Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/kjHmsImwhTRPaRb0UQGrEGAInok.roa
File: kjHmsImwhTRPaRb0UQGrEGAInok.roa (raw, json)
Hash identifier: oTmGkdG4PilvyviWHvxjq13O1ef4ti8I4uL5CKJst7k=
Subject key identifier: 92:31:E6:B0:89:B0:85:34:4F:69:16:F4:51:01:AB:10:60:08:9E:89
Certificate issuer: /CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Certificate serial: 01954147DA494E32C559E04A36A04D5C0D93
Authority key identifier: FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/kjHmsImwhTRPaRb0UQGrEGAInok.roa
Signing time: Wed 26 Feb 2025 08:03:02 +0000
ROA not before: Wed 26 Feb 2025 08:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16010
IP address blocks: 5.178.128.0/17 maxlen: 24
5.178.128.0/18 maxlen: 18
5.178.192.0/18 maxlen: 18
46.49.0.0/17 maxlen: 24
46.49.0.0/18 maxlen: 18
46.49.64.0/18 maxlen: 18
62.168.160.0/19 maxlen: 24
77.74.40.0/21 maxlen: 21
80.241.240.0/22 maxlen: 22
80.241.248.0/22 maxlen: 22
80.241.253.0/24 maxlen: 24
80.241.254.0/23 maxlen: 23
82.211.128.0/18 maxlen: 19
82.211.128.0/19 maxlen: 19
82.211.160.0/19 maxlen: 19
85.114.224.0/19 maxlen: 24
89.232.32.0/19 maxlen: 24
93.177.128.0/18 maxlen: 24
93.177.128.0/19 maxlen: 19
93.177.160.0/19 maxlen: 19
94.137.160.0/19 maxlen: 24
94.240.192.0/18 maxlen: 24
94.240.192.0/19 maxlen: 19
94.240.224.0/19 maxlen: 19
95.104.0.0/17 maxlen: 24
95.104.0.0/18 maxlen: 18
95.104.64.0/18 maxlen: 18
109.172.128.0/17 maxlen: 24
134.19.224.0/19 maxlen: 24
185.115.4.0/22 maxlen: 22
185.115.4.0/24 maxlen: 24
188.121.192.0/19 maxlen: 24
188.129.128.0/17 maxlen: 18
188.129.192.0/19 maxlen: 19
212.58.96.0/19 maxlen: 24
212.72.128.0/23 maxlen: 24
212.72.131.0/24 maxlen: 24
212.72.132.0/22 maxlen: 24
212.72.136.0/21 maxlen: 24
212.72.144.0/21 maxlen: 21
212.72.152.0/23 maxlen: 23
212.72.154.0/24 maxlen: 24
212.72.156.0/22 maxlen: 22
213.157.192.0/19 maxlen: 24
213.200.0.0/19 maxlen: 24
2a0b:6200::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:47:da:49:4e:32:c5:59:e0:4a:36:a0:4d:5c:0d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Validity
Not Before: Feb 26 08:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9231e6b089b085344f6916f45101ab1060089e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:65:c3:d5:1b:7f:19:db:55:e4:2c:9c:6c:
46:b2:0d:73:c1:0d:3c:cb:f9:5f:2d:75:4c:05:b8:
ea:2c:de:65:1b:05:66:80:1a:c4:ea:fe:27:46:08:
de:ce:fd:15:1f:2d:53:29:d0:cb:d4:87:c7:fd:8a:
85:4d:b6:df:73:6d:bb:a4:51:d2:80:1a:1e:b8:78:
56:cb:c7:11:4e:a0:31:26:b1:64:e4:e5:8f:9b:56:
d8:a8:50:f9:21:c8:18:c7:e5:65:52:a8:0c:9a:93:
5a:2c:c9:c6:93:37:e7:a4:b1:62:67:b8:55:c6:82:
16:e8:c7:1c:67:44:fa:d8:00:5e:98:bc:1b:87:bf:
49:1d:40:33:8a:98:d3:8e:e4:b3:5b:b9:90:78:1c:
23:a6:5d:28:77:79:0b:dc:32:90:71:a8:70:eb:d2:
47:b9:a4:45:fa:41:1a:e1:27:dd:88:3d:02:15:26:
98:76:20:31:4f:41:88:4f:55:7e:4a:95:19:2a:cc:
a5:eb:ee:2c:26:20:d2:90:9e:0b:5f:8c:16:b5:2a:
8f:0c:f9:5e:2a:89:e8:85:21:44:ff:00:0d:66:61:
df:0e:2c:68:2d:a3:d1:44:f1:34:d4:a4:3f:56:56:
08:23:1f:c2:4f:3d:d7:e4:c2:e8:cb:5b:33:28:6f:
5f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:31:E6:B0:89:B0:85:34:4F:69:16:F4:51:01:AB:10:60:08:9E:89
X509v3 Authority Key Identifier:
keyid:FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/kjHmsImwhTRPaRb0UQGrEGAInok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.128.0/17
46.49.0.0/17
62.168.160.0/19
77.74.40.0/21
80.241.240.0/22
80.241.248.0/22
80.241.253.0-80.241.255.255
82.211.128.0/18
85.114.224.0/19
89.232.32.0/19
93.177.128.0/18
94.137.160.0/19
94.240.192.0/18
95.104.0.0/17
109.172.128.0/17
134.19.224.0/19
185.115.4.0/22
188.121.192.0/19
188.129.128.0/17
212.58.96.0/19
212.72.128.0/23
212.72.131.0-212.72.154.255
212.72.156.0/22
213.157.192.0/19
213.200.0.0/19
IPv6:
2a0b:6200::/29
Signature Algorithm: sha256WithRSAEncryption
0f:be:17:8c:b4:c0:d7:e9:56:dc:5c:4c:0d:24:24:b5:8e:d4:
a8:13:9b:e7:23:8f:61:8b:71:d8:f5:40:e1:05:ea:57:16:e0:
74:81:81:e7:22:f6:0a:3b:c2:21:14:d6:9e:93:c1:3f:4c:27:
89:30:3c:99:bd:94:50:5b:44:c5:4f:b2:0d:57:09:48:4e:85:
64:a1:41:ac:11:9a:02:e3:73:4a:c4:30:a9:a4:29:56:db:a9:
09:d4:66:df:91:6f:8b:2f:42:2a:4d:d2:e7:b7:cc:17:c3:7c:
58:e7:ff:5d:82:39:aa:e2:f8:79:6b:e6:26:de:60:1d:5b:14:
8f:04:4c:cf:70:4f:4e:95:7e:00:e5:72:ea:57:90:fa:29:09:
f7:4f:ab:3b:ea:19:5a:58:3f:80:f9:46:fe:d5:3c:51:b0:17:
84:5e:64:0a:0b:ec:e9:2b:7d:6b:75:79:ac:5f:09:3a:35:42:
1c:69:5b:7b:e0:8e:79:19:30:d5:00:21:d5:cf:6c:a3:58:e2:
3e:44:23:07:d6:9c:71:7c:d5:1a:ed:76:ff:ad:94:21:16:72:
ea:d8:7c:e4:1e:ff:db:01:67:bb:ef:ab:0e:93:f9:04:ed:52:
4a:b5:92:67:d3:51:17:70:18:cd:90:b9:1a:eb:8c:40:fb:c3:
e2:db:f4:55
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZVBR9pJTjLFWeBKNqBNXA2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDJiMzYyMDY0MzliYmNlMTViMzYzZjA5ZWVmZjFkNzM4
Y2VjYzcwHhcNMjUwMjI2MDgwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjMxZTZiMDg5YjA4NTM0NGY2OTE2ZjQ1MTAxYWIxMDYwMDg5ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApshlw9UbfxnbVeQsnGxGsg1zwQ08
y/lfLXVMBbjqLN5lGwVmgBrE6v4nRgjezv0VHy1TKdDL1IfH/YqFTbbfc227pFHS
gBoeuHhWy8cRTqAxJrFk5OWPm1bYqFD5IcgYx+VlUqgMmpNaLMnGkzfnpLFiZ7hV
xoIW6MccZ0T62ABemLwbh79JHUAzipjTjuSzW7mQeBwjpl0od3kL3DKQcahw69JH
uaRF+kEa4SfdiD0CFSaYdiAxT0GIT1V+SpUZKsyl6+4sJiDSkJ4LX4wWtSqPDPle
KonohSFE/wANZmHfDixoLaPRRPE01KQ/VlYIIx/CTz3X5MLoy1szKG9fbwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFJIx5rCJsIU0T2kW9FEBqxBgCJ6JMB8GA1UdIwQY
MBaAFP3Ss2IGQ5u84Vs2Pwnu/x1zjOzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQt
YjAxZTAyOTdiMDcwLzEva2pIbXNJbXdoVFJQYVJiMFVRR3JFR0FJbm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQtYjAxZTAyOTdiMDcw
LzEvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBrAQCAAEwgaUDBAcF
soADBAcuMQADBAU+qKADBANNSigDBAJQ8fADBAJQ8fgwCwMEAFDx/QMDAVDwAwQG
UtOAAwQFVXLgAwQFWeggAwQGXbGAAwQFXomgAwQGXvDAAwQHX2gAAwQHbayAAwQF
hhPgAwQCuXMEAwQFvHnAAwQHvIGAAwQF1DpgAwQB1EiAMAwDBADUSIMDBADUSJoD
BALUSJwDBAXVncADBAXVyAAwDQQCAAIwBwMFAyoLYgAwDQYJKoZIhvcNAQELBQAD
ggEBAA++F4y0wNfpVtxcTA0kJLWO1KgTm+cjj2GLcdj1QOEF6lcW4HSBgeci9go7
wiEU1p6TwT9MJ4kwPJm9lFBbRMVPsg1XCUhOhWShQawRmgLjc0rEMKmkKVbbqQnU
Zt+Rb4svQipN0ue3zBfDfFjn/12COari+Hlr5ibeYB1bFI8ETM9wT06VfgDlcupX
kPopCfdPqzvqGVpYP4D5Rv7VPFGwF4ReZAoL7OkrfWt1eaxfCTo1QhxpW3vgjnkZ
MNUAIdXPbKNY4j5EIwfWnHF81Rrtdv+tlCEWcurYfOQe/9sBZ7vvqw6T+QTtUkq1
kmfTURdwGM2QuRrrjED7w+Lb9FU=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:47:09 2025 by rpki-client on console.sobornost.net