Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/mFFNgz0LoOIjeTT2_r0-wBPyYQM.roa
File: mFFNgz0LoOIjeTT2_r0-wBPyYQM.roa (raw, json)
Hash identifier: 8oKdatfS4ydJsathXE08ETrnAsR4fEoI1qYHumOim1w=
Subject key identifier: 98:51:4D:83:3D:0B:A0:E2:23:79:34:F6:FE:BD:3E:C0:13:F2:61:03
Certificate issuer: /CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Certificate serial: 019423D738A26B38C1D2AA3A52189E90FB42
Authority key identifier: 72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/mFFNgz0LoOIjeTT2_r0-wBPyYQM.roa
Signing time: Wed 01 Jan 2025 21:48:14 +0000
ROA not before: Wed 01 Jan 2025 21:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34968
IP address blocks: 46.38.192.0/19 maxlen: 24
89.207.24.0/21 maxlen: 24
95.155.184.0/21 maxlen: 24
193.238.240.0/22 maxlen: 24
2a01:710::/32 maxlen: 64
2a0f:4880::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:38:a2:6b:38:c1:d2:aa:3a:52:18:9e:90:fb:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Validity
Not Before: Jan 1 21:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98514d833d0ba0e2237934f6febd3ec013f26103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5b:8a:09:1e:a1:aa:19:f7:1a:b1:9d:da:d6:
32:df:a9:eb:fd:5f:bd:0a:21:73:df:5c:be:de:ae:
82:a1:e4:f0:83:65:92:cd:10:a8:a0:68:ca:e9:7f:
8e:12:aa:24:7a:8b:4f:68:38:78:7e:0e:1f:80:27:
27:92:fb:fc:55:91:c8:01:d6:e3:75:79:9c:e3:fe:
c9:01:c3:61:e9:a9:ae:91:9b:d9:85:64:63:18:4c:
12:75:af:e0:29:a8:1d:16:b4:2d:0e:b7:58:01:da:
85:70:1e:7e:88:16:db:9e:7b:c0:af:3f:5c:31:d2:
50:99:79:8d:3e:44:04:f7:bb:da:f4:86:51:54:0d:
ba:b1:b1:12:f3:90:3b:f2:0f:20:97:ad:ca:51:54:
32:9b:9d:24:ed:1f:4d:a7:94:f9:84:70:0b:c5:39:
67:42:20:7c:c7:3d:b2:ad:77:dc:a7:9e:b4:39:99:
34:9d:71:8a:8f:25:11:d0:db:8a:0f:fa:fd:9f:36:
80:cf:8f:da:da:9e:d9:3f:0e:be:9b:f6:8c:95:08:
1b:31:69:39:78:05:1f:d8:a8:c3:71:fd:17:63:24:
01:c9:49:81:46:bb:80:12:32:a7:67:06:5c:4f:31:
bb:27:0f:e5:4e:0f:2d:58:b3:31:0f:79:a3:ec:69:
e4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:51:4D:83:3D:0B:A0:E2:23:79:34:F6:FE:BD:3E:C0:13:F2:61:03
X509v3 Authority Key Identifier:
keyid:72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/mFFNgz0LoOIjeTT2_r0-wBPyYQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.192.0/19
89.207.24.0/21
95.155.184.0/21
193.238.240.0/22
IPv6:
2a01:710::/32
2a0f:4880::/29
Signature Algorithm: sha256WithRSAEncryption
