Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/Qmn6qMcsYc4tSMLHc4aOlKWHzLY.roa
File: Qmn6qMcsYc4tSMLHc4aOlKWHzLY.roa (raw, json)
Hash identifier: Z49F7eb8HQunLu54eXsnAFNRgDwdiL3VgHCYWpkpRJk=
Subject key identifier: 42:69:FA:A8:C7:2C:61:CE:2D:48:C2:C7:73:86:8E:94:A5:87:CC:B6
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 01942745C2145245797AC7191DA5DA4CF93C
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/Qmn6qMcsYc4tSMLHc4aOlKWHzLY.roa
Signing time: Thu 02 Jan 2025 13:47:50 +0000
ROA not before: Thu 02 Jan 2025 13:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198482
IP address blocks: 85.187.208.0/24 maxlen: 24
85.187.209.0/24 maxlen: 24
85.187.210.0/24 maxlen: 24
85.187.211.0/24 maxlen: 24
85.187.212.0/24 maxlen: 24
85.187.220.0/24 maxlen: 24
85.187.221.0/24 maxlen: 24
151.237.0.0/24 maxlen: 24
151.237.1.0/24 maxlen: 24
151.237.2.0/24 maxlen: 24
151.237.3.0/24 maxlen: 24
151.237.4.0/24 maxlen: 24
151.237.5.0/24 maxlen: 24
151.237.6.0/24 maxlen: 24
151.237.10.0/24 maxlen: 24
151.237.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:c2:14:52:45:79:7a:c7:19:1d:a5:da:4c:f9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Jan 2 13:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4269faa8c72c61ce2d48c2c773868e94a587ccb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:45:00:d5:75:ca:d7:30:7c:ee:1b:e7:b2:2b:
a0:df:8b:c2:55:bb:da:1a:63:ad:85:32:12:d0:f7:
48:6f:2e:97:a4:2f:19:29:57:b1:bc:cc:5e:82:b2:
a6:b3:c9:33:d1:30:63:18:62:79:9a:a3:97:19:dd:
4c:2c:47:5f:69:6c:55:8d:52:50:b8:b7:78:81:5a:
eb:c1:2d:44:05:11:da:01:9d:a4:90:f5:e2:3a:8f:
88:67:0c:b8:97:4f:6a:d4:1c:09:ce:0c:90:63:7a:
2f:39:76:2f:f1:c0:5b:5b:39:fa:72:8b:42:18:3b:
e1:03:ca:84:c5:31:c4:fc:5d:c7:f2:7d:4e:ad:7d:
99:46:ef:e1:9c:dd:ac:8b:95:c9:90:5c:5e:87:5b:
15:d2:4e:14:3e:07:a1:8c:ff:37:dd:35:77:59:80:
01:92:08:1f:e5:85:d8:22:62:eb:02:a0:fd:f9:31:
aa:a3:52:8e:f4:e4:4a:9e:a9:71:be:0d:f4:2a:3f:
0d:3f:23:a2:e5:dd:54:03:47:d6:2f:df:47:0f:a1:
2b:3b:e7:f1:4a:d9:0e:6c:05:e4:fc:aa:3e:9d:04:
ad:69:a3:c4:37:ff:cd:14:77:c6:83:4a:cc:7d:6c:
4c:5c:69:bc:d5:f5:40:1e:e6:fa:54:b8:d9:d3:0d:
ff:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:69:FA:A8:C7:2C:61:CE:2D:48:C2:C7:73:86:8E:94:A5:87:CC:B6
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/Qmn6qMcsYc4tSMLHc4aOlKWHzLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.208.0-85.187.212.255
