Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Q-OqYnZctHBtW0A5lpgJkfT61rM.roa
File: Q-OqYnZctHBtW0A5lpgJkfT61rM.roa (raw, json)
Hash identifier: hc4V64Rm4iqJGWLvs/DZjXP5jEJD0/9CVn6WQ7gH7G4=
Subject key identifier: 43:E3:AA:62:76:5C:B4:70:6D:5B:40:39:96:98:09:91:F4:FA:D6:B3
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C22253876ACDEA33212BE515328B3
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Q-OqYnZctHBtW0A5lpgJkfT61rM.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42568
IP address blocks: 85.120.60.0/24 maxlen: 24
85.121.180.0/23 maxlen: 23
85.122.44.0/23 maxlen: 23
194.153.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:22:25:38:76:ac:de:a3:32:12:be:51:53:28:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43e3aa62765cb4706d5b403996980991f4fad6b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:e5:94:fa:dc:d1:84:60:8b:c1:88:45:fe:
b4:2a:19:91:d5:30:98:55:2e:ba:b1:6a:5a:5f:b3:
06:64:4f:33:7b:0a:9b:02:78:d6:50:64:e8:78:05:
74:1a:18:4b:bd:e5:4f:27:23:33:85:e7:e7:73:9b:
5b:aa:e6:37:4a:7e:08:7d:a8:39:58:ae:84:47:9f:
6b:a5:55:a4:d6:ad:76:4b:39:43:1e:2f:4b:bb:c5:
26:10:ad:f9:ba:ce:d5:3b:71:2b:43:2c:5d:73:cb:
4b:80:53:8a:26:c4:03:bb:75:52:a1:30:97:63:ce:
0b:58:e1:3f:48:6f:b8:9f:b5:6c:c3:72:4c:8e:e5:
42:a5:09:34:4c:e0:4d:8c:be:51:01:51:d0:77:5c:
f8:f1:b3:aa:d3:74:42:e9:7e:20:13:9d:15:43:cf:
26:01:88:c1:4a:e2:c7:19:05:2f:29:6c:17:ac:ca:
a9:c1:81:6a:4f:3b:49:3b:2b:f5:7a:03:97:ab:29:
ba:54:2b:b0:9a:66:cb:1a:f3:4b:a3:c4:4b:3f:d9:
56:a7:bf:c5:44:9d:07:61:ea:a0:54:16:e8:a9:43:
ad:f3:6b:41:4f:9e:26:14:5a:5d:0a:0e:1f:d7:10:
00:27:aa:ed:2d:08:4a:ee:32:6e:ee:53:77:5f:96:
f7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E3:AA:62:76:5C:B4:70:6D:5B:40:39:96:98:09:91:F4:FA:D6:B3
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Q-OqYnZctHBtW0A5lpgJkfT61rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.60.0/24
85.121.180.0/23
85.122.44.0/23
194.153.249.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c7:1e:53:6f:86:65:bd:88:7c:c9:ac:75:1a:f2:e0:c7:d7:
ce:7f:e7:46:60:71:56:97:88:8c:96:80:f7:df:fa:9e:bc:ef:
8f:74:34:9d:1a:bd:59:bd:db:10:26:b2:ef:50:5e:57:59:2d:
13:4a:b1:61:a9:f9:00:59:20:e6:85:60:cb:ce:01:d8:96:cb:
72:71:58:9d:f3:a9:4d:b2:4b:63:ab:24:1c:b0:63:c4:e8:16:
bb:be:7e:c7:f0:36:b3:c3:68:ae:83:7e:f7:b0:01:44:b4:9a:
10:33:9d:6e:c9:db:c3:ae:6e:e9:bb:3f:67:65:f5:13:de:b6:
fe:8a:d3:9a:c4:10:1a:9a:47:ed:c3:47:da:d0:9c:a1:d6:d2:
94:a9:b3:07:84:97:87:ec:e3:1a:89:ba:91:65:82:21:f2:73:
03:0c:6a:47:86:a9:76:22:e3:ab:0f:51:8d:6e:9f:62:70:6a:
3d:1c:f2:86:b4:10:f1:24:90:04:32:68:a4:be:40:ab:a9:53:
b8:d1:9f:fc:59:f3:07:d4:2d:09:27:04:90:34:35:53:4f:12:
35:6c:60:0c:c4:f8:de:a5:ee:6c:2f:75:51:eb:89:ed:b9:7b:
c9:30:1b:30:4d:de:61:4f:57:46:05:c5:be:fb:cc:f1:d9:24:
04:28:e6:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjCIlOHas3qMyEr5RUyizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UzYWE2Mjc2NWNiNDcwNmQ1YjQwMzk5Njk4MDk5MWY0ZmFkNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY3llPrc0YRgi8GIRf60KhmR1TCY
VS66sWpaX7MGZE8zewqbAnjWUGToeAV0GhhLveVPJyMzhefnc5tbquY3Sn4Ifag5
WK6ER59rpVWk1q12SzlDHi9Lu8UmEK35us7VO3ErQyxdc8tLgFOKJsQDu3VSoTCX
Y84LWOE/SG+4n7Vsw3JMjuVCpQk0TOBNjL5RAVHQd1z48bOq03RC6X4gE50VQ88m
AYjBSuLHGQUvKWwXrMqpwYFqTztJOyv1egOXqym6VCuwmmbLGvNLo8RLP9lWp7/F
RJ0HYeqgVBboqUOt82tBT54mFFpdCg4f1xAAJ6rtLQhK7jJu7lN3X5b37QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEPjqmJ2XLRwbVtAOZaYCZH0+tazMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUS1PcVluWmN0SEJ0VzBBNWxwZ0prZlQ2MXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVXg8AwQB
VXm0AwQBVXosAwQAwpn5MA0GCSqGSIb3DQEBCwUAA4IBAQCAxx5Tb4ZlvYh8yax1
GvLgx9fOf+dGYHFWl4iMloD33/qevO+PdDSdGr1ZvdsQJrLvUF5XWS0TSrFhqfkA
WSDmhWDLzgHYlstycVid86lNsktjqyQcsGPE6Ba7vn7H8Dazw2iug373sAFEtJoQ
M51uydvDrm7puz9nZfUT3rb+itOaxBAamkftw0fa0Jyh1tKUqbMHhJeH7OMaibqR
ZYIh8nMDDGpHhql2IuOrD1GNbp9icGo9HPKGtBDxJJAEMmikvkCrqVO40Z/8WfMH
1C0JJwSQNDVTTxI1bGAMxPjepe5sL3VR64ntuXvJMBswTd5hT1dGBcW++8zx2SQE
KObQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:14 2025 by rpki-client