Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/qktBL00fzuJAUidJTtBJiJoBZV8.roa
File: qktBL00fzuJAUidJTtBJiJoBZV8.roa (raw, json)
Hash identifier: yWy+/H2LScOVoSrIGNOavzA8s/aYnEJ/F+yrbb3RkrA=
Subject key identifier: AA:4B:41:2F:4D:1F:CE:E2:40:52:27:49:4E:D0:49:88:9A:01:65:5F
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCDCE266D2867D00AF951792BC4E70
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/qktBL00fzuJAUidJTtBJiJoBZV8.roa
Signing time: Thu 02 Jan 2025 07:48:35 +0000
ROA not before: Thu 02 Jan 2025 07:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
103.216.196.0/24 maxlen: 24
103.216.198.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:dc:e2:66:d2:86:7d:00:af:95:17:92:bc:4e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa4b412f4d1fcee2405227494ed049889a01655f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a3:a3:db:8c:47:d4:f8:4b:03:6b:50:f6:08:
8d:0d:97:e1:20:c3:b0:56:dc:26:4d:d0:2a:6e:0e:
61:80:27:dc:04:01:ff:f3:0f:5b:62:9f:64:8d:6c:
fc:c9:75:5b:db:3d:5f:30:bc:34:e3:a0:ea:82:89:
48:e3:da:e6:61:ee:5b:dd:46:37:f6:c4:b9:7a:d5:
c8:24:21:04:24:d9:29:c2:d5:b9:95:f1:95:e9:46:
27:14:cf:67:fe:52:77:e4:fc:1c:cd:dc:71:98:29:
21:f1:cd:6a:d7:f0:44:37:75:da:34:08:25:80:93:
4e:fa:04:18:6f:b9:02:7f:02:f3:f4:f7:63:07:1e:
58:5c:29:31:b5:61:68:11:7d:02:26:c9:37:1d:87:
7f:35:b0:7c:35:40:ab:d0:d1:2e:d1:1b:82:f2:00:
60:fb:17:81:8b:02:1f:01:61:13:13:85:d5:41:a1:
99:d0:d3:67:5d:30:2f:65:e6:47:ae:6b:41:5b:5a:
d2:00:9a:a3:6e:06:f5:c9:05:ab:a4:11:9d:f4:13:
5e:2c:86:bf:f1:5c:81:cb:93:8f:80:93:59:94:3e:
8b:12:08:01:54:85:ee:15:98:49:8f:2b:8a:3c:09:
64:20:f4:8b:4c:23:6c:05:92:8c:01:d5:30:f0:fd:
99:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4B:41:2F:4D:1F:CE:E2:40:52:27:49:4E:D0:49:88:9A:01:65:5F
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/qktBL00fzuJAUidJTtBJiJoBZV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
103.216.196.0/24
103.216.198.0/24
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.205.204.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
192.145.70.0/24
212.60.13.0/24
217.197.170.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
93:8f:b7:9c:cf:42:0a:2a:a7:49:fe:0c:53:44:de:97:99:ea:
de:a1:45:6a:c4:56:0f:c8:cb:49:9e:96:86:3b:5d:70:cf:c6:
66:45:cf:d4:e2:dc:3e:9b:b5:b0:9a:08:8a:0a:17:16:fc:28:
bb:fa:a4:ad:02:ed:93:e3:2f:b0:ca:86:ef:b9:0f:c2:20:9b:
63:a9:c6:f2:28:d8:d4:cd:22:90:b2:c3:5e:30:fd:e3:c4:8a:
7d:88:0c:67:bf:8a:ec:af:6f:0e:27:27:11:3a:26:2d:b5:35:
2f:af:b1:2d:48:17:44:10:0d:6c:8f:cb:af:72:b9:03:33:ba:
34:1c:7b:ff:05:60:80:30:93:58:38:78:15:fb:43:0a:21:ed:
95:8e:97:69:23:f1:f0:9e:66:3a:45:19:32:1e:bd:14:33:c9:
46:aa:f5:37:21:b4:fc:3b:6e:0d:25:24:c4:57:65:c2:f6:e8:
cf:8d:4f:65:30:c7:28:14:1f:72:c4:1d:94:c5:2f:6c:01:83:
a5:65:bd:a1:dd:22:1d:63:f2:d1:c0:15:aa:aa:15:c0:80:c3:
a7:65:f7:6c:67:84:7a:8c:ad:46:0d:57:89:fd:73:c6:f0:85:
62:84:c1:95:56:28:7c:d4:b0:2e:9d:76:d0:e4:38:65:4d:3d:
13:35:0c:7d
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZQl/NziZtKGfQCvlReSvE5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRiNDEyZjRkMWZjZWUyNDA1MjI3NDk0ZWQwNDk4ODlhMDE2NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaOj24xH1PhLA2tQ9giNDZfhIMOw
VtwmTdAqbg5hgCfcBAH/8w9bYp9kjWz8yXVb2z1fMLw046DqgolI49rmYe5b3UY3
9sS5etXIJCEEJNkpwtW5lfGV6UYnFM9n/lJ35PwczdxxmCkh8c1q1/BEN3XaNAgl
gJNO+gQYb7kCfwLz9PdjBx5YXCkxtWFoEX0CJsk3HYd/NbB8NUCr0NEu0RuC8gBg
+xeBiwIfAWETE4XVQaGZ0NNnXTAvZeZHrmtBW1rSAJqjbgb1yQWrpBGd9BNeLIa/
8VyBy5OPgJNZlD6LEggBVIXuFZhJjyuKPAlkIPSLTCNsBZKMAdUw8P2Z7QIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFKpLQS9NH87iQFInSU7QSYiaAWVfMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvcWt0QkwwMGZ6dUpBVWlkSlR0QkppSm9CWlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCBrQQCAAEwgaYDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrADBABn
2MQDBABn2MYDBABo6CQDBACTTs8DBACi2l0DBAG5NIoDBAC5ob4DBAG5u9YwDAME
ALnGWQMEArnGWAMEALnJKgMEALnNzDAMAwQDudCYAwQAudCaAwQAueZ5AwQBuf14
AwQAwJFGAwQA1DwNAwQA2cWqMCwEAgACMCYDBwAqCo9AAAMwEgMHACoKj0AABwMH
ACoKj0AADAMHACoKj0AAHDANBgkqhkiG9w0BAQsFAAOCAQEAk4+3nM9CCiqnSf4M
U0Tel5nq3qFFasRWD8jLSZ6WhjtdcM/GZkXP1OLcPpu1sJoIigoXFvwou/qkrQLt
k+MvsMqG77kPwiCbY6nG8ijY1M0ikLLDXjD948SKfYgMZ7+K7K9vDicnETomLbU1
L6+xLUgXRBANbI/Lr3K5AzO6NBx7/wVggDCTWDh4FftDCiHtlY6XaSPx8J5mOkUZ
Mh69FDPJRqr1NyG0/DtuDSUkxFdlwvboz41PZTDHKBQfcsQdlMUvbAGDpWW9od0i
HWPy0cAVqqoVwIDDp2X3bGeEeoytRg1Xif1zxvCFYoTBlVYofNSwLp120OQ4ZU09
EzUMfQ==
-----END CERTIFICATE-----
Generated at Wed Jan 22 17:25:37 2025 by rpki-client on console.sobornost.net