Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/0cEqGKjfm76Pz1TjiCr0iAFNt_k.roa
File: 0cEqGKjfm76Pz1TjiCr0iAFNt_k.roa (raw, json)
Hash identifier: 8zpaYy8O1j58gbBpTxxShajSZwJzqKtViEUnKsc1qt8=
Subject key identifier: D1:C1:2A:18:A8:DF:9B:BE:8F:CF:54:E3:88:2A:F4:88:01:4D:B7:F9
Certificate issuer: /CN=d51e6799bc5ca285a376372f0b6345dffc87b8c0
Certificate serial: 0195CD910B97DDC9CE7A3D2CE5E3582C9080
Authority key identifier: D5:1E:67:99:BC:5C:A2:85:A3:76:37:2F:0B:63:45:DF:FC:87:B8:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1R5nmbxcooWjdjcvC2NF3_yHuMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/0cEqGKjfm76Pz1TjiCr0iAFNt_k.roa
Signing time: Tue 25 Mar 2025 13:49:49 +0000
ROA not before: Tue 25 Mar 2025 13:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212961
IP address blocks: 31.216.132.0/22 maxlen: 22
194.180.144.0/22 maxlen: 22
194.180.146.0/24 maxlen: 24
194.180.147.0/24 maxlen: 24
194.180.148.0/23 maxlen: 23
2a0c:abc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:91:0b:97:dd:c9:ce:7a:3d:2c:e5:e3:58:2c:90:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d51e6799bc5ca285a376372f0b6345dffc87b8c0
Validity
Not Before: Mar 25 13:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1c12a18a8df9bbe8fcf54e3882af488014db7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:92:b6:0c:cb:5f:3c:de:26:0f:aa:4f:96:04:
20:87:5a:bd:82:2e:b2:05:a7:99:80:01:10:a5:33:
da:fc:c2:b0:c4:1d:27:0a:f9:73:61:b0:ff:eb:79:
66:44:24:19:6c:af:ef:9d:35:65:c2:bd:56:29:0c:
1e:d3:4d:36:03:b5:b9:a6:90:6b:6f:85:19:9b:1f:
7f:31:0a:25:04:c9:20:af:c5:2f:73:83:00:c1:1b:
94:bf:b1:65:7b:64:89:c7:4b:f2:22:a3:b5:bf:d3:
4d:3b:01:c0:95:26:7e:97:33:c1:cb:8a:03:51:10:
3a:c6:f8:71:56:5b:23:ec:cc:de:d2:56:91:15:5c:
2d:8e:5f:0e:05:2c:94:ee:22:fd:8c:f6:d7:cb:0e:
3e:b4:c3:c4:e4:6e:b4:98:dd:4a:bd:a7:8c:a5:88:
5f:e4:ff:71:76:54:5a:69:97:fb:6f:84:87:10:c8:
0d:de:ae:4a:be:02:66:1b:53:ed:da:e6:bf:53:2b:
cb:d7:27:7c:31:5e:1b:e6:c3:d1:ab:c3:b4:56:c4:
b4:e8:f8:74:dd:f6:d8:3c:73:ff:21:65:bd:3c:ac:
21:38:46:f5:c2:3c:0c:bd:67:0a:75:18:b1:48:33:
29:dd:52:e4:7e:08:c1:05:c5:b0:78:2a:91:62:98:
22:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C1:2A:18:A8:DF:9B:BE:8F:CF:54:E3:88:2A:F4:88:01:4D:B7:F9
X509v3 Authority Key Identifier:
keyid:D5:1E:67:99:BC:5C:A2:85:A3:76:37:2F:0B:63:45:DF:FC:87:B8:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1R5nmbxcooWjdjcvC2NF3_yHuMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/0cEqGKjfm76Pz1TjiCr0iAFNt_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fe36aa-a6ae-4063-b2fa-9ca251c0548b/1/1R5nmbxcooWjdjcvC2NF3_yHuMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.132.0/22
