Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/nTfJHvOT3Md0YAT3TOEczzSv8EE.roa
File: nTfJHvOT3Md0YAT3TOEczzSv8EE.roa (raw, json)
Hash identifier: VL31GlFtYpNeSOK+C/j2TrSHKldZgXfdQN4cx739hDI=
Subject key identifier: 9D:37:C9:1E:F3:93:DC:C7:74:60:04:F7:4C:E1:1C:CF:34:AF:F0:41
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 0194244560F34DCD71648F098CEA3A2BEA29
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/nTfJHvOT3Md0YAT3TOEczzSv8EE.roa
Signing time: Wed 01 Jan 2025 23:48:34 +0000
ROA not before: Wed 01 Jan 2025 23:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.132.0/23 maxlen: 23
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.168.0/23 maxlen: 23
31.214.170.0/23 maxlen: 23
31.214.172.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
31.214.248.0/21 maxlen: 21
37.10.64.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
37.10.117.0/24 maxlen: 24
37.228.131.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
46.41.192.0/18 maxlen: 18
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
46.41.224.0/20 maxlen: 20
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
82.99.192.0/19 maxlen: 22
82.99.192.0/24 maxlen: 24
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.198.0/24 maxlen: 24
82.99.199.0/24 maxlen: 24
82.99.200.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.204.0/24 maxlen: 24
82.99.205.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.214.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.224.0/20 maxlen: 20
82.99.225.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.229.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.232.0/24 maxlen: 24
82.99.233.0/24 maxlen: 24
82.99.234.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
82.99.252.0/24 maxlen: 24
82.99.254.0/24 maxlen: 24
82.99.255.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
95.156.233.0/24 maxlen: 24
95.156.234.0/23 maxlen: 23
95.156.236.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
2a00:1a88::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:60:f3:4d:cd:71:64:8f:09:8c:ea:3a:2b:ea:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Jan 1 23:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d37c91ef393dcc7746004f74ce11ccf34aff041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3c:67:8b:65:4f:a7:38:ce:c1:ae:43:4e:dc:
24:0b:7d:db:05:1d:22:ce:1c:36:31:05:3c:27:cf:
72:96:f4:27:7f:64:b4:eb:e1:c9:9e:35:a1:50:99:
23:d1:9d:0e:ab:d1:6f:fe:c0:bf:6a:79:b0:f7:f5:
8a:72:45:0c:ae:13:f8:44:3e:d8:a2:14:19:f5:91:
c1:b4:81:67:d2:62:2a:34:79:45:49:60:26:69:68:
3d:5f:03:ba:fe:0e:a6:57:48:65:49:1d:a8:5b:b4:
eb:6f:cc:b7:8f:0c:22:9f:d5:f3:e6:3c:52:4e:1c:
39:ac:26:60:79:89:f8:80:9b:bd:03:65:d6:85:cb:
40:2d:53:6a:9b:71:62:b3:c1:95:0c:9a:0d:80:ec:
94:56:bf:22:ff:8c:40:63:8e:45:1c:54:af:73:61:
85:be:09:bc:4c:6e:c3:4f:5b:79:ed:de:26:2d:d9:
c2:12:d5:87:5b:91:98:27:8e:06:d2:be:b0:d1:ad:
ca:c0:c9:10:5d:e3:84:e5:8e:db:32:67:1b:cb:bb:
8f:52:2a:a1:cf:5b:d7:01:96:59:90:12:f3:ab:27:
09:1d:18:cb:29:92:c5:be:59:4d:87:1f:9b:bd:2f:
b0:fc:2d:81:71:b5:fe:92:c9:91:25:01:7b:7c:30:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:37:C9:1E:F3:93:DC:C7:74:60:04:F7:4C:E1:1C:CF:34:AF:F0:41
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/nTfJHvOT3Md0YAT3TOEczzSv8EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
IPv6:
2a00:1a88::/32
Signature Algorithm: sha256WithRSAEncryption
38:0f:02:6a:79:2e:19:32:0c:d6:03:1e:1f:aa:ba:a0:ae:03:
f8:6a:e9:f0:a0:2a:10:d9:9e:ac:3f:56:06:cf:e7:4c:f1:0d:
3c:9a:2c:e8:57:51:b6:fe:8a:29:66:f3:02:a4:82:29:d5:1c:
35:63:27:34:45:c7:98:54:37:5f:2a:0b:92:43:c7:c8:26:e0:
23:6e:2d:05:7d:0e:03:8f:36:52:27:a8:94:32:df:a9:b2:6b:
01:a5:07:5e:01:72:aa:d8:b1:90:a7:81:44:8c:b1:67:fc:3a:
7f:af:69:85:fb:23:ce:ff:55:a6:51:05:48:e7:5a:f1:93:7c:
bc:f8:b6:83:b2:e9:3c:d2:80:50:6c:f0:90:79:73:be:06:e6:
84:4c:8e:43:c6:9e:13:c8:5f:c6:88:50:64:1d:22:72:0c:45:
69:11:59:f8:ef:18:c6:ba:26:53:5b:d3:9b:b1:8c:0e:32:58:
8c:fc:2a:83:5c:49:f9:fb:ee:f1:17:b7:df:ea:32:54:a3:55:
67:b9:01:22:17:e5:b6:7b:42:02:6f:ad:9c:51:53:95:1a:69:
48:2a:23:85:d5:58:49:05:19:62:10:b6:74:32:31:fa:e9:16:
1a:a1:23:a4:61:83:6c:52:00:d3:c3:16:e6:ee:e0:78:7c:62:
e2:a8:ae:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZQkRWDzTc1xZI8JjOo6K+opMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjUwMTAxMjM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM3YzkxZWYzOTNkY2M3NzQ2MDA0Zjc0Y2UxMWNjZjM0YWZmMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjxni2VPpzjOwa5DTtwkC33bBR0i
zhw2MQU8J89ylvQnf2S06+HJnjWhUJkj0Z0Oq9Fv/sC/anmw9/WKckUMrhP4RD7Y
ohQZ9ZHBtIFn0mIqNHlFSWAmaWg9XwO6/g6mV0hlSR2oW7Trb8y3jwwin9Xz5jxS
Thw5rCZgeYn4gJu9A2XWhctALVNqm3Fis8GVDJoNgOyUVr8i/4xAY45FHFSvc2GF
vgm8TG7DT1t57d4mLdnCEtWHW5GYJ44G0r6w0a3KwMkQXeOE5Y7bMmcby7uPUiqh
z1vXAZZZkBLzqycJHRjLKZLFvllNhx+bvS+w/C2BcbX+ksmRJQF7fDDcWwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFJ03yR7zk9zHdGAE90zhHM80r/BBMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvblRmSkh2T1QzTWQwWUFUM1RPRWN6elN2OEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8QQCAAEwgeoD
BAEf1oQDBAEf1pIDBAAf1poDBAMf1qgDBAEf1sgDBAIf1uQDBAMf1vgDBAIlCkAD
BAAlCm0DBAAlCnUDBAAl5IMDBAAl5IUwDAMEACXkhwMEAiXkiAMEBi4pwAMEAC77
4AMEAC774gMEAC777QMEBlJjwAMEAV+c3jAMAwQAX5zpAwQBX5zsAwQBX5z4AwQB
bebAAwQAbebIAwQCbebMAwQAbebdAwQAbebfAwQAbebyAwQBbeb2AwQAbeb7AwQB
hv/EAwQDhv/IMAwDBACG//UDBACG//YDBACG//kDBAC5CkcDBAK5DeQwDQQCAAIw
BwMFACoAGogwDQYJKoZIhvcNAQELBQADggEBADgPAmp5LhkyDNYDHh+quqCuA/hq
6fCgKhDZnqw/VgbP50zxDTyaLOhXUbb+iilm8wKkginVHDVjJzRFx5hUN18qC5JD
x8gm4CNuLQV9DgOPNlInqJQy36myawGlB14BcqrYsZCngUSMsWf8On+vaYX7I87/
VaZRBUjnWvGTfLz4toOy6TzSgFBs8JB5c74G5oRMjkPGnhPIX8aIUGQdInIMRWkR
WfjvGMa6JlNb05uxjA4yWIz8KoNcSfn77vEXt9/qMlSjVWe5ASIX5bZ7QgJvrZxR
U5UaaUgqI4XVWEkFGWIQtnQyMfrpFhqhI6Rhg2xSANPDFubu4Hh8YuKorhw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:42 2025 by rpki-client on console.sobornost.net