Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/QR0_yngod2ytYXVRxBdIJaGQtD8.roa
File: QR0_yngod2ytYXVRxBdIJaGQtD8.roa (raw, json)
Hash identifier: ltA6YElUsxrQZ+fMVYaCHWCNPW6fU+6PIrwsYryAwAU=
Subject key identifier: 41:1D:3F:CA:78:28:77:6C:AD:61:75:51:C4:17:48:25:A1:90:B4:3F
Certificate issuer: /CN=b77627cafe755785750bde5ba49e6c1091bf4247
Certificate serial: 019426D932F063C18A1BB048814CB43F4A84
Authority key identifier: B7:76:27:CA:FE:75:57:85:75:0B:DE:5B:A4:9E:6C:10:91:BF:42:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/QR0_yngod2ytYXVRxBdIJaGQtD8.roa
Signing time: Thu 02 Jan 2025 11:49:16 +0000
ROA not before: Thu 02 Jan 2025 11:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209302
IP address blocks: 85.209.248.0/22 maxlen: 22
85.209.250.0/24 maxlen: 24
85.209.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:32:f0:63:c1:8a:1b:b0:48:81:4c:b4:3f:4a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b77627cafe755785750bde5ba49e6c1091bf4247
Validity
Not Before: Jan 2 11:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=411d3fca7828776cad617551c4174825a190b43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:55:ae:18:4c:f3:0d:7a:61:bf:ae:ce:45:34:
f1:9a:60:57:8c:15:07:97:b9:b7:f4:0f:fd:b7:69:
96:ee:8e:ed:5e:53:0f:c4:b1:bd:33:e0:e6:47:ee:
f8:8c:8e:af:6f:da:1b:65:2c:93:2e:1c:66:3e:fc:
26:e1:27:56:68:2a:20:af:9f:f6:b8:58:3f:0f:76:
7f:63:32:86:1a:8e:19:7b:a6:c4:f7:b6:82:6b:e8:
c9:54:96:e5:2a:23:f4:ef:e9:e0:58:4e:f1:08:55:
d9:c2:18:a0:af:1f:ec:cf:f8:ef:2c:fb:cf:d3:78:
62:05:d7:12:b2:c9:7b:b0:75:c6:00:37:92:fb:0b:
54:c7:2f:16:55:92:33:fa:c1:d8:77:51:a5:61:56:
fc:3d:fa:07:9f:52:00:b1:a6:41:7a:9a:f6:be:ab:
7f:01:7b:b6:24:ff:6c:32:e5:ea:69:af:58:94:da:
49:f8:9e:f8:e5:b4:cc:32:3a:c7:52:f7:7a:cf:48:
2e:f3:3a:42:6f:38:b4:5a:cf:03:5b:28:06:e2:b1:
1d:bd:b7:da:f3:56:c3:ed:c6:0c:e9:57:81:23:54:
90:7b:87:1c:a9:b0:f2:07:37:1c:92:e4:cb:74:07:
e2:36:5f:5f:b4:0e:61:ff:1c:b3:5e:2e:81:b7:ec:
81:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1D:3F:CA:78:28:77:6C:AD:61:75:51:C4:17:48:25:A1:90:B4:3F
X509v3 Authority Key Identifier:
keyid:B7:76:27:CA:FE:75:57:85:75:0B:DE:5B:A4:9E:6C:10:91:BF:42:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/QR0_yngod2ytYXVRxBdIJaGQtD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/602137-dd40-4ef9-bb0f-4457fa20bcba/1/t3Ynyv51V4V1C95bpJ5sEJG_Qkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.248.0/22
Signature Algorithm: sha256WithRSAEncryption
