Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/4KEPqzPMpSoYq_-etsWBx1UVT9A.roa
File: 4KEPqzPMpSoYq_-etsWBx1UVT9A.roa (raw, json)
Hash identifier: Qyft6AJjQ5gcWAFAYWi3WKCXr3fTm1AuVg1MESeGi2E=
Subject key identifier: E0:A1:0F:AB:33:CC:A5:2A:18:AB:FF:9E:B6:C5:81:C7:55:15:4F:D0
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 01955B6809F3C0307E3BD0ABDBBDA7B55A4E
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/4KEPqzPMpSoYq_-etsWBx1UVT9A.roa
Signing time: Mon 03 Mar 2025 09:48:19 +0000
ROA not before: Mon 03 Mar 2025 09:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 31.90.0.0/15 maxlen: 15
31.92.0.0/15 maxlen: 15
31.94.0.0/16 maxlen: 16
31.96.0.0/16 maxlen: 16
31.104.0.0/16 maxlen: 16
31.112.0.0/14 maxlen: 14
31.117.0.0/16 maxlen: 16
31.118.0.0/16 maxlen: 16
31.119.0.0/16 maxlen: 16
31.120.0.0/16 maxlen: 16
31.121.0.0/16 maxlen: 16
31.126.0.0/15 maxlen: 15
46.68.66.0/24 maxlen: 24
95.144.0.0/13 maxlen: 13
109.180.0.0/15 maxlen: 15
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:68:09:f3:c0:30:7e:3b:d0:ab:db:bd:a7:b5:5a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: Mar 3 09:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0a10fab33cca52a18abff9eb6c581c755154fd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:71:78:3c:86:bf:22:a4:e0:ae:3a:87:c9:
dc:82:5b:b2:3f:96:aa:67:1e:cc:a7:18:1f:d2:cd:
37:11:9c:7f:15:e3:2c:91:2c:e6:d9:a3:56:4c:95:
0d:34:1b:9b:3f:2d:be:f5:a4:12:07:43:e8:00:1d:
35:27:cf:6b:ba:1e:60:c0:cf:ba:57:1c:fb:f4:7a:
e0:5a:cb:32:20:a7:10:e2:c2:93:c9:bb:43:75:70:
98:21:82:af:99:c0:7e:8d:b3:54:53:83:cb:0d:48:
77:98:2f:c2:2d:84:9a:cb:f2:c3:02:13:0e:4a:e5:
77:27:bc:ff:7b:63:e7:5e:b4:10:e9:62:05:05:4a:
fb:ea:c5:7e:3f:e1:84:54:ca:98:b6:81:ac:15:ff:
86:19:39:be:59:1d:a9:46:16:d6:30:c1:37:5e:7e:
93:4f:fd:ae:6d:91:ec:69:35:57:2b:40:17:76:78:
20:2b:d7:c4:50:64:e7:41:21:68:1f:61:ad:45:fc:
36:13:df:b9:41:b4:b8:20:58:de:38:bf:12:22:bf:
90:8f:1a:a8:0e:13:3a:61:65:31:7e:92:71:1e:ac:
eb:19:9a:7c:32:89:92:75:78:21:50:d6:f9:5a:84:
2c:b2:55:3c:40:23:ab:fe:0f:76:6a:ac:fb:1d:b7:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A1:0F:AB:33:CC:A5:2A:18:AB:FF:9E:B6:C5:81:C7:55:15:4F:D0
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/4KEPqzPMpSoYq_-etsWBx1UVT9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.90.0.0-31.94.255.255
31.96.0.0/16
