Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/FtX2scKMFKjrlX1-jGtQnQQTwEk.roa
File: FtX2scKMFKjrlX1-jGtQnQQTwEk.roa (raw, json)
Hash identifier: kMq1Imts+/ufR0HSWw6rQ0w6zUFocDzOGoNnOCcrl1Y=
Subject key identifier: 16:D5:F6:B1:C2:8C:14:A8:EB:95:7D:7E:8C:6B:50:9D:04:13:C0:49
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 019424B3ACBB3750A42DF13CD16189DE8087
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/FtX2scKMFKjrlX1-jGtQnQQTwEk.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49127
IP address blocks: 31.171.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ac:bb:37:50:a4:2d:f1:3c:d1:61:89:de:80:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16d5f6b1c28c14a8eb957d7e8c6b509d0413c049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8d:89:1d:20:71:7f:64:b8:71:fb:54:bd:32:
d4:4c:35:c6:00:fb:8f:8b:e2:af:c4:22:95:d2:c2:
cb:da:69:eb:85:0f:4b:ad:72:1c:78:f6:44:3b:2d:
2f:79:5d:38:86:c5:d5:3d:88:99:1c:d5:ec:01:20:
d0:c7:90:64:cd:91:9b:64:db:81:1b:d8:22:5a:fe:
8a:de:1a:e8:be:9a:e8:44:e9:5b:2c:8c:e8:7b:c6:
b6:25:e0:4c:c8:8a:2c:fb:a5:e9:62:6e:b4:41:38:
d4:36:bb:2d:e7:96:28:79:85:c0:c5:00:50:34:5d:
c3:6c:1b:4f:b8:52:c7:bc:be:b8:fe:18:d1:c6:d3:
04:69:4e:31:e1:00:bf:df:b0:2c:31:5d:28:7e:51:
6f:57:54:38:5d:8d:92:4f:2d:c0:df:df:97:c4:50:
d2:ab:b3:51:8a:7b:21:f0:10:81:bd:ed:16:fd:14:
06:3d:28:18:71:e0:ff:d9:ea:1e:60:a6:72:48:13:
53:ef:7d:8c:35:5b:42:24:e1:62:76:1e:d2:bb:ec:
af:21:87:95:5f:a4:ba:5e:43:4d:1d:6d:f2:c5:f0:
90:51:61:ef:0c:a2:77:aa:95:c8:e3:2d:d1:79:9f:
bf:24:e2:bf:54:b6:78:6e:bc:36:c7:c6:df:26:f4:
db:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D5:F6:B1:C2:8C:14:A8:EB:95:7D:7E:8C:6B:50:9D:04:13:C0:49
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/FtX2scKMFKjrlX1-jGtQnQQTwEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.131.0/24
Signature Algorithm: sha256WithRSAEncryption
98:d6:20:50:25:15:ce:5f:98:c1:ec:10:7a:b9:00:5e:ef:5d:
72:64:e9:d8:9a:69:ac:31:3e:21:94:b0:6f:aa:34:5b:77:09:
e9:7b:7a:67:2d:e4:74:18:c7:ea:67:87:cf:48:96:da:ac:ff:
2c:66:08:c5:24:c5:78:ec:99:9c:f0:85:72:97:cc:01:4c:87:
c7:dc:95:42:c5:d3:68:cb:da:85:02:3d:bc:ec:aa:ed:69:94:
54:4c:7a:77:5c:66:ae:5b:b6:aa:c7:b0:86:34:c5:0e:ab:67:
78:93:b6:9d:d8:73:58:14:1d:22:9c:81:8b:0a:5f:21:89:70:
ae:f9:b7:32:ec:95:1d:12:6d:bf:09:4c:f8:ef:57:a3:c4:f9:
88:8a:09:a9:50:cc:b6:78:85:8e:e5:b1:18:f3:16:19:fc:79:
8d:cc:64:d9:5f:07:f1:4a:16:8b:ee:3a:bd:f9:97:80:24:31:
80:03:68:b3:7c:96:f6:fd:07:5b:2e:06:1b:f6:cd:60:3f:3e:
b5:4f:a3:26:fa:65:a6:80:61:3b:08:b7:e0:ae:3e:1e:ad:bb:
aa:e8:25:4e:09:67:55:b7:3e:f3:b9:1f:e0:02:cd:7b:fe:6b:
ff:67:ca:8b:54:be:8f:bd:d1:37:b6:47:13:b4:77:05:d4:fc:
9f:79:d1:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks6y7N1CkLfE80WGJ3oCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQ1ZjZiMWMyOGMxNGE4ZWI5NTdkN2U4YzZiNTA5ZDA0MTNjMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1I2JHSBxf2S4cftUvTLUTDXGAPuP
i+KvxCKV0sLL2mnrhQ9LrXIcePZEOy0veV04hsXVPYiZHNXsASDQx5BkzZGbZNuB
G9giWv6K3hrovproROlbLIzoe8a2JeBMyIos+6XpYm60QTjUNrst55YoeYXAxQBQ
NF3DbBtPuFLHvL64/hjRxtMEaU4x4QC/37AsMV0oflFvV1Q4XY2STy3A39+XxFDS
q7NRinsh8BCBve0W/RQGPSgYceD/2eoeYKZySBNT732MNVtCJOFidh7Su+yvIYeV
X6S6XkNNHW3yxfCQUWHvDKJ3qpXI4y3ReZ+/JOK/VLZ4brw2x8bfJvTbjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbV9rHCjBSo65V9foxrUJ0EE8BJMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvRnRYMnNjS01GS2pybFgxLWpHdFFuUVFUd0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6uDMA0G
CSqGSIb3DQEBCwUAA4IBAQCY1iBQJRXOX5jB7BB6uQBe711yZOnYmmmsMT4hlLBv
qjRbdwnpe3pnLeR0GMfqZ4fPSJbarP8sZgjFJMV47Jmc8IVyl8wBTIfH3JVCxdNo
y9qFAj287KrtaZRUTHp3XGauW7aqx7CGNMUOq2d4k7ad2HNYFB0inIGLCl8hiXCu
+bcy7JUdEm2/CUz471ejxPmIigmpUMy2eIWO5bEY8xYZ/HmNzGTZXwfxShaL7jq9
+ZeAJDGAA2izfJb2/QdbLgYb9s1gPz61T6Mm+mWmgGE7CLfgrj4erbuq6CVOCWdV
tz7zuR/gAs17/mv/Z8qLVL6PvdE3tkcTtHcF1PyfedEX
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:03:20 2025 by rpki-client