Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/Mg03f5x9KEwTzrWMVXcY-DpbRQM.roa
File: Mg03f5x9KEwTzrWMVXcY-DpbRQM.roa (raw, json)
Hash identifier: gHoeFO+xk1dFoFV2Z9UYHxVBDmrYCHhqpQCvP+8wkDE=
Subject key identifier: 32:0D:37:7F:9C:7D:28:4C:13:CE:B5:8C:55:77:18:F8:3A:5B:45:03
Certificate issuer: /CN=49fe8c72aa32de957b24cf9f73f8a7fb1acf0b71
Certificate serial: 019428237EDB311D32819867923102330816
Authority key identifier: 49:FE:8C:72:AA:32:DE:95:7B:24:CF:9F:73:F8:A7:FB:1A:CF:0B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sf6Mcqoy3pV7JM-fc_in-xrPC3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/Mg03f5x9KEwTzrWMVXcY-DpbRQM.roa
Signing time: Thu 02 Jan 2025 17:50:02 +0000
ROA not before: Thu 02 Jan 2025 17:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31543
IP address blocks: 5.133.32.0/21 maxlen: 24
31.216.128.0/22 maxlen: 24
45.65.120.0/22 maxlen: 24
89.44.116.0/23 maxlen: 24
89.44.148.0/23 maxlen: 24
95.214.252.0/22 maxlen: 24
185.112.184.0/22 maxlen: 24
185.121.100.0/22 maxlen: 24
185.123.176.0/22 maxlen: 24
185.154.64.0/22 maxlen: 24
185.187.220.0/22 maxlen: 24
185.224.204.0/22 maxlen: 24
2a06:9d40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7e:db:31:1d:32:81:98:67:92:31:02:33:08:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49fe8c72aa32de957b24cf9f73f8a7fb1acf0b71
Validity
Not Before: Jan 2 17:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=320d377f9c7d284c13ceb58c557718f83a5b4503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f8:0b:f5:f3:e1:f9:1c:7e:35:0b:6f:6f:71:
24:bd:64:48:37:f1:cb:8c:b2:c0:f0:a3:4c:39:a3:
40:29:a7:22:65:12:97:b5:ee:f7:39:55:b9:7f:33:
3a:d5:a5:c1:37:17:e9:0b:17:42:7d:8f:ce:84:32:
bd:56:02:c1:b8:1f:18:f5:dc:0d:f1:0b:c2:bb:3c:
f1:13:7e:49:18:89:7a:b4:c4:a7:6f:38:6b:0a:12:
d8:b1:c0:3b:b0:b4:21:6a:d8:82:5e:b1:b0:ba:bd:
d0:c6:e9:f5:c0:2e:54:fb:06:df:2c:18:a4:82:05:
66:5a:df:b8:25:a6:c1:01:52:99:7c:31:3d:07:ca:
b3:32:8f:82:2a:15:f3:d8:5c:9c:7b:de:b2:db:23:
ce:82:73:cb:f4:c4:29:d5:8b:35:45:7b:72:60:ec:
ac:01:cf:fc:7e:88:15:46:57:f8:7d:f4:19:8d:ec:
a1:d5:aa:6d:e8:b7:c8:9b:bf:3b:48:3f:40:e8:7f:
d8:4d:e9:3a:25:4f:8a:70:8d:e8:33:b9:cf:53:eb:
c2:b0:0f:96:cc:25:4a:e2:26:3e:24:6e:56:0e:9e:
c5:e7:7c:8e:18:2a:83:09:a0:4c:72:26:22:10:d2:
f2:73:47:17:76:a9:40:4a:d1:9e:a9:d6:76:d9:87:
47:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0D:37:7F:9C:7D:28:4C:13:CE:B5:8C:55:77:18:F8:3A:5B:45:03
X509v3 Authority Key Identifier:
keyid:49:FE:8C:72:AA:32:DE:95:7B:24:CF:9F:73:F8:A7:FB:1A:CF:0B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sf6Mcqoy3pV7JM-fc_in-xrPC3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/Mg03f5x9KEwTzrWMVXcY-DpbRQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4114a7-3122-4864-85ae-4297e572617e/1/Sf6Mcqoy3pV7JM-fc_in-xrPC3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.32.0/21
31.216.128.0/22
