Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/aKn5wX9zpC6koraTjDd3gqhXdek.roa
File: aKn5wX9zpC6koraTjDd3gqhXdek.roa (raw, json)
Hash identifier: UCw+VdmiwuxVJRZ+XJIJQKAozSvDmGpk4Pb8r0Al3WE=
Subject key identifier: 68:A9:F9:C1:7F:73:A4:2E:A4:A2:B6:93:8C:37:77:82:A8:57:75:E9
Certificate issuer: /CN=ddd5708f429adadba1b4a38c94dd77654afaf97d
Certificate serial: 019422200A9B4E70A0B4C0E4745278AF9C3E
Authority key identifier: DD:D5:70:8F:42:9A:DA:DB:A1:B4:A3:8C:94:DD:77:65:4A:FA:F9:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/aKn5wX9zpC6koraTjDd3gqhXdek.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197667
IP address blocks: 31.41.80.0/21 maxlen: 21
31.41.82.0/24 maxlen: 24
31.41.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0a:9b:4e:70:a0:b4:c0:e4:74:52:78:af:9c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddd5708f429adadba1b4a38c94dd77654afaf97d
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68a9f9c17f73a42ea4a2b6938c377782a85775e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:07:92:57:97:41:e3:ac:0c:d8:21:99:af:e1:
20:3b:6f:ab:ac:6e:f6:41:1e:25:37:01:57:59:1b:
78:68:46:bb:8a:55:7e:f1:28:02:d4:0a:c4:02:3c:
44:eb:e2:63:71:df:45:2f:a2:99:b8:f3:81:af:37:
88:d4:08:26:46:9b:dd:c8:56:6b:a8:c8:f4:5b:2f:
ce:05:4e:6d:8e:5e:9e:2b:3b:69:83:ad:5c:4b:f7:
01:45:34:70:91:e9:05:ab:e2:09:73:ad:29:16:47:
f3:d1:7e:f0:53:24:4a:8a:34:82:d0:f9:58:16:a3:
a2:21:4c:38:e8:f1:44:1f:a2:ce:27:d4:1c:3d:38:
3a:d2:a2:11:34:49:99:0e:72:e6:8a:b9:53:22:bb:
63:fc:ce:e4:01:97:aa:53:4c:59:a8:3b:65:94:a4:
69:4c:46:b7:5f:73:28:84:2f:d6:f6:9b:ab:7e:34:
43:f2:f8:38:08:7b:e1:39:ad:f7:dc:4c:43:bf:f0:
0d:d5:14:60:be:b5:81:a2:b7:a2:c4:df:4e:01:bd:
6c:69:3b:f4:d3:be:42:50:f8:10:c4:b7:c5:ee:f5:
46:f2:ba:28:30:06:81:cc:09:08:02:dd:dd:b0:ee:
26:14:ce:96:94:04:57:32:16:53:f6:ff:ac:2f:26:
53:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A9:F9:C1:7F:73:A4:2E:A4:A2:B6:93:8C:37:77:82:A8:57:75:E9
X509v3 Authority Key Identifier:
keyid:DD:D5:70:8F:42:9A:DA:DB:A1:B4:A3:8C:94:DD:77:65:4A:FA:F9:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/aKn5wX9zpC6koraTjDd3gqhXdek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.80.0/21
Signature Algorithm: sha256WithRSAEncryption
63:fa:1d:4e:e5:0b:e7:07:cd:a0:64:90:b3:d3:9c:40:2e:41:
e4:ac:c5:55:32:9d:10:c0:db:29:85:59:e8:e0:61:1b:ae:3d:
