Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/QBOhYO2zW4mtOibzy5ENo-dlDkM.roa
File: QBOhYO2zW4mtOibzy5ENo-dlDkM.roa (raw, json)
Hash identifier: F9HeEjaUhR81lFVGv2pGuob3mhyoPKrk2czGMtiIMb8=
Subject key identifier: 40:13:A1:60:ED:B3:5B:89:AD:3A:26:F3:CB:91:0D:A3:E7:65:0E:43
Certificate issuer: /CN=6b85894a84baa0eca0e6ef44a992fc2ba00f5277
Certificate serial: 018CC801287D8C8FB71035D93FBFF47F6F1A
Authority key identifier: 6B:85:89:4A:84:BA:A0:EC:A0:E6:EF:44:A9:92:FC:2B:A0:0F:52:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4WJSoS6oOyg5u9EqZL8K6APUnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/QBOhYO2zW4mtOibzy5ENo-dlDkM.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39582
IP address blocks: 77.79.95.0/24 maxlen: 24
77.79.94.0/24 maxlen: 24
77.79.93.0/24 maxlen: 24
77.79.98.0/24 maxlen: 24
77.79.97.0/24 maxlen: 24
77.79.96.0/20 maxlen: 24
77.79.92.0/24 maxlen: 24
77.79.106.0/24 maxlen: 24
77.79.111.0/24 maxlen: 24
77.79.112.0/21 maxlen: 24
77.79.120.0/21 maxlen: 24
89.106.31.0/24 maxlen: 24
89.106.26.0/24 maxlen: 24
89.106.25.0/24 maxlen: 24
89.106.30.0/24 maxlen: 24
89.106.29.0/24 maxlen: 24
89.106.28.0/24 maxlen: 24
89.106.27.0/24 maxlen: 24
77.79.64.0/24 maxlen: 24
77.79.68.0/24 maxlen: 24
77.79.67.0/24 maxlen: 24
77.79.66.0/24 maxlen: 24
77.79.64.0/18 maxlen: 24
77.79.65.0/24 maxlen: 24
77.79.71.0/24 maxlen: 24
77.79.70.0/24 maxlen: 24
77.79.69.0/24 maxlen: 24
77.79.74.0/24 maxlen: 24
77.79.73.0/24 maxlen: 24
77.79.72.0/24 maxlen: 24
77.79.78.0/24 maxlen: 24
77.79.77.0/24 maxlen: 24
77.79.76.0/24 maxlen: 24
77.79.81.0/24 maxlen: 24
77.79.80.0/24 maxlen: 24
77.79.79.0/24 maxlen: 24
77.79.85.0/24 maxlen: 24
77.79.84.0/24 maxlen: 24
77.79.83.0/24 maxlen: 24
77.79.88.0/24 maxlen: 24
77.79.87.0/24 maxlen: 24
77.79.86.0/24 maxlen: 24
77.79.91.0/24 maxlen: 24
77.79.90.0/24 maxlen: 24
89.106.4.0/24 maxlen: 24
89.106.3.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
89.106.1.0/24 maxlen: 24
89.106.0.0/24 maxlen: 24
89.106.0.0/19 maxlen: 24
89.106.6.0/24 maxlen: 24
89.106.5.0/24 maxlen: 24
89.106.9.0/24 maxlen: 24
89.106.8.0/24 maxlen: 24
89.106.7.0/24 maxlen: 24
89.106.11.0/24 maxlen: 24
89.106.10.0/24 maxlen: 24
89.106.17.0/24 maxlen: 24
89.106.12.0/24 maxlen: 24
89.106.16.0/24 maxlen: 24
89.106.15.0/24 maxlen: 24
89.106.24.0/24 maxlen: 24
89.106.19.0/24 maxlen: 24
89.106.18.0/24 maxlen: 24
89.106.23.0/24 maxlen: 24
89.106.22.0/24 maxlen: 24
89.106.21.0/24 maxlen: 24
89.106.20.0/24 maxlen: 24