45.65.120.0/22
89.44.116.0/23
89.44.148.0/23
95.214.252.0/22
185.112.184.0/22
185.121.100.0/22
185.123.176.0/22
185.154.64.0/22
185.187.220.0/22
185.224.204.0/22
IPv6:
2a06:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
64:9a:69:63:27:f3:73:74:5b:cd:24:56:08:fb:65:cc:93:fa:
70:e8:4f:df:5c:82:68:55:97:aa:59:3e:d0:ce:d8:a4:d4:d0:
b4:39:4e:90:75:68:8f:82:e8:98:dc:7f:3e:1f:26:06:39:73:
34:5a:6d:ad:e2:82:96:4e:4a:2a:c4:35:30:6a:33:7e:ef:87:
fe:d8:3b:b9:25:e0:61:82:3b:15:7e:04:20:94:fb:7a:fb:e9:
70:b4:34:b4:62:82:4c:29:a0:24:76:6f:7a:2d:e8:f0:ff:34:
63:6b:19:58:b0:ec:25:76:72:3b:b0:7f:e0:3d:6c:ef:69:cc:
fe:f0:59:4c:e5:8d:6a:52:5c:7b:e0:4a:a6:ca:58:2d:1b:88:
3d:b0:df:c2:81:e5:7d:1d:79:e2:87:f5:4e:3d:6f:60:ed:07:
5b:2f:51:39:b4:7f:9c:e9:ce:b6:be:fb:ae:4d:77:ae:94:f2:
62:b0:cf:8b:7c:22:d7:b6:b7:73:f3:87:87:17:ef:c6:ea:84:
e3:e0:4c:ea:e1:fb:74:64:b4:b7:93:89:d4:38:3e:4d:e5:cf:
96:65:da:83:8d:da:f2:f3:e0:45:dc:1b:0b:d6:5e:07:5e:82:
b7:88:a1:4d:6f:bd:df:c3:64:e3:b1:94:b2:26:6d:ae:b1:8e:
59:08:60:c8
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQoI37bMR0ygZhnkjECMwgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZmU4YzcyYWEzMmRlOTU3YjI0Y2Y5ZjczZjhhN2ZiMWFj
ZjBiNzEwHhcNMjUwMTAyMTc1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBkMzc3ZjljN2QyODRjMTNjZWI1OGM1NTc3MThmODNhNWI0NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/gL9fPh+Rx+NQtvb3EkvWRIN/HL
jLLA8KNMOaNAKaciZRKXte73OVW5fzM61aXBNxfpCxdCfY/OhDK9VgLBuB8Y9dwN
8QvCuzzxE35JGIl6tMSnbzhrChLYscA7sLQhatiCXrGwur3Qxun1wC5U+wbfLBik
ggVmWt+4JabBAVKZfDE9B8qzMo+CKhXz2Fyce96y2yPOgnPL9MQp1Ys1RXtyYOys
Ac/8fogVRlf4ffQZjeyh1apt6LfIm787SD9A6H/YTek6JU+KcI3oM7nPU+vCsA+W
zCVK4iY+JG5WDp7F53yOGCqDCaBMciYiENLyc0cXdqlAStGeqdZ22YdHVwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDINN3+cfShME861jFV3GPg6W0UDMB8GA1UdIwQY
MBaAFEn+jHKqMt6VeyTPn3P4p/sazwtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2Y2TWNxb3kzcFY3Sk0tZmNfaW4teHJQQzNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80MTE0YTctMzEyMi00ODY0LTg1YWUt
NDI5N2U1NzI2MTdlLzEvTWcwM2Y1eDlLRXdUenJXTVZYY1ktRHBiUlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy80MTE0YTctMzEyMi00ODY0LTg1YWUtNDI5N2U1NzI2MTdl
LzEvU2Y2TWNxb3kzcFY3Sk0tZmNfaW4teHJQQzNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBYUgAwQC
H9iAAwQCLUF4AwQBWSx0AwQBWSyUAwQCX9b8AwQCuXC4AwQCuXlkAwQCuXuwAwQC
uZpAAwQCubvcAwQCueDMMA0EAgACMAcDBQMqBp1AMA0GCSqGSIb3DQEBCwUAA4IB
AQBkmmljJ/NzdFvNJFYI+2XMk/pw6E/fXIJoVZeqWT7Qztik1NC0OU6QdWiPguiY
3H8+HyYGOXM0Wm2t4oKWTkoqxDUwajN+74f+2Du5JeBhgjsVfgQglPt6++lwtDS0
YoJMKaAkdm96Lejw/zRjaxlYsOwldnI7sH/gPWzvacz+8FlM5Y1qUlx74Eqmylgt
G4g9sN/CgeV9HXnih/VOPW9g7QdbL1E5tH+c6c62vvuuTXeulPJisM+LfCLXtrdz
84eHF+/G6oTj4Ezq4ft0ZLS3k4nUOD5N5c+WZdqDjdry8+BF3BsL1l4HXoK3iKFN
b73fw2TjsZSyJm2usY5ZCGDI
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:49 2025 by rpki-client on console.sobornost.net