Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/7XozsJg8cESPgPLOlnZdDHuIIkA.roa
File: 7XozsJg8cESPgPLOlnZdDHuIIkA.roa (raw, json)
Hash identifier: NkHcRJjWveOKr/3lsnLotWjQFQWLhxVwR81b0kSFErE=
Subject key identifier: ED:7A:33:B0:98:3C:70:44:8F:80:F2:CE:96:76:5D:0C:7B:88:22:40
Certificate issuer: /CN=0195727f07b758f9868476c13cf977654bf380ee
Certificate serial: 019423D6B24F743BDA4C6EB18563F048FB70
Authority key identifier: 01:95:72:7F:07:B7:58:F9:86:84:76:C1:3C:F9:77:65:4B:F3:80:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/7XozsJg8cESPgPLOlnZdDHuIIkA.roa
Signing time: Wed 01 Jan 2025 21:47:40 +0000
ROA not before: Wed 01 Jan 2025 21:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56535
IP address blocks: 31.44.240.0/24 maxlen: 24
31.44.241.0/24 maxlen: 24
31.44.242.0/24 maxlen: 24
31.44.243.0/24 maxlen: 24
31.44.252.0/23 maxlen: 23
31.44.254.0/24 maxlen: 24
31.44.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b2:4f:74:3b:da:4c:6e:b1:85:63:f0:48:fb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0195727f07b758f9868476c13cf977654bf380ee
Validity
Not Before: Jan 1 21:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed7a33b0983c70448f80f2ce96765d0c7b882240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fb:97:c2:ee:77:8c:3d:60:49:40:92:68:91:
09:e7:be:c3:8d:84:34:cb:a9:45:79:a6:5c:a5:d8:
47:60:48:c5:7a:76:44:d6:34:77:6f:ed:ec:b8:db:
30:63:e3:30:70:5f:ff:19:c4:c0:0f:1f:78:84:08:
87:7c:93:8e:e2:db:6a:fd:13:8e:a0:9a:1e:65:cb:
8c:00:92:b7:9e:0c:0b:a5:b1:e3:00:83:35:a4:9e:
76:9e:2d:9e:d5:48:98:3e:a7:40:4a:6e:98:a9:e6:
8a:33:a3:a1:39:46:1e:e7:69:eb:6d:a7:b8:58:6e:
59:51:ea:6b:e2:37:59:9c:5d:5d:84:3f:09:eb:be:
ce:0b:1f:88:1b:03:3d:18:90:d9:fd:c3:c9:c4:1c:
d8:f1:29:ce:9b:fe:c8:80:fa:5a:2b:77:7c:c0:0b:
3f:f0:78:9f:0f:e2:13:d4:35:4a:93:94:6f:ec:23:
1b:d5:d2:97:62:85:75:db:3d:2f:6c:a6:d8:9b:78:
68:7c:1e:13:c1:8f:f0:fa:a8:d3:0c:08:ad:c5:00:
2e:cc:49:c8:75:9d:01:10:26:10:0b:e8:69:5e:65:
a7:5c:8c:d2:56:90:5c:e4:df:34:71:34:60:da:7d:
bb:14:af:18:e7:1e:df:13:b1:62:ce:18:fb:a8:34:
ab:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:7A:33:B0:98:3C:70:44:8F:80:F2:CE:96:76:5D:0C:7B:88:22:40
X509v3 Authority Key Identifier:
keyid:01:95:72:7F:07:B7:58:F9:86:84:76:C1:3C:F9:77:65:4B:F3:80:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/7XozsJg8cESPgPLOlnZdDHuIIkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.240.0/22
31.44.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:d4:38:54:c5:2c:5d:cc:9f:9a:e5:07:04:5d:f9:c5:75:48:
