Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/r5IQh0I7hRYeIyztXZE6QymDi6Y.roa
File: r5IQh0I7hRYeIyztXZE6QymDi6Y.roa (raw, json)
Hash identifier: qfDcuu58VEN7/s5Gcr+Aohj0zLruzryppQ2lslmRqXk=
Subject key identifier: AF:92:10:87:42:3B:85:16:1E:23:2C:ED:5D:91:3A:43:29:83:8B:A6
Certificate issuer: /CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Certificate serial: 0191746E50A45EA65CC3AB4DF6934A316D65
Authority key identifier: 5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/r5IQh0I7hRYeIyztXZE6QymDi6Y.roa
Signing time: Wed 21 Aug 2024 10:14:32 +0000
ROA not before: Wed 21 Aug 2024 10:14:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48014
IP address blocks: 31.41.33.0/24 maxlen: 24
2a12:4040::/29 maxlen: 29
2a12:4045::/32 maxlen: 32
2a12:4047::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:6e:50:a4:5e:a6:5c:c3:ab:4d:f6:93:4a:31:6d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Validity
Not Before: Aug 21 10:14:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af921087423b85161e232ced5d913a4329838ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:99:01:ae:cf:7b:d8:f5:9a:34:8c:2e:c1:c2:
26:57:aa:70:0b:94:bf:92:f2:1c:2a:0d:72:ac:2c:
01:78:62:0e:a1:d4:5f:66:f9:12:a4:a4:0f:97:23:
ab:93:06:ed:79:ae:6d:37:fc:f9:db:62:85:ae:ca:
99:11:aa:5e:f2:aa:e4:de:0b:f8:7e:15:69:e5:5c:
9a:c6:3f:d8:b5:7f:83:82:45:4d:3f:6a:a6:c7:36:
f7:a6:4e:aa:f8:61:f1:06:66:f4:86:71:73:ce:ee:
3f:81:f1:89:b0:9e:28:ee:a5:a8:2c:7a:4f:f6:80:
90:50:c2:d1:79:f2:42:2f:c1:72:81:c0:33:45:9c:
a9:eb:d9:ae:bb:40:ac:31:b0:5c:b9:ce:4b:6a:27:
2b:d7:dd:c9:8f:4f:82:3d:34:3a:14:58:ba:04:67:
60:23:8c:6d:cf:b3:39:f3:95:1b:14:1a:95:35:b7:
a8:74:b6:29:aa:d0:d5:a2:dc:29:c1:06:d1:c0:7d:
53:50:bc:b5:ec:9a:14:11:17:cf:7f:22:db:bf:7c:
14:98:ec:53:46:69:86:ce:59:db:b4:31:7f:10:32:
e9:88:03:67:ca:de:ee:2f:8c:65:ab:81:35:80:19:
fb:7a:ca:59:c5:6e:8e:42:45:3e:b9:58:c8:09:38:
77:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:92:10:87:42:3B:85:16:1E:23:2C:ED:5D:91:3A:43:29:83:8B:A6
X509v3 Authority Key Identifier:
keyid:5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/r5IQh0I7hRYeIyztXZE6QymDi6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.33.0/24
IPv6:
2a12:4040::/29
Signature Algorithm: sha256WithRSAEncryption
ae:7b:5e:f0:1d:09:09:53:d9:be:32:53:1a:7f:1c:bb:71:11:
af:f0:f6:6c:6c:f6:74:4d:dd:80:d8:36:a9:3f:42:13:6b:40:
76:ce:59:41:f4:90:d2:94:a2:b8:e5:9a:a0:fc:e6:08:4c:41:
87:f6:46:78:b7:8b:62:a3:32:21:0c:5b:01:f9:48:88:b7:4b:
9e:52:af:84:6d:ff:f0:9c:67:98:dd:28:1e:c4:a1:c9:7f:59:
7f:d9:44:23:84:0a:27:18:d6:6c:4f:64:4d:5e:a7:5b:0c:91:
4b:85:c7:21:37:32:21:03:31:4b:ff:b8:1d:a5:93:4a:5c:bf:
40:e9:6b:75:58:c6:2f:5e:0d:96:a3:a2:86:0d:da:f3:ec:56:
ea:f8:5f:e2:6f:88:27:ba:49:24:8f:fe:b2:bb:f2:5f:40:53:
ad:61:a5:13:bd:e5:5b:4b:b2:72:25:32:01:0b:2a:31:b9:a1:
b7:cb:d4:9c:6c:26:c7:08:26:f4:36:aa:02:da:4c:a4:92:fc:
66:16:0c:d5:c1:54:43:68:46:9e:56:4c:69:e9:70:37:90:15:
c2:5d:84:f0:5b:77:7f:b8:09:b1:72:54:d5:15:5b:0d:5e:8b:
9e:2e:0b:66:5d:ca:f5:4c:c4:73:83:c5:de:ad:3c:3e:3b:b3:
a0:cc:bc:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZF0blCkXqZcw6tN9pNKMW1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzkwNTE4ZGY3MGIxM2Q3MDZiZmUyMzdhYTVhNzY5MjZh
NTc2ZDEwHhcNMjQwODIxMTAxNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjkyMTA4NzQyM2I4NTE2MWUyMzJjZWQ1ZDkxM2E0MzI5ODM4YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJkBrs972PWaNIwuwcImV6pwC5S/
kvIcKg1yrCwBeGIOodRfZvkSpKQPlyOrkwbtea5tN/z522KFrsqZEape8qrk3gv4
fhVp5Vyaxj/YtX+DgkVNP2qmxzb3pk6q+GHxBmb0hnFzzu4/gfGJsJ4o7qWoLHpP
9oCQUMLRefJCL8FygcAzRZyp69muu0CsMbBcuc5Laicr193Jj0+CPTQ6FFi6BGdg
I4xtz7M585UbFBqVNbeodLYpqtDVotwpwQbRwH1TULy17JoUERfPfyLbv3wUmOxT
RmmGzlnbtDF/EDLpiANnyt7uL4xlq4E1gBn7espZxW6OQkU+uVjICTh3mwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+SEIdCO4UWHiMs7V2ROkMpg4umMB8GA1UdIwQY
MBaAFF/JBRjfcLE9cGv+I3qlp2kmpXbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEt
YzgzMDJlODJlYTIyLzEvcjVJUWgwSTdoUlllSXl6dFhaRTZReW1EaTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEtYzgzMDJlODJlYTIy
LzEvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHykhMA0E
AgACMAcDBQMqEkBAMA0GCSqGSIb3DQEBCwUAA4IBAQCue17wHQkJU9m+MlMafxy7
cRGv8PZsbPZ0Td2A2DapP0ITa0B2zllB9JDSlKK45Zqg/OYITEGH9kZ4t4tiozIh
DFsB+UiIt0ueUq+Ebf/wnGeY3SgexKHJf1l/2UQjhAonGNZsT2RNXqdbDJFLhcch
NzIhAzFL/7gdpZNKXL9A6Wt1WMYvXg2Wo6KGDdrz7Fbq+F/ib4gnukkkj/6yu/Jf
QFOtYaUTveVbS7JyJTIBCyoxuaG3y9ScbCbHCCb0NqoC2kykkvxmFgzVwVRDaEae
Vkxp6XA3kBXCXYTwW3d/uAmxclTVFVsNXoueLgtmXcr1TMRzg8XerTw+O7OgzLzO
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:40 2024 by rpki-client on console.sobornost.net