Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/DPz87dZS9HseddW8gbD-vS7fq9g.roa
File: DPz87dZS9HseddW8gbD-vS7fq9g.roa (raw, json)
Hash identifier: 4BW75SF0KzzzYTTCKr54E2E3BA1EBeDyvFumW+QYO5M=
Subject key identifier: 0C:FC:FC:ED:D6:52:F4:7B:1E:75:D5:BC:81:B0:FE:BD:2E:DF:AB:D8
Certificate issuer: /CN=3025fd339aa64504f289a00c4173c55a0002eb44
Certificate serial: 019426D9B604EFEB4271F9E958660C1D89A1
Authority key identifier: 30:25:FD:33:9A:A6:45:04:F2:89:A0:0C:41:73:C5:5A:00:02:EB:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/DPz87dZS9HseddW8gbD-vS7fq9g.roa
Signing time: Thu 02 Jan 2025 11:49:49 +0000
ROA not before: Thu 02 Jan 2025 11:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210879
IP address blocks: 31.216.61.0/24 maxlen: 24
2a11:4980::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b6:04:ef:eb:42:71:f9:e9:58:66:0c:1d:89:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3025fd339aa64504f289a00c4173c55a0002eb44
Validity
Not Before: Jan 2 11:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cfcfcedd652f47b1e75d5bc81b0febd2edfabd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:c7:cd:f4:b0:ac:7b:64:da:eb:30:3c:97:
2b:17:25:a8:f0:61:37:a1:dd:35:4a:e7:09:e2:12:
c3:70:77:8e:e8:0d:a7:cd:2e:fe:94:cf:7c:ab:be:
1e:45:eb:1d:98:2f:da:47:01:4f:78:32:0d:5f:8f:
ed:74:dc:9c:af:bc:05:97:e7:c8:2c:73:fb:75:64:
49:b9:c2:ce:1a:dd:ee:f2:92:ad:2d:a7:2c:19:63:
96:cb:1a:04:d9:01:ea:00:76:3e:a0:d7:4e:57:02:
b6:70:94:7c:f1:2c:55:85:a4:57:ce:4b:06:97:fa:
83:58:ea:cc:f9:1d:dd:bf:12:f4:72:8a:80:4b:4e:
df:60:e7:71:ee:0d:70:a7:3a:bf:e0:b8:e0:50:c4:
e7:08:91:94:b1:4e:96:0d:b9:36:4e:5c:9f:39:8d:
24:2f:89:fc:f4:c7:31:1f:69:6c:06:9b:d1:96:3c:
d5:6c:ec:7b:4f:43:fc:c6:5d:da:52:90:64:42:fe:
1d:41:2f:22:5c:8e:70:c8:a2:8e:f3:2b:f7:3d:5d:
97:e2:58:1e:51:16:b0:4d:5c:3e:e9:b4:1b:ed:13:
7e:7c:b0:54:6d:09:7d:a2:e9:b4:24:24:14:ea:eb:
e6:8e:81:1f:95:29:e4:f7:2d:eb:70:0d:3f:d0:fb:
89:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:FC:FC:ED:D6:52:F4:7B:1E:75:D5:BC:81:B0:FE:BD:2E:DF:AB:D8
X509v3 Authority Key Identifier:
keyid:30:25:FD:33:9A:A6:45:04:F2:89:A0:0C:41:73:C5:5A:00:02:EB:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCX9M5qmRQTyiaAMQXPFWgAC60Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/DPz87dZS9HseddW8gbD-vS7fq9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a523b-7244-422d-9004-c4aa9db1abb5/1/MCX9M5qmRQTyiaAMQXPFWgAC60Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.61.0/24
