Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QyWcKfjjmEFcZ-tsX1TO1yjKGDI.roa
File: QyWcKfjjmEFcZ-tsX1TO1yjKGDI.roa (raw, json)
Hash identifier: QpKEec7urHVPQTZT0WOwGxEqFmLd1w+tfT/D/hBtIug=
Subject key identifier: 43:25:9C:29:F8:E3:98:41:5C:67:EB:6C:5F:54:CE:D7:28:CA:18:32
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019610716AFB12D06C3BFD93202EAEDE2DDB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QyWcKfjjmEFcZ-tsX1TO1yjKGDI.roa
Signing time: Mon 07 Apr 2025 13:29:50 +0000
ROA not before: Mon 07 Apr 2025 13:29:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 151.242.11.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.180.0/22 maxlen: 22
151.242.255.0/24 maxlen: 24
151.243.2.0/24 maxlen: 24
151.243.3.0/24 maxlen: 24
151.243.10.0/24 maxlen: 24
151.243.35.0/24 maxlen: 24
151.243.37.0/24 maxlen: 24
151.243.38.0/24 maxlen: 24
151.243.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:10:71:6a:fb:12:d0:6c:3b:fd:93:20:2e:ae:de:2d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 7 13:29:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43259c29f8e398415c67eb6c5f54ced728ca1832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:69:c6:20:3c:18:fb:b7:84:b8:10:23:4c:a4:
15:f5:5a:46:c0:d5:db:6f:08:e6:f5:0f:ef:4d:0b:
a9:ea:2f:0c:79:b8:c0:c0:54:08:e4:d7:d0:40:12:
27:ac:d6:7f:12:79:da:09:53:09:f3:7f:58:eb:62:
ca:a0:25:c7:f4:5c:1d:17:5f:c1:26:ea:85:69:9d:
44:67:c1:56:6f:c0:35:a4:70:89:1d:9a:9d:54:e4:
18:24:e0:61:81:03:ff:59:20:21:7c:0b:8f:ed:bd:
11:a7:39:a9:c2:8e:5e:a4:0e:7a:18:28:a5:29:0c:
1e:e3:39:1e:24:7f:ef:32:b4:22:4c:b0:30:53:d1:
bf:8d:4a:f6:75:db:a1:06:08:41:58:48:7c:89:b8:
b0:7a:85:fe:09:c7:90:b2:3b:eb:a8:7f:95:88:07:
7b:9e:bb:f3:75:17:4a:47:97:49:44:78:6b:e1:dc:
2e:19:f1:d0:3c:ad:9f:72:fa:58:7a:2a:cb:0b:37:
0d:21:3b:4b:ff:70:cb:49:3e:0a:e3:6f:d2:6e:ee:
37:e1:b4:97:42:28:8e:d1:f8:5c:a6:16:51:4d:3a:
1a:6b:eb:2f:96:12:5d:2e:87:3d:3b:12:14:1d:18:
97:9b:33:41:ff:b9:c6:38:73:91:15:63:cc:86:38:
16:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:25:9C:29:F8:E3:98:41:5C:67:EB:6C:5F:54:CE:D7:28:CA:18:32
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QyWcKfjjmEFcZ-tsX1TO1yjKGDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.11.0/24
151.242.14.0/24
151.242.27.0/24
151.242.180.0/22
151.242.255.0/24
151.243.2.0/23
151.243.10.0/24
151.243.35.0/24
151.243.37.0-151.243.39.255
Signature Algorithm: sha256WithRSAEncryption
14:dc:6a:50:0c:fc:b6:d9:6c:66:27:65:1b:b6:58:bb:54:d7:
56:f1:67:79:b5:16:f1:d1:83:c0:3b:9c:9d:29:fa:da:23:f2:
e8:95:0f:5f:50:f0:74:08:1e:90:45:1f:10:08:e4:02:e0:1d:
d2:7e:d2:53:eb:8a:f0:7d:55:4c:01:38:35:8d:4b:a6:00:db:
33:eb:56:92:e9:7c:fa:00:84:5f:b9:92:77:d5:51:05:b3:9d:
d6:2a:53:0a:80:9e:93:45:03:b8:f7:90:1b:3b:26:22:3b:c3:
c1:c8:e1:7b:c9:1d:44:36:ae:a2:81:18:94:54:00:4f:6e:39:
ec:17:27:8d:92:cc:97:bb:c1:33:8a:a0:89:3c:85:14:b5:23:
6c:52:bf:34:0f:a0:aa:22:63:ec:e7:62:a4:ff:26:2e:39:3c:
2b:58:86:e3:17:6d:13:e1:11:06:44:4f:65:18:86:3a:18:cc:
63:3b:62:8a:bb:0c:6e:b6:b9:f5:4e:47:ed:e4:76:69:16:f7:
ce:3f:79:36:54:4f:11:70:7a:cd:0d:a4:ea:0a:2d:85:45:4c:
2b:c1:d9:98:20:59:18:38:a2:91:75:2c:e0:7c:67:71:1f:fb:
e0:b0:af:07:8f:51:36:07:ca:ed:13:98:02:0f:ef:01:5a:37:
e5:12:b0:63
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZYQcWr7EtBsO/2TIC6u3i3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDA3MTMyOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzI1OWMyOWY4ZTM5ODQxNWM2N2ViNmM1ZjU0Y2VkNzI4Y2ExODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGnGIDwY+7eEuBAjTKQV9VpGwNXb
bwjm9Q/vTQup6i8MebjAwFQI5NfQQBInrNZ/EnnaCVMJ839Y62LKoCXH9FwdF1/B
JuqFaZ1EZ8FWb8A1pHCJHZqdVOQYJOBhgQP/WSAhfAuP7b0Rpzmpwo5epA56GCil
KQwe4zkeJH/vMrQiTLAwU9G/jUr2dduhBghBWEh8ibiweoX+CceQsjvrqH+ViAd7
nrvzdRdKR5dJRHhr4dwuGfHQPK2fcvpYeirLCzcNITtL/3DLST4K42/Sbu434bSX
QiiO0fhcphZRTToaa+svlhJdLoc9OxIUHRiXmzNB/7nGOHORFWPMhjgWlQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEMlnCn445hBXGfrbF9UztcoyhgyMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUXlXY0tmamptRUZjWi10c1gxVE8xeWpLR0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAl/ILAwQA
l/IOAwQAl/IbAwQCl/K0AwQAl/L/AwQBl/MCAwQAl/MKAwQAl/MjMAwDBACX8yUD
BAOX8yAwDQYJKoZIhvcNAQELBQADggEBABTcalAM/LbZbGYnZRu2WLtU11bxZ3m1
FvHRg8A7nJ0p+toj8uiVD19Q8HQIHpBFHxAI5ALgHdJ+0lPrivB9VUwBODWNS6YA
2zPrVpLpfPoAhF+5knfVUQWzndYqUwqAnpNFA7j3kBs7JiI7w8HI4XvJHUQ2rqKB
GJRUAE9uOewXJ42SzJe7wTOKoIk8hRS1I2xSvzQPoKoiY+znYqT/Ji45PCtYhuMX
bRPhEQZET2UYhjoYzGM7Yoq7DG62ufVOR+3kdmkW984/eTZUTxFwes0NpOoKLYVF
TCvB2ZggWRg4opF1LOB8Z3Ef++CwrwePUTYHyu0TmAIP7wFaN+USsGM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:23 2025 by rpki-client on console.sobornost.net