Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/5iHrYrKlpDn574dcAV5MQF4xHuk.roa
File: 5iHrYrKlpDn574dcAV5MQF4xHuk.roa (raw, json)
Hash identifier: LC6TWEYqS1CZuKzBl6YN/kJ7pyn+QXIpxyQGn5An1+M=
Subject key identifier: E6:21:EB:62:B2:A5:A4:39:F9:EF:87:5C:01:5E:4C:40:5E:31:1E:E9
Certificate issuer: /CN=b85eadc2ec70b30fa4225ed7fcd5730f0c7bc616
Certificate serial: 0194274792937BD9FF019E88EC211E7E903F
Authority key identifier: B8:5E:AD:C2:EC:70:B3:0F:A4:22:5E:D7:FC:D5:73:0F:0C:7B:C6:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uF6twuxwsw-kIl7X_NVzDwx7xhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/5iHrYrKlpDn574dcAV5MQF4xHuk.roa
Signing time: Thu 02 Jan 2025 13:49:49 +0000
ROA not before: Thu 02 Jan 2025 13:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20714
IP address blocks: 31.42.48.0/21 maxlen: 21
31.42.56.0/24 maxlen: 24
31.128.224.0/20 maxlen: 20
31.128.240.0/23 maxlen: 23
31.128.255.0/24 maxlen: 24
195.177.124.0/22 maxlen: 22
195.214.196.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:92:93:7b:d9:ff:01:9e:88:ec:21:1e:7e:90:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85eadc2ec70b30fa4225ed7fcd5730f0c7bc616
Validity
Not Before: Jan 2 13:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e621eb62b2a5a439f9ef875c015e4c405e311ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:29:cf:06:51:c7:e4:d7:9e:c4:82:59:7a:1c:
2f:04:65:50:8a:96:dd:b3:cd:e6:ff:77:6f:0d:8a:
4c:5b:e1:85:eb:ac:df:53:21:42:2a:af:69:13:b0:
44:a2:33:17:8c:bd:97:5c:56:de:f1:44:e2:f4:a2:
0e:be:16:62:d4:e7:7b:f5:e8:89:85:e4:01:61:08:
44:c5:71:d5:23:bc:53:72:cb:8b:a3:26:3e:02:34:
f8:cc:24:b7:ff:2e:31:58:fe:37:5d:6c:b1:e9:57:
19:f2:80:47:81:ed:24:b0:ec:20:3d:4d:0f:1c:44:
eb:99:8f:c5:93:3e:5b:93:5a:10:77:27:d5:47:55:
7b:72:62:af:31:e7:41:01:4d:28:5a:c3:e9:55:1c:
22:d0:7f:86:67:e4:2b:33:a1:09:23:cb:ec:4b:93:
80:a4:f9:59:da:d7:a7:36:dd:ce:90:07:c8:65:c0:
24:1b:42:d7:d3:b5:65:b3:57:71:97:01:b2:df:e9:
23:21:e1:8e:3f:80:93:2d:13:84:0e:57:06:cf:b3:
17:25:fd:37:0b:b1:71:e9:7a:1b:ad:6b:49:ed:37:
b1:41:90:ef:a1:64:d4:c4:12:d2:7a:cd:cd:61:77:
1f:bb:1f:8c:57:cf:c7:28:50:1f:60:d4:13:a8:96:
c4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:21:EB:62:B2:A5:A4:39:F9:EF:87:5C:01:5E:4C:40:5E:31:1E:E9
X509v3 Authority Key Identifier:
keyid:B8:5E:AD:C2:EC:70:B3:0F:A4:22:5E:D7:FC:D5:73:0F:0C:7B:C6:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uF6twuxwsw-kIl7X_NVzDwx7xhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/5iHrYrKlpDn574dcAV5MQF4xHuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/uF6twuxwsw-kIl7X_NVzDwx7xhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.48.0-31.42.56.255
31.128.224.0-31.128.241.255
