Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/d3wHhLF7_F2drrnAq4ufIbIjpfM.roa
File: d3wHhLF7_F2drrnAq4ufIbIjpfM.roa (raw, json)
Hash identifier: KBpvQcL8WXArnGC0TPR+vAIeruDFeNliNeiATzVd2jY=
Subject key identifier: 77:7C:07:84:B1:7B:FC:5D:9D:AE:B9:C0:AB:8B:9F:21:B2:23:A5:F3
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 019425FD67FA75A8250DFEE67F6A3FDE9B5E
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/d3wHhLF7_F2drrnAq4ufIbIjpfM.roa
Signing time: Thu 02 Jan 2025 07:49:11 +0000
ROA not before: Thu 02 Jan 2025 07:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34081
IP address blocks: 31.14.163.0/24 maxlen: 25
84.33.0.0/18 maxlen: 24
84.33.16.0/23 maxlen: 24
84.33.192.0/18 maxlen: 24
172.83.81.0/24 maxlen: 25
193.188.28.0/22 maxlen: 24
217.70.144.0/20 maxlen: 24
2001:1a38::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:67:fa:75:a8:25:0d:fe:e6:7f:6a:3f:de:9b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Jan 2 07:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=777c0784b17bfc5d9daeb9c0ab8b9f21b223a5f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4f:dd:8e:27:28:0e:cc:cd:2e:03:38:b6:b2:
cf:dd:6a:82:46:d7:02:97:bc:55:ef:5d:91:35:f3:
e2:81:fc:44:c8:f6:71:38:76:e4:eb:64:85:b0:2e:
af:1c:7b:45:55:8b:71:e3:2e:fa:2b:83:4f:b1:a0:
5b:af:d4:c4:18:68:ae:4e:83:05:62:9f:b5:97:2d:
76:15:8f:66:bd:a6:ad:3e:c3:7c:0a:67:b6:1c:b6:
f0:11:40:f7:ce:ce:87:c0:9a:5b:bc:43:16:b0:4b:
20:c8:75:32:05:fd:8f:48:ec:9a:b3:90:a1:48:48:
8e:cd:0c:9b:e9:a8:68:da:bd:ec:21:b2:f0:0d:25:
95:80:ff:8b:17:dd:75:35:1a:ec:8d:99:2e:5f:34:
27:ed:94:ee:dd:27:0d:bf:d3:db:65:88:4f:e8:bb:
77:3a:fd:fd:94:db:72:88:a5:0c:cd:0a:86:b0:48:
7d:b6:d7:84:2d:9f:90:8e:54:d5:51:32:1a:6c:e8:
4d:7f:a3:74:0b:63:f0:b3:2e:f5:94:80:21:7e:9f:
ad:86:ca:20:09:7b:7c:2c:20:3e:4b:26:d4:4f:fd:
b4:d9:e7:8a:c5:24:ca:d5:52:94:7c:fa:9f:e8:78:
67:4b:5a:6c:81:78:d4:3c:74:34:14:b7:5d:39:97:
d0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7C:07:84:B1:7B:FC:5D:9D:AE:B9:C0:AB:8B:9F:21:B2:23:A5:F3
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/d3wHhLF7_F2drrnAq4ufIbIjpfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.163.0/24
84.33.0.0/18
84.33.192.0/18
172.83.81.0/24
193.188.28.0/22
217.70.144.0/20
IPv6:
2001:1a38::/32
Signature Algorithm: sha256WithRSAEncryption
cc:8e:b1:be:9a:5e:bd:bd:a3:31:08:43:37:cd:8f:ad:01:e7:
51:3e:f5:68:b0:10:3b:67:1f:49:5a:05:40:7a:b9:d8:62:74:
f0:a1:94:fe:51:f7:2b:9c:8c:5b:cc:96:e0:07:cf:df:c2:fa:
a2:8c:47:c0:01:ea:df:c4:6e:af:fe:d5:66:f3:53:5d:cf:a3:
a0:b5:d9:28:52:c6:a3:04:f5:7c:9b:a5:0b:6f:8a:34:9b:c8:
4c:de:f7:79:3d:40:66:d1:dd:fe:a4:74:40:84:89:02:88:fc:
d2:0d:bc:b8:0e:00:aa:32:9c:00:1a:16:fa:ba:29:06:fc:63:
7e:4b:9b:5a:10:30:81:f5:cc:f1:ca:24:04:fa:f1:9c:ad:f9:
2e:ae:33:bc:83:73:8d:35:ab:c5:30:29:8e:5e:3c:57:b9:42:
ae:4c:4a:f1:63:2e:c3:1c:bd:c4:00:20:e2:b7:25:7b:b3:de:
2f:dc:04:0a:27:e1:55:22:7e:31:de:11:59:80:b4:41:50:b7:
ee:e6:41:ee:ec:a9:ef:04:59:ff:c1:78:d7:a4:88:e7:29:14:
50:20:3d:19:8c:42:a2:65:e8:7b:12:06:b3:d3:00:93:b3:b5:
30:81:ab:66:40:f5:0c:79:4c:2c:c4:02:9e:ed:87:71:b5:f0:
3e:f8:8b:a1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQl/Wf6daglDf7mf2o/3pteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZWJjOWJmZWYyYjRkMjNmMTk1MTNiZmQ0ZDYwYmI3OThm
NWE1OWQwHhcNMjUwMTAyMDc0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzdjMDc4NGIxN2JmYzVkOWRhZWI5YzBhYjhiOWYyMWIyMjNhNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkE/djicoDszNLgM4trLP3WqCRtcC
l7xV712RNfPigfxEyPZxOHbk62SFsC6vHHtFVYtx4y76K4NPsaBbr9TEGGiuToMF
Yp+1ly12FY9mvaatPsN8Cme2HLbwEUD3zs6HwJpbvEMWsEsgyHUyBf2PSOyas5Ch
SEiOzQyb6aho2r3sIbLwDSWVgP+LF911NRrsjZkuXzQn7ZTu3ScNv9PbZYhP6Lt3
Ov39lNtyiKUMzQqGsEh9tteELZ+QjlTVUTIabOhNf6N0C2Pwsy71lIAhfp+thsog
CXt8LCA+SybUT/202eeKxSTK1VKUfPqf6HhnS1psgXjUPHQ0FLddOZfQYwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHd8B4Sxe/xdna65wKuLnyGyI6XzMB8GA1UdIwQY
MBaAFKrryb/vK00j8ZUTv9TWC7eY9aWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2Nzkt
MTFhZmI0OTkyZWVmLzEvZDN3SGhMRjdfRjJkcnJuQXE0dWZJYklqcGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2NzktMTFhZmI0OTkyZWVm
LzEvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHw6jAwQG
VCEAAwQGVCHAAwQArFNRAwQCwbwcAwQE2UaQMA0EAgACMAcDBQAgARo4MA0GCSqG
SIb3DQEBCwUAA4IBAQDMjrG+ml69vaMxCEM3zY+tAedRPvVosBA7Zx9JWgVAernY
YnTwoZT+UfcrnIxbzJbgB8/fwvqijEfAAerfxG6v/tVm81Ndz6OgtdkoUsajBPV8
m6ULb4o0m8hM3vd5PUBm0d3+pHRAhIkCiPzSDby4DgCqMpwAGhb6uikG/GN+S5ta
EDCB9czxyiQE+vGcrfkurjO8g3ONNavFMCmOXjxXuUKuTErxYy7DHL3EACDityV7
s94v3AQKJ+FVIn4x3hFZgLRBULfu5kHu7KnvBFn/wXjXpIjnKRRQID0ZjEKiZeh7
Egaz0wCTs7UwgatmQPUMeUwsxAKe7YdxtfA++Iuh
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:47:47 2025 by rpki-client