Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CQZLN_0i0SwskZDaWhC8Ez5-7kY.roa
File: CQZLN_0i0SwskZDaWhC8Ez5-7kY.roa (raw, json)
Hash identifier: 5TUAdcddXJtw3/k7Q5MPXDz37ME+VZAGj6fYBhOKOgg=
Subject key identifier: 09:06:4B:37:FD:22:D1:2C:2C:91:90:DA:5A:10:BC:13:3E:7E:EE:46
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018321F6782081D53F78AF00F4855AD6D8C5
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CQZLN_0i0SwskZDaWhC8Ez5-7kY.roa
Signing time: Fri 09 Sep 2022 11:15:44 +0000
ROA not before: Fri 09 Sep 2022 11:15:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204917
IP address blocks: 31.148.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:f6:78:20:81:d5:3f:78:af:00:f4:85:5a:d6:d8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 9 11:15:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09064b37fd22d12c2c9190da5a10bc133e7eee46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d5:5b:63:59:17:ba:e9:32:e6:69:51:ed:b6:
d1:4c:f2:f6:89:cf:3b:ab:95:1c:49:c5:b0:28:74:
48:0f:a8:60:c0:dd:af:25:e5:c1:65:52:dd:03:1a:
c0:1f:73:c8:59:bd:78:ba:4c:43:2f:80:2a:36:7e:
0e:9b:a5:7c:22:00:94:b7:0a:ed:13:21:ca:f7:86:
dd:27:a2:13:64:c5:5c:39:1c:42:45:39:82:d5:7a:
39:b9:8b:3a:1d:c2:c0:e4:73:2e:e5:d1:78:88:69:
f2:d7:af:71:df:1f:b6:e0:4f:ac:da:0f:e7:1f:01:
a4:c6:8d:2c:64:2e:cd:3d:89:77:ad:f6:53:d8:c9:
e6:6a:88:5d:93:50:cb:40:ba:36:bc:c2:0a:41:da:
08:bc:b6:b5:ce:35:aa:6c:44:5d:d1:0a:b6:df:8d:
0a:10:3e:d8:f3:16:ba:02:69:de:38:2f:70:65:60:
9d:7b:73:00:f3:64:cf:17:c7:26:c8:62:c4:ca:c7:
6e:df:87:82:90:c0:0b:a5:50:b4:57:bf:6e:b8:b8:
33:9a:96:e2:18:c4:e0:3d:66:3b:c4:8b:49:d7:0c:
1f:5e:43:3b:b1:12:ed:1a:d1:ae:8d:be:cc:68:45:
49:4e:5c:cc:fc:f5:74:02:c9:4a:a4:a6:c9:59:82:
bc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:06:4B:37:FD:22:D1:2C:2C:91:90:DA:5A:10:BC:13:3E:7E:EE:46
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/CQZLN_0i0SwskZDaWhC8Ez5-7kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.170.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f7:d6:26:19:51:5a:fa:07:e8:0f:0a:2e:6f:d3:81:cc:7f:
9a:fb:4d:a6:02:8f:f2:2c:5f:7f:a4:b9:d3:9a:e3:cd:b0:04:
b4:1c:96:71:59:b7:70:56:d2:9b:78:3d:66:d8:1b:ba:c4:3f:
3d:fe:b1:78:0e:54:7b:b4:03:f9:2a:a5:ab:08:6d:e6:7b:05:
ec:0c:b8:24:67:e6:89:85:99:ec:da:1e:3c:16:70:27:b8:cb:
a3:b0:8a:37:32:c9:9b:6a:d7:8c:83:2f:5a:49:5d:a4:ab:aa:
38:27:ab:02:6d:a7:f3:48:10:4e:68:d8:20:32:e3:de:d7:19:
67:93:7e:44:ef:b7:d2:cb:3e:65:5d:79:5c:a9:03:44:ea:75:
d8:d7:1e:55:c6:01:d0:41:0a:1d:7f:f2:ca:f2:28:bc:b2:c9:
b6:d9:89:4e:16:d5:2b:ef:9f:03:d0:c4:d7:f6:ac:96:92:3d:
d4:d4:87:04:61:ba:87:03:d8:d0:2c:b2:82:9a:24:ef:ef:4e:
b7:63:e7:64:9c:48:ec:19:ae:ef:90:a2:6e:58:14:e2:02:f2:
80:66:28:3f:44:43:e5:ca:ed:bf:7f:3d:c9:3e:0b:78:c5:44:
4a:91:ba:72:18:88:e0:76:df:f0:19:6a:b9:e4:c8:a9:33:cc:
36:a0:1e:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMh9ngggdU/eK8A9IVa1tjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIwOTA5MTExNTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA2NGIzN2ZkMjJkMTJjMmM5MTkwZGE1YTEwYmMxMzNlN2VlZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdVbY1kXuuky5mlR7bbRTPL2ic87
q5UcScWwKHRID6hgwN2vJeXBZVLdAxrAH3PIWb14ukxDL4AqNn4Om6V8IgCUtwrt
EyHK94bdJ6ITZMVcORxCRTmC1Xo5uYs6HcLA5HMu5dF4iGny169x3x+24E+s2g/n
HwGkxo0sZC7NPYl3rfZT2Mnmaohdk1DLQLo2vMIKQdoIvLa1zjWqbERd0Qq2340K
ED7Y8xa6AmneOC9wZWCde3MA82TPF8cmyGLEysdu34eCkMALpVC0V79uuLgzmpbi
GMTgPWY7xItJ1wwfXkM7sRLtGtGujb7MaEVJTlzM/PV0AslKpKbJWYK8VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkGSzf9ItEsLJGQ2loQvBM+fu5GMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQ1FaTE5fMGkwU3dza1pEYVdoQzhFejUtN2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5SqMA0G
CSqGSIb3DQEBCwUAA4IBAQBF99YmGVFa+gfoDwoub9OBzH+a+02mAo/yLF9/pLnT
muPNsAS0HJZxWbdwVtKbeD1m2Bu6xD89/rF4DlR7tAP5KqWrCG3mewXsDLgkZ+aJ
hZns2h48FnAnuMujsIo3MsmbateMgy9aSV2kq6o4J6sCbafzSBBOaNggMuPe1xln
k35E77fSyz5lXXlcqQNE6nXY1x5VxgHQQQodf/LK8ii8ssm22YlOFtUr758D0MTX
9qyWkj3U1IcEYbqHA9jQLLKCmiTv7063Y+dknEjsGa7vkKJuWBTiAvKAZig/REPl
yu2/fz3JPgt4xURKkbpyGIjgdt/wGWq55MipM8w2oB7/
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:17 2025 by rpki-client