Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/l0jj4z5jSnGrVq6SfJX7MgdMKJY.roa
File: l0jj4z5jSnGrVq6SfJX7MgdMKJY.roa (raw, json)
Hash identifier: zr6mJ+QGATGBFggvtVLR1aKIxD8AyeYJoWqZ+pfFF7g=
Subject key identifier: 97:48:E3:E3:3E:63:4A:71:AB:56:AE:92:7C:95:FB:32:07:4C:28:96
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0195A9379FBE6EBC68A083170A5A86742B59
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/l0jj4z5jSnGrVq6SfJX7MgdMKJY.roa
Signing time: Tue 18 Mar 2025 12:25:49 +0000
ROA not before: Tue 18 Mar 2025 12:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393336
IP address blocks: 37.49.144.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.137.0/24 maxlen: 24
176.46.148.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
176.46.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:37:9f:be:6e:bc:68:a0:83:17:0a:5a:86:74:2b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 18 12:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9748e3e33e634a71ab56ae927c95fb32074c2896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:55:85:2d:d5:e3:ed:a4:2a:2b:c4:81:cc:e4:
c6:de:14:ce:1e:ed:02:ba:05:e6:9d:8d:bf:83:84:
25:89:2b:e0:bd:e8:0f:d2:41:f5:03:a2:46:5b:e7:
e0:37:54:5d:a5:aa:60:30:ff:43:83:90:7f:76:b0:
0d:96:7f:ec:f2:57:02:b4:18:77:d2:77:f5:bf:58:
b5:70:22:88:61:47:83:95:02:1c:47:d3:50:40:b2:
41:5e:c2:9e:8f:60:02:b3:58:7f:11:4f:31:97:22:
7f:50:b8:a8:42:8c:2c:02:ad:16:36:59:2a:95:8e:
2a:52:e1:ba:47:38:83:41:c0:02:6b:40:0a:af:bd:
3b:1b:37:f0:c2:be:2f:f5:8c:38:f7:6d:85:4a:28:
9b:f2:c0:71:f8:10:7b:e3:80:b5:ce:a0:f0:03:60:
21:22:09:f3:e1:d7:30:68:82:bb:92:dd:0f:bc:7e:
82:10:ff:92:0f:a2:07:a5:7a:f5:77:1c:d5:9c:cb:
fa:76:df:4c:cf:ab:3d:c8:0c:67:64:c1:ab:57:1f:
d9:fd:a1:94:a5:25:43:4d:f7:10:f8:b0:09:bb:5e:
86:bd:89:8c:75:64:2f:24:fe:92:22:92:58:1b:35:
e7:52:9b:9a:06:ca:e0:47:7b:e0:20:0d:cb:cd:ff:
b8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:48:E3:E3:3E:63:4A:71:AB:56:AE:92:7C:95:FB:32:07:4C:28:96
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/l0jj4z5jSnGrVq6SfJX7MgdMKJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.147.0/24
94.74.171.0/24
94.74.187.0/24
109.203.161.0/24
109.203.163.0/24
109.203.166.0/24
176.46.129.0-176.46.130.255
176.46.133.0/24
176.46.135.0/24
176.46.137.0/24
176.46.148.0/23
176.46.153.0-176.46.154.255
176.46.156.0/24
Signature Algorithm: sha256WithRSAEncryption
78:74:a4:2f:ea:b6:9f:23:e7:df:89:58:04:57:cf:a9:1e:55:
43:b1:21:51:05:11:28:8a:73:62:89:38:8c:e9:e9:f1:cb:64:
7f:17:6a:d1:a7:14:8f:bc:1e:18:c4:a4:e2:e2:45:6b:b0:b2:
4b:c7:a5:6d:ab:0a:ab:92:93:59:83:82:38:67:aa:e0:02:44:
d4:26:bd:6f:12:b9:80:2b:76:d4:24:15:e2:04:32:7e:4d:dd:
6a:1b:5d:c2:d4:42:9a:1c:f4:f9:c1:6d:59:89:4e:fa:ed:fc:
23:a2:88:ee:8b:c6:31:06:8a:87:d6:a7:2c:82:55:34:73:0c:
36:14:d9:1e:14:ae:e7:9a:fa:69:27:19:a9:2a:99:a9:31:30:
25:94:90:d0:0f:7b:90:4b:1f:34:59:9e:6a:fe:8b:22:58:cf:
93:87:84:14:a0:a1:fd:a5:75:6c:86:19:c4:a7:db:be:08:19:
f6:ea:8a:14:f9:51:69:59:6b:ad:f3:79:47:7b:fd:a3:69:51:
d4:37:7a:1b:48:03:14:69:f0:c1:22:54:a1:d4:25:c4:a2:b3:
60:e7:4d:0d:56:60:a8:3e:57:00:fe:a8:cc:88:42:65:9e:e9:
d5:42:af:2b:b3:3f:33:27:82:61:4f:a1:c2:9a:f2:b0:06:29:
3a:7b:f4:4e
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZWpN5++brxooIMXClqGdCtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMzE4MTIyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQ4ZTNlMzNlNjM0YTcxYWI1NmFlOTI3Yzk1ZmIzMjA3NGMyODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVWFLdXj7aQqK8SBzOTG3hTOHu0C
ugXmnY2/g4QliSvgvegP0kH1A6JGW+fgN1RdpapgMP9Dg5B/drANln/s8lcCtBh3
0nf1v1i1cCKIYUeDlQIcR9NQQLJBXsKej2ACs1h/EU8xlyJ/ULioQowsAq0WNlkq
lY4qUuG6RziDQcACa0AKr707Gzfwwr4v9Yw4922FSiib8sBx+BB744C1zqDwA2Ah
Ignz4dcwaIK7kt0PvH6CEP+SD6IHpXr1dxzVnMv6dt9Mz6s9yAxnZMGrVx/Z/aGU
pSVDTfcQ+LAJu16GvYmMdWQvJP6SIpJYGzXnUpuaBsrgR3vgIA3Lzf+44wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJdI4+M+Y0pxq1auknyV+zIHTCiWMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvbDBqajR6NWpTbkdyVnE2U2ZKWDdNZ2RNS0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAJTGQAwQA
JTGTAwQAXkqrAwQAXkq7AwQAbcuhAwQAbcujAwQAbcumMAwDBACwLoEDBACwLoID
BACwLoUDBACwLocDBACwLokDBAGwLpQwDAMEALAumQMEALAumgMEALAunDANBgkq
hkiG9w0BAQsFAAOCAQEAeHSkL+q2nyPn34lYBFfPqR5VQ7EhUQURKIpzYok4jOnp
8ctkfxdq0acUj7weGMSk4uJFa7CyS8elbasKq5KTWYOCOGeq4AJE1Ca9bxK5gCt2
1CQV4gQyfk3dahtdwtRCmhz0+cFtWYlO+u38I6KI7ovGMQaKh9anLIJVNHMMNhTZ
HhSu55r6aScZqSqZqTEwJZSQ0A97kEsfNFmeav6LIljPk4eEFKCh/aV1bIYZxKfb
vggZ9uqKFPlRaVlrrfN5R3v9o2lR1Dd6G0gDFGnwwSJUodQlxKKzYOdNDVZgqD5X
AP6ozIhCZZ7p1UKvK7M/MyeCYU+hwprysAYpOnv0Tg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:34:50 2025 by rpki-client