Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QBmp01no0zozc61oJgZgkFLuCRM.roa
File: QBmp01no0zozc61oJgZgkFLuCRM.roa (raw, json)
Hash identifier: Qn8BLHhUaOBThtjWeeHJIXBsVvpchtYykKu7xJstcZY=
Subject key identifier: 40:19:A9:D3:59:E8:D3:3A:33:73:AD:68:26:06:60:90:52:EE:09:13
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019584922C896426DBEA84736FDB22208379
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QBmp01no0zozc61oJgZgkFLuCRM.roa
Signing time: Tue 11 Mar 2025 09:38:46 +0000
ROA not before: Tue 11 Mar 2025 09:38:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60721
IP address blocks: 185.98.61.0/24 maxlen: 24
185.141.34.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:92:2c:89:64:26:db:ea:84:73:6f:db:22:20:83:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 11 09:38:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4019a9d359e8d33a3373ad682606609052ee0913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b4:3f:3a:3e:c9:16:4a:38:8f:fb:9a:3d:07:
a5:0b:62:c8:42:7c:33:f6:4f:eb:68:71:fa:7b:f0:
d7:16:52:d6:0c:b7:4e:0c:09:cb:51:67:be:06:fa:
ac:27:85:52:18:a3:b4:fc:9f:b5:ce:9d:cb:f7:09:
4d:28:56:29:65:20:6c:8b:0a:6d:55:3a:28:59:6e:
51:57:b3:6c:a9:5a:52:2e:de:45:7d:b1:b4:d6:2f:
6f:83:1d:d2:5b:46:19:54:da:50:31:a1:77:cd:f4:
3c:cf:08:d3:7e:66:e8:6a:22:bd:74:11:f0:e0:a6:
cd:d5:97:3c:ef:5d:bf:6b:3f:ca:77:9a:8f:c3:69:
a5:16:f3:19:ea:ad:ea:02:b7:2f:40:75:88:8b:86:
4e:a8:7d:6a:14:a2:e0:14:71:6e:f5:e7:3c:e1:a1:
42:c5:f1:c6:fb:b7:ce:91:68:77:b0:f1:47:25:80:
77:a9:8e:68:40:86:19:35:0f:22:eb:8e:08:d2:18:
5c:f5:e9:28:68:11:a0:76:3a:98:a4:21:1b:71:ea:
2f:dc:97:c2:6a:b3:93:fc:8a:6e:8f:a3:5d:81:2c:
c1:ab:db:bd:32:49:25:d9:26:b7:e3:04:c0:8a:8d:
2c:99:78:22:ac:0c:a8:b2:bb:b6:01:26:64:d2:f2:
60:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:19:A9:D3:59:E8:D3:3A:33:73:AD:68:26:06:60:90:52:EE:09:13
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/QBmp01no0zozc61oJgZgkFLuCRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.61.0/24
185.141.34.0/24
185.185.232.0/24
185.243.182.0/24
193.160.142.0/24
193.223.104.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:9e:d3:69:ca:1b:a3:98:ec:40:41:74:ad:ed:6f:a6:8d:bb:
67:f7:9b:53:eb:ef:99:76:af:59:b2:14:69:2c:ba:13:6c:b3:
95:27:ef:81:29:0c:f4:4f:de:1c:b9:e7:63:9a:ca:cd:a4:73:
26:3d:02:9e:23:5a:59:92:c7:2d:ca:18:97:db:9c:6e:fb:02:
09:64:6d:9a:37:53:13:58:b3:bb:5a:39:04:08:d3:13:4f:c9:
15:10:75:6b:3c:b2:9b:1f:99:1f:57:11:29:3a:cd:c1:7e:6f:
5d:d9:23:dc:7c:f0:61:a9:06:53:ae:bc:6d:a1:8f:7e:f0:bc:
9d:a2:db:1f:19:09:4e:38:cb:4f:5b:34:03:d1:03:0b:de:09:
9b:54:32:b5:45:87:ca:ff:b0:8a:9f:4e:27:2d:5b:fa:01:a5:
c4:fb:3c:d5:7b:06:ed:98:47:8e:09:2a:63:39:f5:6d:1f:ab:
e5:b1:18:15:0e:ec:a0:19:57:2f:b8:c2:60:18:fa:b5:f1:11:
1c:14:21:48:df:e7:7d:4f:fe:35:09:49:f3:0f:5e:6b:35:fb:
9d:63:d9:5a:70:26:09:2d:63:10:ea:a4:a6:f4:20:8d:7f:76:
4a:1f:f4:9c:e8:5a:d9:58:cc:8c:90:a5:b7:88:93:34:a1:bc:
ac:07:74:b8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZWEkiyJZCbb6oRzb9siIIN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMzExMDkzODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE5YTlkMzU5ZThkMzNhMzM3M2FkNjgyNjA2NjA5MDUyZWUwOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbQ/Oj7JFko4j/uaPQelC2LIQnwz
9k/raHH6e/DXFlLWDLdODAnLUWe+BvqsJ4VSGKO0/J+1zp3L9wlNKFYpZSBsiwpt
VTooWW5RV7NsqVpSLt5FfbG01i9vgx3SW0YZVNpQMaF3zfQ8zwjTfmboaiK9dBHw
4KbN1Zc8712/az/Kd5qPw2mlFvMZ6q3qArcvQHWIi4ZOqH1qFKLgFHFu9ec84aFC
xfHG+7fOkWh3sPFHJYB3qY5oQIYZNQ8i644I0hhc9ekoaBGgdjqYpCEbceov3JfC
arOT/Ipuj6NdgSzBq9u9Mkkl2Sa34wTAio0smXgirAyosru2ASZk0vJgKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEAZqdNZ6NM6M3OtaCYGYJBS7gkTMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvUUJtcDAxbm8wem96YzYxb0pnWmdrRkx1Q1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuWI9AwQA
uY0iAwQAubnoAwQAufO2AwQAwaCOAwQBwd9oMA0GCSqGSIb3DQEBCwUAA4IBAQAr
ntNpyhujmOxAQXSt7W+mjbtn95tT6++Zdq9ZshRpLLoTbLOVJ++BKQz0T94cuedj
msrNpHMmPQKeI1pZksctyhiX25xu+wIJZG2aN1MTWLO7WjkECNMTT8kVEHVrPLKb
H5kfVxEpOs3Bfm9d2SPcfPBhqQZTrrxtoY9+8LydotsfGQlOOMtPWzQD0QML3gmb
VDK1RYfK/7CKn04nLVv6AaXE+zzVewbtmEeOCSpjOfVtH6vlsRgVDuygGVcvuMJg
GPq18REcFCFI3+d9T/41CUnzD15rNfudY9lacCYJLWMQ6qSm9CCNf3ZKH/Sc6FrZ
WMyMkKW3iJM0obysB3S4
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:47:26 2025 by rpki-client