Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MFJQpjNLZubxiROnK9oQKAKKjhU.roa
File: MFJQpjNLZubxiROnK9oQKAKKjhU.roa (raw, json)
Hash identifier: YcyIyVuFlW3RR4eRAoYmuQzkwSJE783KZY8onjjU7SI=
Subject key identifier: 30:52:50:A6:33:4B:66:E6:F1:89:13:A7:2B:DA:10:28:02:8A:8E:15
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D6DCCD33A6629B93B33962FB55223B14E
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MFJQpjNLZubxiROnK9oQKAKKjhU.roa
Signing time: Sat 03 Feb 2024 07:09:16 +0000
ROA not before: Sat 03 Feb 2024 07:09:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203963
IP address blocks: 37.49.144.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:cc:d3:3a:66:29:b9:3b:33:96:2f:b5:52:23:b1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 3 07:09:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=305250a6334b66e6f18913a72bda1028028a8e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b2:4c:96:74:d9:14:ec:e6:62:73:4c:98:66:
e1:82:eb:3b:27:12:7b:48:74:15:70:74:b7:6c:2a:
e1:67:3d:10:aa:97:bb:69:5a:0f:02:87:55:a6:0c:
e9:ff:2d:1c:29:e7:1f:65:f9:86:1f:29:ca:e4:69:
b6:2c:a2:84:7c:f2:ed:79:72:29:a6:b6:0f:04:ec:
e4:e5:d2:f9:a2:f5:e1:8e:c5:61:1f:47:b3:d3:a4:
23:78:c4:0b:3b:51:ca:22:6f:9a:d5:f5:04:bd:42:
4d:b7:6b:2a:6d:2a:10:9c:25:ef:a9:4d:47:70:0d:
75:6e:5e:ae:79:5f:e4:49:73:45:14:cd:62:04:cd:
68:30:94:33:06:cb:cb:b8:79:03:a6:88:91:e7:67:
ee:25:25:5b:6d:bf:42:8a:03:0b:03:c0:14:33:c4:
26:d3:82:4b:1f:6e:c3:06:21:76:17:fb:ca:f6:31:
6d:ff:3a:82:5e:09:03:dc:56:61:66:9f:41:f8:f7:
63:e1:1d:b8:fd:03:9b:30:f8:5d:49:29:91:34:ca:
73:36:86:8f:a2:be:55:a6:c4:b7:be:b5:39:fd:27:
00:6d:37:b6:99:cb:f7:d9:9b:99:73:5a:da:2e:d4:
71:94:49:d5:ca:3a:a7:34:ee:25:ad:d6:db:e9:72:
15:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:52:50:A6:33:4B:66:E6:F1:89:13:A7:2B:DA:10:28:02:8A:8E:15
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MFJQpjNLZubxiROnK9oQKAKKjhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.148.0-37.49.150.255
94.74.137.0/24
94.74.140.0/24
94.74.156.0/24
94.74.158.0/23
94.74.164.0/24
94.74.169.0/24
94.74.171.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
109.203.163.0/24
109.203.166.0/24
176.46.136.0/24
176.46.138.0/23
176.46.144.0/24
176.46.149.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
32:28:f3:2b:07:5f:31:b9:2d:ce:44:df:30:3c:64:e4:9f:bf:
9b:53:25:de:c8:af:52:4a:59:73:77:cf:f1:32:a7:9f:d3:48:
3d:31:1c:b1:58:c1:27:e0:b7:e1:ec:fb:5d:27:d2:63:dc:2f:
b2:0d:ba:3e:06:06:c0:ce:8a:c3:01:4e:db:ef:f9:de:6e:d9:
86:d3:6e:61:85:e9:3c:21:8c:67:3a:db:cf:7a:55:f6:65:f1:
05:54:c2:9a:03:ce:6f:e5:43:65:b1:be:1a:ba:f5:a9:02:42:
aa:17:20:f6:d9:ce:19:b1:22:df:3a:75:df:59:5d:c2:c6:0d:
3e:97:2e:eb:f1:03:23:9b:e4:be:f2:af:0b:0d:06:30:b5:34:
97:1a:a6:9e:50:13:99:39:ea:8e:b9:6c:60:67:dc:13:c2:e3:
2d:59:12:ca:42:ac:2b:b2:b1:1a:40:cb:ce:86:99:e5:24:5e:
91:45:ae:99:47:be:91:ab:27:1c:fb:4d:9c:e8:d4:85:ba:13:
9a:be:66:a9:c7:4e:52:b9:93:3c:be:00:3d:19:dd:70:49:eb:
31:d2:98:9d:90:86:9d:5d:b6:79:27:6a:eb:81:f5:a0:ac:4a:
0a:fb:f9:80:82:df:97:a7:42:50:c8:21:fd:35:05:45:1b:e2:
fa:b4:12:cb
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY1tzNM6Zim5OzOWL7VSI7FOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMjAzMDcwOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDUyNTBhNjMzNGI2NmU2ZjE4OTEzYTcyYmRhMTAyODAyOGE4ZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobJMlnTZFOzmYnNMmGbhgus7JxJ7
SHQVcHS3bCrhZz0Qqpe7aVoPAodVpgzp/y0cKecfZfmGHynK5Gm2LKKEfPLteXIp
prYPBOzk5dL5ovXhjsVhH0ez06QjeMQLO1HKIm+a1fUEvUJNt2sqbSoQnCXvqU1H
cA11bl6ueV/kSXNFFM1iBM1oMJQzBsvLuHkDpoiR52fuJSVbbb9CigMLA8AUM8Qm
04JLH27DBiF2F/vK9jFt/zqCXgkD3FZhZp9B+Pdj4R24/QObMPhdSSmRNMpzNoaP
or5VpsS3vrU5/ScAbTe2mcv32ZuZc1raLtRxlEnVyjqnNO4lrdbb6XIV4QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFDBSUKYzS2bm8YkTpyvaECgCio4VMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTUZKUXBqTkxadWJ4aVJPbks5b1FLQUtLamhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEACUx
kDAMAwQCJTGUAwQAJTGWAwQAXkqJAwQAXkqMAwQAXkqcAwQBXkqeAwQAXkqkAwQA
XkqpAwQAXkqrAwQAXkq2AwQAXkq7AwQAXkq/AwQAbcujAwQAbcumAwQAsC6IAwQB
sC6KAwQAsC6QAwQAsC6VAwQAsC6YMA0GCSqGSIb3DQEBCwUAA4IBAQAyKPMrB18x
uS3ORN8wPGTkn7+bUyXeyK9SSllzd8/xMqef00g9MRyxWMEn4Lfh7PtdJ9Jj3C+y
Dbo+BgbAzorDAU7b7/nebtmG025hhek8IYxnOtvPelX2ZfEFVMKaA85v5UNlsb4a
uvWpAkKqFyD22c4ZsSLfOnXfWV3Cxg0+ly7r8QMjm+S+8q8LDQYwtTSXGqaeUBOZ
OeqOuWxgZ9wTwuMtWRLKQqwrsrEaQMvOhpnlJF6RRa6ZR76Rqycc+02c6NSFuhOa
vmapx05SuZM8vgA9Gd1wSesx0pidkIadXbZ5J2rrgfWgrEoK+/mAgt+Xp0JQyCH9
NQVFG+L6tBLL
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:34 2025 by rpki-client