Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/9f25e2-872e-4b69-9656-16629e3360cf/1/qvrMEFB0vQ5mbv1Y5yafzJEvUCM.roa
File: qvrMEFB0vQ5mbv1Y5yafzJEvUCM.roa (raw, json)
Hash identifier: +VBca7yPq2zVU1iUsSQDiIejRBKJQDORYSPbNrblEBc=
Subject key identifier: AA:FA:CC:10:50:74:BD:0E:66:6E:FD:58:E7:26:9F:CC:91:2F:50:23
Certificate issuer: /CN=5dd7a881bc0eabc3758da3e84bfaafbb97829596
Certificate serial: 0184011829FD5E3B93D79F4006C33249B915
Authority key identifier: 5D:D7:A8:81:BC:0E:AB:C3:75:8D:A3:E8:4B:FA:AF:BB:97:82:95:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdeogbwOq8N1jaPoS_qvu5eClZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/9f25e2-872e-4b69-9656-16629e3360cf/1/qvrMEFB0vQ5mbv1Y5yafzJEvUCM.roa
Signing time: Sat 22 Oct 2022 19:07:51 +0000
ROA not before: Sat 22 Oct 2022 19:07:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205262
IP address blocks: 89.40.74.0/24 maxlen: 24
37.122.216.0/22 maxlen: 24
185.205.252.0/22 maxlen: 24
185.84.204.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:01:18:29:fd:5e:3b:93:d7:9f:40:06:c3:32:49:b9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7a881bc0eabc3758da3e84bfaafbb97829596
Validity
Not Before: Oct 22 19:07:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aafacc105074bd0e666efd58e7269fcc912f5023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cf:2d:99:d2:d3:ec:4a:52:ed:5e:60:ab:d8:
19:5d:27:e6:a9:d9:5d:53:04:f0:64:c7:ae:a9:48:
3d:f6:22:2e:59:a8:b4:68:1e:d0:f4:22:b2:75:42:
a1:3e:6a:da:af:47:cb:4f:8b:f6:35:9b:83:81:6a:
92:c3:f7:8e:44:dd:b7:c3:54:4a:e3:d7:f4:9e:eb:
d1:59:0a:02:48:4d:4a:49:86:03:6b:ac:e4:df:6a:
d6:f6:bd:fb:d0:48:e9:f6:ce:10:71:74:88:c1:21:
9f:a7:25:10:61:11:ae:ff:43:37:13:0f:b9:56:78:
32:31:69:bc:b9:a3:1c:ab:4f:fc:9b:33:98:82:9d:
fa:68:0f:60:ab:80:54:05:14:2c:57:f8:96:be:e6:
0d:46:d9:52:b5:a0:bc:72:59:d6:3e:12:63:e7:10:
c8:a1:a0:99:db:f5:4e:4a:77:3f:6b:bc:8b:a5:18:
b4:57:4b:4b:79:65:cb:cc:a9:05:81:91:db:a3:d1:
7f:85:d8:77:b2:13:74:6f:98:5c:aa:6a:84:a8:92:
e6:ee:f1:0f:3f:e7:c0:8f:fd:35:b7:24:3e:47:44:
36:83:e1:fa:e5:21:ca:5e:de:bb:9c:52:e7:6d:65:
cb:55:7a:60:a2:8e:9d:38:97:27:67:be:54:a0:9d:
36:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FA:CC:10:50:74:BD:0E:66:6E:FD:58:E7:26:9F:CC:91:2F:50:23
X509v3 Authority Key Identifier:
keyid:5D:D7:A8:81:BC:0E:AB:C3:75:8D:A3:E8:4B:FA:AF:BB:97:82:95:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdeogbwOq8N1jaPoS_qvu5eClZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9f25e2-872e-4b69-9656-16629e3360cf/1/qvrMEFB0vQ5mbv1Y5yafzJEvUCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9f25e2-872e-4b69-9656-16629e3360cf/1/XdeogbwOq8N1jaPoS_qvu5eClZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.216.0/22
