Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/da5296-f73b-45d6-a942-e1296b32a11f/1/qP-gsAFmgVOc4H-oZTo26Ptp5vw.roa
File: qP-gsAFmgVOc4H-oZTo26Ptp5vw.roa (raw, json)
Hash identifier: QT6Tbak41BDvyGiXFOwS3KI7ZlriOjq7qFbGvl+22Ak=
Subject key identifier: A8:FF:A0:B0:01:66:81:53:9C:E0:7F:A8:65:3A:36:E8:FB:69:E6:FC
Certificate issuer: /CN=c9e1bbf60ae0eb7d4007627185c5f14723fff3ae
Certificate serial: 01962423DBA8D2DB17D7E205CBA0EAAD6961
Authority key identifier: C9:E1:BB:F6:0A:E0:EB:7D:40:07:62:71:85:C5:F1:47:23:FF:F3:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yeG79grg631AB2JxhcXxRyP_864.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/da5296-f73b-45d6-a942-e1296b32a11f/1/qP-gsAFmgVOc4H-oZTo26Ptp5vw.roa
Signing time: Fri 11 Apr 2025 09:17:31 +0000
ROA not before: Fri 11 Apr 2025 09:17:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30967
IP address blocks: 79.99.24.0/21 maxlen: 21
85.184.0.0/22 maxlen: 22
85.184.4.0/23 maxlen: 23
85.184.6.0/24 maxlen: 24
91.206.234.0/23 maxlen: 23
91.206.235.0/24 maxlen: 24
185.99.24.0/23 maxlen: 23
185.99.26.0/23 maxlen: 23
194.88.242.0/24 maxlen: 24
194.88.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:23:db:a8:d2:db:17:d7:e2:05:cb:a0:ea:ad:69:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9e1bbf60ae0eb7d4007627185c5f14723fff3ae
Validity
Not Before: Apr 11 09:17:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8ffa0b0016681539ce07fa8653a36e8fb69e6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:33:87:32:95:c8:69:c7:b3:54:e9:1a:0b:86:
86:8e:c8:d4:65:9e:0b:52:aa:10:7d:7b:15:d5:a0:
79:63:cb:d5:6e:1f:ea:a9:32:16:71:f9:12:f3:6e:
7b:da:17:5a:f4:08:5b:9d:5f:63:b1:eb:99:f6:77:
29:09:0d:d7:31:55:9d:a3:98:48:8b:dc:84:f1:fc:
45:91:c3:78:50:d0:d5:3d:8f:f3:13:7b:da:31:57:
d2:a8:6e:d9:7a:0c:b2:c9:99:68:d1:3f:ef:68:38:
e9:0b:3a:f1:88:39:6e:11:7e:24:bc:92:cb:53:b2:
ad:97:94:c7:31:db:33:90:bb:b7:53:35:76:05:7c:
9f:db:3f:70:29:08:76:99:0a:53:a2:81:82:92:26:
61:6c:61:d5:72:8e:bc:e7:7d:73:e7:8a:93:dd:6c:
ae:74:7b:f8:3c:61:26:89:7b:9b:60:f2:d1:f3:df:
9b:01:92:23:80:88:33:94:14:44:41:41:1f:2b:5e:
38:e7:88:89:70:a6:a1:f0:45:5e:1c:3d:29:83:26:
7f:7a:dc:41:10:d5:89:ea:3b:dc:f9:d3:27:c7:62:
11:27:14:7e:25:86:4a:5d:c0:a6:19:47:0d:01:d8:
81:ea:5b:e9:22:85:f7:05:71:45:bc:ed:c0:9f:b5:
a9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FF:A0:B0:01:66:81:53:9C:E0:7F:A8:65:3A:36:E8:FB:69:E6:FC
X509v3 Authority Key Identifier:
keyid:C9:E1:BB:F6:0A:E0:EB:7D:40:07:62:71:85:C5:F1:47:23:FF:F3:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yeG79grg631AB2JxhcXxRyP_864.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/da5296-f73b-45d6-a942-e1296b32a11f/1/qP-gsAFmgVOc4H-oZTo26Ptp5vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/da5296-f73b-45d6-a942-e1296b32a11f/1/yeG79grg631AB2JxhcXxRyP_864.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.24.0/21
