Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/kE5clAT_On1-sKoap2EGHHtO9ks.roa
File: kE5clAT_On1-sKoap2EGHHtO9ks.roa (raw, json)
Hash identifier: 2Gqvz4gyypjZzZQdA4iyMYqLbiLT02xiEIZm2TleSrU=
Subject key identifier: 90:4E:5C:94:04:FF:3A:7D:7E:B0:AA:1A:A7:61:06:1C:7B:4E:F6:4B
Certificate issuer: /CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Certificate serial: 019427B54B43487B8915FF056CED50C6DE85
Authority key identifier: A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/kE5clAT_On1-sKoap2EGHHtO9ks.roa
Signing time: Thu 02 Jan 2025 15:49:40 +0000
ROA not before: Thu 02 Jan 2025 15:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56623
IP address blocks: 31.133.112.0/24 maxlen: 24
31.133.113.0/24 maxlen: 24
31.133.114.0/24 maxlen: 24
31.133.115.0/24 maxlen: 24
31.133.117.0/24 maxlen: 24
31.133.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:4b:43:48:7b:89:15:ff:05:6c:ed:50:c6:de:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Validity
Not Before: Jan 2 15:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=904e5c9404ff3a7d7eb0aa1aa761061c7b4ef64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9a:a5:3b:f5:9e:c7:28:6f:74:59:dc:25:e4:
3c:08:69:1e:a3:53:a9:2f:81:5c:38:76:f9:9b:11:
bc:b7:80:fc:61:af:a5:18:97:0b:c6:24:9e:1c:31:
cc:28:38:d1:aa:b3:19:36:d1:ec:05:08:47:7d:f5:
98:7b:c5:16:e2:b1:6d:ba:c3:23:a0:10:e8:25:f1:
f9:42:1a:23:2d:fa:9f:23:e7:3c:95:fa:bd:88:97:
82:7b:5a:67:1e:27:3f:39:be:a7:c6:78:f4:6d:20:
c5:b7:24:58:a5:9c:6d:0a:f2:8e:e1:83:2c:4a:d8:
89:d5:43:8c:52:17:87:17:ff:b7:dc:04:da:ea:b5:
6f:51:df:6b:8c:33:ca:c6:10:c2:8e:0a:38:39:02:
e1:0b:e2:ab:b7:9a:56:ae:69:d4:01:c8:96:a8:9a:
64:ed:ea:68:19:21:1e:69:43:9f:67:f4:3d:65:41:
9c:29:31:38:9f:38:88:c8:05:ec:af:46:6a:e2:23:
bd:5b:d6:6c:e1:76:5a:5e:26:3a:88:9d:14:45:39:
fb:89:fe:ec:da:0f:46:a2:02:c0:46:d8:da:63:5b:
04:87:45:05:fb:bf:c2:42:c6:b8:2a:7e:2a:ac:13:
cc:81:9c:18:53:79:8e:b2:a0:ac:97:f6:9f:69:ed:
85:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4E:5C:94:04:FF:3A:7D:7E:B0:AA:1A:A7:61:06:1C:7B:4E:F6:4B
X509v3 Authority Key Identifier:
keyid:A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/kE5clAT_On1-sKoap2EGHHtO9ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/qTnMFiHuMBCumOEnvSVKeDP9KCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.112.0/22
31.133.117.0-31.133.118.255
Signature Algorithm: sha256WithRSAEncryption
78:68:57:1c:71:d0:f2:55:fd:8a:6d:f6:db:c2:e1:0c:9a:d6:
5d:a5:aa:73:1b:e6:50:1b:5a:44:55:2b:58:ff:45:d3:f7:b4:
fa:47:ad:a1:f6:c9:11:50:c6:54:d0:33:f3:8c:06:bb:e5:2f:
9c:42:b5:e3:49:65:87:85:21:b7:27:d6:67:65:9b:54:57:6e:
b6:44:29:3d:19:67:76:88:a8:d0:18:4f:cf:38:40:b9:31:b0:
f1:a5:8d:2f:62:53:78:fa:96:e1:5a:6c:ef:72:a2:2b:e4:4e:
74:ea:62:fd:d2:89:88:3a:00:6c:32:be:fc:34:13:17:32:08:
89:54:ec:17:cc:4c:e8:f4:6a:d2:b3:5b:f3:7b:13:65:b4:ca:
77:1e:40:a4:7b:6f:3f:9c:41:a3:b3:5b:6e:a9:34:61:9b:96:
55:1e:61:fe:2c:df:1d:2a:e1:9c:44:f2:0f:c7:7d:3f:48:87:
2f:cb:3a:14:5b:51:0e:5f:85:86:97:fa:a2:dc:33:67:5c:de:
ea:9a:5f:b5:28:14:94:7f:90:52:83:7e:5a:ee:75:b2:a8:97:
5f:05:fb:42:78:4b:ad:b9:5f:ff:c9:21:d7:94:a5:48:4b:89:
7f:5b:d9:46:4a:19:a3:c4:e8:e2:6c:87:c1:9f:d3:80:0b:4c:
2d:dd:3c:4f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQntUtDSHuJFf8FbO1Qxt6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MzljYzE2MjFlZTMwMTBhZTk4ZTEyN2JkMjU0YTc4MzNm
ZDI4MjcwHhcNMjUwMTAyMTU0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRlNWM5NDA0ZmYzYTdkN2ViMGFhMWFhNzYxMDYxYzdiNGVmNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5qlO/WexyhvdFncJeQ8CGkeo1Op
L4FcOHb5mxG8t4D8Ya+lGJcLxiSeHDHMKDjRqrMZNtHsBQhHffWYe8UW4rFtusMj
oBDoJfH5QhojLfqfI+c8lfq9iJeCe1pnHic/Ob6nxnj0bSDFtyRYpZxtCvKO4YMs
StiJ1UOMUheHF/+33ATa6rVvUd9rjDPKxhDCjgo4OQLhC+Krt5pWrmnUAciWqJpk
7epoGSEeaUOfZ/Q9ZUGcKTE4nziIyAXsr0Zq4iO9W9Zs4XZaXiY6iJ0URTn7if7s
2g9GogLARtjaY1sEh0UF+7/CQsa4Kn4qrBPMgZwYU3mOsqCsl/afae2FhQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJBOXJQE/zp9frCqGqdhBhx7TvZLMB8GA1UdIwQY
MBaAFKk5zBYh7jAQrpjhJ70lSngz/SgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYt
YjA2MTk0ZDEzYzZiLzEva0U1Y2xBVF9PbjEtc0tvYXAyRUdISHRPOWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYtYjA2MTk0ZDEzYzZi
LzEvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCH4VwMAwD
BAAfhXUDBAAfhXYwDQYJKoZIhvcNAQELBQADggEBAHhoVxxx0PJV/Ypt9tvC4Qya
1l2lqnMb5lAbWkRVK1j/RdP3tPpHraH2yRFQxlTQM/OMBrvlL5xCteNJZYeFIbcn
1mdlm1RXbrZEKT0ZZ3aIqNAYT884QLkxsPGljS9iU3j6luFabO9yoivkTnTqYv3S
iYg6AGwyvvw0ExcyCIlU7BfMTOj0atKzW/N7E2W0ynceQKR7bz+cQaOzW26pNGGb
llUeYf4s3x0q4ZxE8g/HfT9Ihy/LOhRbUQ5fhYaX+qLcM2dc3uqaX7UoFJR/kFKD
flrudbKol18F+0J4S625X//JIdeUpUhLiX9b2UZKGaPE6OJsh8Gf04ALTC3dPE8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net