27:28:2d:9c:42:33:ba:25:f8:d3:30:11:9d:cf:c0:c4:48:16:
c9:5b:6f:ab:37:9e:7e:54:44:69:0f:ea:14:be:a7:3b:7a:0d:
76:2a:f3:f6:3d:2c:3b:0b:07:e2:5f:fe:99:a7:22:5d:4e:ed:
15:d1:e2:eb:58:a9:63:1c:9b:11:db:d3:9b:34:4a:e2:29:fa:
4a:d4:84:84:4c:38:bc:34:ca:d1:c7:35:e2:df:cc:ce:51:76:
e7:31:72:57:d7:4c:71:e9:22:7e:46:c6:96:ab:10:33:4b:32:
33:b9:6e:3b:ca:00:45:f3:e5:c6:6c:7f:a7:d9:f1:c4:2b:c6:
7e:6a:fb:33:ec:ef:f6:0a:94:52:14:55:27:ac:84:a8:e8:22:
5d:c3:da:1f:01:6e:f4:b4:a9:14:95:45:23:c1:ba:4b:3c:6c:
2c:cc:b9:49:84:80:91:22:4b:39:e9:e7:34:95:9b:79:f6:f1:
a6:9c:b8:3e:7f:c8:d6:66:95:f2:40:e8:03:b5:dd:2e:fb:ca:
47:39:8a:ad:6e:4c:3a:06:e4:a3:b2:5e:1c:32:3c:a7:f8:e3:
4c:71:d7:8f:00:0d:1e:2b:b0:d0:d4:4d:4a:86:d3:c5:a6:9f:
85:4a:5a:f0:88:67:6c:e8:79:dc:f7:bc:5c:e7:d1:25:d1:13:
5f:b4:99:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2TLwY8GKG7BIgUy0P0qEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzYyN2NhZmU3NTU3ODU3NTBiZGU1YmE0OWU2YzEwOTFi
ZjQyNDcwHhcNMjUwMTAyMTE0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTFkM2ZjYTc4Mjg3NzZjYWQ2MTc1NTFjNDE3NDgyNWExOTBiNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVWuGEzzDXphv67ORTTxmmBXjBUH
l7m39A/9t2mW7o7tXlMPxLG9M+DmR+74jI6vb9obZSyTLhxmPvwm4SdWaCogr5/2
uFg/D3Z/YzKGGo4Ze6bE97aCa+jJVJblKiP07+ngWE7xCFXZwhigrx/sz/jvLPvP
03hiBdcSssl7sHXGADeS+wtUxy8WVZIz+sHYd1GlYVb8PfoHn1IAsaZBepr2vqt/
AXu2JP9sMuXqaa9YlNpJ+J745bTMMjrHUvd6z0gu8zpCbzi0Ws8DWygG4rEdvbfa
81bD7cYM6VeBI1SQe4ccqbDyBzcckuTLdAfiNl9ftA5h/xyzXi6Bt+yBfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEdP8p4KHdsrWF1UcQXSCWhkLQ/MB8GA1UdIwQY
MBaAFLd2J8r+dVeFdQveW6SebBCRv0JHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNZbnl2NTFWNFYxQzk1YnBKNXNFSkdfUWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MDIxMzctZGQ0MC00ZWY5LWJiMGYt
NDQ1N2ZhMjBiY2JhLzEvUVIwX3luZ29kMnl0WVhWUnhCZElKYUdRdEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MDIxMzctZGQ0MC00ZWY5LWJiMGYtNDQ1N2ZhMjBiY2Jh
LzEvdDNZbnl2NTFWNFYxQzk1YnBKNXNFSkdfUWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdH4MA0G
CSqGSIb3DQEBCwUAA4IBAQAnKC2cQjO6JfjTMBGdz8DESBbJW2+rN55+VERpD+oU
vqc7eg12KvP2PSw7CwfiX/6ZpyJdTu0V0eLrWKljHJsR29ObNEriKfpK1ISETDi8
NMrRxzXi38zOUXbnMXJX10xx6SJ+RsaWqxAzSzIzuW47ygBF8+XGbH+n2fHEK8Z+
avsz7O/2CpRSFFUnrISo6CJdw9ofAW70tKkUlUUjwbpLPGwszLlJhICRIks56ec0
lZt59vGmnLg+f8jWZpXyQOgDtd0u+8pHOYqtbkw6BuSjsl4cMjyn+ONMcdePAA0e
K7DQ1E1KhtPFpp+FSlrwiGds6Hnc97xc59El0RNftJmz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:31 2025 by rpki-client on console.sobornost.net