Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/R27KQwlCJY80YCdRbBJPkftVVbY.roa
File: R27KQwlCJY80YCdRbBJPkftVVbY.roa (raw, json)
Hash identifier: N9KpvrxZk/ZJOJ2GrkULMNcGJ+OoNYekc6fp4lpRA1k=
Subject key identifier: 47:6E:CA:43:09:42:25:8F:34:60:27:51:6C:12:4F:91:FB:55:55:B6
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0192E2EC2BC5706169CCE3E32457EE3C5CC8
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/R27KQwlCJY80YCdRbBJPkftVVbY.roa
Signing time: Thu 31 Oct 2024 14:13:01 +0000
ROA not before: Thu 31 Oct 2024 14:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 5.182.192.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
45.67.140.0/24 maxlen: 24
45.248.52.0/24 maxlen: 24
45.248.55.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
94.154.180.0/23 maxlen: 23
94.154.182.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
162.218.90.0/24 maxlen: 24
162.218.95.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
185.230.122.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:ec:2b:c5:70:61:69:cc:e3:e3:24:57:ee:3c:5c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Oct 31 14:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=476eca430942258f346027516c124f91fb5555b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:43:1d:b4:d0:18:4b:7e:45:a1:4f:d3:bd:
61:ab:d7:cc:93:84:08:54:ba:4f:60:c7:76:a4:5d:
a0:b3:9f:9a:73:5b:33:88:61:7f:c1:39:06:dd:6b:
5f:02:8a:94:95:05:0c:34:92:01:55:7a:f0:ff:95:
94:a6:b5:85:29:37:d5:c6:0c:80:97:9c:e0:6f:4f:
a6:77:72:82:52:af:dd:1a:81:3c:7e:a0:ae:1f:88:
d7:8c:e0:f6:29:2a:dc:1c:86:15:e6:8d:a7:cd:23:
5a:3b:f9:dc:dc:8b:12:ca:38:c4:3a:4b:98:20:d1:
a9:12:e3:29:1d:b6:8b:44:a8:6f:ce:b5:a8:46:6d:
be:91:eb:51:1e:87:f5:27:57:d5:d3:b6:f3:e8:c7:
d5:24:5e:8e:31:d8:f1:63:21:16:5c:4b:1a:20:61:
71:11:b1:02:cd:c2:69:fb:b0:92:ce:6a:66:f2:49:
2f:94:07:71:74:68:24:4f:93:a1:b2:aa:9e:58:0b:
f9:b3:ef:44:a8:1a:99:ca:bb:fb:63:d6:c2:7b:45:
36:11:84:49:e4:31:6f:90:2f:f7:31:09:f5:1a:39:
93:d3:47:41:68:a3:d5:a4:d5:b2:ad:50:80:21:ec:
65:e3:a4:db:51:3f:c5:3e:61:8e:1e:ef:fb:d4:ef:
ed:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6E:CA:43:09:42:25:8F:34:60:27:51:6C:12:4F:91:FB:55:55:B6
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/R27KQwlCJY80YCdRbBJPkftVVbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.192.0/24
31.132.52.0/24
45.67.140.0/24
45.248.52.0/24
45.248.55.0/24
92.249.31.0/24
94.154.177.0/24
94.154.180.0-94.154.182.255
147.78.205.0-147.78.206.255
162.218.90.0/24
162.218.95.0/24
185.187.212.0/24
185.205.205.0/24
185.230.122.0/24
185.253.122.0/24
192.145.71.0/24
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:cd:5b:bb:00:e3:ec:d6:8a:51:3c:0d:dc:72:a3:8a:14:99:
5c:f8:8d:aa:1d:f4:e0:44:2a:5d:98:be:94:b9:be:07:6d:d2:
92:ff:aa:21:94:80:a1:02:c0:54:65:30:1f:b8:95:44:05:54:
68:5d:f5:37:4b:70:05:99:f5:f8:4a:b4:6b:d3:41:26:14:c9:
92:7e:53:7d:ed:47:15:e5:33:34:cc:0c:c6:ac:03:27:e0:26:
fc:ff:72:24:b3:69:96:9a:72:92:4f:72:a7:1b:e9:bf:14:ad:
5f:c0:f0:af:40:79:9f:ff:7e:5b:10:61:67:85:2a:5a:71:b3:
0e:2e:b6:78:c3:0d:69:b7:b5:ad:54:2f:8c:55:2e:a3:a2:51:
51:97:cf:79:a1:63:57:96:6e:eb:93:88:e1:a8:21:f5:80:4c:
43:d3:3a:62:8b:63:03:a0:d9:80:87:c8:80:20:d3:e5:ea:e2:
fb:63:5c:4b:7a:d4:a3:06:e1:bd:d9:12:fe:08:df:73:c8:d3:
43:72:48:a7:90:fd:b7:0b:64:d2:2b:23:c5:0f:e3:8f:34:f5:
67:97:c1:30:b4:72:69:0d:a7:e0:85:e3:09:f4:b8:f3:43:47:
d5:53:6d:d3:03:83:64:ad:2a:f8:6d:6e:72:13:73:d8:62:3a:
7f:69:e8:a5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZLi7CvFcGFpzOPjJFfuPFzIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMDMxMTQxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzZlY2E0MzA5NDIyNThmMzQ2MDI3NTE2YzEyNGY5MWZiNTU1NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1NDHbTQGEt+RaFP071hq9fMk4QI
VLpPYMd2pF2gs5+ac1sziGF/wTkG3WtfAoqUlQUMNJIBVXrw/5WUprWFKTfVxgyA
l5zgb0+md3KCUq/dGoE8fqCuH4jXjOD2KSrcHIYV5o2nzSNaO/nc3IsSyjjEOkuY
INGpEuMpHbaLRKhvzrWoRm2+ketRHof1J1fV07bz6MfVJF6OMdjxYyEWXEsaIGFx
EbECzcJp+7CSzmpm8kkvlAdxdGgkT5OhsqqeWAv5s+9EqBqZyrv7Y9bCe0U2EYRJ
5DFvkC/3MQn1GjmT00dBaKPVpNWyrVCAIexl46TbUT/FPmGOHu/71O/t7wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFEduykMJQiWPNGAnUWwST5H7VVW2MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvUjI3S1F3bENKWTgwWUNkUmJCSlBrZnRWVmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAAW2
wAMEAB+ENAMEAC1DjAMEAC34NAMEAC34NwMEAFz5HwMEAF6asTAMAwQCXpq0AwQA
Xpq2MAwDBACTTs0DBACTTs4DBACi2loDBACi2l8DBAC5u9QDBAC5zc0DBAC55noD
BAC5/XoDBADAkUcDBADUPA8DBADZxakwDQYJKoZIhvcNAQELBQADggEBAE3NW7sA
4+zWilE8Ddxyo4oUmVz4jaod9OBEKl2YvpS5vgdt0pL/qiGUgKECwFRlMB+4lUQF
VGhd9TdLcAWZ9fhKtGvTQSYUyZJ+U33tRxXlMzTMDMasAyfgJvz/ciSzaZaacpJP
cqcb6b8UrV/A8K9AeZ//flsQYWeFKlpxsw4utnjDDWm3ta1UL4xVLqOiUVGXz3mh
Y1eWbuuTiOGoIfWATEPTOmKLYwOg2YCHyIAg0+Xq4vtjXEt61KMG4b3ZEv4I33PI
00NySKeQ/bcLZNIrI8UP44809WeXwTC0cmkNp+CF4wn0uPNDR9VTbdMDg2StKvht
bnITc9hiOn9p6KU=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:52 2024 by rpki-client on console.sobornost.net