Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mJ-PnuZffkBvMXhplb_lo8QtEyc.roa
File: mJ-PnuZffkBvMXhplb_lo8QtEyc.roa (raw, json)
Hash identifier: cnmwpchuXHms2rojiNGzRDXyf/+oMqIEDUIf1Odq2us=
Subject key identifier: 98:9F:8F:9E:E6:5F:7E:40:6F:31:78:69:95:BF:E5:A3:C4:2D:13:27
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCDD4EF4C00FFB5EC65E64B6A1C0F7
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mJ-PnuZffkBvMXhplb_lo8QtEyc.roa
Signing time: Thu 02 Jan 2025 07:48:36 +0000
ROA not before: Thu 02 Jan 2025 07:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 5.182.184.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
79.98.182.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:dd:4e:f4:c0:0f:fb:5e:c6:5e:64:b6:a1:c0:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=989f8f9ee65f7e406f31786995bfe5a3c42d1327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1e:d2:cf:a1:d1:95:7b:8c:01:d0:fd:9c:1c:
4e:31:1f:2c:1e:5b:52:21:21:5f:e1:e1:67:26:de:
7f:71:2d:48:22:4f:99:37:84:56:5c:2c:b0:94:aa:
92:11:fc:71:56:93:34:13:e7:51:75:f6:2a:7b:8a:
3e:d3:35:05:76:50:9c:bb:08:9c:2c:ff:36:e1:3e:
e7:3f:fb:72:73:bc:be:bb:60:56:9c:3a:c1:b3:e8:
f9:a4:dd:85:71:a3:f0:17:6e:99:5e:34:67:41:1f:
29:44:dd:b8:28:72:ea:0d:5b:d6:ec:27:d0:8c:39:
93:a7:e4:6b:bc:c1:02:64:eb:97:e1:fb:e4:aa:7f:
bd:03:4c:82:db:7a:c1:18:d4:0e:63:2c:c6:7c:12:
54:7f:2a:65:0d:28:ea:5b:64:3d:d7:e0:46:6d:ec:
f1:56:39:d4:b9:6f:24:86:2c:3d:4e:f4:37:c8:9e:
da:0a:29:23:52:41:f6:5d:f1:01:ab:29:83:b2:cc:
b8:8a:cc:99:70:52:3d:21:b5:f9:fc:bf:43:c1:94:
ba:80:94:ae:b7:70:fd:f2:a6:34:f1:04:2a:95:03:
12:93:dd:60:a2:28:74:ef:09:ac:a9:4c:4d:03:c7:
7b:e4:65:02:d7:9d:8f:d3:ef:ea:e6:57:be:6a:dd:
07:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9F:8F:9E:E6:5F:7E:40:6F:31:78:69:95:BF:E5:A3:C4:2D:13:27
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/mJ-PnuZffkBvMXhplb_lo8QtEyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/24
79.98.182.0/24
162.218.89.0/24
162.218.93.0/24
185.52.136.0/24
185.52.139.0/24
185.161.191.0/24
185.187.214.0/23
185.205.206.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
Signature Algorithm: sha256WithRSAEncryption
77:55:b4:d1:53:b3:79:40:5b:a2:76:02:e6:dc:32:bb:58:44:
4e:3a:26:15:1f:5e:2a:59:c2:06:6f:32:fc:41:1c:46:59:7f:
76:e5:7b:f3:b3:79:be:47:c4:f6:21:94:db:a4:cc:03:09:25:
fc:c8:c8:94:0b:b4:b5:75:0d:21:e5:12:c3:c9:2e:99:44:29:
05:6f:d4:15:56:3e:dd:28:b7:2e:91:01:62:d5:9a:8c:2f:59:
38:a1:db:b8:4e:50:78:18:b8:9f:4c:4e:2d:38:ea:26:b7:94:
6c:e6:84:b8:7f:b5:31:99:0e:78:ae:6d:1c:61:5c:52:96:e3:
14:6b:16:2c:29:97:f7:93:27:3a:a4:f6:ae:6e:44:80:15:d3:
94:46:d5:0d:5f:6e:23:80:2a:6a:28:65:10:6c:0e:99:74:2b:
90:43:51:ae:c9:79:ca:4e:f3:93:8b:e9:ce:37:f0:fb:11:7d:
4d:ea:32:01:ee:4e:3c:35:08:2b:a6:76:8a:cf:61:64:0d:bc:
bb:8d:f8:ff:2e:1d:b0:b5:73:7f:bf:f9:c2:58:38:c9:40:ab:
2d:6b:47:4b:96:b4:7f:b5:7a:b3:ef:4a:57:0a:b4:42:ba:3f:
2a:06:08:31:3d:bc:e2:52:29:eb:ac:8a:48:ee:83:b6:d4:3f:
77:a7:2b:b3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZQl/N1O9MAP+17GXmS2ocD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODlmOGY5ZWU2NWY3ZTQwNmYzMTc4Njk5NWJmZTVhM2M0MmQxMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR7Sz6HRlXuMAdD9nBxOMR8sHltS
ISFf4eFnJt5/cS1IIk+ZN4RWXCywlKqSEfxxVpM0E+dRdfYqe4o+0zUFdlCcuwic
LP824T7nP/tyc7y+u2BWnDrBs+j5pN2FcaPwF26ZXjRnQR8pRN24KHLqDVvW7CfQ
jDmTp+RrvMECZOuX4fvkqn+9A0yC23rBGNQOYyzGfBJUfyplDSjqW2Q91+BGbezx
VjnUuW8khiw9TvQ3yJ7aCikjUkH2XfEBqymDssy4isyZcFI9IbX5/L9DwZS6gJSu
t3D98qY08QQqlQMSk91goih07wmsqUxNA8d75GUC152P0+/q5le+at0H9QIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFJifj57mX35AbzF4aZW/5aPELRMnMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvbUotUG51WmZma0J2TVhocGxiX2xvOFF0RXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQABba4AwQA
LUOSAwQATh/OAwQAT2K2AwQAotpZAwQAotpdAwQAuTSIAwQAuTSLAwQAuaG/AwQB
ubvWAwQAuc3OMAwDBAO50JgDBAC50JoDBAC55nkwDQYJKoZIhvcNAQELBQADggEB
AHdVtNFTs3lAW6J2AubcMrtYRE46JhUfXipZwgZvMvxBHEZZf3ble/Ozeb5HxPYh
lNukzAMJJfzIyJQLtLV1DSHlEsPJLplEKQVv1BVWPt0oty6RAWLVmowvWTih27hO
UHgYuJ9MTi046ia3lGzmhLh/tTGZDniubRxhXFKW4xRrFiwpl/eTJzqk9q5uRIAV
05RG1Q1fbiOAKmooZRBsDpl0K5BDUa7JecpO85OL6c438PsRfU3qMgHuTjw1CCum
dorPYWQNvLuN+P8uHbC1c3+/+cJYOMlAqy1rR0uWtH+1erPvSlcKtEK6PyoGCDE9
vOJSKeusikjug7bUP3enK7M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:05 2025 by rpki-client