Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zfFqyv9H1VqYkS6FC5NlpSro2zY.roa
File: zfFqyv9H1VqYkS6FC5NlpSro2zY.roa (raw, json)
Hash identifier: Bz25bzjUb4QTw3jgNkKrT/wzDHBAU3oeI9Zfepj8U/o=
Subject key identifier: CD:F1:6A:CA:FF:47:D5:5A:98:91:2E:85:0B:93:65:A5:2A:E8:DB:36
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0193839E9CABCE94969DB6B93BC34FA6260B
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zfFqyv9H1VqYkS6FC5NlpSro2zY.roa
Signing time: Sun 01 Dec 2024 19:07:10 +0000
ROA not before: Sun 01 Dec 2024 19:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.186.0/24 maxlen: 24
5.182.187.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
5.182.198.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
45.248.54.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.144.0/24 maxlen: 24
63.246.148.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.158.0/24 maxlen: 24
63.246.159.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
94.154.170.0/24 maxlen: 24
103.216.197.0/24 maxlen: 24
149.126.13.0/24 maxlen: 24
162.218.88.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.91.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:83:9e:9c:ab:ce:94:96:9d:b6:b9:3b:c3:4f:a6:26:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Dec 1 19:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdf16acaff47d55a98912e850b9365a52ae8db36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:13:90:a5:1e:d4:a5:5a:74:7e:51:19:1e:5f:
ba:16:ac:44:d8:3f:4b:8a:d5:04:77:d2:ff:8a:57:
d0:e9:f2:41:84:45:98:2a:23:06:b7:cf:f0:2a:47:
96:85:2f:c2:20:1e:21:72:f3:8f:83:f6:73:77:14:
a6:0c:ce:9e:0a:97:ea:08:ff:67:ee:0c:e7:d3:e6:
c8:09:bc:bb:3f:07:00:bd:60:83:d7:07:d2:92:84:
68:f3:c7:e4:77:15:1e:98:57:ac:28:13:5e:37:ec:
08:ac:df:2f:db:54:ab:46:58:33:92:c6:71:74:d8:
79:a9:f5:ba:f8:dd:5e:1c:14:66:eb:f4:7c:3b:f9:
8e:4a:ff:dd:77:cb:d1:7d:04:9d:ea:b2:09:b4:49:
1e:49:a3:49:a2:d6:ff:97:a6:35:d8:40:b2:44:d1:
87:ce:21:b5:4d:56:58:99:d5:ea:dc:11:27:b0:a7:
64:ef:8f:b3:3e:b2:bf:5d:eb:fe:24:7b:f6:ff:a7:
38:f3:64:45:3e:d8:0b:24:4d:2b:ff:ca:41:8e:6f:
84:82:00:f5:34:19:a4:60:2e:4e:1b:db:4e:50:2e:
ff:26:d3:aa:11:80:28:2c:a1:f9:18:53:5d:fd:a2:
97:ae:06:17:8a:5d:b7:32:5d:65:69:4b:df:02:2c:
55:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:6A:CA:FF:47:D5:5A:98:91:2E:85:0B:93:65:A5:2A:E8:DB:36
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zfFqyv9H1VqYkS6FC5NlpSro2zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/23
5.182.193.0-5.182.195.255
5.182.198.0/24
31.132.54.0/23
45.248.54.0/24
63.246.129.0-63.246.133.255
63.246.137.0/24
63.246.144.0/24
63.246.148.0/24
