Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/j_XqF64iz4GYIzZvlNkdHl3Bcyw.roa
File: j_XqF64iz4GYIzZvlNkdHl3Bcyw.roa (raw, json)
Hash identifier: gUUMcn2OS1CjAHJ461JzjHDHPLV0LbxBhsBiO5l6IuY=
Subject key identifier: 8F:F5:EA:17:AE:22:CF:81:98:23:36:6F:94:D9:1D:1E:5D:C1:73:2C
Certificate issuer: /CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Certificate serial: 019423D6AB84B70580C6F257440E5F70429F
Authority key identifier: 9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/j_XqF64iz4GYIzZvlNkdHl3Bcyw.roa
Signing time: Wed 01 Jan 2025 21:47:38 +0000
ROA not before: Wed 01 Jan 2025 21:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56465
IP address blocks: 31.128.174.0/24 maxlen: 24
31.128.182.0/24 maxlen: 24
94.124.162.0/24 maxlen: 24
94.124.163.0/24 maxlen: 24
94.124.167.0/24 maxlen: 24
195.140.224.0/24 maxlen: 24
195.140.225.0/24 maxlen: 24
195.140.226.0/24 maxlen: 24
195.140.227.0/24 maxlen: 24
2a0c:29c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ab:84:b7:05:80:c6:f2:57:44:0e:5f:70:42:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Validity
Not Before: Jan 1 21:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ff5ea17ae22cf819823366f94d91d1e5dc1732c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:44:59:d6:01:26:ca:f1:f5:0e:91:0f:7b:cb:
d5:12:4c:08:4e:a6:1b:24:0a:5e:54:12:43:a9:da:
c1:93:f1:73:b0:9c:ac:0a:3c:27:85:69:11:64:27:
93:0d:f3:ae:30:50:f3:e4:76:49:c6:4d:a5:ee:6e:
22:1a:e6:a0:a6:24:97:76:2d:8f:9d:98:32:39:62:
95:ce:dd:b3:d5:4c:93:d3:4c:4c:50:94:3e:0c:44:
fe:85:c7:3a:99:0b:11:88:3a:94:b6:3a:1d:05:07:
32:79:e4:cd:22:1a:6a:22:1d:8e:8c:62:55:15:d2:
bf:ae:81:fa:ec:9d:29:6d:a8:2e:14:0d:20:a7:32:
5a:68:3f:06:2d:1d:1d:77:5c:01:a9:bf:5b:9c:d1:
5c:85:23:a0:0f:a1:c6:6d:27:c1:c0:73:47:a5:31:
fe:6e:75:41:92:80:b6:bb:2a:c2:47:a4:e8:c7:87:
48:6a:59:0e:25:a4:e8:4b:68:cf:b6:b0:4a:23:07:
50:ac:a4:1b:8b:82:23:58:7b:cb:08:30:14:57:5e:
b1:15:8c:b2:5d:d1:e5:b9:b1:80:1e:d9:25:c7:c1:
d3:d9:45:85:77:b3:fd:57:61:c4:9f:53:97:8a:a9:
df:11:81:c9:10:3e:53:81:16:40:95:ba:fe:ac:fc:
4d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F5:EA:17:AE:22:CF:81:98:23:36:6F:94:D9:1D:1E:5D:C1:73:2C
X509v3 Authority Key Identifier:
keyid:9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/j_XqF64iz4GYIzZvlNkdHl3Bcyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/n_FQMhD-Bu01SQsCMdvbWWfhKYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.174.0/24
31.128.182.0/24
94.124.162.0/23
94.124.167.0/24
