Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JnuDMrHsNXMphlg_WZRhf2f_LGM.roa
File: JnuDMrHsNXMphlg_WZRhf2f_LGM.roa (raw, json)
Hash identifier: ZVS8G5uJK0tbO0NG7wp4VNztvuhwN86b8r8CdrmdOw0=
Subject key identifier: 26:7B:83:32:B1:EC:35:73:29:86:58:3F:59:94:61:7F:67:FF:2C:63
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01942827BA4D6876BFE87A45DAACFFC45532
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JnuDMrHsNXMphlg_WZRhf2f_LGM.roa
Signing time: Thu 02 Jan 2025 17:54:39 +0000
ROA not before: Thu 02 Jan 2025 17:54:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33947
IP address blocks: 79.172.202.0/24 maxlen: 24
79.172.232.0/22 maxlen: 22
84.21.0.0/22 maxlen: 22
84.21.9.0/24 maxlen: 24
84.21.14.0/24 maxlen: 24
84.21.17.0/24 maxlen: 24
84.21.20.0/24 maxlen: 24
84.21.21.0/24 maxlen: 24
84.21.22.0/24 maxlen: 24
84.21.23.0/24 maxlen: 24
84.21.24.0/24 maxlen: 24
84.21.25.0/24 maxlen: 24
84.21.26.0/24 maxlen: 24
84.21.27.0/24 maxlen: 24
84.21.28.0/24 maxlen: 24
84.21.29.0/24 maxlen: 24
84.21.30.0/24 maxlen: 24
87.229.1.0/24 maxlen: 24
87.229.2.0/24 maxlen: 24
87.229.3.0/24 maxlen: 24
87.229.4.0/24 maxlen: 24
87.229.5.0/24 maxlen: 24
87.229.13.0/24 maxlen: 24
87.229.25.0/24 maxlen: 24
87.229.27.0/24 maxlen: 24
87.229.28.0/24 maxlen: 24
87.229.29.0/24 maxlen: 24
87.229.30.0/24 maxlen: 24
87.229.46.0/23 maxlen: 23
87.229.49.0/24 maxlen: 24
87.229.109.0/24 maxlen: 24
178.238.214.0/24 maxlen: 24
178.238.218.0/24 maxlen: 24
178.238.219.0/24 maxlen: 24
2a02:730:2000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:ba:4d:68:76:bf:e8:7a:45:da:ac:ff:c4:55:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 2 17:54:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=267b8332b1ec35732986583f5994617f67ff2c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:45:3d:de:b8:e4:e8:64:42:73:ed:29:3d:2b:
c0:4e:12:50:91:f7:23:68:69:fb:c3:b9:f0:86:ef:
c2:56:45:80:7f:b7:a1:2b:63:8d:bb:d0:2e:0b:6f:
2f:cb:17:11:e6:bc:16:db:f1:63:20:43:5e:16:1e:
7d:2c:5a:5a:c7:dc:6d:82:6f:e8:04:45:c7:45:be:
62:60:ec:4c:5a:f1:24:c9:91:88:d3:9d:87:3d:24:
9f:d6:9a:1e:ee:3d:98:ab:62:6b:7d:35:9a:24:90:
86:4a:3b:28:5c:1b:aa:66:1c:20:91:32:b4:cc:4c:
95:0c:2c:91:47:74:17:36:1c:58:74:63:05:eb:90:
65:f7:8c:e6:b7:47:dc:c8:59:4b:60:5d:03:8a:62:
c6:94:6e:78:8c:99:0b:80:7a:a5:59:5f:e5:d2:c2:
5b:18:74:d4:ec:9a:0f:4f:3e:4b:9f:64:03:15:57:
01:d2:69:d4:3c:27:72:e1:31:d6:69:7c:53:3c:30:
94:e9:13:a4:59:b4:02:89:69:f0:6d:64:60:25:2e:
89:61:65:75:2a:f3:bc:52:59:09:de:60:d2:a9:92:
ee:29:85:48:34:d2:f6:ad:22:bc:1a:64:e9:29:0b:
43:40:fd:96:c2:46:33:c1:92:4e:eb:41:bc:59:6d:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7B:83:32:B1:EC:35:73:29:86:58:3F:59:94:61:7F:67:FF:2C:63
