Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/hVkEcV5BYqMN66hJqLsfxmtD6-I.roa
File: hVkEcV5BYqMN66hJqLsfxmtD6-I.roa (raw, json)
Hash identifier: qGjxxeMK37L3nzimP1DFdWK9NxQEtXmgcd3DzWsOUEg=
Subject key identifier: 85:59:04:71:5E:41:62:A3:0D:EB:A8:49:A8:BB:1F:C6:6B:43:EB:E2
Certificate issuer: /CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Certificate serial: 0194221F6F3B0FAA5A0B91AC3BBC6537E13C
Authority key identifier: 59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/hVkEcV5BYqMN66hJqLsfxmtD6-I.roa
Signing time: Wed 01 Jan 2025 13:47:52 +0000
ROA not before: Wed 01 Jan 2025 13:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199608
IP address blocks: 31.210.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6f:3b:0f:aa:5a:0b:91:ac:3b:bc:65:37:e1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Validity
Not Before: Jan 1 13:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=855904715e4162a30deba849a8bb1fc66b43ebe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c8:a8:00:b0:11:8c:57:dd:6b:2e:63:42:e2:
55:b2:c5:48:91:8a:b6:e1:17:1d:59:9c:ed:78:51:
a3:74:f9:5c:fc:73:03:02:67:1d:d8:d1:09:cb:f0:
88:47:ed:29:9f:59:56:5f:3c:73:6f:8b:49:be:6e:
71:88:89:a7:b6:60:a3:5e:47:7c:aa:b2:b3:37:0f:
81:c3:39:6a:d7:4e:18:7b:e2:bc:1e:96:e2:2d:e4:
c4:09:54:4a:0f:d8:66:d2:68:ad:0b:63:0c:86:80:
c3:fd:19:79:cd:51:f2:04:95:7e:15:93:06:d9:1d:
d4:ed:bb:ab:c3:33:31:aa:ea:dc:4c:e8:24:30:16:
57:59:18:60:06:15:2a:8c:cb:a9:47:49:55:a1:ac:
59:af:dd:1a:23:a7:56:c3:e7:7e:30:33:04:4d:74:
85:ec:4e:d1:6e:ef:48:c5:9f:8e:37:40:76:34:8a:
75:df:2e:6f:f4:f8:13:50:af:75:a3:ea:d9:2c:e9:
9f:a8:20:ef:9d:24:1a:c1:83:16:37:d8:e0:d4:0b:
46:52:78:61:a3:65:0f:5b:e5:33:dc:cb:ac:01:3c:
d4:29:af:3b:bd:d2:2e:b3:cf:84:db:81:4c:35:ac:
f3:42:30:6e:74:14:64:82:37:d4:e4:41:a8:4a:1f:
f4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:59:04:71:5E:41:62:A3:0D:EB:A8:49:A8:BB:1F:C6:6B:43:EB:E2
X509v3 Authority Key Identifier:
keyid:59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/hVkEcV5BYqMN66hJqLsfxmtD6-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.156.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:21:7f:28:f2:b3:3f:e3:dc:86:01:b8:4c:66:0b:71:38:21:
c5:83:0b:0e:f8:cf:a7:5c:1b:b7:33:79:8c:a9:69:64:88:8d:
39:62:72:da:75:8b:f7:2e:88:f6:c1:ef:75:b1:ea:b2:cd:d0:
2f:f9:02:c5:a6:b3:87:79:9d:3d:df:c3:c3:c5:da:60:d3:1e:
a2:ab:67:f5:dc:70:72:db:28:56:f7:3e:fe:73:a3:e9:f0:0a:
cf:8d:7f:7c:40:08:15:32:75:6a:0d:23:60:47:76:f5:c2:df:
04:5b:b8:a2:35:ff:f0:e1:b1:25:ba:ff:87:df:7e:8c:d6:d1:
9c:df:be:47:3c:a9:ad:27:88:bf:93:d4:9c:bf:47:cf:7e:6f:
13:f7:3b:eb:bd:ee:f4:a2:81:c1:e0:e5:e0:2b:f0:9c:3f:60:
79:58:3d:93:52:1f:0f:76:a9:f9:30:64:f7:a8:cf:03:a0:72:
fc:69:fe:01:7c:2c:ff:51:b9:72:4f:ac:ef:03:79:3c:ec:c8:
46:15:db:ac:a2:33:df:63:68:ec:76:b8:63:a5:32:dc:a7:a9:
73:f3:8a:2e:32:76:b1:08:f1:f5:d0:94:04:07:7f:c0:43:52:
58:68:68:74:d2:2c:e4:41:51:9f:c2:7f:30:7b:3b:72:f1:97:
b0:31:8b:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH287D6paC5GsO7xlN+E8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MmU3YzFmMjM5NGMzZTNhYWE4Y2NiNjQ3ZmQ4MzY3MWQ2
MDk4YjcwHhcNMjUwMTAxMTM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU5MDQ3MTVlNDE2MmEzMGRlYmE4NDlhOGJiMWZjNjZiNDNlYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8ioALARjFfday5jQuJVssVIkYq2
4RcdWZzteFGjdPlc/HMDAmcd2NEJy/CIR+0pn1lWXzxzb4tJvm5xiImntmCjXkd8
qrKzNw+Bwzlq104Ye+K8HpbiLeTECVRKD9hm0mitC2MMhoDD/Rl5zVHyBJV+FZMG
2R3U7burwzMxqurcTOgkMBZXWRhgBhUqjMupR0lVoaxZr90aI6dWw+d+MDMETXSF
7E7Rbu9IxZ+ON0B2NIp13y5v9PgTUK91o+rZLOmfqCDvnSQawYMWN9jg1AtGUnhh
o2UPW+Uz3MusATzUKa87vdIus8+E24FMNazzQjBudBRkgjfU5EGoSh/0IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVZBHFeQWKjDeuoSai7H8ZrQ+viMB8GA1UdIwQY
MBaAFFkufB8jlMPjqqjMtkf9g2cdYJi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAt
NDQzYmU2M2ZjMTIzLzEvaFZrRWNWNUJZcU1ONjZoSnFMc2Z4bXRENi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAtNDQzYmU2M2ZjMTIz
LzEvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH9KcMA0G
CSqGSIb3DQEBCwUAA4IBAQDEIX8o8rM/49yGAbhMZgtxOCHFgwsO+M+nXBu3M3mM
qWlkiI05YnLadYv3Loj2we91seqyzdAv+QLFprOHeZ0938PDxdpg0x6iq2f13HBy
2yhW9z7+c6Pp8ArPjX98QAgVMnVqDSNgR3b1wt8EW7iiNf/w4bEluv+H336M1tGc
375HPKmtJ4i/k9Scv0fPfm8T9zvrve70ooHB4OXgK/CcP2B5WD2TUh8Pdqn5MGT3
qM8DoHL8af4BfCz/UblyT6zvA3k87MhGFdusojPfY2jsdrhjpTLcp6lz84ouMnax
CPH10JQEB3/AQ1JYaGh00izkQVGfwn8wezty8ZewMYs+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:07 2025 by rpki-client on console.sobornost.net