Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/QGKSiFavp9LMElSoLZBhqzLqFMM.roa
File: QGKSiFavp9LMElSoLZBhqzLqFMM.roa (raw, json)
Hash identifier: ip/2uYmlI+BKnaF8k1mqNHwsPmNtHEQrk8aTeSCdMUA=
Subject key identifier: 40:62:92:88:56:AF:A7:D2:CC:12:54:A8:2D:90:61:AB:32:EA:14:C3
Certificate issuer: /CN=5e774467e21849524943d2bd459010720f3e20e4
Certificate serial: 0194236A461DDB17CFC07FB15781EC734629
Authority key identifier: 5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/QGKSiFavp9LMElSoLZBhqzLqFMM.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210472
IP address blocks: 185.112.0.0/24 maxlen: 24
185.112.1.0/24 maxlen: 24
185.112.2.0/24 maxlen: 24
185.112.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:46:1d:db:17:cf:c0:7f:b1:57:81:ec:73:46:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e774467e21849524943d2bd459010720f3e20e4
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4062928856afa7d2cc1254a82d9061ab32ea14c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:17:50:2a:94:cf:e5:a1:fc:9c:ee:22:9f:09:
ed:a9:29:64:77:83:0b:a2:55:e1:d7:f4:d1:8c:51:
53:9b:37:48:42:13:f3:ba:ce:be:f3:d0:ae:23:43:
43:07:c7:98:cd:69:a7:f9:e3:a4:bd:29:e5:80:2a:
11:ef:5a:70:73:75:17:f7:8a:32:b5:34:48:7b:9c:
1b:9f:9a:fb:9a:bb:77:7f:fc:b1:d6:8b:39:b5:cf:
45:54:3b:82:2b:b7:4a:aa:ee:f5:5f:33:12:4c:92:
33:bc:4d:3e:17:64:d2:ea:5c:a8:5f:12:74:03:5d:
7e:f4:1e:49:6d:f1:6e:9f:ce:8c:b9:10:78:53:f1:
c1:fa:22:50:c9:cd:9c:36:b4:eb:0b:9c:56:9f:12:
57:26:85:14:62:ab:e8:c1:0c:f6:ae:2e:a6:93:34:
e5:ab:31:5f:11:7c:05:c9:7c:a7:7a:c7:d7:7d:53:
7b:ef:dd:5d:e5:5d:ee:0b:44:48:46:cd:45:5f:19:
86:4e:12:5a:f8:65:5a:78:05:5b:e3:76:88:8a:db:
2a:1a:9c:a9:cb:64:09:43:4d:32:a5:16:f8:2d:c6:
4c:ff:36:7d:88:67:2b:a0:a6:ed:02:0b:1d:b3:a6:
e3:d4:c0:bd:35:79:e2:5d:42:1b:d2:06:b4:d7:c5:
d8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:62:92:88:56:AF:A7:D2:CC:12:54:A8:2D:90:61:AB:32:EA:14:C3
X509v3 Authority Key Identifier:
keyid:5E:77:44:67:E2:18:49:52:49:43:D2:BD:45:90:10:72:0F:3E:20:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/QGKSiFavp9LMElSoLZBhqzLqFMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20a22f-20fa-4d98-8b03-aa400532daeb/1/XndEZ-IYSVJJQ9K9RZAQcg8-IOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.0.0/22
Signature Algorithm: sha256WithRSAEncryption
30:84:e8:e6:8b:06:a8:2d:23:f7:56:21:3d:bb:7b:cf:83:bf:
8f:5c:6b:98:f7:87:a9:f5:15:28:a8:55:79:79:36:33:52:59:
f1:04:ec:fe:a8:f1:4f:f5:2e:40:2c:22:6b:12:61:c6:17:4c:
48:9f:04:85:ff:ef:76:ae:e7:ca:f5:9f:21:a9:ae:52:d2:fc:
9c:c1:87:b1:07:3c:fc:8c:5c:6f:be:a0:b5:f7:fc:99:34:0d:
85:71:7d:46:59:df:3f:65:45:50:54:7f:0f:67:06:a0:b7:70:
81:9f:f8:12:c5:2d:bc:0b:2f:9c:2b:af:1f:65:59:22:0c:9f:
7e:36:66:60:3a:31:0a:08:25:a9:a7:f3:90:ff:ec:03:f3:ec:
52:74:ce:49:80:32:d2:69:bd:e6:29:30:c2:99:33:66:55:aa:
8c:77:f0:b4:de:cb:e0:39:38:b2:39:ab:91:5d:17:b6:58:bb:
10:67:04:d5:5a:5f:fb:41:83:c6:02:47:0d:b2:16:5e:ce:c5:
25:7e:41:e3:9e:a1:b9:32:e6:8e:ad:4d:55:1f:a5:81:b8:5f:
b9:82:ad:07:f1:e2:bd:02:86:36:a7:d0:d5:4e:51:52:70:01:
03:04:00:9e:b8:52:8e:80:d7:9c:a1:45:3c:97:1e:65:6d:dd:
bd:7c:27:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakYd2xfPwH+xV4Hsc0YpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzc0NDY3ZTIxODQ5NTI0OTQzZDJiZDQ1OTAxMDcyMGYz
ZTIwZTQwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDYyOTI4ODU2YWZhN2QyY2MxMjU0YTgyZDkwNjFhYjMyZWExNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RdQKpTP5aH8nO4inwntqSlkd4ML
olXh1/TRjFFTmzdIQhPzus6+89CuI0NDB8eYzWmn+eOkvSnlgCoR71pwc3UX94oy
tTRIe5wbn5r7mrt3f/yx1os5tc9FVDuCK7dKqu71XzMSTJIzvE0+F2TS6lyoXxJ0
A11+9B5JbfFun86MuRB4U/HB+iJQyc2cNrTrC5xWnxJXJoUUYqvowQz2ri6mkzTl
qzFfEXwFyXynesfXfVN7791d5V3uC0RIRs1FXxmGThJa+GVaeAVb43aIitsqGpyp
y2QJQ00ypRb4LcZM/zZ9iGcroKbtAgsds6bj1MC9NXniXUIb0ga018XY4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBikohWr6fSzBJUqC2QYasy6hTDMB8GA1UdIwQY
MBaAFF53RGfiGElSSUPSvUWQEHIPPiDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMt
YWE0MDA1MzJkYWViLzEvUUdLU2lGYXZwOUxNRWxTb0xaQmhxekxxRk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGEyMmYtMjBmYS00ZDk4LThiMDMtYWE0MDA1MzJkYWVi
LzEvWG5kRVotSVlTVkpKUTlLOVJaQVFjZzgtSU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXAAMA0G
CSqGSIb3DQEBCwUAA4IBAQAwhOjmiwaoLSP3ViE9u3vPg7+PXGuY94ep9RUoqFV5
eTYzUlnxBOz+qPFP9S5ALCJrEmHGF0xInwSF/+92rufK9Z8hqa5S0vycwYexBzz8
jFxvvqC19/yZNA2FcX1GWd8/ZUVQVH8PZwagt3CBn/gSxS28Cy+cK68fZVkiDJ9+
NmZgOjEKCCWpp/OQ/+wD8+xSdM5JgDLSab3mKTDCmTNmVaqMd/C03svgOTiyOauR
XRe2WLsQZwTVWl/7QYPGAkcNshZezsUlfkHjnqG5MuaOrU1VH6WBuF+5gq0H8eK9
AoY2p9DVTlFScAEDBACeuFKOgNecoUU8lx5lbd29fCdz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:50 2025 by rpki-client on console.sobornost.net