Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/4UJRIsMgzbbOOl_nMZ8awomMSD8.roa
File: 4UJRIsMgzbbOOl_nMZ8awomMSD8.roa (raw, json)
Hash identifier: HA5+hPhaR5I2iP9TQnrkM1KP48JQR4MNJZDQicrXCa8=
Subject key identifier: E1:42:51:22:C3:20:CD:B6:CE:3A:5F:E7:31:9F:1A:C2:89:8C:48:3F
Certificate issuer: /CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7
Certificate serial: 0194258EF616BC7B83070F8F4670036553D0
Authority key identifier: 85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/4UJRIsMgzbbOOl_nMZ8awomMSD8.roa
Signing time: Thu 02 Jan 2025 05:48:33 +0000
ROA not before: Thu 02 Jan 2025 05:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57789
IP address blocks: 31.135.192.0/20 maxlen: 20
185.23.7.0/24 maxlen: 24
2a0e:64c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f6:16:bc:7b:83:07:0f:8f:46:70:03:65:53:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7
Validity
Not Before: Jan 2 05:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1425122c320cdb6ce3a5fe7319f1ac2898c483f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:fc:25:2a:1f:20:61:e2:0c:a4:35:39:a3:
ac:a5:ff:dc:62:9c:07:f1:ba:c4:6c:1f:d1:ff:60:
81:56:cd:a2:48:ed:d1:29:2d:fc:3e:b0:02:87:7a:
03:45:2a:fa:0a:31:fa:95:e2:7d:1a:7f:7f:4c:fd:
66:21:37:df:4c:14:01:bb:31:18:08:9b:ed:43:5d:
5b:48:44:2a:21:31:e9:bc:2d:88:a7:e0:2c:63:5f:
b1:c8:7d:d1:46:78:16:70:ee:e9:f9:ac:d2:93:3f:
fa:b2:96:05:34:ec:07:f9:d3:5a:e5:42:8f:2d:18:
5b:16:c1:dd:ab:b5:a8:0f:cb:2f:1b:76:45:39:f5:
3f:9c:e0:96:a8:a7:d4:b9:29:cb:d7:9e:1d:7f:24:
56:aa:71:ed:9c:a1:d8:e6:b5:5f:2a:5c:0d:1f:2a:
7e:a2:55:95:50:c9:bc:7e:ac:be:0a:5d:3c:77:27:
c2:c2:b3:f8:60:52:dc:06:7a:cb:a1:56:86:c9:db:
e9:1e:36:82:7e:f7:13:23:9b:5f:53:bb:4a:3b:c6:
15:3e:14:3f:ca:18:ec:d5:6c:58:83:dc:4a:3a:03:
d5:d7:2d:6e:d6:d7:ea:49:c6:e6:4a:ee:cf:2f:07:
95:dc:1d:78:e0:10:dc:f9:5b:19:39:3f:f0:1c:6b:
d7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:42:51:22:C3:20:CD:B6:CE:3A:5F:E7:31:9F:1A:C2:89:8C:48:3F
X509v3 Authority Key Identifier:
keyid:85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/4UJRIsMgzbbOOl_nMZ8awomMSD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/hYAvwdDz46RGJWLS8G8rPe_49Oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.192.0/20
185.23.7.0/24
IPv6:
2a0e:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:58:ac:44:2e:27:85:fe:89:1f:44:87:f5:d2:0e:55:33:1c:
79:1a:4f:7a:bd:dd:66:e3:33:13:64:09:b2:1f:fc:43:b0:c0:
1a:8a:63:89:54:be:c5:4f:57:b1:b1:a5:47:67:fd:88:f2:77:
ed:b5:ca:e1:95:79:91:e9:fc:e6:4b:4a:8e:67:06:fc:21:98:
0a:18:b2:dc:08:3a:20:09:1b:97:67:1a:19:f2:9c:5d:8c:2c:
fd:f0:ef:f2:00:65:28:68:ad:f0:d6:08:a4:31:b9:36:d1:8b:
96:e4:dc:5d:14:39:21:dd:74:90:0d:35:f5:ea:12:15:ec:e4:
49:be:a7:dd:28:8b:0c:4a:11:69:3c:e1:07:a0:31:ba:57:4e:
cf:74:47:23:4c:43:79:77:18:88:b2:08:96:f1:d9:8c:74:6b:
7f:f4:0a:64:47:d9:7e:ca:03:9b:64:4e:82:7d:ae:10:40:8a:
4c:b7:ef:d6:b4:ff:0b:c5:d6:eb:60:a9:26:54:93:02:a3:16:
46:04:4d:32:9e:f9:70:6b:7d:73:8c:35:7f:8a:d8:35:11:f3:
d8:66:fc:f3:6a:32:7f:5a:8c:46:70:c5:98:0e:0f:97:24:25:
71:1d:9f:0a:95:56:ec:e6:a3:98:dd:0d:e3:57:a6:b2:5a:99:
86:77:e5:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQljvYWvHuDBw+PRnADZVPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ODAyZmMxZDBmM2UzYTQ0NjI1NjJkMmYwNmYyYjNkZWZm
OGY0ZTcwHhcNMjUwMTAyMDU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQyNTEyMmMzMjBjZGI2Y2UzYTVmZTczMTlmMWFjMjg5OGM0ODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP/8JSofIGHiDKQ1OaOspf/cYpwH
8brEbB/R/2CBVs2iSO3RKS38PrACh3oDRSr6CjH6leJ9Gn9/TP1mITffTBQBuzEY
CJvtQ11bSEQqITHpvC2Ip+AsY1+xyH3RRngWcO7p+azSkz/6spYFNOwH+dNa5UKP
LRhbFsHdq7WoD8svG3ZFOfU/nOCWqKfUuSnL154dfyRWqnHtnKHY5rVfKlwNHyp+
olWVUMm8fqy+Cl08dyfCwrP4YFLcBnrLoVaGydvpHjaCfvcTI5tfU7tKO8YVPhQ/
yhjs1WxYg9xKOgPV1y1u1tfqScbmSu7PLweV3B144BDc+VsZOT/wHGvXcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOFCUSLDIM22zjpf5zGfGsKJjEg/MB8GA1UdIwQY
MBaAFIWAL8HQ8+OkRiVi0vBvKz3v+PTnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYt
YjA1ODMyYmM2OTYyLzEvNFVKUklzTWd6YmJPT2xfbk1aOGF3b21NU0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYtYjA1ODMyYmM2OTYy
LzEvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEH4fAAwQA
uRcHMA0EAgACMAcDBQMqDmTAMA0GCSqGSIb3DQEBCwUAA4IBAQCWWKxELieF/okf
RIf10g5VMxx5Gk96vd1m4zMTZAmyH/xDsMAaimOJVL7FT1exsaVHZ/2I8nfttcrh
lXmR6fzmS0qOZwb8IZgKGLLcCDogCRuXZxoZ8pxdjCz98O/yAGUoaK3w1gikMbk2
0YuW5NxdFDkh3XSQDTX16hIV7ORJvqfdKIsMShFpPOEHoDG6V07PdEcjTEN5dxiI
sgiW8dmMdGt/9ApkR9l+ygObZE6Cfa4QQIpMt+/WtP8LxdbrYKkmVJMCoxZGBE0y
nvlwa31zjDV/itg1EfPYZvzzajJ/WoxGcMWYDg+XJCVxHZ8KlVbs5qOY3Q3jV6ay
WpmGd+XC
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:35:16 2025 by rpki-client