Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/rPhc70wdg_DNFy8p_DFC0TNrzZE.roa
File: rPhc70wdg_DNFy8p_DFC0TNrzZE.roa (raw, json)
Hash identifier: izXtXZXXy5nvEOdPnUDtBt7NCMNBYID7xzPo2/E3HvE=
Subject key identifier: AC:F8:5C:EF:4C:1D:83:F0:CD:17:2F:29:FC:31:42:D1:33:6B:CD:91
Certificate issuer: /CN=91c2c2912e10581587052a5ca770910b26174f14
Certificate serial: 01942369F4CBCDB1C3B4E1C8D27C904C8077
Authority key identifier: 91:C2:C2:91:2E:10:58:15:87:05:2A:5C:A7:70:91:0B:26:17:4F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/rPhc70wdg_DNFy8p_DFC0TNrzZE.roa
Signing time: Wed 01 Jan 2025 19:48:53 +0000
ROA not before: Wed 01 Jan 2025 19:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56577
IP address blocks: 31.41.40.0/21 maxlen: 21
185.68.92.0/22 maxlen: 22
2a05:1700::/48 maxlen: 48
2a05:1700:2::/48 maxlen: 48
2a05:1700:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f4:cb:cd:b1:c3:b4:e1:c8:d2:7c:90:4c:80:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c2c2912e10581587052a5ca770910b26174f14
Validity
Not Before: Jan 1 19:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acf85cef4c1d83f0cd172f29fc3142d1336bcd91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d8:16:00:85:41:8d:24:6a:f5:51:c7:ca:df:
9c:22:38:15:dd:cb:d6:de:f0:01:c5:f5:c0:05:9e:
77:ad:3d:02:9a:a0:6f:38:c3:ec:4b:75:f5:6b:64:
8c:57:2d:ba:e8:c4:20:9a:f7:81:43:44:27:cc:4c:
5c:a6:43:8a:fa:51:49:eb:5c:41:bc:fd:65:44:bc:
41:35:c8:ad:5f:63:b7:d6:9a:51:0c:09:05:da:39:
ff:9c:cf:a7:43:e6:82:26:b5:3d:df:bb:57:e6:86:
23:43:26:ab:31:a2:43:27:71:6a:24:43:f9:57:00:
8b:2f:4a:34:cb:99:aa:4d:6c:26:dc:16:3e:0b:e2:
23:46:a9:9a:28:1e:27:78:be:a5:4d:a2:dd:30:dd:
92:75:fe:12:63:49:f8:7b:ca:0c:d2:b9:7b:5a:81:
cf:00:2c:55:df:b0:83:3d:3d:8f:ec:af:18:87:33:
1a:69:9a:23:63:70:05:95:01:94:a2:61:9b:ba:86:
77:83:fd:a1:5e:2a:3d:e7:8d:82:91:c1:32:8d:f1:
97:48:1a:10:9f:74:c6:60:9c:4d:7e:5e:d8:ff:d6:
37:ad:45:77:90:da:63:92:7d:0e:1a:98:91:e7:e0:
6c:da:85:a9:44:bd:77:bd:a5:96:21:b2:ca:f0:a5:
8e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F8:5C:EF:4C:1D:83:F0:CD:17:2F:29:FC:31:42:D1:33:6B:CD:91
X509v3 Authority Key Identifier:
keyid:91:C2:C2:91:2E:10:58:15:87:05:2A:5C:A7:70:91:0B:26:17:4F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/rPhc70wdg_DNFy8p_DFC0TNrzZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.40.0/21
185.68.92.0/22
IPv6:
2a05:1700::/48
2a05:1700:2::/47
Signature Algorithm: sha256WithRSAEncryption
b2:f2:01:4e:7e:11:62:6d:11:75:e4:b7:d0:5f:c6:7b:cc:0a:
