Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/DrnIGKszAW1ZbQNKSkEregTfhb4.roa
File: DrnIGKszAW1ZbQNKSkEregTfhb4.roa (raw, json)
Hash identifier: Z/zgq/mvlLhjLNnsmm9yXyxlV8o9imFyGkPeSoTx6+s=
Subject key identifier: 0E:B9:C8:18:AB:33:01:6D:59:6D:03:4A:4A:41:2B:7A:04:DF:85:BE
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 01942445646A715CB80ACB7C4D703C96B757
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/DrnIGKszAW1ZbQNKSkEregTfhb4.roa
Signing time: Wed 01 Jan 2025 23:48:34 +0000
ROA not before: Wed 01 Jan 2025 23:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206806
IP address blocks: 31.145.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:64:6a:71:5c:b8:0a:cb:7c:4d:70:3c:96:b7:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 23:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eb9c818ab33016d596d034a4a412b7a04df85be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:09:19:98:a6:74:61:49:d3:1c:5f:0a:8d:75:
7a:31:8a:2a:5e:74:45:9f:27:a0:4f:85:7c:6e:33:
65:d8:c1:d5:8e:a4:03:1a:ee:b6:2c:99:21:70:0d:
5c:4d:d9:b6:58:88:75:c5:79:2f:0a:a0:a4:2c:2d:
13:d4:a3:9f:75:4a:f2:e2:90:d7:1c:90:56:31:e6:
d4:70:1e:ea:12:cf:3d:90:4c:b9:bc:d3:2c:77:17:
0a:67:fd:5d:7e:49:a1:40:2c:85:63:45:af:aa:de:
20:d0:68:36:7f:e8:be:81:72:c7:19:2f:e1:a5:7f:
36:26:c6:1b:e6:93:a9:9a:5f:17:d7:f3:7d:e8:9f:
ca:49:5a:c9:d0:26:3a:44:78:97:ee:e1:3f:94:de:
40:81:7f:1c:a1:1d:54:12:0a:d2:15:92:70:cc:92:
bf:19:a0:48:cd:23:79:ac:e7:ad:1f:76:72:50:27:
7b:44:1c:ed:65:09:23:99:d3:5f:e3:48:92:13:bf:
3a:6a:17:b8:e0:b6:2a:1a:ac:38:9b:cd:94:27:c8:
0a:ef:6b:c8:5e:b4:f3:f9:be:3f:b3:52:ba:19:f3:
62:14:19:46:d2:d3:a7:4d:e6:a8:81:8f:19:14:4f:
72:b6:43:6b:ad:3e:56:92:16:3e:e4:15:14:65:14:
06:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B9:C8:18:AB:33:01:6D:59:6D:03:4A:4A:41:2B:7A:04:DF:85:BE
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/DrnIGKszAW1ZbQNKSkEregTfhb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.145.122.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:58:e0:3c:17:57:96:1c:b9:09:ae:9b:b6:a8:52:b0:f5:f7:
e2:df:f6:5b:85:3a:1e:cc:ba:01:e3:ac:27:29:5d:fe:75:56:
59:9a:7d:16:32:0f:56:19:43:78:27:06:fa:0d:28:37:2c:a9:
7f:b6:14:3b:5f:59:4d:30:ac:d6:a4:a8:74:17:25:fa:81:4f:
28:2f:1a:15:d4:86:38:c2:ba:88:dd:b6:e0:bd:5f:4f:22:b9:
7c:d3:47:00:83:2f:1f:78:26:cc:89:ad:c4:f8:a6:2a:80:be:
6a:b4:e7:c1:2d:56:d1:d8:9d:f1:5b:31:3d:b7:6a:f5:d3:7e:
07:94:3c:7f:1b:db:ff:d2:26:57:09:44:35:79:57:23:83:a5:
f8:35:27:f0:65:0b:d6:02:09:25:ef:76:8e:7c:7d:1e:0b:99:
a6:9a:eb:96:8e:bb:88:a6:46:f3:8e:b0:92:b9:78:b9:ee:95:
8a:41:cc:a0:b8:2b:81:ab:2d:90:4f:45:96:34:aa:30:42:aa:
b6:48:79:3d:97:76:13:2d:95:b4:97:30:4a:30:bc:05:85:af:
e4:59:f6:5d:eb:15:89:30:ca:ef:b0:be:41:a0:64:3b:59:49:
5c:f7:07:ba:fa:3a:79:18:b8:18:08:3e:d4:23:4b:d9:6a:70:
d8:07:25:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRWRqcVy4Cst8TXA8lrdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjUwMTAxMjM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWI5YzgxOGFiMzMwMTZkNTk2ZDAzNGE0YTQxMmI3YTA0ZGY4NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgkZmKZ0YUnTHF8KjXV6MYoqXnRF
nyegT4V8bjNl2MHVjqQDGu62LJkhcA1cTdm2WIh1xXkvCqCkLC0T1KOfdUry4pDX
HJBWMebUcB7qEs89kEy5vNMsdxcKZ/1dfkmhQCyFY0Wvqt4g0Gg2f+i+gXLHGS/h
pX82JsYb5pOpml8X1/N96J/KSVrJ0CY6RHiX7uE/lN5AgX8coR1UEgrSFZJwzJK/
GaBIzSN5rOetH3ZyUCd7RBztZQkjmdNf40iSE786ahe44LYqGqw4m82UJ8gK72vI
XrTz+b4/s1K6GfNiFBlG0tOnTeaogY8ZFE9ytkNrrT5WkhY+5BUUZRQG2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA65yBirMwFtWW0DSkpBK3oE34W+MB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvRHJuSUdLc3pBVzFaYlFOS1NrRXJlZ1RmaGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5F6MA0G
CSqGSIb3DQEBCwUAA4IBAQCjWOA8F1eWHLkJrpu2qFKw9ffi3/ZbhToezLoB46wn
KV3+dVZZmn0WMg9WGUN4Jwb6DSg3LKl/thQ7X1lNMKzWpKh0FyX6gU8oLxoV1IY4
wrqI3bbgvV9PIrl800cAgy8feCbMia3E+KYqgL5qtOfBLVbR2J3xWzE9t2r1034H
lDx/G9v/0iZXCUQ1eVcjg6X4NSfwZQvWAgkl73aOfH0eC5mmmuuWjruIpkbzjrCS
uXi57pWKQcyguCuBqy2QT0WWNKowQqq2SHk9l3YTLZW0lzBKMLwFha/kWfZd6xWJ
MMrvsL5BoGQ7WUlc9we6+jp5GLgYCD7UI0vZanDYByUE
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:16 2025 by rpki-client