Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/vFLgCTe-UJbqLfUe3y5RaRMMkfQ.roa
File: vFLgCTe-UJbqLfUe3y5RaRMMkfQ.roa (raw, json)
Hash identifier: IEG6zoQ0fCsuLu4vs2hhEQUL3h31kYLoRcvO00kJOpM=
Subject key identifier: BC:52:E0:09:37:BE:50:96:EA:2D:F5:1E:DF:2E:51:69:13:0C:91:F4
Certificate issuer: /CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Certificate serial: 0195F5EBDBA6B3B353599904C7D17C990A53
Authority key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/vFLgCTe-UJbqLfUe3y5RaRMMkfQ.roa
Signing time: Wed 02 Apr 2025 09:53:49 +0000
ROA not before: Wed 02 Apr 2025 09:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12481
IP address blocks: 5.100.232.0/21 maxlen: 21
94.142.144.0/21 maxlen: 21
212.103.192.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:eb:db:a6:b3:b3:53:59:99:04:c7:d1:7c:99:0a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Validity
Not Before: Apr 2 09:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc52e00937be5096ea2df51edf2e5169130c91f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:de:d1:ad:c6:ce:54:ed:d4:e2:52:f0:68:5c:
8b:69:10:16:d5:ed:7d:91:9f:54:2c:09:45:8e:08:
94:cc:e7:3f:37:e9:d4:60:7c:69:30:9f:d1:cf:13:
bb:3d:9d:64:bb:4e:c1:65:3b:e1:92:20:9b:09:8a:
da:8d:f0:de:5f:c5:86:ec:b0:8c:7e:f4:3a:0f:c8:
91:88:08:6b:43:05:ae:a1:98:f0:00:52:eb:e1:6c:
54:48:44:6b:a7:31:9a:f6:4a:1c:e8:c3:8d:26:bf:
31:12:86:d9:84:e8:73:41:38:4c:ae:4d:e5:d2:f1:
29:ef:83:b2:bf:28:58:b4:45:f7:cc:37:cb:9c:07:
b1:7f:52:d5:b7:df:ba:4c:39:5a:7c:d0:b1:e9:83:
1e:b4:70:88:82:f1:86:74:2d:2a:f9:f2:02:bc:d2:
08:b4:3e:be:b8:6a:94:89:02:94:a4:bd:33:10:65:
ef:7a:74:dc:f6:61:8b:a9:7e:8f:78:87:07:ae:e0:
f1:57:f7:a8:af:8d:66:cc:55:d5:eb:38:02:7a:5f:
28:e5:52:83:d5:30:28:08:a5:b9:cc:89:77:17:30:
92:b3:25:47:e4:36:4d:28:e5:c0:aa:2d:b1:01:df:
1e:ac:06:7c:8d:65:e9:cf:27:74:90:4d:98:52:3d:
10:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:52:E0:09:37:BE:50:96:EA:2D:F5:1E:DF:2E:51:69:13:0C:91:F4
X509v3 Authority Key Identifier:
keyid:31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/vFLgCTe-UJbqLfUe3y5RaRMMkfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.232.0/21
94.142.144.0/21
212.103.192.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:ab:4f:67:55:db:99:6a:42:f1:65:19:a3:10:d3:cc:05:d6:
21:f3:b8:64:3a:38:db:4e:40:78:cd:5c:b6:8f:31:00:05:11:
0d:26:8f:51:8e:da:11:5f:09:e5:85:54:b2:83:fc:47:7d:43:
06:f8:dd:b2:0b:d3:6f:97:bd:7b:c9:84:24:c1:22:13:87:eb:
e9:80:80:48:6d:2b:71:db:94:06:ae:3e:b1:dc:68:f2:5a:a0:
a5:ea:93:82:a4:5d:31:cd:45:7b:2d:84:c5:3e:61:eb:c5:86:
ba:35:37:cb:d6:c0:6d:0b:38:3b:14:0b:a4:59:4c:21:d1:46:
81:fc:f8:c5:64:a1:6d:14:27:da:da:0f:f4:a2:e7:9c:0f:c4:
61:a7:3d:f0:fb:05:b7:f3:d4:d9:b6:bb:79:8c:5b:24:3d:b3:
1f:6b:1c:8b:b2:e5:8c:b2:b7:4a:df:b5:ea:e8:3d:05:8b:ba:
e8:4d:2c:dd:6a:be:ec:e0:dc:9f:af:e3:25:b2:46:18:67:e9:
1c:41:36:2f:b2:04:e2:5d:73:b7:b0:55:af:53:63:7e:26:1a:
32:71:7b:81:63:55:b6:16:4f:77:d6:f7:4f:e2:a9:46:a4:4a:
1a:56:49:34:19:c4:67:1c:18:ab:1c:ce:1b:87:98:e1:54:5d:
0f:83:5d:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZX169ums7NTWZkEx9F8mQpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjBmNjRjNjlkMzMwYjY2ZWJjZDAzYTliZjBmZGMxOWYz
MTQ3ZDgwHhcNMjUwNDAyMDk1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzUyZTAwOTM3YmU1MDk2ZWEyZGY1MWVkZjJlNTE2OTEzMGM5MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9d7RrcbOVO3U4lLwaFyLaRAW1e19
kZ9ULAlFjgiUzOc/N+nUYHxpMJ/RzxO7PZ1ku07BZTvhkiCbCYrajfDeX8WG7LCM
fvQ6D8iRiAhrQwWuoZjwAFLr4WxUSERrpzGa9koc6MONJr8xEobZhOhzQThMrk3l
0vEp74OyvyhYtEX3zDfLnAexf1LVt9+6TDlafNCx6YMetHCIgvGGdC0q+fICvNII
tD6+uGqUiQKUpL0zEGXvenTc9mGLqX6PeIcHruDxV/eor41mzFXV6zgCel8o5VKD
1TAoCKW5zIl3FzCSsyVH5DZNKOXAqi2xAd8erAZ8jWXpzyd0kE2YUj0QbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLxS4Ak3vlCW6i31Ht8uUWkTDJH0MB8GA1UdIwQY
MBaAFDGw9kxp0zC2brzQOpvw/cGfMUfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAt
ZDQ5MzQ0OTNhNjc5LzEvdkZMZ0NUZS1VSmJxTGZVZTN5NVJhUk1Na2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAtZDQ5MzQ0OTNhNjc5
LzEvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBWToAwQD
Xo6QAwQF1GfAMA0GCSqGSIb3DQEBCwUAA4IBAQCaq09nVduZakLxZRmjENPMBdYh
87hkOjjbTkB4zVy2jzEABRENJo9RjtoRXwnlhVSyg/xHfUMG+N2yC9Nvl717yYQk
wSITh+vpgIBIbStx25QGrj6x3GjyWqCl6pOCpF0xzUV7LYTFPmHrxYa6NTfL1sBt
Czg7FAukWUwh0UaB/PjFZKFtFCfa2g/0ouecD8Rhpz3w+wW389TZtrt5jFskPbMf
axyLsuWMsrdK37Xq6D0Fi7roTSzdar7s4Nyfr+MlskYYZ+kcQTYvsgTiXXO3sFWv
U2N+JhoycXuBY1W2Fk931vdP4qlGpEoaVkk0GcRnHBirHM4bh5jhVF0Pg11f
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:52 2025 by rpki-client on console.sobornost.net