194.180.144.0-194.180.149.255
IPv6:
2a0c:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
82:c3:5a:09:1c:28:54:48:ec:a1:e6:73:b6:57:a9:5c:fa:06:
69:e2:4a:63:bf:11:37:f9:23:e5:ab:d0:ca:a9:c5:f9:b7:c2:
c3:10:b1:7c:2c:84:ff:7e:04:10:70:de:ab:0e:1d:35:25:47:
23:d6:45:4e:94:5b:4b:3e:00:22:57:57:a6:86:3c:06:2b:c6:
9c:8f:76:60:41:91:6f:b9:f0:cf:d9:57:eb:21:c1:5a:57:47:
8a:3f:04:3a:fc:d3:b8:f6:7b:12:d7:89:5c:8e:a9:7d:fe:18:
c2:d7:77:06:d5:d6:3c:b0:2c:18:76:8a:c3:b5:e6:46:60:31:
4d:0a:19:a3:d8:ac:96:60:99:4e:59:fd:ea:04:fa:c4:9a:5c:
58:4d:b5:9e:98:9f:17:80:c8:5e:1b:11:2c:b3:45:89:9d:fa:
72:ce:29:9a:45:16:b2:2d:e7:9e:62:c7:d8:2b:7a:f6:4b:39:
b8:7f:fe:86:8e:a6:60:6c:32:66:b2:99:58:2e:6d:25:5c:81:
96:f1:53:c0:1b:47:4e:74:8c:d6:5b:e4:da:88:2c:fd:ef:cf:
0a:7e:63:77:2b:f4:93:36:90:f1:cb:ab:0b:01:4b:cc:44:b6:
1b:31:41:1b:1f:0f:59:b2:3b:a6:82:e0:9d:9f:c2:67:bb:22:
68:ab:d3:eb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZXNkQuX3cnOej0s5eNYLJCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MWU2Nzk5YmM1Y2EyODVhMzc2MzcyZjBiNjM0NWRmZmM4
N2I4YzAwHhcNMjUwMzI1MTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMxMmExOGE4ZGY5YmJlOGZjZjU0ZTM4ODJhZjQ4ODAxNGRiN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JK2DMtfPN4mD6pPlgQgh1q9gi6y
BaeZgAEQpTPa/MKwxB0nCvlzYbD/63lmRCQZbK/vnTVlwr1WKQwe0002A7W5ppBr
b4UZmx9/MQolBMkgr8Uvc4MAwRuUv7Fle2SJx0vyIqO1v9NNOwHAlSZ+lzPBy4oD
URA6xvhxVlsj7Mze0laRFVwtjl8OBSyU7iL9jPbXyw4+tMPE5G60mN1KvaeMpYhf
5P9xdlRaaZf7b4SHEMgN3q5KvgJmG1Pt2ua/UyvL1yd8MV4b5sPRq8O0VsS06Ph0
3fbYPHP/IWW9PKwhOEb1wjwMvWcKdRixSDMp3VLkfgjBBcWweCqRYpgiIQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNHBKhio35u+j89U44gq9IgBTbf5MB8GA1UdIwQY
MBaAFNUeZ5m8XKKFo3Y3LwtjRd/8h7jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVI1bm1ieGNvb1dqZGpjdkMyTkYzX3lIdU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mZTM2YWEtYTZhZS00MDYzLWIyZmEt
OWNhMjUxYzA1NDhiLzEvMGNFcUdLamZtNzZQejFUamlDcjBpQUZOdF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mZTM2YWEtYTZhZS00MDYzLWIyZmEtOWNhMjUxYzA1NDhi
LzEvMVI1bm1ieGNvb1dqZGpjdkMyTkYzX3lIdU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCH9iEMAwD
BATCtJADBAHCtJQwDQQCAAIwBwMFAyoMq8AwDQYJKoZIhvcNAQELBQADggEBAILD
WgkcKFRI7KHmc7ZXqVz6BmniSmO/ETf5I+Wr0Mqpxfm3wsMQsXwshP9+BBBw3qsO
HTUlRyPWRU6UW0s+ACJXV6aGPAYrxpyPdmBBkW+58M/ZV+shwVpXR4o/BDr807j2
exLXiVyOqX3+GMLXdwbV1jywLBh2isO15kZgMU0KGaPYrJZgmU5Z/eoE+sSaXFhN
tZ6YnxeAyF4bESyzRYmd+nLOKZpFFrIt555ix9grevZLObh//oaOpmBsMmaymVgu
bSVcgZbxU8AbR050jNZb5NqILP3vzwp+Y3cr9JM2kPHLqwsBS8xEthsxQRsfD1my
O6aC4J2fwme7Imir0+s=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net