Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/CqPT7dwYwgixxiYTmZIILp2RB8s.roa
File: CqPT7dwYwgixxiYTmZIILp2RB8s.roa (raw, json)
Hash identifier: 6NQGXDhu9uFXrbFGFaMhIi6przrgqCnZTaF8PJdR2KE=
Subject key identifier: 0A:A3:D3:ED:DC:18:C2:08:B1:C6:26:13:99:92:08:2E:9D:91:07:CB
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 019427B4F1D843AF3E8DB85BCA0EF19EDC3F
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/CqPT7dwYwgixxiYTmZIILp2RB8s.roa
Signing time: Thu 02 Jan 2025 15:49:17 +0000
ROA not before: Thu 02 Jan 2025 15:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 185.137.56.0/22 maxlen: 22
185.143.0.0/22 maxlen: 22
185.143.140.0/22 maxlen: 22
185.174.212.0/23 maxlen: 23
185.174.212.0/24 maxlen: 24
185.232.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:f1:d8:43:af:3e:8d:b8:5b:ca:0e:f1:9e:dc:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 15:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aa3d3eddc18c208b1c626139992082e9d9107cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d0:72:21:be:ce:df:41:51:f8:7a:57:12:66:
c9:3a:a0:2d:fa:7a:d4:8e:89:76:13:55:70:57:86:
75:7b:fa:e1:04:fc:0a:b4:d3:e1:41:23:51:66:c6:
97:01:84:4c:23:aa:82:66:f5:ce:e7:81:7c:e8:3b:
5a:49:53:fc:ef:ff:c6:fc:84:9c:8b:b3:a1:a9:4d:
21:b6:63:b0:15:04:ff:48:8e:35:02:d5:80:3e:69:
5e:c8:a4:cf:10:99:74:8e:cf:db:54:ea:7c:20:d4:
9f:46:c0:4e:bd:91:40:b5:0b:82:4f:92:03:f7:bb:
de:37:4d:21:06:e3:0e:d6:e3:68:68:9f:a7:57:e9:
7a:d2:3d:98:a4:94:08:2a:cc:80:c7:74:19:69:fc:
9a:05:e7:63:c3:80:a3:c0:bc:37:dc:b4:77:b7:df:
0d:ae:a0:a8:45:ff:57:bc:94:a1:b1:3f:6e:82:eb:
0a:47:06:ff:ef:6b:72:a5:1d:3c:15:1e:d5:58:1d:
c9:56:45:30:47:3a:88:86:6b:37:73:e0:fa:4d:29:
3b:b6:4e:0f:04:8c:dc:a7:d9:ec:f9:76:bd:d6:46:
5a:fa:5e:fe:05:42:a7:78:53:a9:3f:6d:27:42:3e:
28:69:c7:52:bf:25:39:77:ef:77:d7:a3:c9:e8:cd:
22:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A3:D3:ED:DC:18:C2:08:B1:C6:26:13:99:92:08:2E:9D:91:07:CB
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/CqPT7dwYwgixxiYTmZIILp2RB8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.56.0/22
185.143.0.0/22
185.143.140.0/22
185.174.212.0/23
185.232.172.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:74:43:6a:f9:74:d6:fd:0c:4f:57:52:18:8b:a4:92:0a:a5:
da:79:f0:84:f9:4c:e6:7a:c7:c4:26:29:4b:c8:aa:47:cc:7b:
68:7a:79:ee:46:e2:f9:f8:48:27:c8:2b:f4:ee:be:bd:4b:df:
4a:82:2e:ea:88:3c:85:3d:3b:f7:fb:9c:4c:ac:18:4b:40:f7:
c5:cf:28:5b:0f:c3:d6:54:7d:6f:19:5f:ba:31:f5:01:f6:07:
74:ec:76:25:ac:1f:78:b1:af:79:f3:20:8b:ce:5c:a4:be:df:
43:e8:c0:dc:eb:2d:f2:cb:5b:a9:c3:79:5b:41:92:de:f7:c3:
50:3c:28:62:9a:33:c9:17:74:9c:4f:78:4e:cf:8d:a4:61:b6:
44:d0:16:35:cb:80:ef:c2:00:22:0b:0a:47:f5:4c:2e:06:64:
37:6d:ed:d8:f9:ca:82:9b:b7:e6:c0:83:4b:f6:e6:46:e5:75:
dd:d4:a1:fc:04:fb:30:df:12:72:4f:91:d3:0b:68:d5:de:0e:
dc:f4:83:8a:f8:40:e0:b2:9e:05:45:3a:16:a9:4b:24:3e:8a:
09:81:75:67:59:aa:2c:95:a0:66:bf:ff:03:a6:f9:f7:01:cf:
89:87:fc:a0:7a:c5:a1:56:ff:7a:2c:0c:a7:ee:1d:af:bd:ed:
35:7f:0a:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntPHYQ68+jbhbyg7xntw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjUwMTAyMTU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEzZDNlZGRjMThjMjA4YjFjNjI2MTM5OTkyMDgyZTlkOTEwN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19ByIb7O30FR+HpXEmbJOqAt+nrU
jol2E1VwV4Z1e/rhBPwKtNPhQSNRZsaXAYRMI6qCZvXO54F86DtaSVP87//G/ISc
i7OhqU0htmOwFQT/SI41AtWAPmleyKTPEJl0js/bVOp8INSfRsBOvZFAtQuCT5ID
97veN00hBuMO1uNoaJ+nV+l60j2YpJQIKsyAx3QZafyaBedjw4CjwLw33LR3t98N
rqCoRf9XvJShsT9ugusKRwb/72typR08FR7VWB3JVkUwRzqIhms3c+D6TSk7tk4P
BIzcp9ns+Xa91kZa+l7+BUKneFOpP20nQj4oacdSvyU5d+9316PJ6M0iBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAqj0+3cGMIIscYmE5mSCC6dkQfLMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvQ3FQVDdkd1l3Z2l4eGlZVG1aSUlMcDJSQjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuYk4AwQC
uY8AAwQCuY+MAwQBua7UAwQCueisMA0GCSqGSIb3DQEBCwUAA4IBAQBfdENq+XTW
/QxPV1IYi6SSCqXaefCE+UzmesfEJilLyKpHzHtoennuRuL5+EgnyCv07r69S99K
gi7qiDyFPTv3+5xMrBhLQPfFzyhbD8PWVH1vGV+6MfUB9gd07HYlrB94sa958yCL
zlykvt9D6MDc6y3yy1upw3lbQZLe98NQPChimjPJF3ScT3hOz42kYbZE0BY1y4Dv
wgAiCwpH9UwuBmQ3be3Y+cqCm7fmwINL9uZG5XXd1KH8BPsw3xJyT5HTC2jV3g7c
9IOK+EDgsp4FRToWqUskPooJgXVnWaoslaBmv/8Dpvn3Ac+Jh/ygesWhVv96LAyn
7h2vve01fwpu
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:55:28 2025 by rpki-client on console.sobornost.net