37.77.3.0/24 maxlen: 24
37.77.2.0/24 maxlen: 24
37.77.0.0/19 maxlen: 24
37.77.1.0/24 maxlen: 24
37.77.0.0/24 maxlen: 24
37.77.4.0/24 maxlen: 24
37.77.6.0/24 maxlen: 24
37.77.5.0/24 maxlen: 24
37.77.9.0/24 maxlen: 24
37.77.8.0/24 maxlen: 24
37.77.7.0/24 maxlen: 24
37.77.10.0/24 maxlen: 24
37.77.16.0/24 maxlen: 24
37.77.15.0/24 maxlen: 24
37.77.17.0/24 maxlen: 24
37.77.12.0/24 maxlen: 24
37.77.20.0/24 maxlen: 24
37.77.18.0/24 maxlen: 24
37.77.23.0/24 maxlen: 24
37.77.22.0/24 maxlen: 24
37.77.21.0/24 maxlen: 24
37.77.24.0/24 maxlen: 24
37.77.30.0/24 maxlen: 24
37.77.29.0/24 maxlen: 24
37.77.28.0/24 maxlen: 24
37.77.31.0/24 maxlen: 24
37.77.27.0/24 maxlen: 24
37.77.26.0/24 maxlen: 24
37.77.25.0/24 maxlen: 24
2a02:4300::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:28:7d:8c:8f:b7:10:35:d9:3f:bf:f4:7f:6f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b85894a84baa0eca0e6ef44a992fc2ba00f5277
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4013a160edb35b89ad3a26f3cb910da3e7650e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ba:c0:7a:25:b1:20:c6:72:bd:d1:59:95:1a:
b5:ab:99:36:f8:51:5c:b5:16:37:ef:8c:f2:5b:f4:
2c:1e:c0:dd:df:b4:44:7c:6b:79:97:8c:2b:0e:35:
19:13:8b:9f:2f:b1:ee:c5:c2:5c:40:da:8c:4a:57:
5f:51:7b:d4:f1:52:32:05:65:b7:11:45:43:33:56:
19:32:b1:90:01:a0:67:d5:eb:65:31:5c:7a:cd:52:
88:d5:3a:36:db:86:1a:fb:0e:18:f9:04:c1:9f:91:
30:80:53:fe:5e:83:e5:a0:98:cf:f2:9a:3b:1f:f7:
1a:9a:e0:a4:21:b1:2d:56:25:24:f2:0e:8a:8b:7d:
c7:cc:ad:dd:e8:99:5e:3e:46:04:7a:55:24:6c:c0:
03:ee:7c:78:be:e6:36:47:d2:9e:d4:dc:6f:15:03:
6e:a9:c2:1c:db:ba:18:4c:3d:e6:f9:75:b9:7c:bd:
04:11:68:a4:4a:72:e0:49:a5:5e:1c:ad:75:4c:1d:
5c:ef:e3:9d:c5:7e:e0:a6:67:8a:f1:4d:62:bd:24:
26:91:f7:12:de:5e:dc:7e:a9:7d:44:57:c0:10:e5:
e7:29:8d:f6:64:08:cd:fe:ba:85:a6:c0:fa:d9:39:
53:20:d3:b6:18:09:34:8f:1d:46:57:04:eb:02:d6:
8c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:13:A1:60:ED:B3:5B:89:AD:3A:26:F3:CB:91:0D:A3:E7:65:0E:43
X509v3 Authority Key Identifier:
keyid:6B:85:89:4A:84:BA:A0:EC:A0:E6:EF:44:A9:92:FC:2B:A0:0F:52:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4WJSoS6oOyg5u9EqZL8K6APUnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/QBOhYO2zW4mtOibzy5ENo-dlDkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/a4WJSoS6oOyg5u9EqZL8K6APUnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.0.0/19
77.79.64.0/18
89.106.0.0/19
IPv6:
2a02:4300::/32
Signature Algorithm: sha256WithRSAEncryption
2a:e0:f7:76:a7:88:74:7b:b3:49:b5:72:2c:14:61:59:5e:3b:
19:6e:52:57:ae:5b:ae:21:13:2c:67:7a:93:f7:a9:e6:e4:23:
d3:68:12:1a:01:9e:74:9a:4e:c2:b3:ad:7e:89:bb:06:48:05:
75:c2:3f:6a:cd:fe:eb:22:37:3a:ca:ce:b8:4a:4c:9f:1e:f1:
48:32:59:c2:ef:cc:9b:b9:bb:1c:3d:7e:ee:6a:70:d3:ad:47:
93:56:19:60:c1:ee:16:dc:0f:e5:b7:a6:13:b2:c4:b7:18:91:
e8:87:28:4e:86:7f:51:ea:02:48:d3:f0:db:cf:ec:55:24:5a:
b5:f2:04:e5:e1:73:fd:7f:af:7b:0c:a0:24:77:8e:9c:5a:0a:
6a:93:05:1e:df:2c:b5:5e:0f:56:f2:14:45:8f:19:0c:ac:48:
d6:23:8b:b8:96:78:13:76:cf:4b:51:28:98:26:88:6d:16:88:
87:a9:e8:85:34:c3:8e:7f:67:ef:32:0e:a1:71:fb:50:f9:bc:
88:2f:ff:30:99:53:94:c3:bf:e2:44:6b:d4:25:3a:fa:87:9b:
87:32:84:51:64:93:0e:fd:f8:97:98:0e:7e:e2:8a:e6:a7:2a:
fe:b3:d8:fa:68:14:7b:94:b9:65:1f:65:4a:e4:53:b3:d5:e5:
3e:30:a1:67
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIASh9jI+3EDXZP7/0f28aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODU4OTRhODRiYWEwZWNhMGU2ZWY0NGE5OTJmYzJiYTAw
ZjUyNzcwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDEzYTE2MGVkYjM1Yjg5YWQzYTI2ZjNjYjkxMGRhM2U3NjUwZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLrAeiWxIMZyvdFZlRq1q5k2+FFc
tRY374zyW/QsHsDd37REfGt5l4wrDjUZE4ufL7HuxcJcQNqMSldfUXvU8VIyBWW3
EUVDM1YZMrGQAaBn1etlMVx6zVKI1To224Ya+w4Y+QTBn5EwgFP+XoPloJjP8po7
H/camuCkIbEtViUk8g6Ki33HzK3d6JlePkYEelUkbMAD7nx4vuY2R9Ke1NxvFQNu
qcIc27oYTD3m+XW5fL0EEWikSnLgSaVeHK11TB1c7+OdxX7gpmeK8U1ivSQmkfcS
3l7cfql9RFfAEOXnKY32ZAjN/rqFpsD62TlTINO2GAk0jx1GVwTrAtaMiwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEAToWDts1uJrTom88uRDaPnZQ5DMB8GA1UdIwQY
MBaAFGuFiUqEuqDsoObvRKmS/CugD1J3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRXSlNvUzZvT3lnNXU5RXFaTDhLNkFQVW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mNWMwMjAtZTFkNy00ZmU5LTgzYzAt
YTNiZTYzYjg1NzJmLzEvUUJPaFlPMnpXNG10T2lienk1RU5vLWRsRGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mNWMwMjAtZTFkNy00ZmU5LTgzYzAtYTNiZTYzYjg1NzJm
LzEvYTRXSlNvUzZvT3lnNXU5RXFaTDhLNkFQVW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFJU0AAwQG
TU9AAwQFWWoAMA0EAgACMAcDBQAqAkMAMA0GCSqGSIb3DQEBCwUAA4IBAQAq4Pd2
p4h0e7NJtXIsFGFZXjsZblJXrluuIRMsZ3qT96nm5CPTaBIaAZ50mk7Cs61+ibsG
SAV1wj9qzf7rIjc6ys64SkyfHvFIMlnC78ybubscPX7uanDTrUeTVhlgwe4W3A/l
t6YTssS3GJHohyhOhn9R6gJI0/Dbz+xVJFq18gTl4XP9f697DKAkd46cWgpqkwUe
3yy1Xg9W8hRFjxkMrEjWI4u4lngTds9LUSiYJohtFoiHqeiFNMOOf2fvMg6hcftQ
+byIL/8wmVOUw7/iRGvUJTr6h5uHMoRRZJMO/fiXmA5+4ormpyr+s9j6aBR7lLll
H2VK5FOz1eU+MKFn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:28 2025 by rpki-client