Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/QJ21g8C3Q045c7IghZrDzkWbTPM.roa
File: QJ21g8C3Q045c7IghZrDzkWbTPM.roa (raw, json)
Hash identifier: 7ilJCeCS3rEEdSHgDENpMyuTUqR9p8RAjso5azrVI5g=
Subject key identifier: 40:9D:B5:83:C0:B7:43:4E:39:73:B2:20:85:9A:C3:CE:45:9B:4C:F3
Certificate issuer: /CN=d92b8a5ed46ac3046d45014723a0b92facf2a49b
Certificate serial: 019396DEE58138FC812D5255145D6733D87A
Authority key identifier: D9:2B:8A:5E:D4:6A:C3:04:6D:45:01:47:23:A0:B9:2F:AC:F2:A4:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SuKXtRqwwRtRQFHI6C5L6zypJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/QJ21g8C3Q045c7IghZrDzkWbTPM.roa
Signing time: Thu 05 Dec 2024 12:50:10 +0000
ROA not before: Thu 05 Dec 2024 12:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213098
IP address blocks: 185.222.20.0/24 maxlen: 24
188.72.42.0/24 maxlen: 24
188.72.43.0/24 maxlen: 24
194.34.11.0/24 maxlen: 24
195.62.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:de:e5:81:38:fc:81:2d:52:55:14:5d:67:33:d8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d92b8a5ed46ac3046d45014723a0b92facf2a49b
Validity
Not Before: Dec 5 12:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=409db583c0b7434e3973b220859ac3ce459b4cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:e7:35:15:0f:ca:33:ad:1f:e9:4b:23:dd:
6a:79:7d:f9:50:ec:e8:da:e7:2b:9b:4c:2d:48:f9:
83:fd:7a:5f:44:54:b0:33:08:15:97:96:cc:ba:18:
d8:f9:0f:a3:ee:56:eb:f0:8d:8d:11:a7:56:ba:1a:
45:a8:6c:ec:f8:64:e4:c4:2e:b6:89:f1:ea:68:7f:
ee:e8:01:9c:84:9a:18:94:aa:16:71:0f:07:8d:fb:
4d:29:47:cc:4e:31:e7:d9:b9:d7:fd:b0:b9:88:6b:
f3:56:11:96:ff:9a:c6:57:8b:35:6d:f2:47:0b:16:
31:1b:f7:8b:11:10:22:e1:bc:25:79:c1:20:d4:c1:
0c:36:74:56:3b:83:ee:7d:19:f0:e1:78:a2:b4:39:
b5:c2:8c:7d:5f:e7:6c:03:7a:82:2f:bd:b4:98:b2:
a5:a6:72:3c:eb:e5:49:b3:f2:1d:53:4b:2b:ac:e5:
ae:5f:4a:af:25:13:0d:e0:fe:59:17:49:8e:00:86:
f7:6e:53:a3:95:0b:dc:9a:0c:de:e8:23:96:cb:28:
eb:39:15:96:56:1f:00:5a:bf:20:e6:11:e5:a8:58:
d0:6a:20:2e:38:28:8d:68:f4:d7:2a:bf:aa:37:d3:
49:df:28:b4:f7:f0:2f:26:3c:40:1f:68:41:f0:21:
69:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9D:B5:83:C0:B7:43:4E:39:73:B2:20:85:9A:C3:CE:45:9B:4C:F3
X509v3 Authority Key Identifier:
keyid:D9:2B:8A:5E:D4:6A:C3:04:6D:45:01:47:23:A0:B9:2F:AC:F2:A4:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SuKXtRqwwRtRQFHI6C5L6zypJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/QJ21g8C3Q045c7IghZrDzkWbTPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/2SuKXtRqwwRtRQFHI6C5L6zypJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.20.0/24
188.72.42.0/23
194.34.11.0/24