1c:ea:b0:2a:d9:2e:46:c0:ce:0d:c8:b5:a5:3a:d3:3e:cc:5e:
36:4a:ba:c5:79:37:45:53:2b:c6:ed:36:8c:6f:5b:36:2a:79:
b9:14:8d:84:ee:66:a7:aa:70:f2:c8:7f:55:1f:da:2b:57:4a:
63:77:90:f5:55:3a:87:85:94:c5:b5:f9:2f:ab:e2:3f:3a:ff:
09:57:17:01:ea:93:fd:57:13:5c:36:56:c3:a9:f1:23:10:1c:
87:99:55:f3:50:8b:71:35:e8:ae:f0:f5:e5:0d:d8:48:31:9e:
bf:79:b7:a2:08:1d:4e:23:1c:43:35:bd:8c:16:51:59:2a:38:
86:a6:50:16:38:82:2d:9e:03:9b:44:e4:f8:60:c9:69:88:64:
37:3b:21:a7:6a:d9:9c:47:fa:13:64:5c:80:14:7f:cf:10:46:
0c:9b:77:62:d4:6f:34:4a:a5:70:a0:c2:a5:1f:21:50:8a:f2:
17:c0:a5:d3:f4:0c:82:e9:30:94:7f:0b:0c:df:e2:28:48:7e:
4c:43:91:f6:78:7e:dd:fb:09:a4:16:75:52:64:0f:22:5e:57:
09:e2:d8:c4:0e:47:01:98:55:0e:d3:eb:2e:dc:16:e3:b1:6d:
68:34:b6:6a:37:3b:4f:a2:59:40:24:99:8f:6f:42:59:95:72:
67:0f:07:a9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQj1ziiazjB0qo6UhiekPtCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWFkYzdhN2VjZTQ3N2Q1ZjRkNzc3MjQzYjYwZjJiYmJi
NzU2MDMwHhcNMjUwMTAxMjE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUxNGQ4MzNkMGJhMGUyMjM3OTM0ZjZmZWJkM2VjMDEzZjI2MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4luKCR6hqhn3GrGd2tYy36nr/V+9
CiFz31y+3q6CoeTwg2WSzRCooGjK6X+OEqokeotPaDh4fg4fgCcnkvv8VZHIAdbj
dXmc4/7JAcNh6amukZvZhWRjGEwSda/gKagdFrQtDrdYAdqFcB5+iBbbnnvArz9c
MdJQmXmNPkQE97va9IZRVA26sbES85A78g8gl63KUVQym50k7R9Np5T5hHALxTln
QiB8xz2yrXfcp560OZk0nXGKjyUR0NuKD/r9nzaAz4/a2p7ZPw6+m/aMlQgbMWk5
eAUf2KjDcf0XYyQByUmBRruAEjKnZwZcTzG7Jw/lTg8tWLMxD3mj7Gnk/QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJhRTYM9C6DiI3k09v69PsAT8mEDMB8GA1UdIwQY
MBaAFHLq3Hp+zkd9X013ckO2Dyu7t1YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjkt
NDczODUxNzA5YzU4LzEvbUZGTmd6MExvT0lqZVRUMl9yMC13QlB5WVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjktNDczODUxNzA5YzU4
LzEvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQFLibAAwQD
Wc8YAwQDX5u4AwQCwe7wMBQEAgACMA4DBQAqAQcQAwUDKg9IgDANBgkqhkiG9w0B
AQsFAAOCAQEAHOqwKtkuRsDODci1pTrTPsxeNkq6xXk3RVMrxu02jG9bNip5uRSN
hO5mp6pw8sh/VR/aK1dKY3eQ9VU6h4WUxbX5L6viPzr/CVcXAeqT/VcTXDZWw6nx
IxAch5lV81CLcTXorvD15Q3YSDGev3m3oggdTiMcQzW9jBZRWSo4hqZQFjiCLZ4D
m0Tk+GDJaYhkNzshp2rZnEf6E2RcgBR/zxBGDJt3YtRvNEqlcKDCpR8hUIryF8Cl
0/QMgukwlH8LDN/iKEh+TEOR9nh+3fsJpBZ1UmQPIl5XCeLYxA5HAZhVDtPrLtwW
47FtaDS2ajc7T6JZQCSZj29CWZVyZw8HqQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:32 2025 by rpki-client on console.sobornost.net