Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/lAxE_2WiPSwtD2dkPWpMB3ITgSk.roa
File: lAxE_2WiPSwtD2dkPWpMB3ITgSk.roa (raw, json)
Hash identifier: rNePl3O48qGCj6w0+7CI8F7t/YzGppKU5JOvf8QvlPs=
Subject key identifier: 94:0C:44:FF:65:A2:3D:2C:2D:0F:67:64:3D:6A:4C:07:72:13:81:29
Certificate issuer: /CN=659375cfe748a9e413894f2e4f85fbd64fd1c776
Certificate serial: 0193B68DBC6C11DD1EF374B5C35C26CCC544
Authority key identifier: 65:93:75:CF:E7:48:A9:E4:13:89:4F:2E:4F:85:FB:D6:4F:D1:C7:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZN1z-dIqeQTiU8uT4X71k_Rx3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/lAxE_2WiPSwtD2dkPWpMB3ITgSk.roa
Signing time: Wed 11 Dec 2024 16:29:22 +0000
ROA not before: Wed 11 Dec 2024 16:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 31.22.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:8d:bc:6c:11:dd:1e:f3:74:b5:c3:5c:26:cc:c5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659375cfe748a9e413894f2e4f85fbd64fd1c776
Validity
Not Before: Dec 11 16:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=940c44ff65a23d2c2d0f67643d6a4c0772138129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:aa:ee:e9:af:cd:a8:b3:34:fb:bb:ed:0d:9d:
d0:f7:ce:3a:4d:bd:2a:0a:df:b6:4b:04:36:ec:c2:
ec:d5:5d:c6:b8:b5:07:01:3d:1a:9d:f0:9e:74:4d:
12:c6:df:bd:db:b4:5d:a4:3c:5b:25:db:05:f5:65:
71:75:c0:c4:ac:68:92:85:f3:a3:f9:02:c3:a3:f0:
d7:fa:e7:18:ac:de:fb:76:d4:d7:a5:43:de:8f:a2:
f7:dd:0a:9b:e5:d8:3a:4f:03:09:92:95:a0:30:13:
93:43:8f:b3:c1:7d:84:af:24:bc:8d:30:ca:1d:70:
91:e7:94:0e:65:46:a5:d5:9e:bb:51:f2:8f:db:6b:
ed:bf:1f:51:ff:cc:98:ff:5a:c9:bf:22:fe:f5:f6:
10:96:68:f2:eb:ea:59:b5:d7:8f:80:7c:5f:74:e1:
f0:d2:a2:ce:96:41:d5:1e:ba:ed:e0:1d:21:24:ce:
13:b1:b5:d6:8b:2d:6f:94:8c:a4:59:cf:fe:4e:74:
8c:4f:ae:79:21:89:f0:15:9e:68:72:24:ca:68:13:
e4:1b:5c:42:36:99:80:90:e3:1d:60:a8:ab:2c:6e:
71:2a:8c:73:b0:63:63:c6:ae:a8:fa:d5:0d:b9:49:
19:3a:78:96:e8:9e:64:eb:57:33:48:63:65:8a:1a:
4d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0C:44:FF:65:A2:3D:2C:2D:0F:67:64:3D:6A:4C:07:72:13:81:29
X509v3 Authority Key Identifier:
keyid:65:93:75:CF:E7:48:A9:E4:13:89:4F:2E:4F:85:FB:D6:4F:D1:C7:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZN1z-dIqeQTiU8uT4X71k_Rx3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/lAxE_2WiPSwtD2dkPWpMB3ITgSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b57800-39e1-41d0-bd41-fe9ef8ff0cc1/1/ZZN1z-dIqeQTiU8uT4X71k_Rx3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.104.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:c3:e9:9e:ab:2f:40:f2:f9:95:f1:1e:9d:b2:49:c1:31:c2:
24:d8:c5:90:04:c2:87:ab:e4:13:af:7e:7a:4f:d6:78:70:d8:
da:db:e8:e0:dc:1e:0b:91:c4:9f:44:9b:7f:bc:7d:42:54:29:
29:a2:86:c1:87:24:85:a0:3e:7f:ea:a1:c1:cd:86:ce:bd:1d:
78:55:a3:c3:40:89:bd:71:23:d5:0a:92:e4:e4:49:34:f6:37:
f9:9b:97:ea:c9:53:41:d4:e0:2b:09:80:e8:1a:02:6b:bc:7d:
1d:f0:ab:ad:b4:4f:81:04:34:6b:5e:a0:a5:ec:d0:6d:8c:92:
06:3c:11:be:6a:2d:02:23:c5:80:ea:99:92:63:05:82:db:67:
8a:d0:fa:2e:24:96:d6:cb:5e:09:38:39:61:95:57:25:3d:d6:
fe:94:e5:df:c4:f1:94:31:58:22:e1:50:42:18:44:eb:60:09:
b8:d9:a0:b7:a3:8c:e2:80:16:ce:8d:f6:c9:1b:a6:a2:af:f7:
f8:32:a8:c8:e9:5c:b3:dc:9b:53:b5:e5:f0:8b:a8:2c:18:dc:
0c:be:8a:9e:2d:af:50:dd:02:0d:29:42:8b:b0:4d:1a:8d:70:
35:aa:f4:df:7c:e2:c5:45:5a:35:c8:0b:9c:bf:51:51:30:dd:
cb:d3:cd:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO2jbxsEd0e83S1w1wmzMVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTM3NWNmZTc0OGE5ZTQxMzg5NGYyZTRmODVmYmQ2NGZk
MWM3NzYwHhcNMjQxMjExMTYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDBjNDRmZjY1YTIzZDJjMmQwZjY3NjQzZDZhNGMwNzcyMTM4MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaru6a/NqLM0+7vtDZ3Q9846Tb0q
Ct+2SwQ27MLs1V3GuLUHAT0anfCedE0Sxt+927RdpDxbJdsF9WVxdcDErGiShfOj
+QLDo/DX+ucYrN77dtTXpUPej6L33Qqb5dg6TwMJkpWgMBOTQ4+zwX2EryS8jTDK
HXCR55QOZUal1Z67UfKP22vtvx9R/8yY/1rJvyL+9fYQlmjy6+pZtdePgHxfdOHw
0qLOlkHVHrrt4B0hJM4TsbXWiy1vlIykWc/+TnSMT655IYnwFZ5ociTKaBPkG1xC
NpmAkOMdYKirLG5xKoxzsGNjxq6o+tUNuUkZOniW6J5k61czSGNlihpN5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQMRP9loj0sLQ9nZD1qTAdyE4EpMB8GA1UdIwQY
MBaAFGWTdc/nSKnkE4lPLk+F+9ZP0cd2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpOMXotZElxZVFUaVU4dVQ0WDcxa19SeDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iNTc4MDAtMzllMS00MWQwLWJkNDEt
ZmU5ZWY4ZmYwY2MxLzEvbEF4RV8yV2lQU3d0RDJka1BXcE1CM0lUZ1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iNTc4MDAtMzllMS00MWQwLWJkNDEtZmU5ZWY4ZmYwY2Mx
LzEvWlpOMXotZElxZVFUaVU4dVQ0WDcxa19SeDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxZoMA0G
CSqGSIb3DQEBCwUAA4IBAQAaw+meqy9A8vmV8R6dsknBMcIk2MWQBMKHq+QTr356
T9Z4cNja2+jg3B4LkcSfRJt/vH1CVCkpoobBhySFoD5/6qHBzYbOvR14VaPDQIm9
cSPVCpLk5Ek09jf5m5fqyVNB1OArCYDoGgJrvH0d8KuttE+BBDRrXqCl7NBtjJIG
PBG+ai0CI8WA6pmSYwWC22eK0PouJJbWy14JODlhlVclPdb+lOXfxPGUMVgi4VBC
GETrYAm42aC3o4zigBbOjfbJG6air/f4MqjI6Vyz3JtTteXwi6gsGNwMvoqeLa9Q
3QINKUKLsE0ajXA1qvTffOLFRVo1yAucv1FRMN3L0808
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:50:11 2025 by rpki-client