Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QkZnN9-Quqx-KboStAi3d_LyOuE.roa
File: QkZnN9-Quqx-KboStAi3d_LyOuE.roa (raw, json)
Hash identifier: ZTby7uNaHfjuTrcm5MXUG0R8+tJbb/D7VfS3DsNDHaM=
Subject key identifier: 42:46:67:37:DF:90:BA:AC:7E:29:BA:12:B4:08:B7:77:F2:F2:3A:E1
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FBBAAF3CD91732EC77C6A8B052E02
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QkZnN9-Quqx-KboStAi3d_LyOuE.roa
Signing time: Wed 01 Jan 2025 13:48:12 +0000
ROA not before: Wed 01 Jan 2025 13:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2590
IP address blocks: 78.133.144.0/22 maxlen: 24
85.219.244.0/22 maxlen: 24
89.174.32.0/23 maxlen: 24
89.174.73.128/25 maxlen: 25
89.174.74.128/25 maxlen: 25
89.174.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bb:aa:f3:cd:91:73:2e:c7:7c:6a:8b:05:2e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42466737df90baac7e29ba12b408b777f2f23ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cb:af:ce:3e:1e:b9:d3:41:b3:b9:fa:be:44:
48:e5:a4:7d:9b:6c:86:5b:13:56:b9:6b:4e:a6:5d:
27:4c:26:91:77:b1:71:1f:e0:75:64:da:52:ed:52:
7d:ab:ae:9d:c8:da:12:31:25:c8:27:6f:36:67:3c:
41:de:98:43:c1:13:b6:9c:7f:48:44:fd:d6:81:e0:
73:0b:aa:59:75:bc:8f:f4:3d:1e:2b:9a:0a:b3:ed:
3e:ef:8e:1d:a7:a9:fb:1d:2d:00:ee:09:37:cd:b7:
f0:ca:37:34:1f:55:3f:42:59:bc:1f:66:f3:f0:60:
c9:ec:74:50:72:64:96:8d:07:b9:75:8a:7d:f0:b2:
b0:95:b4:38:c4:02:2f:5a:1f:c1:ab:38:85:76:ab:
b8:32:64:4c:48:7a:d1:31:24:96:28:a2:16:6c:82:
28:a4:c4:59:57:6b:64:57:cf:10:09:b0:dd:1c:8c:
41:c4:fb:79:df:d6:c9:23:7f:e3:a8:10:70:d8:0c:
ac:dc:ac:27:00:87:3e:fd:61:9e:38:70:0f:f9:04:
40:18:d4:ab:fa:43:6f:38:0d:92:27:3d:61:9f:f0:
2e:97:8e:ab:72:7e:c0:89:39:79:c8:12:a4:8d:6c:
1b:cf:a1:57:45:e0:03:34:f6:0b:80:1e:2e:56:98:
8b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:46:67:37:DF:90:BA:AC:7E:29:BA:12:B4:08:B7:77:F2:F2:3A:E1
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/QkZnN9-Quqx-KboStAi3d_LyOuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.144.0/22
85.219.244.0/22
89.174.32.0/23
89.174.73.128/25
89.174.74.128/25
89.174.229.0/24
Signature Algorithm: sha256WithRSAEncryption
43:fe:71:94:1c:5c:35:3f:77:d9:d2:b6:60:56:af:07:b9:94:
2b:81:ef:55:df:fb:d2:07:89:e8:75:38:90:c4:8a:79:03:cf:
4f:13:24:2d:e9:ad:ba:48:2b:63:52:6c:59:eb:88:ca:96:ee:
dc:62:95:c6:ea:f7:ce:6c:06:6d:96:70:ef:c5:64:9f:e0:f5:
e0:a3:7c:b4:e8:bd:f0:a5:22:e9:48:6a:bf:ea:2a:9d:1b:05:
61:a9:a1:20:a5:ce:f4:a6:05:07:9d:b2:1f:93:ca:fd:a7:75:
e5:ab:27:ad:48:4f:09:c7:8a:86:b4:62:20:8f:45:49:6d:d2:
b1:0b:40:e7:15:ad:5c:5e:a4:b5:2b:6c:b3:0e:d1:d6:f9:a3:
fb:1d:e8:c9:4d:7c:a1:71:27:f8:c7:ed:51:3b:df:5a:98:16:
ed:fb:31:aa:62:d1:c1:f5:ae:ba:26:c4:30:26:2b:0a:f7:2b:
48:dd:a9:53:81:55:96:00:0c:a4:8a:ba:75:e9:3a:a6:f0:37:
31:72:6a:69:6e:d0:9f:34:d8:b4:71:81:c0:1a:fe:34:b4:22:
f7:99:a7:15:6c:2d:fc:cb:4d:8f:59:1f:bc:e6:75:46:fc:3e:
b9:2d:34:db:2c:f8:86:c2:aa:af:cb:2e:4c:ad:fb:dd:9b:89:
de:3f:21:8a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQiH7uq882Rcy7HfGqLBS4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ2NjczN2RmOTBiYWFjN2UyOWJhMTJiNDA4Yjc3N2YyZjIzYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8uvzj4eudNBs7n6vkRI5aR9m2yG
WxNWuWtOpl0nTCaRd7FxH+B1ZNpS7VJ9q66dyNoSMSXIJ282ZzxB3phDwRO2nH9I
RP3WgeBzC6pZdbyP9D0eK5oKs+0+744dp6n7HS0A7gk3zbfwyjc0H1U/Qlm8H2bz
8GDJ7HRQcmSWjQe5dYp98LKwlbQ4xAIvWh/BqziFdqu4MmRMSHrRMSSWKKIWbIIo
pMRZV2tkV88QCbDdHIxBxPt539bJI3/jqBBw2Ays3KwnAIc+/WGeOHAP+QRAGNSr
+kNvOA2SJz1hn/Aul46rcn7AiTl5yBKkjWwbz6FXReADNPYLgB4uVpiLPQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEJGZzffkLqsfim6ErQIt3fy8jrhMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvUWtabk45LVF1cXgtS2JvU3RBaTNkX0x5T3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCToWQAwQC
Vdv0AwQBWa4gAwUHWa5JgAMFB1muSoADBABZruUwDQYJKoZIhvcNAQELBQADggEB
AEP+cZQcXDU/d9nStmBWrwe5lCuB71Xf+9IHieh1OJDEinkDz08TJC3prbpIK2NS
bFnriMqW7txilcbq985sBm2WcO/FZJ/g9eCjfLTovfClIulIar/qKp0bBWGpoSCl
zvSmBQedsh+Tyv2ndeWrJ61ITwnHioa0YiCPRUlt0rELQOcVrVxepLUrbLMO0db5
o/sd6MlNfKFxJ/jH7VE731qYFu37Mapi0cH1rromxDAmKwr3K0jdqVOBVZYADKSK
unXpOqbwNzFyamlu0J802LRxgcAa/jS0IveZpxVsLfzLTY9ZH7zmdUb8PrktNNss
+IbCqq/LLkyt+92bid4/IYo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:49 2025 by rpki-client on console.sobornost.net