83.151.16.0/20 maxlen: 24
2001:4d88::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cd:02:89:25:db:24:b6:e1:0e:cf:69:bc:ac:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 2 01:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d7735478433a83ad6f12be22bac5136443e8543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:15:1e:3e:0b:c7:99:26:5a:65:39:d2:5c:f6:
2c:a8:3d:e7:75:f2:80:86:b7:dd:34:65:28:f0:ed:
4e:24:5b:f8:84:8a:76:7d:89:4d:ab:0a:10:19:c6:
33:56:41:ff:b1:f0:52:ec:96:1e:2d:f6:ee:98:83:
0f:19:55:b7:7b:15:47:cf:d6:2f:fc:69:c1:cd:e3:
da:79:cc:67:8d:04:30:00:0e:18:03:45:aa:e3:f5:
6b:30:b1:aa:64:8b:dc:85:78:e3:a1:06:0f:af:a5:
3c:0a:11:f5:f4:ab:75:91:d7:d6:c4:bc:82:ae:22:
dc:a9:35:b1:ae:15:99:2d:5c:8e:33:d1:2e:a7:99:
ee:32:4a:0f:26:66:70:62:b4:c9:65:47:73:80:c1:
ee:51:22:11:e7:ac:b3:f2:63:2d:20:a2:f3:0c:f4:
f2:4b:17:72:3f:a2:95:db:5c:4f:06:53:44:81:c5:
aa:00:d8:ac:a5:62:9f:29:2d:9e:fd:35:e5:e7:4d:
d0:6f:a7:29:21:12:13:4d:f5:d5:4c:c6:be:30:23:
c8:dc:7c:f3:d3:88:03:dd:c5:ab:44:39:45:fc:69:
76:bd:6f:e3:89:7e:4b:19:db:51:4f:e7:c5:43:8e:
15:85:97:f8:3f:ab:f3:63:c4:b3:cc:9b:0b:ed:62:
7d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:77:35:47:84:33:A8:3A:D6:F1:2B:E2:2B:AC:51:36:44:3E:85:43
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/XXc1R4QzqDrW8SviK6xRNkQ-hUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.64.0/21
79.140.32.0/20
80.244.240.0/20
83.151.16.0/20
IPv6:
2001:4d88::/32
Signature Algorithm: sha256WithRSAEncryption
52:3f:a3:db:fa:ed:91:8a:e6:6d:38:3f:8a:30:8b:7b:53:f3:
0f:bf:48:45:b4:ae:5a:d8:bc:91:3b:ff:a8:f6:fa:57:cc:31:
b9:38:c6:2d:be:f8:07:cc:c5:49:93:ee:02:8d:38:22:c9:a8:
42:2d:18:cf:80:4f:e1:58:18:1c:b6:b7:9e:03:c2:cf:45:ac:
73:6e:f8:c0:c9:3c:cc:f1:b0:5f:3b:56:96:da:c6:01:e4:b5:
a9:b7:4a:16:ce:47:c8:30:49:c6:c5:8c:92:de:d6:89:f7:80:
38:59:21:b6:55:e2:03:e8:2c:3d:fd:46:cf:69:fe:cc:d9:b7:
78:fa:1c:83:17:7b:94:f0:f3:45:a1:8e:75:9a:af:98:c2:b7:
0e:9e:98:45:28:0f:40:36:11:59:60:23:f2:dc:79:aa:01:79:
73:59:02:42:59:3e:9d:64:e8:a5:7c:e7:49:4d:ea:cb:6f:d4:
3f:b1:a4:a2:af:a9:33:a8:58:0d:fa:a0:ef:19:75:f7:39:d8:
2f:3b:81:8c:e7:e1:1c:22:2c:bf:e5:d9:ab:c0:44:69:2c:74:
a3:3f:be:11:63:33:00:87:9c:af:6c:55:ef:b4:22:a7:50:b8:
a2:3b:31:9a:4e:e2:53:76:43:16:90:dd:13:1d:9c:88:36:65:
95:b2:c0:38
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQks80CiSXbJLbhDs9pvKx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjUwMTAyMDE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDc3MzU0Nzg0MzNhODNhZDZmMTJiZTIyYmFjNTEzNjQ0M2U4NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhUePgvHmSZaZTnSXPYsqD3ndfKA
hrfdNGUo8O1OJFv4hIp2fYlNqwoQGcYzVkH/sfBS7JYeLfbumIMPGVW3exVHz9Yv
/GnBzePaecxnjQQwAA4YA0Wq4/VrMLGqZIvchXjjoQYPr6U8ChH19Kt1kdfWxLyC
riLcqTWxrhWZLVyOM9Eup5nuMkoPJmZwYrTJZUdzgMHuUSIR56yz8mMtIKLzDPTy
SxdyP6KV21xPBlNEgcWqANispWKfKS2e/TXl503Qb6cpIRITTfXVTMa+MCPI3Hzz
04gD3cWrRDlF/Gl2vW/jiX5LGdtRT+fFQ44VhZf4P6vzY8SzzJsL7WJ9GwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFF13NUeEM6g61vEr4iusUTZEPoVDMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvWFhjMVI0UXpxRHJXOFN2aUs2eFJOa1EtaFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHw9AAwQE
T4wgAwQEUPTwAwQEU5cQMA0EAgACMAcDBQAgAU2IMA0GCSqGSIb3DQEBCwUAA4IB
AQBSP6Pb+u2RiuZtOD+KMIt7U/MPv0hFtK5a2LyRO/+o9vpXzDG5OMYtvvgHzMVJ
k+4CjTgiyahCLRjPgE/hWBgctreeA8LPRaxzbvjAyTzM8bBfO1aW2sYB5LWpt0oW
zkfIMEnGxYyS3taJ94A4WSG2VeID6Cw9/UbPaf7M2bd4+hyDF3uU8PNFoY51mq+Y
wrcOnphFKA9ANhFZYCPy3HmqAXlzWQJCWT6dZOilfOdJTerLb9Q/saSir6kzqFgN
+qDvGXX3OdgvO4GM5+EcIiy/5dmrwERpLHSjP74RYzMAh5yvbFXvtCKnULiiOzGa
TuJTdkMWkN0THZyINmWVssA4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:43 2025 by rpki-client