85.187.220.0/23
151.237.0.0-151.237.6.255
151.237.10.0/24
151.237.94.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0b:3a:d8:90:19:00:fa:3c:27:74:2e:26:c6:7b:68:53:15:
c3:9d:0a:76:53:82:e3:8e:4a:76:84:fb:cc:82:80:87:af:02:
59:70:31:ef:f1:bd:7a:2f:06:82:15:97:43:e9:91:2f:0c:1b:
b3:ad:36:46:8a:40:51:97:f2:ae:66:53:e3:88:a9:ba:4d:6f:
dd:b8:4a:c8:30:51:88:c7:73:b2:0b:b1:39:de:0d:46:95:c5:
c5:98:76:4f:3f:8e:b0:a5:27:46:2b:4c:8e:4f:c9:54:1c:b0:
55:b4:e5:4f:98:60:09:06:4f:54:f1:83:cf:49:2a:0f:11:76:
a8:f0:53:8a:09:c2:6a:a9:ec:40:86:c5:2c:59:a8:fe:be:b0:
ec:1b:5d:1f:83:84:93:6d:d9:9e:da:29:06:37:e3:b2:c9:c0:
1a:2d:43:d2:be:4c:f8:cf:f1:cf:34:89:c8:42:1a:a8:52:49:
ab:a3:85:dd:e8:a3:0d:6b:38:8f:04:27:2a:d6:6b:f6:7f:0a:
fd:e7:bf:aa:e4:47:8d:bc:7c:88:2f:66:13:87:70:42:ed:32:
81:db:4f:8a:0e:2f:ef:15:4d:14:24:88:93:d8:85:94:af:22:
e5:29:1c:61:e7:b3:e1:45:2c:92:01:5c:31:96:53:b2:3d:9d:
09:9d:7c:18
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQnRcIUUkV5escZHaXaTPk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjUwMTAyMTM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY5ZmFhOGM3MmM2MWNlMmQ0OGMyYzc3Mzg2OGU5NGE1ODdjY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUUA1XXK1zB87hvnsiug34vCVbva
GmOthTIS0PdIby6XpC8ZKVexvMxegrKms8kz0TBjGGJ5mqOXGd1MLEdfaWxVjVJQ
uLd4gVrrwS1EBRHaAZ2kkPXiOo+IZwy4l09q1BwJzgyQY3ovOXYv8cBbWzn6cotC
GDvhA8qExTHE/F3H8n1OrX2ZRu/hnN2si5XJkFxeh1sV0k4UPgehjP833TV3WYAB
kggf5YXYImLrAqD9+TGqo1KO9ORKnqlxvg30Kj8NPyOi5d1UA0fWL99HD6ErO+fx
StkObAXk/Ko+nQStaaPEN//NFHfGg0rMfWxMXGm81fVAHub6VLjZ0w3/PwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEJp+qjHLGHOLUjCx3OGjpSlh8y2MB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvUW1uNnFNY3NZYzR0U01MSGM0YU9sS1dIekxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGItNDQ3NjE3YTRhNzQ0
LzEvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtMAwDBARVu9AD
BABVu9QDBAFVu9wwCwMDAJftAwQAl+0GAwQAl+0KAwQAl+1eMA0GCSqGSIb3DQEB
CwUAA4IBAQBGCzrYkBkA+jwndC4mxntoUxXDnQp2U4Ljjkp2hPvMgoCHrwJZcDHv
8b16LwaCFZdD6ZEvDBuzrTZGikBRl/KuZlPjiKm6TW/duErIMFGIx3OyC7E53g1G
lcXFmHZPP46wpSdGK0yOT8lUHLBVtOVPmGAJBk9U8YPPSSoPEXao8FOKCcJqqexA
hsUsWaj+vrDsG10fg4STbdme2ikGN+OyycAaLUPSvkz4z/HPNInIQhqoUkmro4Xd
6KMNaziPBCcq1mv2fwr957+q5EeNvHyIL2YTh3BC7TKB20+KDi/vFU0UJIiT2IWU
ryLlKRxh57PhRSySAVwxllOyPZ0JnXwY
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:48:07 2025 by rpki-client