Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/coXB8AUyOhxIr0VY6WD8AfZAOT0.roa
File: coXB8AUyOhxIr0VY6WD8AfZAOT0.roa (raw, json)
Hash identifier: mpRP9a0BVIQDwxetgI94vsBq4EpMQ5yE3F5r1zuRKRM=
Subject key identifier: 72:85:C1:F0:05:32:3A:1C:48:AF:45:58:E9:60:FC:01:F6:40:39:3D
Certificate issuer: /CN=d51e6799bc5ca285a376372f0b6345dffc87b8c0
Certificate serial: 019421B24B58F96ED98FDB08EBC95A393141
Authority key identifier: D5:1E:67:99:BC:5C:A2:85:A3:76:37:2F:0B:63:45:DF:FC:87:B8:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1R5nmbxcooWjdjcvC2NF3_yHuMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/coXB8AUyOhxIr0VY6WD8AfZAOT0.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212961
IP address blocks: 31.216.132.0/22 maxlen: 22
194.180.144.0/22 maxlen: 22
194.180.148.0/23 maxlen: 23
2a0c:abc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4b:58:f9:6e:d9:8f:db:08:eb:c9:5a:39:31:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d51e6799bc5ca285a376372f0b6345dffc87b8c0
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7285c1f005323a1c48af4558e960fc01f640393d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:84:72:b9:75:73:0f:b9:6a:e0:21:e3:5c:0c:
81:05:c8:7b:b0:7f:de:ca:b6:6d:32:3d:e6:41:32:
2a:25:c7:ca:46:d9:be:45:d8:ef:57:42:c5:b8:21:
51:b4:a9:24:9f:22:91:a9:b8:be:f2:76:62:91:b8:
a6:74:05:23:a7:53:21:3b:5e:4f:a5:31:7e:2b:71:
51:9d:5d:96:82:86:76:94:8d:02:9a:39:45:e9:ff:
68:45:93:81:29:38:6b:29:53:0a:81:a7:f7:67:58:
97:75:27:5c:73:5b:2f:61:e4:24:a8:a3:0e:f9:28:
53:e3:f7:3c:ce:ef:94:ca:e1:21:66:80:b2:5b:3f:
ab:6f:e3:b7:91:5d:96:0e:b8:d7:ce:17:fb:51:f2:
bc:b4:a2:bd:d2:02:f5:1f:83:e7:b5:2a:a2:57:d0:
ad:72:09:80:e2:cf:00:ee:7f:05:47:09:11:e8:1f:
21:5d:e2:87:c0:a0:7a:5d:ef:c3:0c:ac:f1:26:3c:
ee:d2:fb:49:e0:79:db:b7:c3:6c:9f:96:88:db:3a:
3a:ce:51:87:0d:20:dc:b6:56:43:18:9b:7c:fb:25:
b7:b3:be:46:70:88:98:a1:41:d1:db:38:12:49:e2:
91:32:04:53:a3:da:e7:8e:de:5e:5a:69:7e:11:7e:
71:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:85:C1:F0:05:32:3A:1C:48:AF:45:58:E9:60:FC:01:F6:40:39:3D
X509v3 Authority Key Identifier:
keyid:D5:1E:67:99:BC:5C:A2:85:A3:76:37:2F:0B:63:45:DF:FC:87:B8:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1R5nmbxcooWjdjcvC2NF3_yHuMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/coXB8AUyOhxIr0VY6WD8AfZAOT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/1R5nmbxcooWjdjcvC2NF3_yHuMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.132.0/22
194.180.144.0-194.180.149.255
IPv6:
2a0c:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
