Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/PqYIw8u0cnTkt3CeDP_HZrlfIYQ.roa
File: PqYIw8u0cnTkt3CeDP_HZrlfIYQ.roa (raw, json)
Hash identifier: p/KfVF22DVZ4fIZJuZgbuVXggkll3H+oV9hlQfYms5o=
Subject key identifier: 3E:A6:08:C3:CB:B4:72:74:E4:B7:70:9E:0C:FF:C7:66:B9:5F:21:84
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018CB204F4961E44206E5852FC73EC395DC5
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/PqYIw8u0cnTkt3CeDP_HZrlfIYQ.roa
Signing time: Thu 28 Dec 2023 20:01:58 +0000
ROA not before: Thu 28 Dec 2023 20:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.107.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
5.180.104.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b2:04:f4:96:1e:44:20:6e:58:52:fc:73:ec:39:5d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Dec 28 20:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ea608c3cbb47274e4b7709e0cffc766b95f2184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:86:c0:df:74:6f:63:54:ca:99:aa:e6:93:c2:
12:9f:07:da:86:8c:69:32:81:1e:3e:65:fb:c1:e9:
40:9a:3d:e0:cc:29:d4:5a:7e:28:1e:a9:38:31:0b:
ab:d3:52:58:71:1e:2e:9a:2b:59:91:9f:db:1b:97:
7f:aa:68:b6:c0:cd:50:25:58:c7:ee:86:78:84:27:
25:ea:39:8b:4e:e5:36:0c:f0:0c:99:f9:8d:de:6a:
6e:6e:25:e6:a1:6a:49:f3:52:2c:55:ab:6f:e4:67:
57:bc:08:70:93:7a:9e:cd:77:13:f1:8c:d0:6f:d4:
0c:11:67:29:da:b2:17:9b:10:44:47:99:65:d2:84:
19:0d:5d:89:7c:06:30:d0:6b:46:75:15:b8:0c:64:
29:86:0b:9f:c8:60:99:86:ad:03:26:54:05:91:14:
da:b4:fc:1b:be:06:6e:7b:80:4a:9e:79:9a:d6:4a:
1d:09:ad:74:9b:94:39:c5:89:10:e7:05:40:85:55:
f0:31:4d:65:b9:8d:ba:8a:08:09:0f:51:0c:f4:11:
1a:80:33:ad:d5:b6:12:b5:b2:32:8e:7b:76:40:d9:
f5:51:d2:0d:d9:74:f8:c6:b6:d6:6c:fc:d2:b7:ee:
29:01:9d:9d:5e:e0:7e:c3:74:87:6f:b3:1e:96:d3:
56:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A6:08:C3:CB:B4:72:74:E4:B7:70:9E:0C:FF:C7:66:B9:5F:21:84
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/PqYIw8u0cnTkt3CeDP_HZrlfIYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
5.180.107.0/24
45.131.0.0/23
45.131.3.0/24
45.136.5.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/23
194.116.236.0/24
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
62:34:55:df:da:9e:dd:a9:68:e0:08:aa:84:8c:c4:96:05:f9:
b8:12:3f:25:0b:f8:80:11:a8:f9:a6:ef:1c:29:37:57:0b:f5:
4c:ef:6b:cd:fb:17:d5:5d:fa:44:fd:23:9c:7c:9a:14:d3:88:
21:28:24:9c:ee:e4:6a:c3:95:15:98:70:d5:4b:ab:b5:48:df:
a5:2a:ae:8f:44:39:13:ab:4d:e7:9e:eb:25:1c:2a:e9:b8:44:
cd:89:d9:d8:75:a1:26:c0:87:2d:fc:28:b1:51:bc:e9:cc:dd:
0d:08:43:d2:5d:25:e2:88:23:56:85:ac:82:36:70:62:8d:58:
b7:06:5e:a4:b5:37:f4:a8:d8:8f:be:50:35:9e:07:01:a7:cc:
19:69:21:af:0c:f7:34:38:10:b2:19:b6:75:62:1a:01:67:5d:
12:e4:00:39:30:87:9b:3b:ce:48:43:71:ac:77:dc:d8:95:ad:
fe:ff:32:2a:7b:4d:dc:e6:9e:7b:0d:fe:39:99:2e:3f:2b:04:
24:b9:54:a2:62:d8:28:e8:c4:1a:76:d4:14:c3:85:a4:d2:0e:
ac:22:c2:a5:06:bd:85:9a:2d:e3:b8:1e:92:0a:f2:88:b6:cb:
0e:25:57:f3:f5:25:34:91:05:2f:b1:8e:3e:06:7e:60:27:2a:
44:5c:be:dc
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYyyBPSWHkQgblhS/HPsOV3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMjI4MjAwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWE2MDhjM2NiYjQ3Mjc0ZTRiNzcwOWUwY2ZmYzc2NmI5NWYyMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5obA33RvY1TKmarmk8ISnwfahoxp
MoEePmX7welAmj3gzCnUWn4oHqk4MQur01JYcR4umitZkZ/bG5d/qmi2wM1QJVjH
7oZ4hCcl6jmLTuU2DPAMmfmN3mpubiXmoWpJ81IsVatv5GdXvAhwk3qezXcT8YzQ
b9QMEWcp2rIXmxBER5ll0oQZDV2JfAYw0GtGdRW4DGQphgufyGCZhq0DJlQFkRTa
tPwbvgZue4BKnnma1kodCa10m5Q5xYkQ5wVAhVXwMU1luY26iggJD1EM9BEagDOt
1bYStbIyjnt2QNn1UdIN2XT4xrbWbPzSt+4pAZ2dXuB+w3SHb7MeltNWBQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFD6mCMPLtHJ05Ldwngz/x2a5XyGEMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvUHFZSXc4dTBjblRrdDNDZURQX0hacmxmSVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQABbRoAwQA
BbRrAwQBLYMAAwQALYMDAwQALYgFAwQALY2UAwQALZMsAwQCTVPIAwQBwnTkAwQA
wnTsAwQAwpIaAwQAwpIkAwQAwpIvMA0EAgACMAcDBQMqCYeAMA0GCSqGSIb3DQEB
CwUAA4IBAQBiNFXf2p7dqWjgCKqEjMSWBfm4Ej8lC/iAEaj5pu8cKTdXC/VM72vN
+xfVXfpE/SOcfJoU04ghKCSc7uRqw5UVmHDVS6u1SN+lKq6PRDkTq03nnuslHCrp
uETNidnYdaEmwIct/CixUbzpzN0NCEPSXSXiiCNWhayCNnBijVi3Bl6ktTf0qNiP
vlA1ngcBp8wZaSGvDPc0OBCyGbZ1YhoBZ10S5AA5MIebO85IQ3Gsd9zYla3+/zIq
e03c5p57Df45mS4/KwQkuVSiYtgo6MQadtQUw4Wk0g6sIsKlBr2Fmi3juB6SCvKI
tssOJVfz9SU0kQUvsY4+Bn5gJypEXL7c
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:58 2025 by rpki-client