Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/q9BWcMARtQ3_HrPyS7FBIEXNhsI.roa
File: q9BWcMARtQ3_HrPyS7FBIEXNhsI.roa (raw, json)
Hash identifier: D3KwQaIiGET5pyY7n2Q5pJoywyLFE76xEx7j4PCoCfY=
Subject key identifier: AB:D0:56:70:C0:11:B5:0D:FF:1E:B3:F2:4B:B1:41:20:45:CD:86:C2
Certificate issuer: /CN=a07dcb6db9a75c1017fee672f73b961771b77ca1
Certificate serial: 019420682E35C4EF7417781A790017CAF798
Authority key identifier: A0:7D:CB:6D:B9:A7:5C:10:17:FE:E6:72:F7:3B:96:17:71:B7:7C:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oH3LbbmnXBAX_uZy9zuWF3G3fKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/q9BWcMARtQ3_HrPyS7FBIEXNhsI.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212472
IP address blocks: 31.12.72.0/24 maxlen: 24
213.163.252.0/23 maxlen: 24
2a12:acc0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2e:35:c4:ef:74:17:78:1a:79:00:17:ca:f7:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a07dcb6db9a75c1017fee672f73b961771b77ca1
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abd05670c011b50dff1eb3f24bb1412045cd86c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f9:57:f3:98:a7:dc:53:2d:c4:90:c0:fe:5a:
d1:8c:b8:31:21:1f:d2:1e:12:e8:72:2a:08:9a:d5:
3f:ec:7a:ad:94:d0:27:1a:82:13:32:3b:d5:d9:fb:
74:bf:c0:2f:16:d6:d1:2f:fc:e5:01:63:61:f4:f4:
36:cf:3c:1a:6d:9f:60:6b:3a:58:bf:18:c0:83:e9:
aa:5b:5e:32:52:ff:f5:78:0a:b9:eb:8a:06:63:e5:
97:2b:e9:27:69:c8:24:39:32:8b:64:22:54:df:4e:
78:b5:de:7c:df:c8:b0:55:9c:45:d8:5b:a1:3c:ba:
17:ed:61:56:15:96:8f:1a:6a:d1:aa:07:bb:1d:af:
d2:ff:be:8b:03:39:12:73:80:7e:81:a4:b5:d8:41:
a4:30:a1:da:a2:fe:47:65:2f:6e:d3:ba:2e:52:e2:
2e:84:5b:1a:7b:ac:db:a5:85:c1:5b:44:8a:17:34:
54:1f:2c:ba:e7:cf:b4:81:37:5a:a4:14:e6:71:a0:
94:a4:1e:8a:4d:f8:e1:f9:57:6f:d2:59:50:70:78:
5d:5a:d3:b0:c1:27:fa:a7:02:56:a2:d6:0a:62:d7:
54:5d:68:76:4a:e4:08:11:64:60:b0:6f:8a:2c:a6:
f3:a3:3f:24:05:8e:05:e4:b3:29:a4:04:96:59:18:
89:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D0:56:70:C0:11:B5:0D:FF:1E:B3:F2:4B:B1:41:20:45:CD:86:C2
X509v3 Authority Key Identifier:
keyid:A0:7D:CB:6D:B9:A7:5C:10:17:FE:E6:72:F7:3B:96:17:71:B7:7C:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oH3LbbmnXBAX_uZy9zuWF3G3fKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/q9BWcMARtQ3_HrPyS7FBIEXNhsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/303105-e7c8-4a44-a181-cb40ee048dc0/1/oH3LbbmnXBAX_uZy9zuWF3G3fKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.72.0/24
213.163.252.0/23
IPv6:
