Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QvaUCGdwEPU12ER3ihNsKD5Xe98.roa
File: QvaUCGdwEPU12ER3ihNsKD5Xe98.roa (raw, json)
Hash identifier: yhN8KiHCbF6bJblnlyuR8HXC0glfces8Ix9ih1rfDuM=
Subject key identifier: 42:F6:94:08:67:70:10:F5:35:D8:44:77:8A:13:6C:28:3E:57:7B:DF
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195F61C6378F54F987C7E314CEA80C3CD6A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QvaUCGdwEPU12ER3ihNsKD5Xe98.roa
Signing time: Wed 02 Apr 2025 10:46:50 +0000
ROA not before: Wed 02 Apr 2025 10:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
31.59.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:1c:63:78:f5:4f:98:7c:7e:31:4c:ea:80:c3:cd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 2 10:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42f69408677010f535d844778a136c283e577bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:81:e1:a0:da:6c:ab:85:6b:39:f7:b4:4b:06:
54:9c:06:6e:ad:0c:c3:36:60:fc:6d:8b:8c:7c:77:
b8:47:e2:d2:8f:bb:ae:fd:82:6b:3f:44:7a:09:0f:
8d:f4:8a:06:85:d9:df:1d:58:01:14:fe:3e:be:6c:
69:af:38:da:dc:5c:de:90:f7:35:0f:4e:63:83:36:
2b:08:93:83:cd:d1:10:67:6f:d6:e8:fd:64:29:18:
e9:d2:c6:57:5b:db:c1:0b:40:a0:74:5e:ac:2e:80:
f8:d1:3a:25:4b:7c:b3:72:1e:de:2f:0e:c8:28:f2:
88:0c:80:9a:0b:f9:2a:b9:83:49:68:04:d8:b9:6d:
aa:62:d6:06:1b:72:2b:03:43:2c:ca:e4:ec:a2:e6:
e5:38:b1:bf:a8:ef:d3:31:ad:e3:ce:86:d3:fc:fb:
9f:0c:52:c9:43:4e:e2:3e:7a:80:59:45:c3:58:b2:
dc:52:20:3f:62:3d:83:c6:cd:47:cb:d6:b7:fc:5f:
f0:74:54:62:8b:52:ed:70:e7:2a:d2:3e:48:1a:a9:
97:21:fe:59:8d:d3:68:fa:ec:60:bf:d6:f1:c0:71:
0d:c3:cf:49:18:cc:1b:88:18:e7:ea:81:f1:31:d5:
9d:1e:dd:6c:9e:70:43:7e:46:76:f0:23:2f:6c:c9:
5f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F6:94:08:67:70:10:F5:35:D8:44:77:8A:13:6C:28:3E:57:7B:DF
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QvaUCGdwEPU12ER3ihNsKD5Xe98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
31.59.230.0/24
Signature Algorithm: sha256WithRSAEncryption
92:c3:65:f9:73:32:d7:85:91:bd:ed:59:91:6f:87:4a:71:c6:
12:ca:91:0a:10:ce:17:5b:d7:ee:bc:ed:2e:7e:67:68:40:2e:
4d:c2:95:55:88:00:59:62:b9:85:97:a0:11:4d:52:b7:02:e4:
e9:6d:bd:fe:e6:c7:da:20:03:55:ca:34:d2:5c:8e:76:70:eb:
dc:54:31:b6:d6:90:f9:c2:ee:f7:f9:65:56:77:dc:a0:28:a7:
87:2f:e8:60:2b:93:2c:95:55:84:07:b1:c9:c6:24:c9:2b:01:
24:4f:40:76:da:e8:82:2d:5a:91:1c:cd:b7:0f:42:4b:a0:66:
eb:60:33:bf:44:7c:db:88:80:19:94:98:49:a5:7e:47:4e:de:
9f:cf:f1:22:f9:0c:66:9f:80:dc:94:d0:c3:ae:5c:b3:fb:f2:
48:88:27:66:b3:d0:dc:e5:99:11:76:df:70:c5:84:cf:ea:59:
8e:3c:34:d1:8d:74:11:c4:72:9b:0f:41:a5:14:dc:ef:86:b9:
eb:91:4d:96:37:2f:71:fb:0f:52:16:92:72:23:18:5a:41:9a:
dc:27:09:52:7a:bc:e9:78:2e:ee:12:c6:35:f5:82:b9:25:d9:
9e:13:d1:22:a7:b8:0b:fc:8f:01:31:b5:68:54:98:3b:6f:5e:
d1:75:ee:3c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZX2HGN49U+YfH4xTOqAw81qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDAyMTA0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY2OTQwODY3NzAxMGY1MzVkODQ0Nzc4YTEzNmMyODNlNTc3YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4HhoNpsq4VrOfe0SwZUnAZurQzD
NmD8bYuMfHe4R+LSj7uu/YJrP0R6CQ+N9IoGhdnfHVgBFP4+vmxprzja3FzekPc1
D05jgzYrCJODzdEQZ2/W6P1kKRjp0sZXW9vBC0CgdF6sLoD40TolS3yzch7eLw7I
KPKIDICaC/kquYNJaATYuW2qYtYGG3IrA0MsyuTsoublOLG/qO/TMa3jzobT/Puf
DFLJQ07iPnqAWUXDWLLcUiA/Yj2Dxs1Hy9a3/F/wdFRii1LtcOcq0j5IGqmXIf5Z
jdNo+uxgv9bxwHENw89JGMwbiBjn6oHxMdWdHt1snnBDfkZ28CMvbMlfYQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEL2lAhncBD1NdhEd4oTbCg+V3vfMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUXZhVUNHZHdFUFUxMkVSM2loTnNLRDVYZTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQAHzl0AwQAHztPAwQAHzvkAwQAHzvmMA0GCSqGSIb3
DQEBCwUAA4IBAQCSw2X5czLXhZG97VmRb4dKccYSypEKEM4XW9fuvO0ufmdoQC5N
wpVViABZYrmFl6ARTVK3AuTpbb3+5sfaIANVyjTSXI52cOvcVDG21pD5wu73+WVW
d9ygKKeHL+hgK5MslVWEB7HJxiTJKwEkT0B22uiCLVqRHM23D0JLoGbrYDO/RHzb
iIAZlJhJpX5HTt6fz/Ei+Qxmn4DclNDDrlyz+/JIiCdms9Dc5ZkRdt9wxYTP6lmO
PDTRjXQRxHKbD0GlFNzvhrnrkU2WNy9x+w9SFpJyIxhaQZrcJwlSerzpeC7uEsY1
9YK5JdmeE9Eip7gL/I8BMbVoVJg7b17Rde48
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:25 2025 by rpki-client on console.sobornost.net