Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/MR-CD9okT3DzBB7accNXowZHVCI.roa
File: MR-CD9okT3DzBB7accNXowZHVCI.roa (raw, json)
Hash identifier: e8eC8mlhxleFIGvU2f0vj1dgz8eU62/h0kDyiFGnLx0=
Subject key identifier: 31:1F:82:0F:DA:24:4F:70:F3:04:1E:DA:71:C3:57:A3:06:47:54:22
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0194236A2CDB452C86B1CBF4FE2D8068C3B6
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/MR-CD9okT3DzBB7accNXowZHVCI.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47595
IP address blocks: 31.177.86.0/23 maxlen: 24
31.177.92.0/24 maxlen: 24
2a02:2090:9800::/48 maxlen: 48
2a02:2090:a800::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2c:db:45:2c:86:b1:cb:f4:fe:2d:80:68:c3:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=311f820fda244f70f3041eda71c357a306475422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:77:58:24:2e:cb:b8:79:d2:3b:87:25:0e:08:
82:45:d8:15:00:4f:cc:b9:71:59:12:11:6c:24:37:
78:43:a0:c2:ed:36:df:36:68:8c:2b:44:11:40:f0:
69:d2:45:19:50:65:58:97:0b:e0:ff:ca:6c:05:b6:
a7:8f:f9:f1:d7:2b:2c:be:10:f1:fc:69:ae:ac:b8:
2b:f2:b0:6d:cd:90:2d:90:bf:ac:4b:a8:f2:ea:27:
16:97:c4:ce:b9:c6:53:80:47:1c:2e:36:fc:36:cf:
59:99:1e:59:79:ca:cc:23:f0:ab:33:a5:b4:1b:3f:
bb:fa:9f:91:c5:f8:7d:be:61:56:9f:ca:9d:3c:d1:
28:05:b9:c1:d8:54:af:4f:33:ea:61:ba:82:e4:0e:
e1:7f:0f:a7:d0:f4:ee:f6:b8:41:3a:85:b4:de:a8:
4e:e3:4b:0c:ff:74:20:59:78:23:44:36:ae:63:f1:
62:b5:d3:b4:6d:0c:d0:6b:70:49:a7:70:49:c1:77:
8c:04:dc:3d:a5:80:c1:d7:ad:26:cd:1f:37:73:5a:
12:13:a1:e3:d6:16:d0:f3:9f:16:7c:1f:d6:0c:c6:
b3:cc:89:a2:e9:40:81:16:f4:1f:f4:1e:a0:d4:39:
68:5d:b3:13:66:bb:d7:e5:87:56:8c:3f:c9:7f:15:
92:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:1F:82:0F:DA:24:4F:70:F3:04:1E:DA:71:C3:57:A3:06:47:54:22
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/MR-CD9okT3DzBB7accNXowZHVCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.86.0/23
31.177.92.0/24
IPv6:
2a02:2090:9800::/48
2a02:2090:a800::/48
Signature Algorithm: sha256WithRSAEncryption
3e:53:c3:73:87:b2:27:21:ec:8d:26:8f:e7:be:eb:46:be:0a:
29:1c:32:83:a0:e3:8a:77:b3:63:14:04:71:9a:b9:39:2f:c7:
ca:49:b9:ad:60:65:78:36:8c:1f:b9:6b:18:07:f3:bb:9a:ab:
83:cd:87:2c:53:c1:b4:7c:3b:69:0a:6e:e9:b6:16:e4:e3:0e:
45:57:e3:4a:44:0f:1b:84:1b:9f:39:a6:96:0a:d0:57:d3:65:
42:79:19:00:93:00:c9:d6:f0:51:32:c1:40:91:89:c0:44:2a:
2f:a9:b3:9c:39:1a:ce:0b:6d:34:67:09:83:99:19:26:db:84:
fe:4a:15:0d:7b:9e:48:10:e7:85:c7:b6:87:95:92:0e:d4:30:
08:64:05:46:d5:50:94:1f:55:57:d9:69:9e:4f:c1:1b:81:4f:
d6:32:d7:5c:5f:60:70:ca:8b:24:51:61:7b:62:98:9d:35:37:
a8:f6:d2:85:1f:65:d3:df:61:23:ec:1f:db:83:be:c2:7b:a9:
48:f1:92:7e:8f:60:ab:62:3a:47:c1:71:00:8b:d5:99:a0:da:
a6:86:87:ca:49:ad:f6:78:df:64:ae:49:fd:8f:8e:91:6e:81:
7b:96:08:bd:8e:25:a3:69:85:84:e2:75:0b:59:87:59:e4:ac:
81:be:9d:ed
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQjaizbRSyGscv0/i2AaMO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTFmODIwZmRhMjQ0ZjcwZjMwNDFlZGE3MWMzNTdhMzA2NDc1NDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsndYJC7LuHnSO4clDgiCRdgVAE/M
uXFZEhFsJDd4Q6DC7TbfNmiMK0QRQPBp0kUZUGVYlwvg/8psBbanj/nx1yssvhDx
/GmurLgr8rBtzZAtkL+sS6jy6icWl8TOucZTgEccLjb8Ns9ZmR5ZecrMI/CrM6W0
Gz+7+p+Rxfh9vmFWn8qdPNEoBbnB2FSvTzPqYbqC5A7hfw+n0PTu9rhBOoW03qhO
40sM/3QgWXgjRDauY/FitdO0bQzQa3BJp3BJwXeMBNw9pYDB160mzR83c1oSE6Hj
1hbQ858WfB/WDMazzImi6UCBFvQf9B6g1DloXbMTZrvX5YdWjD/JfxWSaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDEfgg/aJE9w8wQe2nHDV6MGR1QiMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvTVItQ0Q5b2tUM0R6QkI3YWNjTlhvd1pIVkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBH7FWAwQA
H7FcMBgEAgACMBIDBwAqAiCQmAADBwAqAiCQqAAwDQYJKoZIhvcNAQELBQADggEB
AD5Tw3OHsich7I0mj+e+60a+CikcMoOg44p3s2MUBHGauTkvx8pJua1gZXg2jB+5
axgH87uaq4PNhyxTwbR8O2kKbum2FuTjDkVX40pEDxuEG585ppYK0FfTZUJ5GQCT
AMnW8FEywUCRicBEKi+ps5w5Gs4LbTRnCYOZGSbbhP5KFQ17nkgQ54XHtoeVkg7U
MAhkBUbVUJQfVVfZaZ5PwRuBT9Yy11xfYHDKiyRRYXtimJ01N6j20oUfZdPfYSPs
H9uDvsJ7qUjxkn6PYKtiOkfBcQCL1Zmg2qaGh8pJrfZ432SuSf2PjpFugXuWCL2O
JaNphYTidQtZh1nkrIG+ne0=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:41 2025 by rpki-client on console.sobornost.net