Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/QtBDbaL_74vDvVhUHUrh5WG7I80.roa
File: QtBDbaL_74vDvVhUHUrh5WG7I80.roa (raw, json)
Hash identifier: h/FEVmJJRS+mCVY0Nan4gSdJid9tOjnE6DhyLmxbNmk=
Subject key identifier: 42:D0:43:6D:A2:FF:EF:8B:C3:BD:58:54:1D:4A:E1:E5:61:BB:23:CD
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747E253E5233B4FC3337C7B25012F54
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/QtBDbaL_74vDvVhUHUrh5WG7I80.roa
Signing time: Thu 02 Jan 2025 13:50:09 +0000
ROA not before: Thu 02 Jan 2025 13:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21415
IP address blocks: 109.121.192.0/24 maxlen: 24
109.121.202.0/24 maxlen: 24
109.121.203.0/24 maxlen: 24
109.121.254.0/24 maxlen: 24
109.121.255.0/24 maxlen: 24
178.169.142.0/24 maxlen: 24
178.169.143.0/24 maxlen: 24
178.169.162.0/24 maxlen: 24
178.169.165.0/24 maxlen: 24
178.169.169.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e2:53:e5:23:3b:4f:c3:33:7c:7b:25:01:2f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42d0436da2ffef8bc3bd58541d4ae1e561bb23cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e0:52:59:12:b9:f7:9e:40:4a:a5:e6:54:e1:
7c:a5:23:43:67:22:fa:3d:c0:b8:01:34:c6:d2:8d:
ec:a6:b8:b2:ed:f6:e5:fe:cf:83:79:7b:45:5c:ee:
1e:bb:c9:ac:eb:80:fe:74:4c:6f:a7:e7:0a:a6:6f:
44:92:16:72:2d:fe:e5:92:77:fa:d2:8c:bd:d6:2e:
91:da:27:64:80:a8:48:a8:0e:b0:f6:e8:4b:59:ed:
68:c0:85:2f:b0:52:17:8b:7f:ca:4d:32:46:c5:bc:
ab:8c:73:90:74:bf:61:97:ee:13:d4:8f:e3:90:7e:
14:34:43:c1:f2:e1:31:b7:e6:de:af:9a:a4:89:47:
f7:31:bd:24:f5:f7:3f:e3:54:13:f6:51:55:b2:fb:
33:6a:f7:bf:d1:11:92:0c:4f:fa:04:54:9d:e4:81:
f9:c5:bf:6c:12:8a:0a:0d:e9:a2:d0:65:41:9d:20:
ce:34:ac:8c:8e:ee:54:c7:da:d4:af:e3:76:cd:5d:
17:da:3d:54:94:99:a6:2b:73:af:60:52:61:b3:90:
86:bd:7a:ba:f2:f2:20:88:f7:2e:b0:de:ff:d2:63:
e6:50:f5:ad:11:5c:17:c0:2f:13:f3:5c:42:88:aa:
08:e0:e6:85:b1:a9:b2:f5:8d:e1:45:ad:a1:e6:82:
9b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D0:43:6D:A2:FF:EF:8B:C3:BD:58:54:1D:4A:E1:E5:61:BB:23:CD
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/QtBDbaL_74vDvVhUHUrh5WG7I80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.192.0/24
109.121.202.0/23
109.121.254.0/23
178.169.142.0/23
178.169.162.0/24
178.169.165.0/24
178.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
19:9a:59:dc:8c:87:82:47:ba:7c:a0:41:8d:9c:fd:ea:b3:0a:
cd:6f:7a:60:fa:e5:d0:52:ef:4d:78:63:19:71:55:d6:d9:23:
4b:41:d9:ba:cb:cd:1f:70:3e:6c:fe:d6:10:73:97:a5:6b:27:
0f:d9:32:ce:02:59:f7:93:78:51:42:ac:90:8d:1d:cb:a1:e5:
52:f9:a0:04:fd:6e:b7:04:23:af:8f:57:a4:21:9e:0b:ba:e5:
3d:75:1d:98:a9:1e:da:6d:75:9f:7b:63:84:89:ae:ec:6c:33:
18:f7:a3:9d:21:cf:95:53:20:a9:40:66:8c:bf:a5:93:1d:01:
14:b3:cc:78:52:ed:de:f8:6d:92:d1:be:86:eb:55:e1:68:2c:
9b:27:98:7a:a7:96:8a:47:7e:5b:39:35:91:0a:7f:6c:94:77:
e1:26:21:c1:36:39:47:0f:0c:f5:43:ec:52:3e:ea:f3:36:1b:
1b:0c:5d:e7:fc:d4:06:7f:cb:47:bb:24:41:c7:5b:eb:b5:b0:
d8:33:78:77:32:87:4a:ba:a7:aa:eb:78:99:56:1d:e5:42:8c:
64:13:9d:bf:64:95:4a:94:ce:9e:9b:dd:d1:24:44:e6:0a:7f:
42:67:e8:84:0a:d4:f7:cc:6f:81:e1:d0:84:ed:53:79:48:dc:
39:72:6c:d6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQnR+JT5SM7T8MzfHslAS9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQwNDM2ZGEyZmZlZjhiYzNiZDU4NTQxZDRhZTFlNTYxYmIyM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOBSWRK5955ASqXmVOF8pSNDZyL6
PcC4ATTG0o3spriy7fbl/s+DeXtFXO4eu8ms64D+dExvp+cKpm9EkhZyLf7lknf6
0oy91i6R2idkgKhIqA6w9uhLWe1owIUvsFIXi3/KTTJGxbyrjHOQdL9hl+4T1I/j
kH4UNEPB8uExt+ber5qkiUf3Mb0k9fc/41QT9lFVsvszave/0RGSDE/6BFSd5IH5
xb9sEooKDemi0GVBnSDONKyMju5Ux9rUr+N2zV0X2j1UlJmmK3OvYFJhs5CGvXq6
8vIgiPcusN7/0mPmUPWtEVwXwC8T81xCiKoI4OaFsamy9Y3hRa2h5oKbnQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFELQQ22i/++Lw71YVB1K4eVhuyPNMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvUXRCRGJhTF83NHZEdlZoVUhVcmg1V0c3STgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAbXnAAwQB
bXnKAwQBbXn+AwQBsqmOAwQAsqmiAwQAsqmlAwQAsqmpMA0GCSqGSIb3DQEBCwUA
A4IBAQAZmlncjIeCR7p8oEGNnP3qswrNb3pg+uXQUu9NeGMZcVXW2SNLQdm6y80f
cD5s/tYQc5elaycP2TLOAln3k3hRQqyQjR3LoeVS+aAE/W63BCOvj1ekIZ4LuuU9
dR2YqR7abXWfe2OEia7sbDMY96OdIc+VUyCpQGaMv6WTHQEUs8x4Uu3e+G2S0b6G
61XhaCybJ5h6p5aKR35bOTWRCn9slHfhJiHBNjlHDwz1Q+xSPurzNhsbDF3n/NQG
f8tHuyRBx1vrtbDYM3h3ModKuqeq63iZVh3lQoxkE52/ZJVKlM6em93RJETmCn9C
Z+iECtT3zG+B4dCE7VN5SNw5cmzW
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:03:38 2025 by rpki-client