195.62.88.0/24
Signature Algorithm: sha256WithRSAEncryption
51:56:15:3a:bf:cd:14:33:09:dd:1a:5e:ce:f0:52:16:00:43:
00:b8:b7:e1:86:69:91:6b:da:86:97:fd:c6:36:2e:83:cd:d3:
89:a1:c3:6f:a9:2e:d5:5a:eb:4f:15:60:ba:43:a8:f6:20:56:
59:69:75:46:1c:f0:31:84:b0:27:bb:f4:04:d1:d5:d5:59:ae:
4b:50:53:94:70:3a:82:ac:1b:a0:ff:47:96:a2:f6:35:d4:7d:
b3:85:94:d2:75:90:41:07:c3:55:a4:84:6f:62:e8:9a:19:d4:
dd:4d:2b:34:12:4a:5c:58:34:b7:24:8a:58:35:ba:b1:95:23:
32:12:c2:4e:13:c1:cc:75:18:96:6a:8e:be:05:1d:c8:d6:bc:
3c:69:ab:4e:7e:f2:1a:ff:9b:47:b3:ce:a7:89:65:95:22:6f:
86:33:7a:89:f0:2f:99:b6:6e:5c:44:e1:b3:a1:21:1f:7c:96:
0c:97:31:28:5e:16:59:ec:27:4a:33:c6:65:8a:97:e4:ef:f8:
9f:d4:01:2c:0c:b3:f8:04:cc:bf:d6:1e:86:66:2b:5f:40:20:
10:c4:d0:a9:9d:23:54:37:4c:7a:c1:1a:6d:d0:9d:5b:38:87:
32:6f:52:b1:f9:45:4f:68:ca:48:fb:23:d5:1b:94:fc:0f:ab:
93:3f:83:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOW3uWBOPyBLVJVFF1nM9h6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MmI4YTVlZDQ2YWMzMDQ2ZDQ1MDE0NzIzYTBiOTJmYWNm
MmE0OWIwHhcNMjQxMjA1MTI1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDlkYjU4M2MwYjc0MzRlMzk3M2IyMjA4NTlhYzNjZTQ1OWI0Y2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvornNRUPyjOtH+lLI91qeX35UOzo
2ucrm0wtSPmD/XpfRFSwMwgVl5bMuhjY+Q+j7lbr8I2NEadWuhpFqGzs+GTkxC62
ifHqaH/u6AGchJoYlKoWcQ8HjftNKUfMTjHn2bnX/bC5iGvzVhGW/5rGV4s1bfJH
CxYxG/eLERAi4bwlecEg1MEMNnRWO4PufRnw4XiitDm1wox9X+dsA3qCL720mLKl
pnI86+VJs/IdU0srrOWuX0qvJRMN4P5ZF0mOAIb3blOjlQvcmgze6COWyyjrORWW
Vh8AWr8g5hHlqFjQaiAuOCiNaPTXKr+qN9NJ3yi09/AvJjxAH2hB8CFpZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFECdtYPAt0NOOXOyIIWaw85Fm0zzMB8GA1UdIwQY
MBaAFNkril7UasMEbUUBRyOguS+s8qSbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlN1S1h0UnF3d1J0UlFGSEk2QzVMNnp5cEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS82OTllZmEtOTRmNy00MTI1LWI2MmYt
NDE1NjlhYmMzN2NjLzEvUUoyMWc4QzNRMDQ1YzdJZ2hackR6a1diVFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS82OTllZmEtOTRmNy00MTI1LWI2MmYtNDE1NjlhYmMzN2Nj
LzEvMlN1S1h0UnF3d1J0UlFGSEk2QzVMNnp5cEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAud4UAwQB
vEgqAwQAwiILAwQAwz5YMA0GCSqGSIb3DQEBCwUAA4IBAQBRVhU6v80UMwndGl7O
8FIWAEMAuLfhhmmRa9qGl/3GNi6DzdOJocNvqS7VWutPFWC6Q6j2IFZZaXVGHPAx
hLAnu/QE0dXVWa5LUFOUcDqCrBug/0eWovY11H2zhZTSdZBBB8NVpIRvYuiaGdTd
TSs0EkpcWDS3JIpYNbqxlSMyEsJOE8HMdRiWao6+BR3I1rw8aatOfvIa/5tHs86n
iWWVIm+GM3qJ8C+Ztm5cROGzoSEffJYMlzEoXhZZ7CdKM8Zlipfk7/if1AEsDLP4
BMy/1h6GZitfQCAQxNCpnSNUN0x6wRpt0J1bOIcyb1Kx+UVPaMpI+yPVG5T8D6uT
P4Mi
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:11 2024 by rpki-client on console.sobornost.net