Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/M7rl0olfr8rDY-S3ibtri2rWN2c.roa
File: M7rl0olfr8rDY-S3ibtri2rWN2c.roa (raw, json)
Hash identifier: /woXUzLTmoXi7hPIl+ayomzk4vOsTMVndJBYCNHwmFU=
Subject key identifier: 33:BA:E5:D2:89:5F:AF:CA:C3:63:E4:B7:89:BB:6B:8B:6A:D6:37:67
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 08F8ACC3
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/M7rl0olfr8rDY-S3ibtri2rWN2c.roa
Signing time: Sun 03 Jul 2022 12:21:25 +0000
ROA not before: Sun 03 Jul 2022 12:21:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.106.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
45.147.46.0/24 maxlen: 24
45.147.45.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.6.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150514883 (0x8f8acc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jul 3 12:21:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33bae5d2895fafcac363e4b789bb6b8b6ad63767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0b:52:9e:85:c9:bc:4e:db:fa:f7:90:b4:4b:
2f:e1:a0:2b:55:25:64:fb:d2:22:e7:d3:4f:dc:92:
a2:d2:b8:b0:92:f8:c5:0e:0d:02:7f:8e:09:d1:a5:
e5:8d:67:de:23:6c:92:fd:d3:16:03:89:3c:44:65:
db:9d:24:58:27:b6:6e:04:9f:c4:4e:f7:9b:62:03:
cd:75:b7:5f:24:97:37:62:52:64:a9:28:c4:e9:67:
b4:63:3a:d1:10:5b:05:e4:34:f2:07:80:ca:f3:86:
d1:d5:d4:06:a8:16:c1:49:9c:0d:77:da:3e:25:38:
9b:f8:6f:6d:9a:1b:5f:f2:97:d3:37:d1:29:46:25:
47:9e:ae:25:d6:ad:ee:eb:d2:46:1b:88:69:fc:73:
a3:58:7f:7c:70:71:74:be:cb:55:28:2b:ae:b0:5e:
73:59:40:92:cd:2b:69:17:4a:8f:f9:ba:da:c0:07:
24:3d:82:1c:aa:89:07:7e:1f:a9:d4:38:dd:86:a8:
82:18:92:b2:3e:a0:05:f4:99:de:ad:5d:f2:f5:a5:
7a:6e:e4:58:fe:f6:4d:2a:f8:a4:42:4e:52:eb:d3:
0a:2d:3b:c7:56:f4:47:56:25:a7:de:4a:a7:86:75:
bb:fe:13:d0:42:a9:9b:10:f6:80:77:62:48:3d:73:
89:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BA:E5:D2:89:5F:AF:CA:C3:63:E4:B7:89:BB:6B:8B:6A:D6:37:67
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/M7rl0olfr8rDY-S3ibtri2rWN2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.106.0/24
45.136.6.0/24
45.141.150.0/24
45.147.45.0-45.147.46.255
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
2e:3e:a8:b8:0c:fb:0b:0d:f1:f7:fd:ac:2a:4f:da:db:bf:fd:
39:5c:e0:d7:09:ab:18:ab:c9:40:87:9e:46:de:1b:0f:5c:e2:
e9:85:ee:23:af:4a:c7:8d:32:9f:36:33:fd:26:e2:45:12:ae:
b3:fe:87:b1:51:c4:95:5d:45:84:88:7d:d0:94:f5:9c:80:09:
63:66:bc:20:62:db:ff:9e:2d:2f:2d:b8:79:20:99:33:00:3f:
a8:53:ff:23:0d:7c:79:5a:d1:55:1d:5c:e6:7a:50:cc:04:e9:
96:03:7f:85:48:bd:2c:bc:ba:38:75:c8:9e:d9:8e:80:e5:5b:
b6:76:b6:5d:57:80:58:34:ee:c3:6c:64:9d:92:c5:b6:04:fa:
63:94:19:33:12:ba:7c:fc:b1:49:b4:a6:fc:03:70:7a:24:a0:
27:69:b8:8d:cd:35:1b:58:d9:b9:05:ad:f9:f6:e3:96:0a:4b:
68:49:dc:04:1e:f8:f3:69:07:bf:7a:57:a6:36:c4:5d:a6:81:
e7:b7:db:d0:0a:b3:74:1b:98:a9:96:1f:90:e2:7d:5d:a3:4c:
11:3e:20:c0:51:3a:65:c9:ae:aa:81:af:72:37:24:fc:f2:0b:
ce:78:fd:fb:cd:cb:5a:e5:a4:58:70:11:81:6b:e8:59:68:19:
60:3a:f4:76
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIECPiswzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODA1ZjE3YzJkNzEzM2QyZGFkM2E4ZGY3ZTM1MzE1ZTM3ZWY1ZGFmMB4XDTIyMDcw
MzEyMjEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNiYWU1ZDI4OTVm
YWZjYWMzNjNlNGI3ODliYjZiOGI2YWQ2Mzc2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkLUp6FybxO2/r3kLRLL+GgK1UlZPvSIufTT9ySotK4sJL4
xQ4NAn+OCdGl5Y1n3iNskv3TFgOJPERl250kWCe2bgSfxE73m2IDzXW3XySXN2JS
ZKkoxOlntGM60RBbBeQ08geAyvOG0dXUBqgWwUmcDXfaPiU4m/hvbZobX/KX0zfR
KUYlR56uJdat7uvSRhuIafxzo1h/fHBxdL7LVSgrrrBec1lAks0raRdKj/m62sAH
JD2CHKqJB34fqdQ43YaoghiSsj6gBfSZ3q1d8vWlem7kWP72TSr4pEJOUuvTCi07
x1b0R1Ylp95Kp4Z1u/4T0EKpmxD2gHdiSD1ziTkCAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBQzuuXSiV+vysNj5LeJu2uLatY3ZzAfBgNVHSMEGDAWgBRIBfF8LXEz0trT
qN9+NTFeN+9drzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8x
L003cmwwb2xmcjhyRFktUzNpYnRyaTJyV04yYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8xL1NBWHhmQzF4TTlM
YTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwRAQCAAEwPgMEAAW0agMEAC2IBgMEAC2NljAMAwQA
LZMtAwQALZMuAwQCTVPIAwQAwnTlAwQBwnTsAwQAwpIkAwQAwpIvMA0EAgACMAcD
BQMqCYeAMA0GCSqGSIb3DQEBCwUAA4IBAQAuPqi4DPsLDfH3/awqT9rbv/05XODX
CasYq8lAh55G3hsPXOLphe4jr0rHjTKfNjP9JuJFEq6z/oexUcSVXUWEiH3QlPWc
gAljZrwgYtv/ni0vLbh5IJkzAD+oU/8jDXx5WtFVHVzmelDMBOmWA3+FSL0svLo4
dcie2Y6A5Vu2drZdV4BYNO7DbGSdksW2BPpjlBkzErp8/LFJtKb8A3B6JKAnabiN
zTUbWNm5Ba359uOWCktoSdwEHvjzaQe/elemNsRdpoHnt9vQCrN0G5iplh+Q4n1d
o0wRPiDAUTplya6qga9yNyT88gvOeP37zcta5aRYcBGBa+hZaBlgOvR2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:42 2025 by rpki-client