85.184.0.0-85.184.6.255
91.206.234.0/23
185.99.24.0/22
194.88.242.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:58:3a:5d:1b:36:d8:53:59:63:1e:77:3b:ee:76:32:62:2e:
c7:5b:12:fa:4c:0d:12:ec:52:74:0e:11:7a:46:78:d1:f4:2a:
aa:15:96:9f:82:7f:d7:ce:ee:99:54:b0:c8:f9:fd:66:25:6a:
87:5b:e8:57:aa:5b:c5:e7:0c:a5:4c:ad:38:7e:18:88:e4:e0:
70:7d:7d:15:0d:5e:45:2f:d1:5a:40:06:32:ac:36:d7:3a:0c:
33:af:2e:27:98:22:e2:dd:c9:e7:24:4e:d6:99:63:e3:33:46:
ae:7c:9b:d7:f9:a5:91:ae:f8:0e:9b:7d:a5:b5:81:34:a3:85:
cd:dd:76:2e:0a:33:aa:23:77:24:db:e3:3b:1e:ad:61:e8:d5:
67:d5:65:12:63:bf:ba:97:77:b8:18:54:f2:8b:ed:25:34:33:
e6:1c:1f:0b:f7:98:d6:0c:84:9b:7e:93:be:40:ae:1f:2d:49:
e6:78:e1:9d:3c:58:02:a7:89:1c:c8:da:ef:e7:63:e8:d2:52:
e0:e4:e3:73:4d:38:02:b6:08:0d:0d:19:b3:4f:7d:f1:48:22:
03:00:14:4f:42:a1:ac:3a:50:8a:21:a2:33:28:14:b2:a2:fe:
96:24:3a:97:92:d6:e8:45:f6:ab:b5:ee:fb:be:ce:2c:97:f0:
a2:85:c3:96
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZYkI9uo0tsX1+IFy6DqrWlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZTFiYmY2MGFlMGViN2Q0MDA3NjI3MTg1YzVmMTQ3MjNm
ZmYzYWUwHhcNMjUwNDExMDkxNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZmYTBiMDAxNjY4MTUzOWNlMDdmYTg2NTNhMzZlOGZiNjllNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTOHMpXIacezVOkaC4aGjsjUZZ4L
UqoQfXsV1aB5Y8vVbh/qqTIWcfkS82572hda9AhbnV9jseuZ9ncpCQ3XMVWdo5hI
i9yE8fxFkcN4UNDVPY/zE3vaMVfSqG7ZegyyyZlo0T/vaDjpCzrxiDluEX4kvJLL
U7Ktl5THMdszkLu3UzV2BXyf2z9wKQh2mQpTooGCkiZhbGHVco68531z54qT3Wyu
dHv4PGEmiXubYPLR89+bAZIjgIgzlBREQUEfK14454iJcKah8EVeHD0pgyZ/etxB
ENWJ6jvc+dMnx2IRJxR+JYZKXcCmGUcNAdiB6lvpIoX3BXFFvO3An7Wp1QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKj/oLABZoFTnOB/qGU6Nuj7aeb8MB8GA1UdIwQY
MBaAFMnhu/YK4Ot9QAdicYXF8Ucj//OuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWVHNzlncmc2MzFBQjJKeGhjWHhSeVBfODY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kYTUyOTYtZjczYi00NWQ2LWE5NDIt
ZTEyOTZiMzJhMTFmLzEvcVAtZ3NBRm1nVk9jNEgtb1pUbzI2UHRwNXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kYTUyOTYtZjczYi00NWQ2LWE5NDItZTEyOTZiMzJhMTFm
LzEveWVHNzlncmc2MzFBQjJKeGhjWHhSeVBfODY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlAwQDT2MYMAsD
AwNVuAMEAFW4BgMEAVvO6gMEArljGAMEAcJY8jANBgkqhkiG9w0BAQsFAAOCAQEA
nFg6XRs22FNZYx53O+52MmIux1sS+kwNEuxSdA4RekZ40fQqqhWWn4J/187umVSw
yPn9ZiVqh1voV6pbxecMpUytOH4YiOTgcH19FQ1eRS/RWkAGMqw21zoMM68uJ5gi
4t3J5yRO1plj4zNGrnyb1/mlka74Dpt9pbWBNKOFzd12LgozqiN3JNvjOx6tYejV
Z9VlEmO/upd3uBhU8ovtJTQz5hwfC/eY1gyEm36TvkCuHy1J5njhnTxYAqeJHMja
7+dj6NJS4OTjc004ArYIDQ0Zs0998UgiAwAUT0KhrDpQiiGiMygUsqL+liQ6l5LW
6EX2q7Xu+77OLJfwooXDlg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:03 2025 by rpki-client on console.sobornost.net