Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/m76dCMrVWf_Z3SQkxAPw_dBRkjE.roa
File: m76dCMrVWf_Z3SQkxAPw_dBRkjE.roa (raw, json)
Hash identifier: Ci4tpeEHKHcsYzrGJQHs0JHLKLh/EcoRDa2ngztjU6c=
Subject key identifier: 9B:BE:9D:08:CA:D5:59:FF:D9:DD:24:24:C4:03:F0:FD:D0:51:92:31
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 01941FFA187138B2E5841A58EA4E50A159D4
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/m76dCMrVWf_Z3SQkxAPw_dBRkjE.roa
Signing time: Wed 01 Jan 2025 03:47:51 +0000
ROA not before: Wed 01 Jan 2025 03:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204791
IP address blocks: 31.40.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:18:71:38:b2:e5:84:1a:58:ea:4e:50:a1:59:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 1 03:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bbe9d08cad559ffd9dd2424c403f0fdd0519231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:15:f0:a0:70:ab:30:31:7d:8d:3f:98:cf:a5:
51:71:d7:e2:1e:0e:2f:69:d6:ef:91:15:c1:27:04:
86:1c:6a:74:07:81:70:58:8c:3d:4a:51:d7:6d:c3:
c0:26:b8:8f:0b:43:e3:39:b0:52:fd:b4:cd:46:8b:
1f:ed:6f:9a:ed:c3:a2:e1:bb:9a:0c:79:ac:83:9a:
12:47:b3:d8:d0:8e:0d:da:1d:bb:a3:4e:e0:ba:31:
a4:2f:36:04:e7:e5:40:94:0f:d0:2c:46:ab:80:f5:
92:f6:a7:26:a9:04:2c:30:7f:d7:64:fe:39:c1:b3:
03:82:f8:75:0d:46:e7:fa:97:c3:20:1b:e6:ea:8c:
dd:00:b2:92:06:a9:9f:ce:39:3e:5b:80:48:07:8a:
c1:91:46:37:6d:e3:da:49:8b:07:56:b0:9c:66:72:
e7:c4:ec:03:ca:92:5d:09:06:10:7f:cf:3f:db:00:
d8:12:d5:da:20:90:d6:3c:93:37:a9:58:ff:67:f1:
e7:df:b8:d6:b0:06:32:0e:8f:bf:6e:20:b3:f5:60:
fc:21:6b:4d:0a:0d:be:d2:aa:9b:20:1c:39:44:63:
84:21:e6:30:65:cb:fa:68:48:b8:56:09:61:e6:f5:
4c:fa:cf:80:41:31:8d:9f:2f:72:42:3a:55:9e:d3:
3d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BE:9D:08:CA:D5:59:FF:D9:DD:24:24:C4:03:F0:FD:D0:51:92:31
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/m76dCMrVWf_Z3SQkxAPw_dBRkjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.130.0/24
Signature Algorithm: sha256WithRSAEncryption
38:15:c3:bc:55:6b:e4:47:c5:18:d6:55:2e:98:6d:79:bf:99:
e3:42:8a:f8:5c:30:16:d4:e5:38:66:34:b7:0a:56:49:2e:28:
34:a1:ae:d2:87:cd:8c:a6:d8:e8:67:10:ff:b4:52:1b:dd:40:
48:71:40:d4:82:9c:d9:45:cb:69:a5:41:29:cb:96:37:59:6e:
c9:b3:be:13:a0:e2:6c:f3:ac:f7:e8:ed:5a:91:e1:56:76:f9:
0f:1e:83:2a:9f:df:07:9b:e2:12:0f:81:af:0c:a6:21:25:d3:
74:d6:14:af:3c:0f:d5:91:31:3a:8d:99:19:b7:28:19:e2:fe:
36:5f:7f:4f:28:b6:18:ba:41:66:4c:b0:95:86:d2:ae:84:a0:
9e:5c:c8:52:f7:77:04:e4:0d:e7:28:99:2f:1f:68:5e:7b:f6:
04:c7:31:d4:15:c0:ec:d4:df:22:3d:7d:92:de:2b:c1:7f:fb:
c5:17:96:84:3c:a2:df:9b:1e:84:7f:4e:2c:78:d3:bf:6b:4c:
22:b5:bc:aa:39:05:a6:30:0d:8b:07:3a:48:ab:a0:ab:cd:e4:
db:3c:61:f8:10:1e:a0:85:36:2f:ce:ae:1d:b1:b0:17:78:0e:
23:2b:2d:5a:90:46:21:b2:82:3a:4c:f6:a6:3c:8d:c8:be:04:
d4:f7:c0:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+hhxOLLlhBpY6k5QoVnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjUwMTAxMDM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmJlOWQwOGNhZDU1OWZmZDlkZDI0MjRjNDAzZjBmZGQwNTE5MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhXwoHCrMDF9jT+Yz6VRcdfiHg4v
adbvkRXBJwSGHGp0B4FwWIw9SlHXbcPAJriPC0PjObBS/bTNRosf7W+a7cOi4bua
DHmsg5oSR7PY0I4N2h27o07gujGkLzYE5+VAlA/QLEargPWS9qcmqQQsMH/XZP45
wbMDgvh1DUbn+pfDIBvm6ozdALKSBqmfzjk+W4BIB4rBkUY3bePaSYsHVrCcZnLn
xOwDypJdCQYQf88/2wDYEtXaIJDWPJM3qVj/Z/Hn37jWsAYyDo+/biCz9WD8IWtN
Cg2+0qqbIBw5RGOEIeYwZcv6aEi4Vglh5vVM+s+AQTGNny9yQjpVntM90wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJu+nQjK1Vn/2d0kJMQD8P3QUZIxMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvbTc2ZENNclZXZl9aM1NRa3hBUHdfZEJSa2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyiCMA0G
CSqGSIb3DQEBCwUAA4IBAQA4FcO8VWvkR8UY1lUumG15v5njQor4XDAW1OU4ZjS3
ClZJLig0oa7Sh82MptjoZxD/tFIb3UBIcUDUgpzZRctppUEpy5Y3WW7Js74ToOJs
86z36O1akeFWdvkPHoMqn98Hm+ISD4GvDKYhJdN01hSvPA/VkTE6jZkZtygZ4v42
X39PKLYYukFmTLCVhtKuhKCeXMhS93cE5A3nKJkvH2hee/YExzHUFcDs1N8iPX2S
3ivBf/vFF5aEPKLfmx6Ef04seNO/a0witbyqOQWmMA2LBzpIq6CrzeTbPGH4EB6g
hTYvzq4dsbAXeA4jKy1akEYhsoI6TPamPI3IvgTU98Dm
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:48:42 2025 by rpki-client