Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zAHjS8tPU8HEmTCCDINtaHrVJIM.roa
File: zAHjS8tPU8HEmTCCDINtaHrVJIM.roa (raw, json)
Hash identifier: 0QsNUBchy9W2sgLs15kxSXqG8C8jBUSbYSVE7+dh+t0=
Subject key identifier: CC:01:E3:4B:CB:4F:53:C1:C4:99:30:82:0C:83:6D:68:7A:D5:24:83
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCE65333AD05139F70257D28EB377A
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zAHjS8tPU8HEmTCCDINtaHrVJIM.roa
Signing time: Thu 02 Jan 2025 07:48:38 +0000
ROA not before: Thu 02 Jan 2025 07:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 5.182.184.0/24 maxlen: 24
78.31.207.0/24 maxlen: 24
104.232.37.0/24 maxlen: 24
162.218.92.0/24 maxlen: 24
162.218.94.0/24 maxlen: 24
185.187.213.0/24 maxlen: 24
185.205.207.0/24 maxlen: 24
185.230.120.0/24 maxlen: 24
185.230.123.0/24 maxlen: 24
2a0a:8f40:31::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:e6:53:33:ad:05:13:9f:70:25:7d:28:eb:37:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc01e34bcb4f53c1c49930820c836d687ad52483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:85:4d:02:8a:d9:6e:e9:b6:4e:82:52:ad:
50:45:52:14:f4:e7:ed:74:79:6d:eb:ed:82:12:eb:
7d:1d:11:9b:b5:bf:9c:95:73:fd:b7:7e:35:47:25:
6e:35:8c:f5:95:b5:9d:4f:bc:95:de:b6:1b:b2:f6:
91:e9:7f:ee:d1:f6:00:7a:32:d5:dc:7a:a1:3d:47:
23:a1:38:52:6a:87:35:7f:ad:b4:f7:79:f9:ea:14:
00:47:63:76:2c:ca:05:09:a9:14:ec:8b:49:64:54:
66:17:75:7a:d6:b5:77:f3:00:d0:4e:58:d9:24:fd:
84:c0:6f:8a:77:42:c8:8b:ab:44:7b:1f:a4:df:b9:
7c:e4:5a:11:5a:ef:33:db:c7:29:1f:a2:92:8c:3b:
4d:39:74:d9:90:64:93:8a:29:9e:87:0a:02:76:bc:
32:a7:1c:f5:13:3e:98:3f:0a:63:5c:97:6b:5f:65:
76:78:85:11:ef:81:a2:f8:b7:68:cb:38:9d:40:cb:
ea:60:e0:7e:3d:cb:26:71:34:86:6c:c4:28:d8:e8:
0d:e8:22:4f:bf:e8:39:a7:25:05:88:6a:17:e7:9c:
4c:5f:28:11:af:5a:c7:8e:6b:09:41:1a:d1:fd:08:
97:8f:d1:e7:2b:7d:60:5f:83:1e:55:ff:59:20:9a:
a9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:01:E3:4B:CB:4F:53:C1:C4:99:30:82:0C:83:6D:68:7A:D5:24:83
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zAHjS8tPU8HEmTCCDINtaHrVJIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
78.31.207.0/24
104.232.37.0/24
162.218.92.0/24
162.218.94.0/24
185.187.213.0/24
185.205.207.0/24
185.230.120.0/24
185.230.123.0/24
IPv6:
2a0a:8f40:31::/48
Signature Algorithm: sha256WithRSAEncryption
45:75:fa:eb:6a:26:f3:8c:93:91:36:0a:bd:f4:07:92:9e:6a:
fb:c2:90:0f:af:aa:8a:5e:3a:8d:67:33:29:a1:a9:01:77:5e:
c4:56:26:0e:ff:b0:62:0b:4f:ef:81:2f:ee:46:1d:3e:80:79:
9b:00:9e:22:27:a7:87:a6:89:ec:c4:1e:69:c9:97:98:f7:8c:
0f:7d:c7:6c:1a:87:c6:a7:9f:32:b8:f6:28:51:fd:98:83:08:
ae:f2:8f:81:de:c0:6e:67:46:fd:2b:e8:e2:28:9b:7c:af:8f:
0d:b6:48:d6:62:97:d0:9e:e7:26:6e:40:fe:cd:23:e6:e9:cc:
79:5c:44:89:82:0a:34:af:83:47:a6:94:e9:b8:f0:2a:c0:7a:
74:24:16:a6:5d:c5:a1:c4:eb:62:31:2e:69:cd:08:0b:f2:14:
41:51:85:73:32:71:df:2d:30:8a:ea:cd:ef:bf:1b:5e:ef:55:
9a:f2:fe:96:5d:80:65:e8:15:99:40:c7:12:82:f8:13:e8:8e:
fd:3f:6c:3f:0b:a7:b1:7d:a1:03:ad:7e:18:df:93:c8:e9:8e:
9a:d7:9a:21:84:33:6e:a6:fa:eb:4f:7a:db:41:6c:18:ac:e4:
41:02:d0:61:b9:ac:08:07:dd:09:62:6f:a0:cf:6e:ae:9b:d4:
63:0b:2a:8c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQl/OZTM60FE59wJX0o6zd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAxZTM0YmNiNGY1M2MxYzQ5OTMwODIwYzgzNmQ2ODdhZDUyNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7KFTQKK2W7ptk6CUq1QRVIU9Oft
dHlt6+2CEut9HRGbtb+clXP9t341RyVuNYz1lbWdT7yV3rYbsvaR6X/u0fYAejLV
3HqhPUcjoThSaoc1f62093n56hQAR2N2LMoFCakU7ItJZFRmF3V61rV38wDQTljZ
JP2EwG+Kd0LIi6tEex+k37l85FoRWu8z28cpH6KSjDtNOXTZkGSTiimehwoCdrwy
pxz1Ez6YPwpjXJdrX2V2eIUR74Gi+LdoyzidQMvqYOB+PcsmcTSGbMQo2OgN6CJP
v+g5pyUFiGoX55xMXygRr1rHjmsJQRrR/QiXj9HnK31gX4MeVf9ZIJqpzwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMwB40vLT1PBxJkwggyDbWh61SSDMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvekFIalM4dFBVOEhFbVRDQ0RJTnRhSHJWSklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQABba4AwQA
Th/PAwQAaOglAwQAotpcAwQAotpeAwQAubvVAwQAuc3PAwQAueZ4AwQAueZ7MA8E
AgACMAkDBwAqCo9AADEwDQYJKoZIhvcNAQELBQADggEBAEV1+utqJvOMk5E2Cr30
B5KeavvCkA+vqopeOo1nMymhqQF3XsRWJg7/sGILT++BL+5GHT6AeZsAniInp4em
iezEHmnJl5j3jA99x2wah8annzK49ihR/ZiDCK7yj4HewG5nRv0r6OIom3yvjw22
SNZil9Ce5yZuQP7NI+bpzHlcRImCCjSvg0emlOm48CrAenQkFqZdxaHE62IxLmnN
CAvyFEFRhXMycd8tMIrqze+/G17vVZry/pZdgGXoFZlAxxKC+BPojv0/bD8Lp7F9
oQOtfhjfk8jpjprXmiGEM26m+utPettBbBis5EEC0GG5rAgH3Qlib6DPbq6b1GML
Kow=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:59 2025 by rpki-client