73:64:76:f5:dd:7e:8c:57:86:e8:23:d6:c9:4a:91:be:59:fc:
7b:b2:2b:30:a5:7e:7f:6e:7d:a2:10:a4:1f:38:3d:d7:9c:a0:
d4:38:cc:ef:ba:ca:a3:05:b3:30:30:c9:9e:fa:43:4c:e5:08:
4f:c6:7d:bd:e6:ee:44:e0:73:17:c8:5d:2d:6d:be:4e:2a:05:
2c:92:cc:8a:9a:5d:e2:af:d9:db:dc:cd:b5:dd:ec:39:90:53:
cc:e6:d6:61:9b:63:3e:86:e4:4d:50:c3:04:b7:05:ad:dc:50:
60:1a:21:35:bd:fd:77:fc:85:30:e1:31:d7:82:a5:94:d0:a4:
1f:88:dc:b9:fe:b1:cd:b4:cd:e9:e7:c0:cd:d2:00:42:07:fc:
fc:8c:bc:a1:51:d7:4c:d5:a9:d6:ee:ae:cb:bc:69:ff:6d:42:
76:91:0c:4b:9f:1e:14:0d:6a:3f:e7:97:fd:9e:36:ee:ed:28:
33:31:f0:f9:05:9a:a6:e1:b8:4f:8f:f7:0e:96:e9:6e:15:ab:
0e:b8:32:77:d0:a1:ce:4b:ce:67:74:07:2c:cf:f1:40:f8:b3:
00:5b:66:6d:e8:13:76:1f:ed:58:a2:8d:c8:10:46:4f:27:8d:
6c:95:b6:59:ed:58:06:b6:19:6f:e2:4c:b3:b6:c1:02:92:06:
b2:67:09:20
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQhsktY+W7Zj9sI68laOTFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MWU2Nzk5YmM1Y2EyODVhMzc2MzcyZjBiNjM0NWRmZmM4
N2I4YzAwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjg1YzFmMDA1MzIzYTFjNDhhZjQ1NThlOTYwZmMwMWY2NDAzOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoRyuXVzD7lq4CHjXAyBBch7sH/e
yrZtMj3mQTIqJcfKRtm+RdjvV0LFuCFRtKkknyKRqbi+8nZikbimdAUjp1MhO15P
pTF+K3FRnV2WgoZ2lI0CmjlF6f9oRZOBKThrKVMKgaf3Z1iXdSdcc1svYeQkqKMO
+ShT4/c8zu+UyuEhZoCyWz+rb+O3kV2WDrjXzhf7UfK8tKK90gL1H4PntSqiV9Ct
cgmA4s8A7n8FRwkR6B8hXeKHwKB6Xe/DDKzxJjzu0vtJ4Hnbt8Nsn5aI2zo6zlGH
DSDctlZDGJt8+yW3s75GcIiYoUHR2zgSSeKRMgRTo9rnjt5eWml+EX5xTQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHKFwfAFMjocSK9FWOlg/AH2QDk9MB8GA1UdIwQY
MBaAFNUeZ5m8XKKFo3Y3LwtjRd/8h7jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVI1bm1ieGNvb1dqZGpjdkMyTkYzX3lIdU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mZTM2YWEtYTZhZS00MDYzLWIyZmEt
OWNhMjUxYzA1NDhiLzEvY29YQjhBVXlPaHhJcjBWWTZXRDhBZlpBT1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mZTM2YWEtYTZhZS00MDYzLWIyZmEtOWNhMjUxYzA1NDhi
LzEvMVI1bm1ieGNvb1dqZGpjdkMyTkYzX3lIdU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCH9iEMAwD
BATCtJADBAHCtJQwDQQCAAIwBwMFAyoMq8AwDQYJKoZIhvcNAQELBQADggEBAHNk
dvXdfoxXhugj1slKkb5Z/HuyKzClfn9ufaIQpB84PdecoNQ4zO+6yqMFszAwyZ76
Q0zlCE/Gfb3m7kTgcxfIXS1tvk4qBSySzIqaXeKv2dvczbXd7DmQU8zm1mGbYz6G
5E1QwwS3Ba3cUGAaITW9/Xf8hTDhMdeCpZTQpB+I3Ln+sc20zennwM3SAEIH/PyM
vKFR10zVqdbursu8af9tQnaRDEufHhQNaj/nl/2eNu7tKDMx8PkFmqbhuE+P9w6W
6W4Vqw64MnfQoc5Lzmd0ByzP8UD4swBbZm3oE3Yf7ViijcgQRk8njWyVtlntWAa2
GW/iTLO2wQKSBrJnCSA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:57:57 2025 by rpki-client