95:99:da:e0:03:45:62:38:78:11:ca:4f:80:c8:bc:94:ac:a0:
7f:d9:e3:1f:b8:c8:99:91:a7:81:07:82:f3:ed:3d:36:26:0e:
1b:b8:81:51:82:3c:75:9b:ce:01:cb:70:6b:12:c0:ba:d0:31:
f9:0b:fe:f3:4b:33:1a:97:92:86:9f:c3:cb:19:8f:be:71:1f:
42:9c:ba:15:fa:21:45:60:91:08:d5:45:81:28:30:af:22:cb:
3e:27:59:d8:35:cc:53:cd:c8:de:c9:77:2b:19:e5:31:22:7b:
2c:a4:9b:3e:7d:fa:cf:2f:ce:6c:47:32:02:28:c6:1e:0e:88:
6d:a4:07:eb:52:45:6b:cc:7c:29:ef:2f:26:e9:d9:28:0a:7b:
84:67:28:23:01:e0:f0:33:f3:94:89:f0:37:14:e0:2f:dd:86:
ae:c2:10:1c:0e:e1:be:26:76:0f:be:70:8e:68:8c:9f:db:a0:
c3:48:60:8a:d2:60:1e:25:a3:fa:5b:95:24:dc:9a:33:91:c6:
7d:17:23:64:1a:e9:76:01:6c:88:f0:98:6d:80:c5:e9:8f:6e:
64:dd:a5:bf:3d:4d:70:21:7b:6b:00:1a:ec:d6:b3:88:6e:c5:
6f:95:36:e6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQjafTLzbHDtOHI0nyQTIB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzJjMjkxMmUxMDU4MTU4NzA1MmE1Y2E3NzA5MTBiMjYx
NzRmMTQwHhcNMjUwMTAxMTk0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2Y4NWNlZjRjMWQ4M2YwY2QxNzJmMjlmYzMxNDJkMTMzNmJjZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNgWAIVBjSRq9VHHyt+cIjgV3cvW
3vABxfXABZ53rT0CmqBvOMPsS3X1a2SMVy266MQgmveBQ0QnzExcpkOK+lFJ61xB
vP1lRLxBNcitX2O31ppRDAkF2jn/nM+nQ+aCJrU937tX5oYjQyarMaJDJ3FqJEP5
VwCLL0o0y5mqTWwm3BY+C+IjRqmaKB4neL6lTaLdMN2Sdf4SY0n4e8oM0rl7WoHP
ACxV37CDPT2P7K8YhzMaaZojY3AFlQGUomGbuoZ3g/2hXio9542CkcEyjfGXSBoQ
n3TGYJxNfl7Y/9Y3rUV3kNpjkn0OGpiR5+Bs2oWpRL13vaWWIbLK8KWOpwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKz4XO9MHYPwzRcvKfwxQtEza82RMB8GA1UdIwQY
MBaAFJHCwpEuEFgVhwUqXKdwkQsmF08UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NMQ2tTNFFXQldIQlNwY3AzQ1JDeVlYVHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMzBiNTctZTdlOS00YjJmLTk5YjYt
OTBmOTdmNzQ2Njc2LzEvclBoYzcwd2RnX0RORnk4cF9ERkMwVE5yelpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMzBiNTctZTdlOS00YjJmLTk5YjYtOTBmOTdmNzQ2Njc2
LzEva2NMQ2tTNFFXQldIQlNwY3AzQ1JDeVlYVHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQDHykoAwQC
uURcMBgEAgACMBIDBwAqBRcAAAADBwEqBRcAAAIwDQYJKoZIhvcNAQELBQADggEB
ALLyAU5+EWJtEXXkt9BfxnvMCpWZ2uADRWI4eBHKT4DIvJSsoH/Z4x+4yJmRp4EH
gvPtPTYmDhu4gVGCPHWbzgHLcGsSwLrQMfkL/vNLMxqXkoafw8sZj75xH0KcuhX6
IUVgkQjVRYEoMK8iyz4nWdg1zFPNyN7JdysZ5TEieyykmz59+s8vzmxHMgIoxh4O
iG2kB+tSRWvMfCnvLybp2SgKe4RnKCMB4PAz85SJ8DcU4C/dhq7CEBwO4b4mdg++
cI5ojJ/boMNIYIrSYB4lo/pblSTcmjORxn0XI2Qa6XYBbIjwmG2AxemPbmTdpb89
TXAhe2sAGuzWs4huxW+VNuY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:29:09 2025 by rpki-client