Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/QHGBtoYy-yUNGT2R6UBemRAxD5s.roa
File: QHGBtoYy-yUNGT2R6UBemRAxD5s.roa (raw, json)
Hash identifier: 3YJpkLEFxs1XCvKlcy0WQw5fAkmH7oTliDxTaEnJgz0=
Subject key identifier: 40:71:81:B6:86:32:FB:25:0D:19:3D:91:E9:40:5E:99:10:31:0F:9B
Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Certificate serial: 019493FB48F2621C0A07B2F12A68CC4FBD7B
Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/QHGBtoYy-yUNGT2R6UBemRAxD5s.roa
Signing time: Thu 23 Jan 2025 16:25:06 +0000
ROA not before: Thu 23 Jan 2025 16:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5394
IP address blocks: 77.39.160.0/19 maxlen: 19
77.39.160.0/20 maxlen: 20
77.39.176.0/20 maxlen: 20
77.39.224.0/19 maxlen: 19
77.39.224.0/20 maxlen: 20
77.39.240.0/20 maxlen: 20
81.29.180.0/22 maxlen: 22
81.29.184.0/21 maxlen: 21
82.145.96.0/23 maxlen: 24
82.145.102.0/23 maxlen: 24
82.145.104.0/21 maxlen: 24
82.145.112.0/20 maxlen: 24
194.79.192.0/19 maxlen: 19
194.79.192.0/20 maxlen: 20
194.79.207.0/24 maxlen: 24
194.79.208.0/20 maxlen: 20
194.183.0.0/19 maxlen: 19
194.183.16.0/24 maxlen: 24
195.94.128.0/18 maxlen: 18
195.94.152.0/24 maxlen: 24
195.94.160.0/24 maxlen: 24
195.250.224.0/19 maxlen: 19
195.250.224.0/24 maxlen: 24
195.250.232.0/24 maxlen: 24
213.233.0.0/18 maxlen: 18
213.233.0.0/19 maxlen: 19
213.233.27.0/24 maxlen: 24
213.233.32.0/19 maxlen: 19
213.233.36.0/24 maxlen: 24
217.72.96.0/20 maxlen: 20
2a02:688::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:fb:48:f2:62:1c:0a:07:b2:f1:2a:68:cc:4f:bd:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Validity
Not Before: Jan 23 16:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=407181b68632fb250d193d91e9405e9910310f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9d:4d:01:dc:9f:65:89:06:1e:ee:b9:6b:48:
55:3a:97:af:73:a6:c9:b3:b5:5d:81:30:39:6c:05:
bd:a0:c7:d4:af:13:0e:b4:c5:41:e2:a6:4b:e9:e3:
5d:32:a1:52:1a:a1:fd:37:a8:44:7c:99:97:0a:c4:
7c:a9:38:c3:fc:ff:fd:b9:ea:5c:84:aa:fa:76:66:
df:17:63:1e:df:a7:79:68:67:fa:e4:06:ae:f3:48:
49:a7:76:86:19:12:78:95:26:3a:90:96:b8:5e:03:
7b:20:f6:7d:43:61:d1:02:61:d5:e0:a0:68:b9:85:
51:e1:4e:3c:90:05:2f:27:01:0f:bd:94:a0:53:6e:
c8:a8:ed:fa:a9:0c:e9:b5:f1:cf:c0:8a:1d:34:89:
6c:b8:2f:03:54:d5:7d:bc:33:fc:5e:c2:be:26:ce:
25:3d:85:21:0b:65:bd:b6:0e:70:21:56:db:fd:62:
96:5f:ea:24:b2:12:29:59:79:52:e1:ab:6c:f8:18:
ac:28:5d:05:eb:f3:ea:a9:5c:71:ba:ae:bc:27:99:
69:fc:6a:f8:4a:98:61:83:a7:1d:57:31:8a:e4:0e:
6b:c5:df:ed:6d:eb:40:fe:19:1a:3b:1d:b5:7a:9d:
4d:88:ce:c5:0a:84:a8:70:02:cf:62:a6:a8:c4:e6:
dd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:71:81:B6:86:32:FB:25:0D:19:3D:91:E9:40:5E:99:10:31:0F:9B
X509v3 Authority Key Identifier:
keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/QHGBtoYy-yUNGT2R6UBemRAxD5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.160.0/19
77.39.224.0/19
81.29.180.0-81.29.191.255
82.145.96.0/23
82.145.102.0-82.145.127.255
194.79.192.0/19
194.183.0.0/19
195.94.128.0/18
195.250.224.0/19
213.233.0.0/18
217.72.96.0/20
IPv6:
2a02:688::/32
Signature Algorithm: sha256WithRSAEncryption
8f:b2:8c:6d:79:0b:cf:16:92:6f:af:70:ac:15:51:1d:64:a3:
b4:8f:c6:74:db:57:18:e5:49:c7:44:40:e2:f3:cc:7d:b6:f4:
b3:27:2b:42:39:8d:12:83:c1:75:bf:67:70:a1:44:0d:03:37:
4c:06:3a:f0:f6:83:5c:42:5a:b2:a1:d1:43:3d:2f:5f:41:25:
e4:6d:60:6c:00:56:8e:19:fa:a3:78:03:29:5a:ce:e1:51:34:
df:9c:2f:75:1f:f5:73:28:bf:c0:c3:5b:c2:2c:9c:4d:c1:e1:
36:95:21:ff:10:7b:33:29:d7:4f:40:5f:3c:2d:9b:07:44:84:
db:4f:b4:2a:85:46:45:8a:21:45:8b:70:1e:6f:73:56:e5:37:
f0:13:60:a9:f2:7e:88:5b:e5:8e:0b:8e:4e:94:db:b5:88:ef:
6c:0e:b2:d7:26:ef:4e:a1:64:0c:b3:23:d4:4e:2a:b9:9b:d4:
ed:a7:57:3f:df:d4:4d:34:15:e5:13:4a:d9:02:3f:58:3a:13:
42:59:16:86:00:29:f6:c2:5e:3c:d4:7d:12:4a:92:06:35:7e:
92:20:0e:71:e7:63:af:2e:ad:4c:1c:b2:c6:3c:90:39:49:e9:
55:9a:e2:79:2e:ae:44:cc:82:e8:de:4d:9b:12:fb:34:37:58:
0a:4d:a0:d0
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZST+0jyYhwKB7LxKmjMT717MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy
ZTk5YzEwHhcNMjUwMTIzMTYyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDcxODFiNjg2MzJmYjI1MGQxOTNkOTFlOTQwNWU5OTEwMzEwZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp1NAdyfZYkGHu65a0hVOpevc6bJ
s7VdgTA5bAW9oMfUrxMOtMVB4qZL6eNdMqFSGqH9N6hEfJmXCsR8qTjD/P/9uepc
hKr6dmbfF2Me36d5aGf65Aau80hJp3aGGRJ4lSY6kJa4XgN7IPZ9Q2HRAmHV4KBo
uYVR4U48kAUvJwEPvZSgU27IqO36qQzptfHPwIodNIlsuC8DVNV9vDP8XsK+Js4l
PYUhC2W9tg5wIVbb/WKWX+okshIpWXlS4ats+BisKF0F6/PqqVxxuq68J5lp/Gr4
Sphhg6cdVzGK5A5rxd/tbetA/hkaOx21ep1NiM7FCoSocALPYqaoxObdLwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFEBxgbaGMvslDRk9kelAXpkQMQ+bMB8GA1UdIwQY
MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt
NGJlNzk0ZDY0MDZkLzEvUUhHQnRvWXkteVVOR1QyUjZVQmVtUkF4RDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMtNGJlNzk0ZDY0MDZk
LzEvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQFTSegAwQF
TSfgMAwDBAJRHbQDBAZRHYADBAFSkWAwDAMEAVKRZgMEB1KRAAMEBcJPwAMEBcK3
AAMEBsNegAMEBcP64AMEBtXpAAMEBNlIYDANBAIAAjAHAwUAKgIGiDANBgkqhkiG
9w0BAQsFAAOCAQEAj7KMbXkLzxaSb69wrBVRHWSjtI/GdNtXGOVJx0RA4vPMfbb0
sycrQjmNEoPBdb9ncKFEDQM3TAY68PaDXEJasqHRQz0vX0El5G1gbABWjhn6o3gD
KVrO4VE035wvdR/1cyi/wMNbwiycTcHhNpUh/xB7MynXT0BfPC2bB0SE20+0KoVG
RYohRYtwHm9zVuU38BNgqfJ+iFvljguOTpTbtYjvbA6y1ybvTqFkDLMj1E4quZvU
7adXP9/UTTQV5RNK2QI/WDoTQlkWhgAp9sJePNR9EkqSBjV+kiAOcedjry6tTByy
xjyQOUnpVZrieS6uRMyC6N5NmxL7NDdYCk2g0A==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:26 2025 by rpki-client on console.sobornost.net