31.128.255.0/24
195.177.124.0/22
195.214.196.0/22
Signature Algorithm: sha256WithRSAEncryption
37:2b:20:33:c3:98:cc:94:94:31:87:84:4b:39:fc:de:9b:19:
0a:53:25:7e:5f:e3:7b:15:28:5e:1d:1f:81:ea:08:f9:da:38:
42:f9:f8:63:c2:3b:67:68:20:dc:8b:28:29:6e:04:b1:3d:b2:
71:09:e7:39:03:80:a5:3d:71:36:c2:db:ef:54:f9:13:46:e3:
37:37:97:96:c4:c4:c8:d1:b0:f8:be:92:e2:ab:f8:9b:ee:48:
00:b1:6c:35:51:a9:a5:e4:70:b2:09:82:58:b0:a6:31:bd:8c:
e9:3e:f2:47:09:4b:31:99:8c:9b:6c:72:fc:3b:84:d5:42:89:
34:92:2f:f2:24:fe:13:ea:58:4f:32:5b:5b:4b:57:0a:09:ef:
53:04:7e:c9:b0:85:b1:a8:3e:fd:67:26:a6:ae:0c:6b:91:63:
ec:df:8d:4d:f1:ef:10:0c:a6:f9:a5:12:12:9d:6f:7e:5c:84:
5e:1c:3f:61:e3:65:ce:ee:c0:cc:93:d4:fa:87:6a:95:7a:66:
50:33:59:ec:29:18:38:6d:c3:64:0f:17:72:e9:8b:83:b6:7c:
dd:0d:22:57:2b:9b:44:e9:69:cb:bf:97:a7:8d:2c:a1:46:4d:
bc:8c:26:3a:0f:26:13:15:d3:2d:20:8b:d2:7b:74:75:d1:ce:
ae:a2:26:93
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQnR5KTe9n/AZ6I7CEefpA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWVhZGMyZWM3MGIzMGZhNDIyNWVkN2ZjZDU3MzBmMGM3
YmM2MTYwHhcNMjUwMTAyMTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjIxZWI2MmIyYTVhNDM5ZjllZjg3NWMwMTVlNGM0MDVlMzExZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSnPBlHH5NeexIJZehwvBGVQipbd
s83m/3dvDYpMW+GF66zfUyFCKq9pE7BEojMXjL2XXFbe8UTi9KIOvhZi1Od79eiJ
heQBYQhExXHVI7xTcsuLoyY+AjT4zCS3/y4xWP43XWyx6VcZ8oBHge0ksOwgPU0P
HETrmY/Fkz5bk1oQdyfVR1V7cmKvMedBAU0oWsPpVRwi0H+GZ+QrM6EJI8vsS5OA
pPlZ2tenNt3OkAfIZcAkG0LX07Vls1dxlwGy3+kjIeGOP4CTLROEDlcGz7MXJf03
C7Fx6XobrWtJ7TexQZDvoWTUxBLSes3NYXcfux+MV8/HKFAfYNQTqJbEPwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOYh62KypaQ5+e+HXAFeTEBeMR7pMB8GA1UdIwQY
MBaAFLhercLscLMPpCJe1/zVcw8Me8YWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUY2dHd1eHdzdy1rSWw3WF9OVnpEd3g3eGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMDdiMTgtMTlkNy00MWYyLWFmNmIt
YmM3YTIwOGE1ZTJlLzEvNWlIcllyS2xwRG41NzRkY0FWNU1RRjR4SHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMDdiMTgtMTlkNy00MWYyLWFmNmItYmM3YTIwOGE1ZTJl
LzEvdUY2dHd1eHdzdy1rSWw3WF9OVnpEd3g3eGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAQfKjAD
BAAfKjgwDAMEBR+A4AMEAR+A8AMEAB+A/wMEAsOxfAMEAsPWxDANBgkqhkiG9w0B
AQsFAAOCAQEANysgM8OYzJSUMYeESzn83psZClMlfl/jexUoXh0fgeoI+do4Qvn4
Y8I7Z2gg3IsoKW4EsT2ycQnnOQOApT1xNsLb71T5E0bjNzeXlsTEyNGw+L6S4qv4
m+5IALFsNVGppeRwsgmCWLCmMb2M6T7yRwlLMZmMm2xy/DuE1UKJNJIv8iT+E+pY
TzJbW0tXCgnvUwR+ybCFsag+/Wcmpq4Ma5Fj7N+NTfHvEAym+aUSEp1vflyEXhw/
YeNlzu7AzJPU+odqlXpmUDNZ7CkYOG3DZA8XcumLg7Z83Q0iVyubROlpy7+Xp40s
oUZNvIwmOg8mExXTLSCL0nt0ddHOrqImkw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:27 2025 by rpki-client on console.sobornost.net