Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/QQdNezXcd1-hIhXGU4Qn8ucBV9Q.roa
File: QQdNezXcd1-hIhXGU4Qn8ucBV9Q.roa (raw, json)
Hash identifier: WaSlkfe1MwojG0zscntSp+2Lok4NRbwf50hshXXL8jg=
Subject key identifier: 41:07:4D:7B:35:DC:77:5F:A1:22:15:C6:53:84:27:F2:E7:01:57:D4
Certificate issuer: /CN=00933848021d3888860dadf7188094d792af6ae6
Certificate serial: 019423D71892483E2D4F7427ADEC76494180
Authority key identifier: 00:93:38:48:02:1D:38:88:86:0D:AD:F7:18:80:94:D7:92:AF:6A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJM4SAIdOIiGDa33GICU15KvauY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/QQdNezXcd1-hIhXGU4Qn8ucBV9Q.roa
Signing time: Wed 01 Jan 2025 21:48:06 +0000
ROA not before: Wed 01 Jan 2025 21:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201897
IP address blocks: 185.59.252.0/22 maxlen: 22
185.59.254.0/24 maxlen: 24
185.59.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:18:92:48:3e:2d:4f:74:27:ad:ec:76:49:41:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00933848021d3888860dadf7188094d792af6ae6
Validity
Not Before: Jan 1 21:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41074d7b35dc775fa12215c6538427f2e70157d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:09:6f:44:1f:f9:78:34:2d:fb:70:c6:bc:5a:
15:d1:37:4a:d3:b1:02:95:73:ef:b2:6a:02:d2:d5:
ac:da:f8:f6:44:ea:0c:89:fc:73:6e:9e:15:82:4c:
9e:a4:75:5c:5f:fb:76:ee:97:a0:fd:a1:f5:fe:a9:
35:b7:c9:d1:7c:37:ca:4b:13:7b:9f:de:30:33:5a:
11:9f:f5:c4:dd:af:aa:3f:20:c2:7c:41:fc:0f:b0:
42:27:f4:40:af:7a:cf:91:8d:f2:88:71:ee:0d:46:
0d:08:10:b4:a7:3c:dd:4a:ff:a7:bc:94:1c:aa:d0:
37:09:15:5d:00:62:a9:ef:51:b5:74:ce:26:6e:cb:
0d:80:21:f9:48:0c:a4:d6:7a:c2:8b:bc:c5:7c:1d:
97:d6:cb:12:cb:f9:12:8d:7c:38:99:8f:c8:97:26:
37:bc:bc:4f:c3:b2:73:6c:9b:b9:98:16:21:4c:7b:
07:ae:9a:35:e2:a5:12:ce:4f:9d:1d:17:24:1a:d2:
00:e2:2f:74:55:cf:35:ff:03:d6:23:48:37:dc:21:
0c:ec:ea:68:c6:21:0c:3d:ce:d5:ca:be:68:12:59:
2e:0c:3c:72:10:f6:26:30:e3:0b:c0:3c:cf:03:a7:
19:d0:9d:32:4b:df:6b:43:4a:17:01:29:5d:0e:8f:
8c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:07:4D:7B:35:DC:77:5F:A1:22:15:C6:53:84:27:F2:E7:01:57:D4
X509v3 Authority Key Identifier:
keyid:00:93:38:48:02:1D:38:88:86:0D:AD:F7:18:80:94:D7:92:AF:6A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJM4SAIdOIiGDa33GICU15KvauY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/QQdNezXcd1-hIhXGU4Qn8ucBV9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/86762b-aa61-484a-b159-97f39bb1332d/1/AJM4SAIdOIiGDa33GICU15KvauY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:93:68:a7:05:44:86:aa:42:65:9d:65:01:01:c2:16:ed:85:
