Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/QhkZtHC-GArPwLlJouzdeKz4vt4.roa
File: QhkZtHC-GArPwLlJouzdeKz4vt4.roa (raw, json)
Hash identifier: rYjbbMwu5klxqw8Z2ve99sKM+e3vXg5MSUYMGvpUeAw=
Subject key identifier: 42:19:19:B4:70:BE:18:0A:CF:C0:B9:49:A2:EC:DD:78:AC:F8:BE:DE
Certificate issuer: /CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
Certificate serial: 019421B1FD08DB0F1DB22C897E9F672B8F1C
Authority key identifier: 8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/QhkZtHC-GArPwLlJouzdeKz4vt4.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208925
IP address blocks: 37.77.149.0/24 maxlen: 24
91.237.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fd:08:db:0f:1d:b2:2c:89:7e:9f:67:2b:8f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=421919b470be180acfc0b949a2ecdd78acf8bede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:48:dc:45:9b:13:5b:a9:3b:5c:d3:46:fe:
fd:5e:4d:fa:b4:14:e3:cb:f3:1a:20:50:f2:cf:05:
45:1f:62:3f:6e:6f:b6:54:d2:47:2c:b6:f4:32:7b:
96:a5:34:6a:83:7c:9e:4f:31:2b:f2:6a:99:a2:9b:
e7:ed:07:f2:78:99:6b:ea:fc:d5:aa:0c:82:4a:df:
19:70:1b:89:ab:14:eb:b0:04:11:25:64:b2:ee:e0:
e9:06:9b:89:63:66:6e:e9:48:75:5a:9d:73:94:91:
13:ea:b2:d2:be:03:d1:38:f3:6d:94:d7:91:1e:36:
9e:fd:5a:bf:6b:d4:ee:74:87:4c:31:75:06:36:44:
e0:35:ae:c9:cb:b8:69:14:6c:c3:58:91:50:99:8c:
a9:79:02:0c:6c:fc:c3:1a:9d:72:58:04:7f:bf:ec:
1b:ba:63:ec:c9:aa:ba:f5:4a:af:3d:d4:07:98:8e:
e2:50:96:7a:19:82:b8:b6:a8:21:53:8d:b3:b9:9f:
22:74:94:37:96:b6:4b:24:a4:6e:65:c2:61:f0:b5:
a2:74:08:5b:77:3b:3c:57:ad:b9:c9:5a:a7:e2:4b:
c7:5e:c6:75:f1:6d:eb:bc:a4:24:20:9b:cf:0d:9d:
c5:fd:35:e0:fe:d1:b0:61:f4:c7:59:4a:8c:8d:08:
8b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:19:B4:70:BE:18:0A:CF:C0:B9:49:A2:EC:DD:78:AC:F8:BE:DE
X509v3 Authority Key Identifier:
keyid:8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/QhkZtHC-GArPwLlJouzdeKz4vt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/iy4NGE_1UzdchHw41N_NzeEhn9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.149.0/24
91.237.87.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d5:7d:9e:59:52:8c:21:c1:97:12:6e:87:85:54:d2:09:b5:
39:f4:e4:f5:78:87:6d:6e:3b:3c:a8:e2:8b:40:1d:35:ac:bd:
15:a4:d9:62:3c:be:cd:af:d5:bb:9b:c2:7a:6a:aa:a2:3e:19:
75:9e:7a:dc:6f:a4:6e:32:0c:44:b6:e3:b0:25:e2:9a:c0:9b:
3d:a8:1b:a6:2f:87:b7:e8:20:94:fb:a6:40:53:af:d5:7e:79:
d3:47:3a:f0:cf:d3:8e:9b:64:03:b8:a0:77:0a:c5:9a:6c:b1:
09:dc:78:59:5a:c5:ff:83:81:40:b8:e8:93:d2:a5:33:db:cd:
95:04:5a:74:dd:3d:85:2b:39:c2:2f:2f:1c:2d:2f:64:8c:84:
ad:b9:e0:6e:c1:a8:17:8a:5f:05:e3:4b:84:e4:80:fb:4a:30:
fa:d4:55:12:f7:17:8b:46:ce:d5:c2:9f:bb:cc:7a:9e:e0:49:
6a:1d:60:70:c4:65:1d:d4:e8:b4:b4:11:1d:c6:a0:22:3e:23:
a1:5f:62:cb:43:8e:19:45:dc:19:90:12:ed:39:3e:93:80:6e:
82:76:4e:63:1e:2c:0b:a6:2b:de:d1:b6:55:1e:cf:d4:20:d1:
eb:60:ce:28:fd:39:78:d4:90:05:16:32:01:52:25:68:32:fe:
c3:0a:94:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsf0I2w8dsiyJfp9nK48cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMmUwZDE4NGZmNTUzMzc1Yzg0N2MzOGQ0ZGZjZGNkZTEy
MTlmZDMwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE5MTliNDcwYmUxODBhY2ZjMGI5NDlhMmVjZGQ3OGFjZjhiZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVhI3EWbE1upO1zTRv79Xk36tBTj
y/MaIFDyzwVFH2I/bm+2VNJHLLb0MnuWpTRqg3yeTzEr8mqZopvn7QfyeJlr6vzV
qgyCSt8ZcBuJqxTrsAQRJWSy7uDpBpuJY2Zu6Uh1Wp1zlJET6rLSvgPROPNtlNeR
Hjae/Vq/a9TudIdMMXUGNkTgNa7Jy7hpFGzDWJFQmYypeQIMbPzDGp1yWAR/v+wb
umPsyaq69UqvPdQHmI7iUJZ6GYK4tqghU42zuZ8idJQ3lrZLJKRuZcJh8LWidAhb
dzs8V625yVqn4kvHXsZ18W3rvKQkIJvPDZ3F/TXg/tGwYfTHWUqMjQiLVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEIZGbRwvhgKz8C5SaLs3Xis+L7eMB8GA1UdIwQY
MBaAFIsuDRhP9VM3XIR8ONTfzc3hIZ/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAt
Njk5ZjNjZDg1MGZhLzEvUWhrWnRIQy1HQXJQd0xsSm91emRlS3o0dnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAtNjk5ZjNjZDg1MGZh
LzEvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJU2VAwQA
W+1XMA0GCSqGSIb3DQEBCwUAA4IBAQCI1X2eWVKMIcGXEm6HhVTSCbU59OT1eIdt
bjs8qOKLQB01rL0VpNliPL7Nr9W7m8J6aqqiPhl1nnrcb6RuMgxEtuOwJeKawJs9
qBumL4e36CCU+6ZAU6/VfnnTRzrwz9OOm2QDuKB3CsWabLEJ3HhZWsX/g4FAuOiT
0qUz282VBFp03T2FKznCLy8cLS9kjIStueBuwagXil8F40uE5ID7SjD61FUS9xeL
Rs7Vwp+7zHqe4ElqHWBwxGUd1Oi0tBEdxqAiPiOhX2LLQ44ZRdwZkBLtOT6TgG6C
dk5jHiwLpive0bZVHs/UINHrYM4o/Tl41JAFFjIBUiVoMv7DCpTs
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:39:53 2025 by rpki-client