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/JnuDMrHsNXMphlg_WZRhf2f_LGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.202.0/24
79.172.232.0/22
84.21.0.0/22
84.21.9.0/24
84.21.14.0/24
84.21.17.0/24
84.21.20.0-84.21.30.255
87.229.1.0-87.229.5.255
87.229.13.0/24
87.229.25.0/24
87.229.27.0-87.229.30.255
87.229.46.0/23
87.229.49.0/24
87.229.109.0/24
178.238.214.0/24
178.238.218.0/23
IPv6:
2a02:730:2000::/48
Signature Algorithm: sha256WithRSAEncryption
87:42:a9:2f:f2:e2:22:eb:21:50:66:98:4a:49:46:02:78:85:
56:c9:ee:3c:30:31:4d:46:30:46:8e:fa:96:7a:0c:bc:93:f6:
83:30:2b:b1:59:02:48:2d:7c:37:a9:ab:35:ac:72:6b:5f:c6:
c8:34:fb:35:98:76:c8:1f:e2:2b:6f:bb:91:6d:1b:da:7e:64:
22:be:20:a9:09:b2:2e:5d:0c:11:e8:4f:e4:72:d5:5a:00:0c:
1a:0d:92:90:2c:18:5a:4a:d1:ee:88:e5:a3:1c:81:c3:b7:73:
76:3f:2e:60:bf:27:d4:e5:6a:f8:09:44:ba:66:f3:61:1a:3a:
78:ec:5e:6d:01:6a:26:05:f5:aa:68:b5:ed:a2:16:6a:d0:ef:
d4:3a:b3:24:f0:42:5f:56:6f:ce:90:7d:b1:26:56:82:65:c0:
16:2f:30:57:36:1f:fa:71:ec:25:86:cd:4a:fa:19:03:27:c9:
ec:67:06:7a:a6:c5:69:0f:e7:7e:38:8f:7a:d1:b7:71:fd:fc:
63:7b:5e:2f:b4:89:08:29:cc:9d:60:5f:ca:44:32:7c:48:40:
3a:8e:42:c8:95:1f:f8:5b:4f:f3:91:d5:4f:73:c6:a6:96:cc:
1b:24:5e:9d:34:84:12:43:59:10:65:37:f5:52:46:c7:5a:93:
8b:b2:85:47
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAZQoJ7pNaHa/6HpF2qz/xFUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMTAyMTc1NDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjdiODMzMmIxZWMzNTczMjk4NjU4M2Y1OTk0NjE3ZjY3ZmYyYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEU93rjk6GRCc+0pPSvAThJQkfcj
aGn7w7nwhu/CVkWAf7ehK2ONu9AuC28vyxcR5rwW2/FjIENeFh59LFpax9xtgm/o
BEXHRb5iYOxMWvEkyZGI052HPSSf1poe7j2Yq2JrfTWaJJCGSjsoXBuqZhwgkTK0
zEyVDCyRR3QXNhxYdGMF65Bl94zmt0fcyFlLYF0DimLGlG54jJkLgHqlWV/l0sJb
GHTU7JoPTz5Ln2QDFVcB0mnUPCdy4THWaXxTPDCU6ROkWbQCiWnwbWRgJS6JYWV1
KvO8UlkJ3mDSqZLuKYVINNL2rSK8GmTpKQtDQP2WwkYzwZJO60G8WW2H9wIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFCZ7gzKx7DVzKYZYP1mUYX9n/yxjMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvSm51RE1ySHNOWE1waGxnX1daUmhmMmZfTEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQAT6zK
AwQCT6zoAwQCVBUAAwQAVBUJAwQAVBUOAwQAVBURMAwDBAJUFRQDBABUFR4wDAME
AFflAQMEAVflBAMEAFflDQMEAFflGTAMAwQAV+UbAwQAV+UeAwQBV+UuAwQAV+Ux
AwQAV+VtAwQAsu7WAwQBsu7aMA8EAgACMAkDBwAqAgcwIAAwDQYJKoZIhvcNAQEL
BQADggEBAIdCqS/y4iLrIVBmmEpJRgJ4hVbJ7jwwMU1GMEaO+pZ6DLyT9oMwK7FZ
AkgtfDepqzWscmtfxsg0+zWYdsgf4itvu5FtG9p+ZCK+IKkJsi5dDBHoT+Ry1VoA
DBoNkpAsGFpK0e6I5aMcgcO3c3Y/LmC/J9TlavgJRLpm82EaOnjsXm0BaiYF9apo
te2iFmrQ79Q6syTwQl9Wb86QfbEmVoJlwBYvMFc2H/px7CWGzUr6GQMnyexnBnqm
xWkP5344j3rRt3H9/GN7Xi+0iQgpzJ1gX8pEMnxIQDqOQsiVH/hbT/OR1U9zxqaW
zBskXp00hBJDWRBlN/VSRsdak4uyhUc=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:18:05 2025 by rpki-client