Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MGHrjniGqnQjuHFUpwo109nK23M.roa
File: MGHrjniGqnQjuHFUpwo109nK23M.roa (raw, json)
Hash identifier: ztBpLSa6wwbYUKgPCnUhTDuqvkWdUkgB+ItbTai2PVk=
Subject key identifier: 30:61:EB:8E:78:86:AA:74:23:B8:71:54:A7:0A:35:D3:D9:CA:DB:73
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C811F12DDA1C88BD40A774E016A2E0A8F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MGHrjniGqnQjuHFUpwo109nK23M.roa
Signing time: Tue 19 Dec 2023 08:09:06 +0000
ROA not before: Tue 19 Dec 2023 08:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203963
IP address blocks: 176.46.144.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:1f:12:dd:a1:c8:8b:d4:0a:77:4e:01:6a:2e:0a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 19 08:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3061eb8e7886aa7423b87154a70a35d3d9cadb73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ca:01:77:77:94:d6:3d:0c:d0:3c:29:a2:dc:
eb:ec:68:d1:8d:7d:c6:08:ba:df:bc:bd:b4:e5:34:
a6:aa:5c:14:31:1a:86:2d:48:59:54:63:e8:2e:48:
29:1a:40:67:b3:37:e0:54:5a:41:92:ed:36:da:f7:
c7:dd:ee:ce:ff:c6:e5:3b:b7:92:ed:71:28:26:40:
5d:49:cf:0b:b8:a5:fa:25:f6:7d:aa:14:30:32:5b:
69:0c:0f:aa:ce:c8:91:10:db:6c:df:32:41:e3:5c:
e8:77:62:79:69:4b:d2:ec:e1:6e:f0:67:e9:ed:fb:
c7:e4:8b:2d:bd:0b:b8:00:52:b2:de:9a:79:e5:8e:
e2:a8:88:09:9e:f8:90:f9:3f:a4:a7:8c:ee:79:80:
1f:73:c2:c0:01:48:d2:bf:d6:ed:7d:ed:b6:7c:5d:
71:46:62:46:3f:14:df:92:53:a8:f3:8d:4f:a5:5b:
fd:3e:58:41:16:88:37:f8:b9:69:e7:a4:28:43:60:
9d:0d:dc:07:31:ef:40:9a:15:d7:29:24:cf:cb:31:
f0:f5:d5:f6:36:7a:36:ca:a6:93:82:83:e7:05:b7:
24:a5:65:2d:99:60:eb:90:73:0b:1b:54:25:04:75:
ff:58:a3:e6:bd:25:da:ce:38:41:b8:a7:72:7a:4d:
60:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:61:EB:8E:78:86:AA:74:23:B8:71:54:A7:0A:35:D3:D9:CA:DB:73
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/MGHrjniGqnQjuHFUpwo109nK23M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.148.0-37.49.150.255
94.74.137.0/24
94.74.140.0/24
94.74.147.0/24
94.74.158.0/23
94.74.164.0/24
94.74.169.0/24
94.74.171.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
109.203.163.0/24
176.46.144.0/24
176.46.149.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
19:62:43:51:ec:37:06:45:83:10:5b:53:4a:e6:d4:a9:bd:8f:
79:18:9b:a8:34:17:96:b3:7f:64:25:e2:3a:3a:28:6f:d0:64:
7c:0a:d8:0c:bf:c7:38:70:3e:61:ae:06:b4:e7:f6:14:6d:88:
7d:d8:cf:68:97:5d:60:f8:e2:af:bc:af:50:6b:6a:51:5b:fc:
43:de:99:ba:2c:f3:43:e1:c8:f6:fa:34:7d:02:8d:f9:8b:00:
b5:db:f1:ee:36:5c:86:b1:47:24:79:e5:32:2d:f0:2b:a2:f1:
3d:93:ef:30:7e:15:70:58:cf:94:90:0e:b6:b8:bc:cf:4c:9b:
a0:1f:17:fd:88:22:49:9f:bc:6f:a0:d7:77:59:68:e9:8a:87:
a9:dc:c5:bb:e8:f5:75:5d:df:e9:f9:b5:8c:a8:00:a1:77:5f:
ae:ff:a1:41:2b:39:8d:27:c6:7b:88:4e:3a:99:43:6c:b9:4a:
6d:25:6c:3e:9b:7d:f8:6a:3d:ed:72:82:50:f6:63:30:eb:02:
d0:73:dd:d3:b0:6f:1b:98:92:eb:48:a9:dd:5a:86:1a:a1:e4:
ae:db:34:0c:fa:87:65:f8:d8:be:81:a0:a3:5b:48:23:0c:d0:
a4:bc:df:f8:2f:b2:5e:51:cb:a0:de:29:db:d8:f4:51:bf:2e:
e4:94:89:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYyBHxLdociL1Ap3TgFqLgqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMjE5MDgwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDYxZWI4ZTc4ODZhYTc0MjNiODcxNTRhNzBhMzVkM2Q5Y2FkYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcoBd3eU1j0M0Dwpotzr7GjRjX3G
CLrfvL205TSmqlwUMRqGLUhZVGPoLkgpGkBnszfgVFpBku022vfH3e7O/8blO7eS
7XEoJkBdSc8LuKX6JfZ9qhQwMltpDA+qzsiRENts3zJB41zod2J5aUvS7OFu8Gfp
7fvH5IstvQu4AFKy3pp55Y7iqIgJnviQ+T+kp4zueYAfc8LAAUjSv9btfe22fF1x
RmJGPxTfklOo841PpVv9PlhBFog3+Llp56QoQ2CdDdwHMe9AmhXXKSTPyzHw9dX2
Nno2yqaTgoPnBbckpWUtmWDrkHMLG1QlBHX/WKPmvSXazjhBuKdyek1gYQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFDBh6454hqp0I7hxVKcKNdPZyttzMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTUdIcmpuaUdxblFqdUhGVXB3bzEwOW5LMjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEACUxkDAM
AwQCJTGUAwQAJTGWAwQAXkqJAwQAXkqMAwQAXkqTAwQBXkqeAwQAXkqkAwQAXkqp
AwQAXkqrAwQAXkq2AwQAXkq7AwQAXkq/AwQAbcujAwQAsC6QAwQAsC6VAwQAsC6Y
MA0GCSqGSIb3DQEBCwUAA4IBAQAZYkNR7DcGRYMQW1NK5tSpvY95GJuoNBeWs39k
JeI6Oihv0GR8CtgMv8c4cD5hrga05/YUbYh92M9ol11g+OKvvK9Qa2pRW/xD3pm6
LPND4cj2+jR9Ao35iwC12/HuNlyGsUckeeUyLfArovE9k+8wfhVwWM+UkA62uLzP
TJugHxf9iCJJn7xvoNd3WWjpioep3MW76PV1Xd/p+bWMqAChd1+u/6FBKzmNJ8Z7
iE46mUNsuUptJWw+m334aj3tcoJQ9mMw6wLQc93TsG8bmJLrSKndWoYaoeSu2zQM
+odl+Ni+gaCjW0gjDNCkvN/4L7JeUcug3inb2PRRvy7klInC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:36 2025 by rpki-client