Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qCvOURPwjqpmNi9jiEroqOj5-cI.roa
File: qCvOURPwjqpmNi9jiEroqOj5-cI.roa (raw, json)
Hash identifier: ++iRasFqKY64COfabBYWT5MoFeQmhn0/bVuMQM05fRw=
Subject key identifier: A8:2B:CE:51:13:F0:8E:AA:66:36:2F:63:88:4A:E8:A8:E8:F9:F9:C2
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0189B6B0F795E791DB268C6E0A75E095BAFD
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qCvOURPwjqpmNi9jiEroqOj5-cI.roa
Signing time: Wed 02 Aug 2023 14:39:58 +0000
ROA not before: Wed 02 Aug 2023 14:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 31.135.2.0/24 maxlen: 24
64.43.64.0/24 maxlen: 24
193.36.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:b0:f7:95:e7:91:db:26:8c:6e:0a:75:e0:95:ba:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 2 14:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a82bce5113f08eaa66362f63884ae8a8e8f9f9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:57:01:2a:14:7e:95:97:9d:3e:7b:c7:5c:5b:
ac:b5:f2:13:8d:77:ff:89:7d:05:c2:13:29:47:42:
16:0d:b3:3d:45:ab:49:52:e5:c8:fb:02:c6:c0:c3:
3b:04:a0:21:e3:aa:19:26:27:01:c7:a7:5d:c5:d4:
33:6e:fd:42:3d:b1:65:5c:58:96:4f:dc:17:bc:37:
6c:61:38:da:86:09:60:12:c0:b7:b3:79:a1:e9:fe:
ea:55:ae:26:0f:28:3a:f4:f1:1e:5e:32:14:5f:c7:
c0:36:db:9d:a9:03:c4:dc:3d:93:b6:60:62:d1:cc:
34:2d:8c:35:68:23:9f:b8:61:0a:87:bf:50:39:ad:
ea:e0:47:df:c0:c4:f9:44:07:de:d2:c4:62:44:43:
9a:5c:83:aa:2f:e3:51:43:06:88:7c:6a:52:ef:60:
82:1a:4d:a8:ee:56:fe:d8:b0:00:6c:b2:83:bc:98:
de:4d:b4:bf:35:0d:01:de:3e:58:ee:39:93:d4:1c:
06:b8:0f:dd:f0:47:7f:18:86:4c:a1:a3:50:c4:78:
89:76:e8:06:97:18:81:f7:7f:a8:5a:53:20:1b:fa:
f6:05:97:5b:f1:0a:13:bf:81:cf:65:f0:7d:d4:c3:
38:d5:75:3f:15:4a:07:fd:98:2f:3e:26:90:20:dd:
c3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2B:CE:51:13:F0:8E:AA:66:36:2F:63:88:4A:E8:A8:E8:F9:F9:C2
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qCvOURPwjqpmNi9jiEroqOj5-cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.2.0/24
64.43.64.0/24
193.36.200.0/24
Signature Algorithm: sha256WithRSAEncryption
61:84:34:a5:f9:4a:2e:8c:b3:26:c3:54:09:43:ac:ec:5c:77:
26:2d:87:f5:3a:57:30:f6:58:33:9a:7b:bd:29:41:88:5b:b2:
f5:23:d7:e1:aa:d7:ed:3c:ea:09:97:93:ee:76:f8:2b:62:39:
3d:e0:34:bf:b1:85:04:c4:24:97:78:f8:ca:b0:3b:14:d9:e9:
40:57:18:07:61:40:a3:77:2b:5e:5f:e2:8f:0c:d3:7d:0b:e7:
8a:11:a7:e5:d2:be:70:48:0e:75:8a:5e:9b:5c:4e:12:0b:ef:
8a:bc:a9:4b:09:93:b2:b8:b1:ff:cb:d3:03:ea:17:bb:8f:a6:
f7:0b:0d:94:15:ff:67:e8:89:01:a3:5d:87:e2:18:24:52:bf:
4a:82:36:47:4b:7a:a8:f2:69:41:d4:6f:dc:ae:ed:db:03:0d:
65:cb:c4:8f:94:ef:fc:88:5a:2f:11:2c:3b:c0:fa:c9:ad:52:
76:ce:28:b5:cd:ba:49:4a:a6:5d:ee:8e:79:42:4d:33:c8:9d:
f5:3e:5c:53:be:6b:5d:93:74:12:03:e5:fa:a4:24:36:88:0e:
9e:0a:a3:25:9a:e0:2e:44:59:d2:5e:99:fc:cb:c9:89:ff:5d:
31:26:a9:3f:5a:f6:4f:f4:c9:a2:5f:4a:e5:a0:e5:51:67:07:
16:a2:4a:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm2sPeV55HbJoxuCnXglbr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwODAyMTQzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJiY2U1MTEzZjA4ZWFhNjYzNjJmNjM4ODRhZThhOGU4ZjlmOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1cBKhR+lZedPnvHXFustfITjXf/
iX0FwhMpR0IWDbM9RatJUuXI+wLGwMM7BKAh46oZJicBx6ddxdQzbv1CPbFlXFiW
T9wXvDdsYTjahglgEsC3s3mh6f7qVa4mDyg69PEeXjIUX8fANtudqQPE3D2TtmBi
0cw0LYw1aCOfuGEKh79QOa3q4EffwMT5RAfe0sRiREOaXIOqL+NRQwaIfGpS72CC
Gk2o7lb+2LAAbLKDvJjeTbS/NQ0B3j5Y7jmT1BwGuA/d8Ed/GIZMoaNQxHiJdugG
lxiB93+oWlMgG/r2BZdb8QoTv4HPZfB91MM41XU/FUoH/ZgvPiaQIN3DpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKgrzlET8I6qZjYvY4hK6Kjo+fnCMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcUN2T1VSUHdqcXBtTmk5amlFcm9xT2o1LWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4cCAwQA
QCtAAwQAwSTIMA0GCSqGSIb3DQEBCwUAA4IBAQBhhDSl+UoujLMmw1QJQ6zsXHcm
LYf1Olcw9lgzmnu9KUGIW7L1I9fhqtftPOoJl5PudvgrYjk94DS/sYUExCSXePjK
sDsU2elAVxgHYUCjdyteX+KPDNN9C+eKEafl0r5wSA51il6bXE4SC++KvKlLCZOy
uLH/y9MD6he7j6b3Cw2UFf9n6IkBo12H4hgkUr9KgjZHS3qo8mlB1G/cru3bAw1l
y8SPlO/8iFovESw7wPrJrVJ2zii1zbpJSqZd7o55Qk0zyJ31PlxTvmtdk3QSA+X6
pCQ2iA6eCqMlmuAuRFnSXpn8y8mJ/10xJqk/WvZP9MmiX0rloOVRZwcWokoI
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:00:15 2025 by rpki-client