c6:51:a9:b1:87:e7:35:46:4d:02:d6:da:bf:af:e1:47:27:29:
38:d6:e5:93:bf:a5:8c:68:c3:2f:3f:df:00:bf:91:f9:63:3e:
fb:ea:54:00:9a:73:c8:90:64:ef:6f:90:dd:e6:a3:2d:08:a6:
5a:6f:d5:3a:83:54:06:91:53:b4:3b:d3:7a:27:17:f3:73:d0:
b6:33:c8:c9:98:4c:89:d7:03:86:5d:db:09:c4:af:cc:50:11:
2e:ea:98:50:19:a5:d1:90:76:ae:c4:2d:08:fe:79:21:a4:80:
79:5c:89:2b:95:72:7b:8f:43:91:71:26:44:d0:3a:e4:dc:90:
4d:82:a2:70:49:fd:f7:f2:d1:49:8b:2a:8d:52:6e:31:f4:cf:
1b:6e:ee:f6:7a:54:4c:73:56:83:83:a2:c9:fe:d0:f5:41:d5:
f0:ec:9a:a3:e0:46:c1:fa:40:dc:4f:44:de:72:d3:6a:53:78:
9a:62:73:49:69:60:d4:0f:24:f7:ed:bc:ed:d2:21:bb:23:55:
f0:ef:22:78:29:7c:77:b5:a8:3d:3b:ab:00:a5:6f:ac:87:78:
ce:77:10:e7:7c:92:85:7b:8e:e1:ae:65:ab:e3:b4:85:1b:9a:
86:9e:c0:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xiSSD4tT3Qnrex2SUGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOTMzODQ4MDIxZDM4ODg4NjBkYWRmNzE4ODA5NGQ3OTJh
ZjZhZTYwHhcNMjUwMTAxMjE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTA3NGQ3YjM1ZGM3NzVmYTEyMjE1YzY1Mzg0MjdmMmU3MDE1N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApglvRB/5eDQt+3DGvFoV0TdK07EC
lXPvsmoC0tWs2vj2ROoMifxzbp4VgkyepHVcX/t27peg/aH1/qk1t8nRfDfKSxN7
n94wM1oRn/XE3a+qPyDCfEH8D7BCJ/RAr3rPkY3yiHHuDUYNCBC0pzzdSv+nvJQc
qtA3CRVdAGKp71G1dM4mbssNgCH5SAyk1nrCi7zFfB2X1ssSy/kSjXw4mY/IlyY3
vLxPw7JzbJu5mBYhTHsHrpo14qUSzk+dHRckGtIA4i90Vc81/wPWI0g33CEM7Opo
xiEMPc7Vyr5oElkuDDxyEPYmMOMLwDzPA6cZ0J0yS99rQ0oXASldDo+M9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEHTXs13HdfoSIVxlOEJ/LnAVfUMB8GA1UdIwQY
MBaAFACTOEgCHTiIhg2t9xiAlNeSr2rmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpNNFNBSWRPSWlHRGEzM0dJQ1UxNUt2YXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My84Njc2MmItYWE2MS00ODRhLWIxNTkt
OTdmMzliYjEzMzJkLzEvUVFkTmV6WGNkMS1oSWhYR1U0UW44dWNCVjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My84Njc2MmItYWE2MS00ODRhLWIxNTktOTdmMzliYjEzMzJk
LzEvQUpNNFNBSWRPSWlHRGEzM0dJQ1UxNUt2YXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTv8MA0G
CSqGSIb3DQEBCwUAA4IBAQCfk2inBUSGqkJlnWUBAcIW7YXGUamxh+c1Rk0C1tq/
r+FHJyk41uWTv6WMaMMvP98Av5H5Yz776lQAmnPIkGTvb5Dd5qMtCKZab9U6g1QG
kVO0O9N6Jxfzc9C2M8jJmEyJ1wOGXdsJxK/MUBEu6phQGaXRkHauxC0I/nkhpIB5
XIkrlXJ7j0ORcSZE0Drk3JBNgqJwSf338tFJiyqNUm4x9M8bbu72elRMc1aDg6LJ
/tD1QdXw7Jqj4EbB+kDcT0TectNqU3iaYnNJaWDUDyT37bzt0iG7I1Xw7yJ4KXx3
tag9O6sApW+sh3jOdxDnfJKFe47hrmWr47SFG5qGnsAe
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:40 2025 by rpki-client on console.sobornost.net