Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/qdNG49hIyDFFdCFIGbm6kEPFcbI.roa
File: qdNG49hIyDFFdCFIGbm6kEPFcbI.roa (raw, json)
Hash identifier: oUfCXgwymuAlhA935EnqN9SnikKCG4eVZ1qECppIrzI=
Subject key identifier: A9:D3:46:E3:D8:48:C8:31:45:74:21:48:19:B9:BA:90:43:C5:71:B2
Certificate issuer: /CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Certificate serial: 019423D6D72F36AB6CA2087ADE5BC59D3959
Authority key identifier: 9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/qdNG49hIyDFFdCFIGbm6kEPFcbI.roa
Signing time: Wed 01 Jan 2025 21:47:49 +0000
ROA not before: Wed 01 Jan 2025 21:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44710
IP address blocks: 31.131.140.0/24 maxlen: 24
31.131.141.0/24 maxlen: 24
91.217.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d7:2f:36:ab:6c:a2:08:7a:de:5b:c5:9d:39:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Validity
Not Before: Jan 1 21:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9d346e3d848c8314574214819b9ba9043c571b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9e:b0:0b:d6:e6:19:74:63:a4:a2:87:77:04:
2a:06:de:da:0c:8b:71:d9:f4:4c:9a:6b:9d:15:cd:
44:8c:56:d1:e9:64:0c:5a:a9:6b:02:a5:61:ac:b0:
b1:51:e4:74:5f:bb:57:ac:66:17:b1:0c:97:9d:20:
55:a8:96:fe:96:7d:21:a4:03:7c:8a:66:dc:61:d7:
01:39:ef:62:ec:64:13:32:e8:e8:a1:43:83:d8:20:
24:c6:da:35:76:23:ef:d9:35:45:04:af:24:be:8a:
2e:4d:7a:02:75:cf:2b:4e:14:ec:7e:44:ba:be:00:
95:64:36:e5:88:4f:4e:06:49:9d:e2:70:8d:f0:37:
54:14:99:61:63:53:8f:55:a8:ba:5b:a6:0f:9e:c2:
de:50:db:28:c9:5f:02:49:63:2f:21:d5:f0:ab:f7:
1a:a9:e3:1c:86:b7:1b:48:96:9a:29:88:3b:5e:92:
66:6b:1a:2b:d5:24:d7:fe:43:46:95:28:b6:6b:91:
ec:26:ca:d8:fd:19:49:cd:65:ff:68:11:c3:11:48:
20:2a:7f:28:0a:ea:65:71:4a:ee:60:71:82:cb:61:
85:d4:76:97:8e:fc:da:2a:57:ab:00:5e:ba:a1:0e:
f1:0e:42:bb:91:98:91:b0:6f:a1:6e:a9:e4:7f:15:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D3:46:E3:D8:48:C8:31:45:74:21:48:19:B9:BA:90:43:C5:71:B2
X509v3 Authority Key Identifier:
keyid:9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/qdNG49hIyDFFdCFIGbm6kEPFcbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/nozX1qQQV1C_iXWn0LlnlMHv5iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.140.0/23
91.217.244.0/24
Signature Algorithm: sha256WithRSAEncryption
40:a8:60:b2:a6:20:6c:fc:9d:57:62:bb:4f:bd:2f:71:26:ae:
80:f2:ee:0b:29:f0:52:b5:60:5f:a9:79:23:c2:6b:a7:d1:e9:
7b:b3:64:91:f3:df:0e:6e:3e:7f:42:50:0a:36:a3:3e:96:7b:
dd:44:4a:06:9c:74:be:6e:54:c7:19:18:01:b2:d8:95:fa:57:
77:b9:39:c0:46:1d:92:76:41:a8:4e:fa:b2:85:8a:44:8c:61:
e8:c0:6b:b0:9d:07:00:f3:95:1f:13:d3:c6:0e:98:d9:ec:55:
28:b7:6e:6c:bb:8d:5b:a3:c2:00:76:2f:a6:e0:37:51:39:e4:
14:80:3a:3e:81:a0:5b:1d:85:7c:dd:a2:48:c1:7b:cc:fb:32:
9d:59:93:a8:6f:f0:f5:87:7f:5f:ed:98:41:0c:f4:3a:c5:d6:
b8:d4:bc:f7:a8:53:35:07:bb:7b:c3:f4:14:fe:8a:a6:f7:73:
7d:91:a3:1c:1e:0f:ae:61:ba:5c:8b:02:39:a0:f7:d7:fc:d6:
6c:b0:ba:eb:11:71:e0:b4:22:85:8d:c3:e2:b7:f6:8d:8e:d3:
f4:9e:fe:3f:b3:b6:79:2b:62:86:ee:36:12:0f:63:3e:d2:b4:
96:ce:16:12:86:fb:01:0e:79:ed:29:ff:11:e3:1e:82:c6:e6:
50:f7:c7:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1tcvNqtsogh63lvFnTlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOGNkN2Q2YTQxMDU3NTBiZjg5NzVhN2QwYjk2Nzk0YzFl
ZmU2MjIwHhcNMjUwMTAxMjE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQzNDZlM2Q4NDhjODMxNDU3NDIxNDgxOWI5YmE5MDQzYzU3MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ6wC9bmGXRjpKKHdwQqBt7aDItx
2fRMmmudFc1EjFbR6WQMWqlrAqVhrLCxUeR0X7tXrGYXsQyXnSBVqJb+ln0hpAN8
imbcYdcBOe9i7GQTMujooUOD2CAkxto1diPv2TVFBK8kvoouTXoCdc8rThTsfkS6
vgCVZDbliE9OBkmd4nCN8DdUFJlhY1OPVai6W6YPnsLeUNsoyV8CSWMvIdXwq/ca
qeMchrcbSJaaKYg7XpJmaxor1STX/kNGlSi2a5HsJsrY/RlJzWX/aBHDEUggKn8o
CuplcUruYHGCy2GF1HaXjvzaKlerAF66oQ7xDkK7kZiRsG+hbqnkfxUExwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKnTRuPYSMgxRXQhSBm5upBDxXGyMB8GA1UdIwQY
MBaAFJ6M19akEFdQv4l1p9C5Z5TB7+YiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2Qt
OGMyZGY1YTVjNmQ3LzEvcWRORzQ5aEl5REZGZENGSUdibTZrRVBGY2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2QtOGMyZGY1YTVjNmQ3
LzEvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH4OMAwQA
W9n0MA0GCSqGSIb3DQEBCwUAA4IBAQBAqGCypiBs/J1XYrtPvS9xJq6A8u4LKfBS
tWBfqXkjwmun0el7s2SR898Obj5/QlAKNqM+lnvdREoGnHS+blTHGRgBstiV+ld3
uTnARh2SdkGoTvqyhYpEjGHowGuwnQcA85UfE9PGDpjZ7FUot25su41bo8IAdi+m
4DdROeQUgDo+gaBbHYV83aJIwXvM+zKdWZOob/D1h39f7ZhBDPQ6xda41Lz3qFM1
B7t7w/QU/oqm93N9kaMcHg+uYbpciwI5oPfX/NZssLrrEXHgtCKFjcPit/aNjtP0
nv4/s7Z5K2KG7jYSD2M+0rSWzhYShvsBDnntKf8R4x6CxuZQ98dy
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:38 2025 by rpki-client on console.sobornost.net