78:2b:b7:db:a4:a2:2a:4b:27:c9:d3:0f:9f:24:93:e8:a5:7c:
95:b7:99:fc:f1:69:a5:a6:3a:89:3b:c5:ee:92:55:e1:64:0f:
c1:4c:63:9b:68:93:89:1d:49:f4:4c:11:12:66:54:96:19:e1:
0b:69:84:c9:a1:d9:2a:3c:d3:8e:2a:14:72:e3:8d:eb:6b:e5:
dc:3c:96:8b:5e:3a:4f:dc:70:bf:ba:94:44:0a:37:ce:f0:91:
86:39:98:3a:63:f0:a5:e5:b2:23:fd:9b:5c:73:b2:b4:f9:1d:
4b:f0:f6:d4:d9:26:45:4b:fa:6a:d5:1b:62:98:30:aa:1a:38:
77:09:b9:e1:f2:5c:32:7c:1e:d3:c4:93:78:8c:51:60:11:18:
08:d3:0e:dc:f6:63:74:a5:3d:6d:a0:5f:c2:8e:5e:7d:b9:36:
bc:fc:be:8c:53:59:d6:0e:56:cc:4d:a2:9b:67:c7:aa:81:7a:
14:83:91:a6:63:30:ff:96:03:f1:0d:eb:20:5d:88:ba:bd:48:
40:75:01:e9:f1:d2:84:47:77:1a:54:87:fe:f7:74:ee:88:f6:
0a:6c:5f:0e:30:55:10:fd:57:49:86:60:cd:11:49:4a:d6:22:
12:7a:12:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1rJPdDvaTG6xhWPwSPtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTU3MjdmMDdiNzU4Zjk4Njg0NzZjMTNjZjk3NzY1NGJm
MzgwZWUwHhcNMjUwMTAxMjE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDdhMzNiMDk4M2M3MDQ0OGY4MGYyY2U5Njc2NWQwYzdiODgyMjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/uXwu53jD1gSUCSaJEJ577DjYQ0
y6lFeaZcpdhHYEjFenZE1jR3b+3suNswY+MwcF//GcTADx94hAiHfJOO4ttq/ROO
oJoeZcuMAJK3ngwLpbHjAIM1pJ52ni2e1UiYPqdASm6YqeaKM6OhOUYe52nrbae4
WG5ZUepr4jdZnF1dhD8J677OCx+IGwM9GJDZ/cPJxBzY8SnOm/7IgPpaK3d8wAs/
8HifD+IT1DVKk5Rv7CMb1dKXYoV12z0vbKbYm3hofB4TwY/w+qjTDAitxQAuzEnI
dZ0BECYQC+hpXmWnXIzSVpBc5N80cTRg2n27FK8Y5x7fE7Fizhj7qDSr6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO16M7CYPHBEj4DyzpZ2XQx7iCJAMB8GA1UdIwQY
MBaAFAGVcn8Ht1j5hoR2wTz5d2VL84DuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpWeWZ3ZTNXUG1HaEhiQlBQbDNaVXZ6Z080LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kZGVkOTUtY2I4Yy00MzM1LWFlZDAt
NjQ4MzhkZjM5NzdhLzEvN1hvenNKZzhjRVNQZ1BMT2xuWmRESHVJSWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kZGVkOTUtY2I4Yy00MzM1LWFlZDAtNjQ4MzhkZjM5Nzdh
LzEvQVpWeWZ3ZTNXUG1HaEhiQlBQbDNaVXZ6Z080LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHyzwAwQC
Hyz8MA0GCSqGSIb3DQEBCwUAA4IBAQBf1DhUxSxdzJ+a5QcEXfnFdUh4K7fbpKIq
SyfJ0w+fJJPopXyVt5n88WmlpjqJO8XuklXhZA/BTGObaJOJHUn0TBESZlSWGeEL
aYTJodkqPNOOKhRy443ra+XcPJaLXjpP3HC/upRECjfO8JGGOZg6Y/Cl5bIj/Ztc
c7K0+R1L8PbU2SZFS/pq1RtimDCqGjh3Cbnh8lwyfB7TxJN4jFFgERgI0w7c9mN0
pT1toF/Cjl59uTa8/L6MU1nWDlbMTaKbZ8eqgXoUg5GmYzD/lgPxDesgXYi6vUhA
dQHp8dKER3caVIf+93TuiPYKbF8OMFUQ/VdJhmDNEUlK1iISehKq
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:50:03 2025 by rpki-client