Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/Z9qM0M5UIkQLSRRkyoXDbFgqtqE.roa
File: Z9qM0M5UIkQLSRRkyoXDbFgqtqE.roa (raw, json)
Hash identifier: UQQIwAc2iiYGTOLGK/EPEVGiBNIgzxtWzMZ2mhbg9ds=
Subject key identifier: 67:DA:8C:D0:CE:54:22:44:0B:49:14:64:CA:85:C3:6C:58:2A:B6:A1
Certificate issuer: /CN=e87ce7df23140c0005125a61aad721531e681f0e
Certificate serial: 04115089
Authority key identifier: E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/Z9qM0M5UIkQLSRRkyoXDbFgqtqE.roa
Signing time: Sat 01 Jan 2022 04:01:08 +0000
ROA not before: Sat 01 Jan 2022 04:01:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203698
IP address blocks: 31.14.68.0/22 maxlen: 22
185.126.228.0/22 maxlen: 22
2a06:c480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68243593 (0x4115089)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87ce7df23140c0005125a61aad721531e681f0e
Validity
Not Before: Jan 1 04:01:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67da8cd0ce5422440b491464ca85c36c582ab6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8b:64:21:e0:1d:b6:2b:3e:d3:e4:02:b2:89:
c7:b6:17:50:d0:ac:34:57:72:52:3c:d8:66:1d:58:
04:9b:08:91:6f:cc:95:e4:d5:68:28:40:74:29:25:
be:b6:f1:52:20:98:fe:7d:59:02:0b:5e:1e:fd:70:
ed:fe:65:27:11:60:de:df:9d:09:e8:2a:00:70:e6:
14:56:19:c0:00:2c:c7:5e:a0:2a:04:fc:8c:32:1e:
eb:64:cc:fd:03:43:39:23:a3:3d:38:59:95:ad:11:
34:b7:be:72:fb:51:96:4f:c5:a3:eb:e3:4c:e9:c9:
b5:a1:bf:bc:28:fb:70:e5:4a:3c:1e:6b:9a:66:69:
1d:c2:db:c1:48:f6:52:01:12:f4:38:09:39:19:a2:
70:6d:e8:ed:10:2c:75:5f:95:35:82:3a:64:c7:d5:
8e:65:f4:14:aa:81:48:a6:7f:96:d5:51:6b:12:db:
b0:97:bb:1b:c3:e5:e1:fd:4b:6a:c5:c1:c7:59:f5:
fb:18:7a:d4:43:07:eb:6b:53:ff:cc:08:91:fa:39:
4f:02:a9:e2:51:b3:3c:2c:e0:18:a3:08:11:25:df:
75:4e:89:30:be:fe:1c:b1:ef:21:fa:15:e0:f8:70:
d4:cc:cd:34:86:b3:83:17:fc:1b:81:af:8b:3c:cc:
33:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DA:8C:D0:CE:54:22:44:0B:49:14:64:CA:85:C3:6C:58:2A:B6:A1
X509v3 Authority Key Identifier:
keyid:E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/Z9qM0M5UIkQLSRRkyoXDbFgqtqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.68.0/22
185.126.228.0/22
IPv6:
2a06:c480::/29
Signature Algorithm: sha256WithRSAEncryption
0f:77:b7:c8:30:9a:88:c3:db:01:87:07:a1:c9:81:2b:55:f7:
af:54:13:19:1a:61:ff:6f:8a:54:67:6d:80:ba:e3:7a:5e:f2:
04:33:47:5f:f1:03:2e:5e:ef:ea:74:be:81:33:de:d1:d3:ee:
9a:c9:a2:93:11:85:e2:44:75:87:b9:14:49:c9:58:b5:e6:f2:
53:39:8f:bd:3b:1b:d0:2f:c1:69:8b:7c:aa:dd:be:9d:e0:b0:
d7:19:fe:d4:46:ea:e7:98:21:e5:31:44:9a:fd:7d:05:9e:78:
e6:07:18:a9:9e:75:1c:d8:b1:af:82:15:56:ca:85:a0:78:8e:
a7:e4:83:2f:7c:55:91:28:70:92:06:dd:2a:88:23:af:d8:30:
aa:47:da:10:69:80:d6:82:19:ee:92:64:bc:c9:43:8c:90:44:
41:30:c3:56:75:e9:86:23:39:03:d6:ed:c7:a6:43:94:4b:f4:
59:95:4a:39:f0:d5:0d:42:1d:81:01:e0:40:59:8c:71:98:ad:
a9:5b:20:41:1a:37:59:b1:3a:29:46:55:f0:9a:13:18:bc:cc:
63:5e:79:f0:7e:ca:f5:44:50:75:a2:d6:1a:6b:46:ad:81:76:
12:13:bc:d1:88:b9:01:db:31:c6:2f:bb:4f:42:9f:8a:26:94:
2e:24:e5:1b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBBFQiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODdjZTdkZjIzMTQwYzAwMDUxMjVhNjFhYWQ3MjE1MzFlNjgxZjBlMB4XDTIyMDEw
MTA0MDEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdkYThjZDBjZTU0
MjI0NDBiNDkxNDY0Y2E4NWMzNmM1ODJhYjZhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIeLZCHgHbYrPtPkArKJx7YXUNCsNFdyUjzYZh1YBJsIkW/M
leTVaChAdCklvrbxUiCY/n1ZAgteHv1w7f5lJxFg3t+dCegqAHDmFFYZwAAsx16g
KgT8jDIe62TM/QNDOSOjPThZla0RNLe+cvtRlk/Fo+vjTOnJtaG/vCj7cOVKPB5r
mmZpHcLbwUj2UgES9DgJORmicG3o7RAsdV+VNYI6ZMfVjmX0FKqBSKZ/ltVRaxLb
sJe7G8Pl4f1LasXBx1n1+xh61EMH62tT/8wIkfo5TwKp4lGzPCzgGKMIESXfdU6J
ML7+HLHvIfoV4Phw1MzNNIazgxf8G4GvizzMM5sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRn2ozQzlQiRAtJFGTKhcNsWCq2oTAfBgNVHSMEGDAWgBTofOffIxQMAAUS
WmGq1yFTHmgfDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZIem4zeU1VREFBRkVscGhxdGNoVXg1b0h3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvNzc2NzQ3LTYyNGEtNDk0ZS05NGIyLTMyM2QzNGRlZmM4YS8x
L1o5cU0wTTVVSWtRTFNSUmt5b1hEYkZncXRxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
Nzc2NzQ3LTYyNGEtNDk0ZS05NGIyLTMyM2QzNGRlZmM4YS8xLzZIem4zeU1VREFB
RkVscGhxdGNoVXg1b0h3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAh8ORAMEArl+5DANBAIAAjAHAwUD
KgbEgDANBgkqhkiG9w0BAQsFAAOCAQEAD3e3yDCaiMPbAYcHocmBK1X3r1QTGRph
/2+KVGdtgLrjel7yBDNHX/EDLl7v6nS+gTPe0dPumsmikxGF4kR1h7kUSclYteby
UzmPvTsb0C/BaYt8qt2+neCw1xn+1Ebq55gh5TFEmv19BZ545gcYqZ51HNixr4IV
VsqFoHiOp+SDL3xVkShwkgbdKogjr9gwqkfaEGmA1oIZ7pJkvMlDjJBEQTDDVnXp
hiM5A9btx6ZDlEv0WZVKOfDVDUIdgQHgQFmMcZitqVsgQRo3WbE6KUZV8JoTGLzM
Y1558H7K9URQdaLWGmtGrYF2EhO80Yi5Adsxxi+7T0KfiiaULiTlGw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:17:30 2025 by rpki-client