Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Z3imJD5C2mxpSzOVHM29bAYX1wQ.roa
File: Z3imJD5C2mxpSzOVHM29bAYX1wQ.roa (raw, json)
Hash identifier: moH5xKYZJc8UlbCB5NGLSkdO+EeL9UBqJaguHu9lcVE=
Subject key identifier: 67:78:A6:24:3E:42:DA:6C:69:4B:33:95:1C:CD:BD:6C:06:17:D7:04
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01948CEB206F79E50D840D5C9EA1FABD6AF5
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Z3imJD5C2mxpSzOVHM29bAYX1wQ.roa
Signing time: Wed 22 Jan 2025 07:30:07 +0000
ROA not before: Wed 22 Jan 2025 07:30:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
103.210.13.0/24 maxlen: 24
103.210.14.0/24 maxlen: 24
103.210.15.0/24 maxlen: 24
103.216.196.0/24 maxlen: 24
103.216.198.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8c:eb:20:6f:79:e5:0d:84:0d:5c:9e:a1:fa:bd:6a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 22 07:30:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6778a6243e42da6c694b33951ccdbd6c0617d704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f6:c5:fb:0a:3b:0f:cb:e3:52:78:6e:53:15:
9f:77:fa:5e:c6:0f:52:16:3d:e5:6e:f7:58:c0:ec:
36:52:32:cd:85:25:31:a8:fc:62:81:29:4c:bc:c5:
df:1b:62:a5:5d:fb:f5:b8:7c:a8:80:de:c5:2e:41:
92:f6:1c:de:53:d0:a6:2a:8e:d8:e6:98:8d:d1:d1:
0e:57:e5:68:91:14:c9:04:f5:b7:b3:e0:a5:33:f4:
62:ef:66:61:a8:e7:5f:4e:ec:59:28:b5:32:fd:7c:
a8:0b:2c:c4:ba:94:66:d0:db:c6:46:57:75:ea:51:
0e:f2:01:25:0d:71:f6:c7:e6:e5:52:97:27:e1:11:
1b:4b:39:dc:a6:cc:cc:20:53:90:57:dd:ea:51:b8:
66:93:e3:b9:4a:6b:ee:87:99:91:7f:e8:3a:23:5c:
3a:c1:1f:8e:9c:6e:48:47:2e:c0:38:4a:4a:ae:29:
27:62:49:46:e6:3c:20:8e:58:35:4b:ed:fe:a0:af:
44:e1:da:8f:90:f2:d8:2b:ff:21:bd:63:6f:c9:21:
0e:97:7f:78:f3:c9:25:ef:fa:4b:9e:17:f6:01:e1:
08:37:5a:c8:af:ae:63:ab:1a:3f:6c:4b:b6:30:21:
f9:16:aa:ef:38:de:44:db:cd:3e:a0:46:87:d7:bf:
42:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:78:A6:24:3E:42:DA:6C:69:4B:33:95:1C:CD:BD:6C:06:17:D7:04
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Z3imJD5C2mxpSzOVHM29bAYX1wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
103.210.13.0-103.210.15.255
103.216.196.0/24
103.216.198.0/24
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.205.204.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
192.145.70.0/24
212.60.13.0/24
217.197.170.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
00:42:d3:3d:55:e3:0d:a0:29:9e:2e:82:45:10:d2:7d:cb:a3:
0e:1e:ad:39:f9:4c:8b:8d:6e:41:ef:2d:ea:00:84:0c:ae:28:
b3:29:52:8a:1d:63:c0:37:f5:8a:96:e1:8b:1d:31:e7:e9:b7:
60:90:91:a4:f7:0c:f9:52:36:c5:af:e5:f1:df:0e:70:cb:1d:
ac:bb:25:1b:9f:f2:01:e8:ed:c7:2c:92:7e:2a:f4:2b:14:c1:
53:28:41:55:0d:e0:73:0c:15:c6:5b:6f:36:4c:eb:b2:33:9b:
58:e9:07:ab:74:93:10:c4:0a:b2:92:ee:43:af:87:9a:a3:94:
54:8b:ea:42:62:10:12:17:84:df:be:3e:5f:29:3c:a7:61:6b:
f0:70:ef:49:67:4d:29:a0:ba:4d:b4:47:0c:a8:77:1c:3f:d9:
6b:19:c5:dc:7b:ac:b9:da:21:d8:96:dd:81:1a:f8:ea:70:eb:
72:30:13:78:92:2c:f5:18:65:a0:26:62:a7:ce:d5:63:37:e4:
4d:51:ca:2b:ff:6b:58:37:1f:e8:8a:53:b6:e7:47:e2:89:53:
2f:5d:42:c4:51:19:b3:27:27:5d:0b:fa:1c:43:6a:23:ed:59:
39:98:ba:a0:71:b3:15:20:ed:e2:40:f7:0c:6c:ef:67:56:52:
db:ad:b4:45
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZSM6yBveeUNhA1cnqH6vWr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTIyMDczMDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzc4YTYyNDNlNDJkYTZjNjk0YjMzOTUxY2NkYmQ2YzA2MTdkNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/bF+wo7D8vjUnhuUxWfd/pexg9S
Fj3lbvdYwOw2UjLNhSUxqPxigSlMvMXfG2KlXfv1uHyogN7FLkGS9hzeU9CmKo7Y
5piN0dEOV+VokRTJBPW3s+ClM/Ri72ZhqOdfTuxZKLUy/XyoCyzEupRm0NvGRld1
6lEO8gElDXH2x+blUpcn4REbSzncpszMIFOQV93qUbhmk+O5Smvuh5mRf+g6I1w6
wR+OnG5IRy7AOEpKriknYklG5jwgjlg1S+3+oK9E4dqPkPLYK/8hvWNvySEOl394
88kl7/pLnhf2AeEIN1rIr65jqxo/bEu2MCH5FqrvON5E280+oEaH179CKwIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFGd4piQ+QtpsaUszlRzNvWwGF9cEMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWjNpbUpENUMybXhwU3pPVkhNMjliQVlYMXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCBuwQCAAEwgbQDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrAwDAME
AGfSDQMEBGfSAAMEAGfYxAMEAGfYxgMEAGjoJAMEAJNOzwMEAKLaXQMEAbk0igME
ALmhvgMEAbm71jAMAwQAucZZAwQCucZYAwQAuckqAwQAuc3MMAwDBAO50JgDBAC5
0JoDBAC55nkDBAG5/XgDBADAkUYDBADUPA0DBADZxaowLAQCAAIwJgMHACoKj0AA
AzASAwcAKgqPQAAHAwcAKgqPQAAMAwcAKgqPQAAcMA0GCSqGSIb3DQEBCwUAA4IB
AQAAQtM9VeMNoCmeLoJFENJ9y6MOHq05+UyLjW5B7y3qAIQMriizKVKKHWPAN/WK
luGLHTHn6bdgkJGk9wz5UjbFr+Xx3w5wyx2suyUbn/IB6O3HLJJ+KvQrFMFTKEFV
DeBzDBXGW282TOuyM5tY6QerdJMQxAqyku5Dr4eao5RUi+pCYhASF4Tfvj5fKTyn
YWvwcO9JZ00poLpNtEcMqHccP9lrGcXce6y52iHYlt2BGvjqcOtyMBN4kiz1GGWg
JmKnztVjN+RNUcor/2tYNx/oilO250fiiVMvXULEURmzJyddC/ocQ2oj7Vk5mLqg
cbMVIO3iQPcMbO9nVlLbrbRF
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:29:06 2025 by rpki-client