2a12:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:28:c6:b6:ce:d8:4a:6d:e9:04:93:00:66:80:80:53:df:36:
a1:e9:07:b3:3b:6e:b3:8e:57:3c:06:d0:51:46:f6:59:f3:53:
02:5d:13:7d:45:7a:06:cb:d2:18:61:6e:36:42:37:da:0e:9d:
ca:2f:97:f2:3f:16:27:e1:cf:a4:de:b8:62:28:36:38:76:d2:
74:21:72:cb:87:e6:a5:3d:1e:ff:8e:2f:f8:09:7a:fa:50:d6:
73:4f:ce:b7:14:e0:99:82:0f:2a:cf:80:34:2f:a7:9a:96:61:
4e:d4:27:7a:b7:9f:cf:5f:c1:dd:7e:81:9a:7d:3f:c9:7f:42:
47:e9:98:99:73:49:69:85:98:e3:b6:22:c9:b5:73:c5:9a:f7:
1d:7a:ea:f4:82:e0:ba:92:15:73:1f:b1:f9:ab:df:90:18:90:
66:21:3c:c1:b7:b2:a1:ee:f0:5d:7d:78:f8:38:6f:a7:64:e4:
b9:d3:cd:3e:2b:c2:81:e3:be:12:19:b8:6c:d5:39:bc:f5:a3:
c8:de:aa:cd:a5:7e:85:22:34:50:08:e5:38:0e:c4:a4:c2:26:
05:e6:cb:77:c6:ff:56:f2:f0:fe:6c:f2:28:16:b0:e7:f3:0f:
4d:8f:f6:3c:37:7f:df:31:92:63:bf:54:8d:6c:ce:e4:97:67:
b0:1f:26:11
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgaC41xO90F3gaeQAXyveYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwN2RjYjZkYjlhNzVjMTAxN2ZlZTY3MmY3M2I5NjE3NzFi
NzdjYTEwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQwNTY3MGMwMTFiNTBkZmYxZWIzZjI0YmIxNDEyMDQ1Y2Q4NmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PlX85in3FMtxJDA/lrRjLgxIR/S
HhLocioImtU/7HqtlNAnGoITMjvV2ft0v8AvFtbRL/zlAWNh9PQ2zzwabZ9gazpY
vxjAg+mqW14yUv/1eAq564oGY+WXK+knacgkOTKLZCJU3054td5838iwVZxF2Fuh
PLoX7WFWFZaPGmrRqge7Ha/S/76LAzkSc4B+gaS12EGkMKHaov5HZS9u07ouUuIu
hFsae6zbpYXBW0SKFzRUHyy658+0gTdapBTmcaCUpB6KTfjh+Vdv0llQcHhdWtOw
wSf6pwJWotYKYtdUXWh2SuQIEWRgsG+KLKbzoz8kBY4F5LMppASWWRiJyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKvQVnDAEbUN/x6z8kuxQSBFzYbCMB8GA1UdIwQY
MBaAFKB9y225p1wQF/7mcvc7lhdxt3yhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0gzTGJibW5YQkFYX3VaeTl6dVdGM0czZktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zMDMxMDUtZTdjOC00YTQ0LWExODEt
Y2I0MGVlMDQ4ZGMwLzEvcTlCV2NNQVJ0UTNfSHJQeVM3RkJJRVhOaHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zMDMxMDUtZTdjOC00YTQ0LWExODEtY2I0MGVlMDQ4ZGMw
LzEvb0gzTGJibW5YQkFYX3VaeTl6dVdGM0czZktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAHwxIAwQB
1aP8MA0EAgACMAcDBQMqEqzAMA0GCSqGSIb3DQEBCwUAA4IBAQA8KMa2zthKbekE
kwBmgIBT3zah6QezO26zjlc8BtBRRvZZ81MCXRN9RXoGy9IYYW42QjfaDp3KL5fy
PxYn4c+k3rhiKDY4dtJ0IXLLh+alPR7/ji/4CXr6UNZzT863FOCZgg8qz4A0L6ea
lmFO1Cd6t5/PX8HdfoGafT/Jf0JH6ZiZc0lphZjjtiLJtXPFmvcdeur0guC6khVz
H7H5q9+QGJBmITzBt7Kh7vBdfXj4OG+nZOS5080+K8KB474SGbhs1Tm89aPI3qrN
pX6FIjRQCOU4DsSkwiYF5st3xv9W8vD+bPIoFrDn8w9Nj/Y8N3/fMZJjv1SNbM7k
l2ewHyYR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:47 2025 by rpki-client on console.sobornost.net