3e:34:ea:30:69:85:97:3f:c3:82:2a:f2:a4:26:9c:84:91:d0:
42:61:f7:48:03:93:b8:7e:ac:a6:c8:d5:33:14:49:02:de:43:
ba:6e:41:d3:17:b2:04:04:40:56:67:96:59:7e:dd:7f:ee:f8:
23:55:12:ba:bf:cb:f2:53:e1:bf:1f:84:a0:21:50:89:31:e6:
47:08:10:0c:4f:40:29:4b:80:cb:4b:ea:75:36:5a:b9:e6:6c:
70:59:6b:d7:64:b5:80:30:c1:0c:37:09:d5:3e:42:f3:3a:2a:
50:0f:b7:85:3a:fe:eb:16:8c:2c:93:f6:ad:1a:23:8f:6e:86:
df:c1:19:56:3a:55:d1:79:e9:b2:c2:55:28:0b:f6:8e:1f:3a:
b3:b3:5e:cc:14:a5:29:d8:6d:55:9c:2e:a6:36:ef:08:e9:27:
ba:5f:c7:fb:78:82:45:a8:04:2c:22:8f:36:65:70:69:43:12:
bc:da:08:b2:14:b8:fb:13:d2:0a:29:a9:a6:f9:16:ea:c2:67:
50:18:0c:72:71:f0:1d:e8:57:60:bf:45:52:67:ef:88:44:d0:
20:25:8f:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIAqbTnCgtMDkdFJ4r5w+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDU3MDhmNDI5YWRhZGJhMWI0YTM4Yzk0ZGQ3NzY1NGFm
YWY5N2QwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE5ZjljMTdmNzNhNDJlYTRhMmI2OTM4YzM3Nzc4MmE4NTc3NWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAeSV5dB46wM2CGZr+EgO2+rrG72
QR4lNwFXWRt4aEa7ilV+8SgC1ArEAjxE6+Jjcd9FL6KZuPOBrzeI1AgmRpvdyFZr
qMj0Wy/OBU5tjl6eKztpg61cS/cBRTRwkekFq+IJc60pFkfz0X7wUyRKijSC0PlY
FqOiIUw46PFEH6LOJ9QcPTg60qIRNEmZDnLmirlTIrtj/M7kAZeqU0xZqDtllKRp
TEa3X3MohC/W9purfjRD8vg4CHvhOa333ExDv/AN1RRgvrWBoreixN9OAb1saTv0
075CUPgQxLfF7vVG8rooMAaBzAkIAt3dsO4mFM6WlARXMhZT9v+sLyZT/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGip+cF/c6QupKK2k4w3d4KoV3XpMB8GA1UdIwQY
MBaAFN3VcI9CmtrbobSjjJTdd2VK+vl9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RWd2owS2EydHVodEtPTWxOMTNaVXI2LVgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9kNzk0YTMtZjNhZS00ZmJlLTk4ZWEt
MjBlMWMzZTNmOGUyLzEvYUtuNXdYOXpwQzZrb3JhVGpEZDNncWhYZGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9kNzk0YTMtZjNhZS00ZmJlLTk4ZWEtMjBlMWMzZTNmOGUy
LzEvM2RWd2owS2EydHVodEtPTWxOMTNaVXI2LVgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHylQMA0G
CSqGSIb3DQEBCwUAA4IBAQBj+h1O5QvnB82gZJCz05xALkHkrMVVMp0QwNsphVno
4GEbrj0+NOowaYWXP8OCKvKkJpyEkdBCYfdIA5O4fqymyNUzFEkC3kO6bkHTF7IE
BEBWZ5ZZft1/7vgjVRK6v8vyU+G/H4SgIVCJMeZHCBAMT0ApS4DLS+p1Nlq55mxw
WWvXZLWAMMEMNwnVPkLzOipQD7eFOv7rFowsk/atGiOPbobfwRlWOlXReemywlUo
C/aOHzqzs17MFKUp2G1VnC6mNu8I6Se6X8f7eIJFqAQsIo82ZXBpQxK82giyFLj7
E9IKKamm+RbqwmdQGAxycfAd6Fdgv0VSZ++IRNAgJY+v
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:13:46 2025 by rpki-client