89.40.74.0/24
185.84.204.0/22
185.205.252.0/22
Signature Algorithm: sha256WithRSAEncryption
97:c6:54:a0:fc:91:16:80:94:bd:67:8a:d4:19:91:18:77:66:
4b:94:d6:6d:c4:0e:33:bb:fd:6c:13:f4:0e:89:9f:66:27:06:
0b:8c:ca:2e:35:f8:c0:f1:c0:86:46:b4:87:4d:d9:13:af:1f:
c6:f2:ea:0d:99:0d:21:b3:59:51:46:4f:8a:cb:52:8b:0c:a1:
df:b2:5c:af:b6:47:e1:9e:d5:9f:36:d4:46:ea:94:e4:74:4d:
92:df:ef:e1:90:9c:df:92:66:ab:83:39:e7:45:65:25:64:3c:
13:0a:2a:7d:d6:c8:c3:58:aa:42:4a:3e:5d:ec:55:99:42:44:
61:bf:3f:60:8b:c3:33:41:1d:ec:ab:79:dc:ef:48:43:ed:47:
46:47:2e:94:a0:c4:19:ea:87:82:df:97:63:47:d7:0f:3e:c0:
42:80:ca:86:7f:62:55:52:1a:5f:25:3e:cd:a5:a6:a7:a9:35:
fb:52:6b:3e:59:fb:d0:fa:9a:7a:0d:7b:67:73:7d:8e:d6:ce:
c8:20:43:16:2e:aa:de:7f:6a:e8:fb:53:81:97:91:dc:97:5c:
00:e0:bb:3d:6c:2d:5a:13:ee:36:97:57:08:24:a0:86:fc:db:
95:ab:c1:99:0e:69:4a:ac:db:3d:99:e8:94:d9:41:63:f1:7b:
df:3e:c1:b6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQBGCn9XjuT159ABsMySbkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDdhODgxYmMwZWFiYzM3NThkYTNlODRiZmFhZmJiOTc4
Mjk1OTYwHhcNMjIxMDIyMTkwNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZhY2MxMDUwNzRiZDBlNjY2ZWZkNThlNzI2OWZjYzkxMmY1MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM8tmdLT7EpS7V5gq9gZXSfmqdld
UwTwZMeuqUg99iIuWai0aB7Q9CKydUKhPmrar0fLT4v2NZuDgWqSw/eORN23w1RK
49f0nuvRWQoCSE1KSYYDa6zk32rW9r370Ejp9s4QcXSIwSGfpyUQYRGu/0M3Ew+5
VngyMWm8uaMcq0/8mzOYgp36aA9gq4BUBRQsV/iWvuYNRtlStaC8clnWPhJj5xDI
oaCZ2/VOSnc/a7yLpRi0V0tLeWXLzKkFgZHbo9F/hdh3shN0b5hcqmqEqJLm7vEP
P+fAj/01tyQ+R0Q2g+H65SHKXt67nFLnbWXLVXpgoo6dOJcnZ75UoJ02oQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKr6zBBQdL0OZm79WOcmn8yRL1AjMB8GA1UdIwQY
MBaAFF3XqIG8DqvDdY2j6Ev6r7uXgpWWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRlb2did09xOE4xamFQb1NfcXZ1NWVDbFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85ZjI1ZTItODcyZS00YjY5LTk2NTYt
MTY2MjllMzM2MGNmLzEvcXZyTUVGQjB2UTVtYnYxWTV5YWZ6SkV2VUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85ZjI1ZTItODcyZS00YjY5LTk2NTYtMTY2MjllMzM2MGNm
LzEvWGRlb2did09xOE4xamFQb1NfcXZ1NWVDbFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJXrYAwQA
WShKAwQCuVTMAwQCuc38MA0GCSqGSIb3DQEBCwUAA4IBAQCXxlSg/JEWgJS9Z4rU
GZEYd2ZLlNZtxA4zu/1sE/QOiZ9mJwYLjMouNfjA8cCGRrSHTdkTrx/G8uoNmQ0h
s1lRRk+Ky1KLDKHfslyvtkfhntWfNtRG6pTkdE2S3+/hkJzfkmargznnRWUlZDwT
Cip91sjDWKpCSj5d7FWZQkRhvz9gi8MzQR3sq3nc70hD7UdGRy6UoMQZ6oeC35dj
R9cPPsBCgMqGf2JVUhpfJT7NpaanqTX7Ums+WfvQ+pp6DXtnc32O1s7IIEMWLqre
f2ro+1OBl5Hcl1wA4Ls9bC1aE+42l1cIJKCG/NuVq8GZDmlKrNs9meiU2UFj8Xvf
PsG2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:06 2025 by rpki-client