31.104.0.0/16
31.112.0.0/14
31.117.0.0-31.121.255.255
31.126.0.0/15
46.68.66.0/24
95.144.0.0/13
109.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1b:90:58:aa:d5:98:a3:96:db:a1:87:3e:d8:77:6a:9a:80:c9:
ba:8d:0f:50:be:ee:42:0a:34:61:3b:38:16:1c:43:c4:2f:71:
5e:db:11:81:2c:b3:53:cd:13:db:ed:80:c6:da:3d:10:ec:76:
4f:96:c5:8c:61:25:ce:4d:01:96:90:e2:3e:0c:af:ef:76:b1:
26:11:f8:f5:11:41:aa:3a:80:46:bd:8f:a5:14:ae:07:4e:f5:
e6:fb:9e:23:a3:ba:5b:f9:dd:d8:8a:2d:40:4d:2a:12:4d:0a:
3e:f6:d0:dd:6a:97:4c:f5:19:d4:7c:e5:da:db:04:63:84:f7:
d6:94:f6:b1:92:a1:3c:7d:90:2a:e9:a6:e4:65:3f:9f:8c:aa:
25:7f:4a:27:82:71:3a:e1:cb:c5:f6:9d:79:42:90:36:ea:9b:
a0:c7:5c:c7:64:b0:4c:97:63:64:ad:bb:77:15:d5:46:73:ce:
77:b6:a6:0e:e3:84:f8:6e:a4:1b:81:83:cf:c5:41:40:0a:f8:
49:e1:7f:21:a9:fe:ea:b2:a0:f4:d0:9f:80:d6:2e:81:0a:e9:
17:d8:b1:89:80:e5:10:84:1f:8d:dd:da:e3:df:cd:d6:b9:44:
c5:b4:25:bb:ff:2d:90:ae:73:6d:b9:f6:97:91:a9:86:2c:ac:
2a:34:83:ab
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZVbaAnzwDB+O9Cr272ntVpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjUwMzAzMDk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGExMGZhYjMzY2NhNTJhMThhYmZmOWViNmM1ODFjNzU1MTU0ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLtxeDyGvyKk4K46h8ncgluyP5aq
Zx7Mpxgf0s03EZx/FeMskSzm2aNWTJUNNBubPy2+9aQSB0PoAB01J89ruh5gwM+6
Vxz79HrgWssyIKcQ4sKTybtDdXCYIYKvmcB+jbNUU4PLDUh3mC/CLYSay/LDAhMO
SuV3J7z/e2PnXrQQ6WIFBUr76sV+P+GEVMqYtoGsFf+GGTm+WR2pRhbWMME3Xn6T
T/2ubZHsaTVXK0AXdnggK9fEUGTnQSFoH2GtRfw2E9+5QbS4IFjeOL8SIr+Qjxqo
DhM6YWUxfpJxHqzrGZp8MomSdXghUNb5WoQsslU8QCOr/g92aqz7HbeiewIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOChD6szzKUqGKv/nrbFgcdVFU/QMB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvNEtFUHF6UE1wU29ZcV8tZXRzV0J4MVVWVDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAoDAwEfWgMD
AB9eAwMAH2ADAwAfaAMDAh9wMAoDAwAfdQMDAR94AwMBH34DBAAuREIDAwNfkAMD
AW20MA0GCSqGSIb3DQEBCwUAA4IBAQAbkFiq1Zijltuhhz7Yd2qagMm6jQ9Qvu5C
CjRhOzgWHEPEL3Fe2xGBLLNTzRPb7YDG2j0Q7HZPlsWMYSXOTQGWkOI+DK/vdrEm
Efj1EUGqOoBGvY+lFK4HTvXm+54jo7pb+d3Yii1ATSoSTQo+9tDdapdM9RnUfOXa
2wRjhPfWlPaxkqE8fZAq6abkZT+fjKolf0ongnE64cvF9p15QpA26pugx1zHZLBM
l2Nkrbt3FdVGc853tqYO44T4bqQbgYPPxUFACvhJ4X8hqf7qsqD00J+A1i6BCukX
2LGJgOUQhB+N3drj383WuUTFtCW7/y2QrnNtufaXkamGLKwqNIOr
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:33:48 2025 by rpki-client