Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/M_ZucCsuJb1Fkv6phLwqAkn6J0Q.roa
File: M_ZucCsuJb1Fkv6phLwqAkn6J0Q.roa (raw, json)
Hash identifier: f0NnZS14FEEVK+otZH9sTWdHvzqdq6zBgg0/lm/taxs=
Subject key identifier: 33:F6:6E:70:2B:2E:25:BD:45:92:FE:A9:84:BC:2A:02:49:FA:27:44
Certificate issuer: /CN=474a88bc6e9e10bbaf150f019bbf8a615a2b03c2
Certificate serial: 019421446718CD48EB3DBF8F4074CC5A6B3E
Authority key identifier: 47:4A:88:BC:6E:9E:10:BB:AF:15:0F:01:9B:BF:8A:61:5A:2B:03:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R0qIvG6eELuvFQ8Bm7-KYVorA8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/M_ZucCsuJb1Fkv6phLwqAkn6J0Q.roa
Signing time: Wed 01 Jan 2025 09:48:38 +0000
ROA not before: Wed 01 Jan 2025 09:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6908
IP address blocks: 5.102.184.0/21 maxlen: 21
46.252.64.0/20 maxlen: 20
62.149.32.0/19 maxlen: 19
62.149.48.0/20 maxlen: 20
77.75.232.0/23 maxlen: 23
78.41.152.0/21 maxlen: 21
80.79.128.0/20 maxlen: 20
80.79.128.0/21 maxlen: 21
80.79.136.0/21 maxlen: 21
82.147.0.0/19 maxlen: 19
85.92.192.0/19 maxlen: 19
91.135.224.0/20 maxlen: 20
91.151.208.0/20 maxlen: 20
91.199.24.0/24 maxlen: 24
94.247.96.0/21 maxlen: 21
95.131.216.0/21 maxlen: 21
109.71.120.0/21 maxlen: 21
109.239.80.0/20 maxlen: 20
158.58.160.0/21 maxlen: 21
185.64.160.0/22 maxlen: 22
185.109.92.0/22 maxlen: 22
185.119.68.0/22 maxlen: 22
185.120.152.0/22 maxlen: 22
185.121.248.0/22 maxlen: 22
185.122.232.0/22 maxlen: 22
195.72.128.0/22 maxlen: 22
213.133.128.0/19 maxlen: 19
217.10.128.0/19 maxlen: 19
217.20.16.0/20 maxlen: 20
217.61.176.0/20 maxlen: 20
217.61.180.0/22 maxlen: 24
217.61.184.0/22 maxlen: 24
217.169.32.0/19 maxlen: 19
2001:1b90::/32 maxlen: 32
2a01:450::/32 maxlen: 32
2a02:298::/32 maxlen: 32
2a02:2458::/32 maxlen: 32
2a03:14e0::/32 maxlen: 32
2a03:6a00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:67:18:cd:48:eb:3d:bf:8f:40:74:cc:5a:6b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=474a88bc6e9e10bbaf150f019bbf8a615a2b03c2
Validity
Not Before: Jan 1 09:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33f66e702b2e25bd4592fea984bc2a0249fa2744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:51:31:c0:bd:ba:f4:56:a1:df:59:32:14:36:
39:9b:9c:01:f3:ef:b6:22:35:21:97:4b:f7:0c:3c:
e6:9f:0c:d5:72:75:68:98:24:6b:1a:db:5a:8a:9a:
94:65:09:ad:38:00:3c:11:4d:d0:4c:f7:8e:81:87:
8f:78:35:84:77:16:b9:ae:42:35:36:d6:ab:77:f8:
1d:66:1d:fc:49:27:8b:86:d0:dd:0a:9b:e0:36:6e:
2a:3d:97:2a:39:ac:2c:29:7d:3a:69:ef:9a:6b:f0:
08:b9:b7:7a:58:2d:e0:36:03:1d:8b:6e:27:b9:6c:
39:80:8f:22:4d:3a:88:58:d7:09:55:f3:9e:18:d0:
b6:e7:9c:2a:cb:d6:da:46:74:a5:14:5c:e5:e7:9d:
72:67:19:af:87:91:11:ec:95:ab:fd:f7:e1:ab:6a:
05:49:9c:ec:77:c5:3c:ec:4e:81:ea:ab:52:30:d6:
69:0b:e2:7a:fa:58:58:0c:7a:b9:9e:37:5f:38:36:
ab:cb:3b:cd:e4:dd:6c:dd:c7:0e:0a:dc:d0:66:92:
15:b8:b4:bb:ad:5c:58:0c:2c:c3:46:a0:4b:97:9a:
a6:ae:97:6e:95:8e:2a:50:32:bb:55:33:80:4f:da:
9b:5e:c4:ee:d7:cf:6b:a7:e2:ae:f0:db:d9:9f:f3:
60:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F6:6E:70:2B:2E:25:BD:45:92:FE:A9:84:BC:2A:02:49:FA:27:44
X509v3 Authority Key Identifier:
keyid:47:4A:88:BC:6E:9E:10:BB:AF:15:0F:01:9B:BF:8A:61:5A:2B:03:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0qIvG6eELuvFQ8Bm7-KYVorA8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/M_ZucCsuJb1Fkv6phLwqAkn6J0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/R0qIvG6eELuvFQ8Bm7-KYVorA8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.184.0/21