IPv6:
2a11:4980::/29
Signature Algorithm: sha256WithRSAEncryption
c6:2e:50:f0:4b:cf:d5:48:0a:b5:04:dd:3a:67:31:9a:a5:84:
43:f8:81:b0:aa:96:7e:b2:9e:d1:bf:f9:ab:18:4d:5c:99:08:
eb:f9:08:07:dd:87:80:ca:6d:c3:ad:6c:da:cc:21:0a:d7:87:
a4:f5:12:7a:85:3c:23:d0:f7:a6:18:de:cd:38:0a:61:63:b1:
e6:54:5a:c5:21:4f:ba:bb:51:22:ad:36:af:3b:cb:53:e8:aa:
88:83:f8:4e:ea:7b:01:76:67:51:75:34:5d:fe:ee:44:04:c5:
a8:9d:7b:9e:57:be:54:c0:9f:96:a6:25:3d:f8:28:5c:c2:fb:
c4:23:2d:98:ed:05:56:f1:f7:6e:56:23:ef:76:f3:1e:6f:43:
52:70:e0:7b:0c:c0:25:7f:0b:7b:bb:ea:37:7b:37:21:06:b4:
f0:d2:c8:32:b1:08:61:19:64:24:bb:d3:6c:6a:72:61:11:c1:
58:02:95:ac:8e:8c:5c:80:92:2f:34:b5:1a:aa:86:11:ef:84:
e1:c0:39:7c:a8:44:4c:29:c3:07:d2:4f:ac:4d:99:e4:50:7a:
26:e9:e9:53:48:bc:b5:c2:68:76:d6:13:c1:8c:28:9e:1e:92:
82:08:7a:0b:d6:71:18:9c:a3:e1:1f:a0:98:1b:64:f1:aa:22:
3b:54:2f:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2bYE7+tCcfnpWGYMHYmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjVmZDMzOWFhNjQ1MDRmMjg5YTAwYzQxNzNjNTVhMDAw
MmViNDQwHhcNMjUwMTAyMTE0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2ZjZmNlZGQ2NTJmNDdiMWU3NWQ1YmM4MWIwZmViZDJlZGZhYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFzHzfSwrHtk2uswPJcrFyWo8GE3
od01SucJ4hLDcHeO6A2nzS7+lM98q74eResdmC/aRwFPeDINX4/tdNycr7wFl+fI
LHP7dWRJucLOGt3u8pKtLacsGWOWyxoE2QHqAHY+oNdOVwK2cJR88SxVhaRXzksG
l/qDWOrM+R3dvxL0coqAS07fYOdx7g1wpzq/4LjgUMTnCJGUsU6WDbk2TlyfOY0k
L4n89McxH2lsBpvRljzVbOx7T0P8xl3aUpBkQv4dQS8iXI5wyKKO8yv3PV2X4lge
URawTVw+6bQb7RN+fLBUbQl9oum0JCQU6uvmjoEflSnk9y3rcA0/0PuJgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAz8/O3WUvR7HnXVvIGw/r0u36vYMB8GA1UdIwQY
MBaAFDAl/TOapkUE8omgDEFzxVoAAutEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YTUyM2ItNzI0NC00MjJkLTkwMDQt
YzRhYTlkYjFhYmI1LzEvRFB6ODdkWlM5SHNlZGRXOGdiRC12UzdmcTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80YTUyM2ItNzI0NC00MjJkLTkwMDQtYzRhYTlkYjFhYmI1
LzEvTUNYOU01cW1SUVR5aWFBTVFYUEZXZ0FDNjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAH9g9MA0E
AgACMAcDBQMqEUmAMA0GCSqGSIb3DQEBCwUAA4IBAQDGLlDwS8/VSAq1BN06ZzGa
pYRD+IGwqpZ+sp7Rv/mrGE1cmQjr+QgH3YeAym3DrWzazCEK14ek9RJ6hTwj0Pem
GN7NOAphY7HmVFrFIU+6u1EirTavO8tT6KqIg/hO6nsBdmdRdTRd/u5EBMWonXue
V75UwJ+WpiU9+ChcwvvEIy2Y7QVW8fduViPvdvMeb0NScOB7DMAlfwt7u+o3ezch
BrTw0sgysQhhGWQku9NsanJhEcFYApWsjoxcgJIvNLUaqoYR74ThwDl8qERMKcMH
0k+sTZnkUHom6elTSLy1wmh21hPBjCieHpKCCHoL1nEYnKPhH6CYG2TxqiI7VC8l
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net