195.140.224.0/22
IPv6:
2a0c:29c1::/32
Signature Algorithm: sha256WithRSAEncryption
54:d5:7d:dc:ed:92:3c:5d:ad:c9:70:24:d3:bb:6a:64:c8:5a:
4c:b8:6a:27:55:59:25:29:d2:09:0e:d4:53:86:db:06:a1:88:
5e:c0:27:47:f9:e2:ad:73:ae:3f:29:f7:bc:04:73:8d:a8:cf:
f0:81:5a:2f:6d:a8:7e:82:c6:51:f2:7e:39:d1:58:69:3b:52:
00:cf:d4:16:21:e8:d3:de:1a:6e:e9:3f:fd:02:52:1b:b3:f0:
8a:52:08:57:c2:98:4a:52:41:27:f9:e1:69:05:63:34:aa:00:
13:b6:41:84:4f:82:25:54:89:d2:82:b5:ba:be:8f:8f:27:5f:
25:4e:d2:fc:b3:25:e9:32:c2:17:dc:fd:a4:9f:31:79:46:f2:
da:e8:66:53:29:d2:c5:fd:82:07:74:75:1a:02:76:75:45:b7:
5d:a4:05:63:96:45:bd:9d:9c:98:bb:d6:ce:24:81:8a:11:a2:
60:9b:c9:c4:40:49:60:a6:9e:c8:9a:55:7e:d6:60:25:7c:ab:
49:47:f0:e2:7d:da:4b:ab:dd:f4:70:ed:d5:be:a4:2b:36:46:
2f:2f:cd:b0:af:28:e0:a6:f2:86:c4:55:3c:19:be:0a:59:a9:
97:c4:3c:3e:e1:0d:37:3d:79:5a:37:e3:09:0d:d4:21:3a:90:
0b:bf:16:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQj1quEtwWAxvJXRA5fcEKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjE1MDMyMTBmZTA2ZWQzNTQ5MGIwMjMxZGJkYjU5Njdl
MTI5ODcwHhcNMjUwMTAxMjE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY1ZWExN2FlMjJjZjgxOTgyMzM2NmY5NGQ5MWQxZTVkYzE3MzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsURZ1gEmyvH1DpEPe8vVEkwITqYb
JApeVBJDqdrBk/FzsJysCjwnhWkRZCeTDfOuMFDz5HZJxk2l7m4iGuagpiSXdi2P
nZgyOWKVzt2z1UyT00xMUJQ+DET+hcc6mQsRiDqUtjodBQcyeeTNIhpqIh2OjGJV
FdK/roH67J0pbaguFA0gpzJaaD8GLR0dd1wBqb9bnNFchSOgD6HGbSfBwHNHpTH+
bnVBkoC2uyrCR6Tox4dIalkOJaToS2jPtrBKIwdQrKQbi4IjWHvLCDAUV16xFYyy
XdHlubGAHtklx8HT2UWFd7P9V2HEn1OXiqnfEYHJED5TgRZAlbr+rPxN/wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFI/16heuIs+BmCM2b5TZHR5dwXMsMB8GA1UdIwQY
MBaAFJ/xUDIQ/gbtNUkLAjHb21ln4SmHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAt
NDYzMjJlMDJmMDhkLzEval9YcUY2NGl6NEdZSXpadmxOa2RIbDNCY3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAtNDYzMjJlMDJmMDhk
LzEvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAH4CuAwQA
H4C2AwQBXnyiAwQAXnynAwQCw4zgMA0EAgACMAcDBQAqDCnBMA0GCSqGSIb3DQEB
CwUAA4IBAQBU1X3c7ZI8Xa3JcCTTu2pkyFpMuGonVVklKdIJDtRThtsGoYhewCdH
+eKtc64/Kfe8BHONqM/wgVovbah+gsZR8n450VhpO1IAz9QWIejT3hpu6T/9AlIb
s/CKUghXwphKUkEn+eFpBWM0qgATtkGET4IlVInSgrW6vo+PJ18lTtL8syXpMsIX
3P2knzF5RvLa6GZTKdLF/YIHdHUaAnZ1RbddpAVjlkW9nZyYu9bOJIGKEaJgm8nE
QElgpp7ImlV+1mAlfKtJR/DifdpLq930cO3VvqQrNkYvL82wryjgpvKGxFU8Gb4K
WamXxDw+4Q03PXlaN+MJDdQhOpALvxZS
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:46:19 2025 by rpki-client on console.sobornost.net