46.252.64.0/20
62.149.32.0/19
77.75.232.0/23
78.41.152.0/21
80.79.128.0/20
82.147.0.0/19
85.92.192.0/19
91.135.224.0/20
91.151.208.0/20
91.199.24.0/24
94.247.96.0/21
95.131.216.0/21
109.71.120.0/21
109.239.80.0/20
158.58.160.0/21
185.64.160.0/22
185.109.92.0/22
185.119.68.0/22
185.120.152.0/22
185.121.248.0/22
185.122.232.0/22
195.72.128.0/22
213.133.128.0/19
217.10.128.0/19
217.20.16.0/20
217.61.176.0/20
217.169.32.0/19
IPv6:
2001:1b90::/32
2a01:450::/32
2a02:298::/32
2a02:2458::/32
2a03:14e0::/32
2a03:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
00:3a:db:18:69:ae:85:26:c1:73:11:8f:9c:78:8b:e3:cf:51:
7b:25:0a:43:1f:80:81:29:64:b6:fa:92:41:0d:0e:02:b9:02:
b3:3e:a9:2b:5d:f9:ce:ed:99:82:92:a2:e7:f9:7a:7b:83:00:
43:19:59:57:9c:41:c1:64:3b:9b:5b:02:23:93:d4:d9:ba:5f:
4b:a9:f7:2c:34:80:33:d1:4d:2d:8b:c0:3b:c5:3f:b0:0d:04:
75:57:8c:45:f1:98:14:9c:4f:ce:07:f3:f7:8e:80:3f:06:a2:
f4:59:08:c8:7f:fc:d6:ff:b5:dc:01:24:a4:04:29:6a:09:6a:
be:33:ed:ac:f7:f3:dd:d5:52:58:e6:fe:4d:30:74:8c:2e:10:
51:af:f7:51:26:95:5d:bf:5e:fc:06:ca:4d:7c:43:7b:35:60:
22:0e:8e:45:e3:c8:cb:35:f5:ce:29:79:1e:38:34:3d:66:17:
89:18:68:e5:52:14:b7:a2:c5:e8:99:f0:a4:0f:47:f0:16:40:
1b:fa:e1:70:21:3e:84:8a:97:07:32:7b:7c:dc:09:f2:f4:8d:
33:fd:33:38:b6:70:1d:b6:fd:7a:91:18:84:be:ea:af:ca:92:
06:71:28:93:f8:b3:82:c5:16:d3:c8:7f:f1:3f:a4:c9:f9:ba:
52:e5:a6:74
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZQhRGcYzUjrPb+PQHTMWms+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NGE4OGJjNmU5ZTEwYmJhZjE1MGYwMTliYmY4YTYxNWEy
YjAzYzIwHhcNMjUwMTAxMDk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y2NmU3MDJiMmUyNWJkNDU5MmZlYTk4NGJjMmEwMjQ5ZmEyNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1ExwL269Fah31kyFDY5m5wB8++2
IjUhl0v3DDzmnwzVcnVomCRrGttaipqUZQmtOAA8EU3QTPeOgYePeDWEdxa5rkI1
Ntard/gdZh38SSeLhtDdCpvgNm4qPZcqOawsKX06ae+aa/AIubd6WC3gNgMdi24n
uWw5gI8iTTqIWNcJVfOeGNC255wqy9baRnSlFFzl551yZxmvh5ER7JWr/ffhq2oF
SZzsd8U87E6B6qtSMNZpC+J6+lhYDHq5njdfODaryzvN5N1s3ccOCtzQZpIVuLS7
rVxYDCzDRqBLl5qmrpdulY4qUDK7VTOAT9qbXsTu189rp+Ku8NvZn/NgGQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFDP2bnArLiW9RZL+qYS8KgJJ+idEMB8GA1UdIwQY
MBaAFEdKiLxunhC7rxUPAZu/imFaKwPCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBxSXZHNmVFTHV2RlE4Qm03LUtZVm9yQThJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYWQxYzEtMzY1ZC00MWRlLWFkN2Mt
Y2U4ZmM5M2FkYjIxLzEvTV9adWNDc3VKYjFGa3Y2cGhMd3FBa242SjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYWQxYzEtMzY1ZC00MWRlLWFkN2MtY2U4ZmM5M2FkYjIx
LzEvUjBxSXZHNmVFTHV2RlE4Qm03LUtZVm9yQThJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBrwQCAAEwgagDBAMF
ZrgDBAQu/EADBAU+lSADBAFNS+gDBANOKZgDBARQT4ADBAVSkwADBAVVXMADBARb
h+ADBARbl9ADBABbxxgDBANe92ADBANfg9gDBANtR3gDBARt71ADBAOeOqADBAK5
QKADBAK5bVwDBAK5d0QDBAK5eJgDBAK5efgDBAK5eugDBALDSIADBAXVhYADBAXZ
CoADBATZFBADBATZPbADBAXZqSAwMAQCAAIwKgMFACABG5ADBQAqAQRQAwUAKgIC
mAMFACoCJFgDBQAqAxTgAwUDKgNqADANBgkqhkiG9w0BAQsFAAOCAQEAADrbGGmu
hSbBcxGPnHiL489ReyUKQx+AgSlktvqSQQ0OArkCsz6pK135zu2ZgpKi5/l6e4MA
QxlZV5xBwWQ7m1sCI5PU2bpfS6n3LDSAM9FNLYvAO8U/sA0EdVeMRfGYFJxPzgfz
946APwai9FkIyH/81v+13AEkpAQpaglqvjPtrPfz3dVSWOb+TTB0jC4QUa/3USaV
Xb9e/AbKTXxDezVgIg6ORePIyzX1zil5Hjg0PWYXiRho5VIUt6LF6JnwpA9H8BZA
G/rhcCE+hIqXBzJ7fNwJ8vSNM/0zOLZwHbb9epEYhL7qr8qSBnEok/izgsUW08h/
8T+kyfm6UuWmdA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:42 2025 by rpki-client on console.sobornost.net