Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/EYOf3xKHw9_MKA1D90KSTosb0tA.roa
File: EYOf3xKHw9_MKA1D90KSTosb0tA.roa (raw, json)
Hash identifier: 3KfjNGfDBOH8N6505QRNNLGXHD4Npk9IpAKZWt3yK4E=
Subject key identifier: 11:83:9F:DF:12:87:C3:DF:CC:28:0D:43:F7:42:92:4E:8B:1B:D2:D0
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 01914728291E81D664F4EB78B6BF78CE0385
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/EYOf3xKHw9_MKA1D90KSTosb0tA.roa
Signing time: Mon 12 Aug 2024 15:14:59 +0000
ROA not before: Mon 12 Aug 2024 15:14:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49360
IP address blocks: 31.7.144.0/20 maxlen: 20
2a0a:d3c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:47:28:29:1e:81:d6:64:f4:eb:78:b6:bf:78:ce:03:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Aug 12 15:14:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11839fdf1287c3dfcc280d43f742924e8b1bd2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:20:5a:4c:95:32:8f:e0:69:12:96:86:23:a3:
82:90:44:4c:24:69:6b:1d:c5:58:ba:38:d9:62:fd:
1e:b5:78:0f:85:59:48:87:45:9b:37:7f:d7:43:26:
81:cc:70:d7:24:52:14:a6:4d:26:ab:aa:de:90:cb:
36:a9:3f:26:00:9d:54:ed:0d:0a:8f:fc:eb:7b:17:
35:e1:ea:58:5f:ab:ec:64:f3:34:bb:ae:bc:38:d0:
b3:00:ea:6f:56:f5:1e:ad:91:3e:41:64:9c:1c:b1:
82:d2:f7:ee:3c:88:05:dd:69:8d:bc:33:b3:d6:eb:
e7:03:97:c0:17:b2:47:10:6a:55:47:b0:99:cf:b8:
38:a1:82:0c:8b:f4:a4:d3:0e:42:62:07:d4:e5:bf:
bc:75:67:c8:9f:d5:3f:68:c9:af:78:d7:a4:69:29:
a0:78:ad:99:94:a0:bb:9b:b2:6c:ec:15:04:2f:f8:
73:42:7a:ed:ca:b3:b3:6a:2c:ef:24:60:57:5f:ff:
f1:eb:29:ce:b3:50:69:da:f0:0c:c9:d9:cf:9c:96:
05:10:b1:16:b5:29:de:d6:49:38:9f:ca:f2:e9:97:
64:60:b3:58:17:71:42:6f:38:4c:ae:8a:fd:27:c4:
87:da:0c:f2:9d:d8:df:3d:31:f9:40:ff:4b:50:dc:
52:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:83:9F:DF:12:87:C3:DF:CC:28:0D:43:F7:42:92:4E:8B:1B:D2:D0
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/EYOf3xKHw9_MKA1D90KSTosb0tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.144.0/20
IPv6:
2a0a:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:a9:ac:1e:40:80:ff:8d:93:c4:be:96:3e:f6:f1:e4:f2:49:
a8:6d:c2:eb:d7:fb:1a:99:12:96:ad:34:59:7c:2c:73:4a:c6:
47:7c:28:36:83:bf:37:5a:57:e5:9e:32:05:c9:7e:60:4f:36:
6c:f8:ae:5a:99:a2:3c:63:28:46:1a:d8:72:37:ab:5c:8a:99:
14:7a:5b:51:73:bc:8f:31:ad:a6:a0:30:44:c2:f8:ac:89:66:
67:7e:1f:20:cb:66:09:bd:b7:ad:bc:58:49:3b:12:e8:62:a9:
b7:a8:43:3f:0e:3a:e2:5b:2f:3b:b4:a7:cb:b3:2d:f0:a4:ce:
59:b7:76:bf:94:f8:59:b2:e3:ad:d7:5d:1f:3a:b9:54:69:fd:
41:a1:7c:0d:e9:b5:eb:cb:0b:07:41:90:ae:ba:13:da:7d:0d:
75:ba:7e:4f:46:14:aa:dd:43:92:6e:08:d3:25:5c:36:e0:dc:
e6:81:9c:e5:99:17:2c:f8:f8:b1:6e:76:a7:a6:ab:2c:cb:98:
69:cd:8e:24:35:24:6d:b7:7c:ee:08:cd:08:63:1f:78:fd:22:
17:ee:c8:c5:b1:63:1d:53:3d:61:b1:59:7f:82:b8:7e:7b:76:
fb:f7:74:0f:e4:72:ca:49:b7:07:fa:e3:02:49:98:03:fe:57:
e3:c6:af:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZFHKCkegdZk9Ot4tr94zgOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjQwODEyMTUxNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTgzOWZkZjEyODdjM2RmY2MyODBkNDNmNzQyOTI0ZThiMWJkMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yBaTJUyj+BpEpaGI6OCkERMJGlr
HcVYujjZYv0etXgPhVlIh0WbN3/XQyaBzHDXJFIUpk0mq6rekMs2qT8mAJ1U7Q0K
j/zrexc14epYX6vsZPM0u668ONCzAOpvVvUerZE+QWScHLGC0vfuPIgF3WmNvDOz
1uvnA5fAF7JHEGpVR7CZz7g4oYIMi/Sk0w5CYgfU5b+8dWfIn9U/aMmveNekaSmg
eK2ZlKC7m7Js7BUEL/hzQnrtyrOzaizvJGBXX//x6ynOs1Bp2vAMydnPnJYFELEW
tSne1kk4n8ry6ZdkYLNYF3FCbzhMror9J8SH2gzyndjfPTH5QP9LUNxSxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBGDn98Sh8PfzCgNQ/dCkk6LG9LQMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvRVlPZjN4S0h3OV9NS0ExRDkwS1NUb3NiMHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEHweQMA0E
AgACMAcDBQMqCtPAMA0GCSqGSIb3DQEBCwUAA4IBAQBhqaweQID/jZPEvpY+9vHk
8kmobcLr1/samRKWrTRZfCxzSsZHfCg2g783WlflnjIFyX5gTzZs+K5amaI8YyhG
GthyN6tcipkUeltRc7yPMa2moDBEwvisiWZnfh8gy2YJvbetvFhJOxLoYqm3qEM/
DjriWy87tKfLsy3wpM5Zt3a/lPhZsuOt110fOrlUaf1BoXwN6bXrywsHQZCuuhPa
fQ11un5PRhSq3UOSbgjTJVw24NzmgZzlmRcs+Pixbnanpqssy5hpzY4kNSRtt3zu
CM0IYx94/SIX7sjFsWMdUz1hsVl/grh+e3b793QP5HLKSbcH+uMCSZgD/lfjxq+G
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:30:46 2025 by rpki-client