63.246.150.0-63.246.152.255
63.246.158.0/23
78.31.204.0/24
78.31.206.0/24
94.154.170.0/24
103.216.197.0/24
149.126.13.0/24
162.218.88.0/23
162.218.91.0/24
185.52.137.0/24
185.171.126.0/24
185.201.40.0/23
185.201.43.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ae:73:a7:6f:32:53:ff:47:1d:f6:7c:40:3b:09:59:68:a4:
5d:c4:6f:f6:c3:5b:53:c5:f1:4b:0b:9e:57:7a:10:72:d2:54:
6a:50:3c:28:1f:27:53:34:18:c2:ac:1e:3b:35:da:d7:53:5c:
28:b2:8a:f9:f5:41:22:63:38:c5:e5:a8:b5:c2:d5:ab:ff:4d:
87:e9:03:1e:17:0b:45:47:0f:55:e3:12:51:93:fc:57:dc:d1:
b0:57:45:1e:fb:6b:8a:f9:cb:fb:4c:74:ae:36:1e:27:cd:15:
5d:a3:50:75:2e:d7:36:11:10:17:8b:66:18:af:12:73:3b:90:
89:83:62:68:d6:c9:56:c8:c1:0d:64:18:47:35:ac:61:e1:ac:
db:c5:58:97:0f:5b:2a:a7:fe:15:d5:bc:c3:de:9a:2a:e4:b7:
69:33:cc:31:50:b4:42:b0:19:da:c8:1d:74:d1:e4:f7:b6:9c:
b3:b7:42:57:af:31:7b:1a:0b:fa:00:29:ac:a6:9c:83:60:36:
80:ee:e2:52:8b:35:95:af:57:a9:77:b7:27:d0:e3:57:55:23:
03:7a:85:a4:a1:2f:ad:fc:08:86:5a:bd:11:83:03:6e:5a:d7:
2c:de:53:e5:07:88:42:21:59:52:d4:bb:aa:e7:41:45:28:5a:
22:b9:5e:42
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZODnpyrzpSWnba5O8NPpiYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMjAxMTkwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGYxNmFjYWZmNDdkNTVhOTg5MTJlODUwYjkzNjVhNTJhZThkYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xOQpR7UpVp0flEZHl+6FqxE2D9L
itUEd9L/ilfQ6fJBhEWYKiMGt8/wKkeWhS/CIB4hcvOPg/ZzdxSmDM6eCpfqCP9n
7gzn0+bICby7PwcAvWCD1wfSkoRo88fkdxUemFesKBNeN+wIrN8v21SrRlgzksZx
dNh5qfW6+N1eHBRm6/R8O/mOSv/dd8vRfQSd6rIJtEkeSaNJotb/l6Y12ECyRNGH
ziG1TVZYmdXq3BEnsKdk74+zPrK/Xev+JHv2/6c482RFPtgLJE0r/8pBjm+EggD1
NBmkYC5OG9tOUC7/JtOqEYAoLKH5GFNd/aKXrgYXil23Ml1laUvfAixVOQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFM3xasr/R9VamJEuhQuTZaUq6Ns2MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvemZGcXl2OUgxVnFZa1M2RkM1TmxwU3JvMnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAEF
trowDAMEAAW2wQMEAgW2wAMEAAW2xgMEAR+ENgMEAC34NjAMAwQAP/aBAwQBP/aE
AwQAP/aJAwQAP/aQAwQAP/aUMAwDBAE/9pYDBAA/9pgDBAE/9p4DBABOH8wDBABO
H84DBABemqoDBABn2MUDBACVfg0DBAGi2lgDBACi2lsDBAC5NIkDBAC5q34DBAG5
ySgDBAC5ySswDQYJKoZIhvcNAQELBQADggEBAJCuc6dvMlP/Rx32fEA7CVlopF3E
b/bDW1PF8UsLnld6EHLSVGpQPCgfJ1M0GMKsHjs12tdTXCiyivn1QSJjOMXlqLXC
1av/TYfpAx4XC0VHD1XjElGT/Ffc0bBXRR77a4r5y/tMdK42HifNFV2jUHUu1zYR
EBeLZhivEnM7kImDYmjWyVbIwQ1kGEc1rGHhrNvFWJcPWyqn/hXVvMPemirkt2kz
zDFQtEKwGdrIHXTR5Pe2nLO3QlevMXsaC/oAKaymnINgNoDu4lKLNZWvV6l3tyfQ
41dVIwN6haShL638CIZavRGDA25a1yzeU+UHiEIhWVLUu6rnQUUoWiK5XkI=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:52 2024 by rpki-client on console.sobornost.net