Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/MQJ9Tms8NtZHBjFKGd8tRATLgzU.roa
File: MQJ9Tms8NtZHBjFKGd8tRATLgzU.roa (raw, json)
Hash identifier: JQ9FShj97dGuiiKP4b3nhes/Pu/ifqQ1fWpnjpSUqN0=
Subject key identifier: 31:02:7D:4E:6B:3C:36:D6:47:06:31:4A:19:DF:2D:44:04:CB:83:35
Certificate issuer: /CN=1216abcc44c9a95540cdf5b1dc542ec7d11fe07a
Certificate serial: 01962B547E70BA2550A136B27864DF6428ED
Authority key identifier: 12:16:AB:CC:44:C9:A9:55:40:CD:F5:B1:DC:54:2E:C7:D1:1F:E0:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EharzETJqVVAzfWx3FQux9Ef4Ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/MQJ9Tms8NtZHBjFKGd8tRATLgzU.roa
Signing time: Sat 12 Apr 2025 18:47:59 +0000
ROA not before: Sat 12 Apr 2025 18:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210000
IP address blocks: 31.41.34.0/24 maxlen: 24
2a12:3fc1:1001::/48 maxlen: 48
2a12:3fc1:1002::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2b:54:7e:70:ba:25:50:a1:36:b2:78:64:df:64:28:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1216abcc44c9a95540cdf5b1dc542ec7d11fe07a
Validity
Not Before: Apr 12 18:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31027d4e6b3c36d64706314a19df2d4404cb8335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:11:e7:09:36:51:9a:7b:49:f8:b2:0a:a7:5d:
ac:a0:69:48:3f:28:54:8a:0c:51:d0:f4:5e:5f:8f:
ea:df:3b:f2:29:3d:22:85:96:5b:47:59:68:12:1e:
fa:e1:54:68:d6:c7:43:bf:7f:ce:4e:5a:df:20:59:
88:89:64:bb:15:0b:5e:57:42:b1:5f:97:09:33:e9:
43:df:84:a1:68:42:89:ca:ac:37:ff:ad:17:61:93:
e4:fa:8b:c5:fe:dd:61:21:83:b7:53:ac:74:c3:4c:
e3:ef:ec:b7:66:d3:b5:d3:75:37:3c:73:24:c3:11:
9e:e6:e1:c3:0f:82:41:b7:d5:ec:68:be:dc:a5:34:
e3:3e:f1:e3:9f:ab:a2:b4:86:00:57:59:ed:1a:6e:
98:99:60:96:ab:a5:c0:01:db:f6:ac:7b:70:6c:8a:
fb:c2:a9:04:c9:b4:c7:67:62:ff:9e:9f:03:de:20:
8b:90:60:3e:4a:c6:d2:32:19:51:75:1a:af:29:42:
f2:43:a7:60:19:51:2b:7d:7c:69:62:af:2f:a7:e7:
38:69:c2:33:3b:56:52:6d:72:c1:fc:58:8c:2e:62:
40:83:ba:04:27:1f:09:52:a0:ac:62:8d:de:fd:d4:
a4:8f:73:db:f3:31:d5:db:9e:da:e9:79:5f:bf:75:
9a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:7D:4E:6B:3C:36:D6:47:06:31:4A:19:DF:2D:44:04:CB:83:35
X509v3 Authority Key Identifier:
keyid:12:16:AB:CC:44:C9:A9:55:40:CD:F5:B1:DC:54:2E:C7:D1:1F:E0:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EharzETJqVVAzfWx3FQux9Ef4Ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/MQJ9Tms8NtZHBjFKGd8tRATLgzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ac9cf6-1bec-424b-aa51-a0962d998e60/1/EharzETJqVVAzfWx3FQux9Ef4Ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.34.0/24
IPv6:
2a12:3fc1:1001::-2a12:3fc1:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:60:e3:6c:3f:c8:0e:60:b5:45:bb:9d:d1:ca:a5:a1:96:90:
a5:de:1f:65:b0:9a:2f:a8:ca:1b:59:36:4f:24:69:80:38:7d:
92:5c:93:cf:08:ef:2c:f6:a5:fc:03:47:83:42:6d:3e:a5:4a:
94:e5:df:4a:72:c3:70:4a:8f:1c:51:a2:03:c5:db:86:56:f4:
54:1c:6b:d7:66:4e:70:2d:e4:2e:46:ee:37:92:65:9f:e7:ec:
4b:5e:3c:59:5d:be:8a:92:8a:de:ec:ed:ef:84:7f:4c:cd:fb:
3b:bb:8b:1f:26:3e:fb:c9:9d:0f:27:b9:95:78:5c:96:da:2e:
53:25:b2:c2:a7:5b:44:ee:12:73:b4:c5:61:6d:9e:4e:7d:33:
18:d3:eb:99:8f:e6:13:20:e0:7c:2b:d7:79:c1:1a:39:78:37:
a5:13:53:9f:7a:27:0c:30:98:98:56:5f:43:08:67:52:68:6b:
65:58:c2:d0:e7:72:a6:f3:6e:6e:dc:f5:39:28:bd:e9:48:02:
ff:2f:de:af:0b:9b:57:63:f3:f7:31:60:51:cc:35:3f:ca:e6:
69:98:62:59:8e:db:aa:97:0e:03:c9:be:46:80:18:78:35:14:
af:82:bf:c6:6c:df:1a:f4:53:1e:45:5a:16:ea:f7:bd:18:18:
c1:99:f4:ee
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZYrVH5wuiVQoTayeGTfZCjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTZhYmNjNDRjOWE5NTU0MGNkZjViMWRjNTQyZWM3ZDEx
ZmUwN2EwHhcNMjUwNDEyMTg0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTAyN2Q0ZTZiM2MzNmQ2NDcwNjMxNGExOWRmMmQ0NDA0Y2I4MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxHnCTZRmntJ+LIKp12soGlIPyhU
igxR0PReX4/q3zvyKT0ihZZbR1loEh764VRo1sdDv3/OTlrfIFmIiWS7FQteV0Kx
X5cJM+lD34ShaEKJyqw3/60XYZPk+ovF/t1hIYO3U6x0w0zj7+y3ZtO103U3PHMk
wxGe5uHDD4JBt9XsaL7cpTTjPvHjn6uitIYAV1ntGm6YmWCWq6XAAdv2rHtwbIr7
wqkEybTHZ2L/np8D3iCLkGA+SsbSMhlRdRqvKULyQ6dgGVErfXxpYq8vp+c4acIz
O1ZSbXLB/FiMLmJAg7oEJx8JUqCsYo3e/dSkj3Pb8zHV257a6Xlfv3WaIwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDECfU5rPDbWRwYxShnfLUQEy4M1MB8GA1UdIwQY
MBaAFBIWq8xEyalVQM31sdxULsfRH+B6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhhcnpFVEpxVlZBemZXeDNGUXV4OUVmNEhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9hYzljZjYtMWJlYy00MjRiLWFhNTEt
YTA5NjJkOTk4ZTYwLzEvTVFKOVRtczhOdFpIQmpGS0dkOHRSQVRMZ3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9hYzljZjYtMWJlYy00MjRiLWFhNTEtYTA5NjJkOTk4ZTYw
LzEvRWhhcnpFVEpxVlZBemZXeDNGUXV4OUVmNEhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAHykiMBoE
AgACMBQwEgMHACoSP8EQAQMHACoSP8EQAjANBgkqhkiG9w0BAQsFAAOCAQEAkGDj
bD/IDmC1Rbud0cqloZaQpd4fZbCaL6jKG1k2TyRpgDh9klyTzwjvLPal/ANHg0Jt
PqVKlOXfSnLDcEqPHFGiA8Xbhlb0VBxr12ZOcC3kLkbuN5Jln+fsS148WV2+ipKK
3uzt74R/TM37O7uLHyY++8mdDye5lXhcltouUyWywqdbRO4Sc7TFYW2eTn0zGNPr
mY/mEyDgfCvXecEaOXg3pRNTn3onDDCYmFZfQwhnUmhrZVjC0OdypvNubtz1OSi9
6UgC/y/erwubV2Pz9zFgUcw1P8rmaZhiWY7bqpcOA8m+RoAYeDUUr4K/xmzfGvRT
HkVaFur3vRgYwZn07g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net