Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/d8pyP86Y6uwqz1d9ZUqrw3D4VrQ.roa
File: d8pyP86Y6uwqz1d9ZUqrw3D4VrQ.roa (raw, json)
Hash identifier: rdq5z21gij6clSNE/4yKomwJ24Ycc5gYpA5zAtS7MBw=
Subject key identifier: 77:CA:72:3F:CE:98:EA:EC:2A:CF:57:7D:65:4A:AB:C3:70:F8:56:B4
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 0194266B470DAF0876BF1C4EA7F8E5B1B054
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/d8pyP86Y6uwqz1d9ZUqrw3D4VrQ.roa
Signing time: Thu 02 Jan 2025 09:49:12 +0000
ROA not before: Thu 02 Jan 2025 09:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48176
IP address blocks: 37.18.152.0/21 maxlen: 21
37.18.156.0/22 maxlen: 22
62.122.240.0/21 maxlen: 21
81.177.56.0/21 maxlen: 21
81.177.184.0/24 maxlen: 24
81.177.187.0/24 maxlen: 24
81.177.188.0/22 maxlen: 22
81.177.195.0/24 maxlen: 24
81.177.198.0/23 maxlen: 23
81.177.200.0/21 maxlen: 21
81.177.200.0/22 maxlen: 22
81.177.224.0/20 maxlen: 20
81.177.224.0/23 maxlen: 23
81.177.226.0/23 maxlen: 23
81.177.228.0/22 maxlen: 22
81.177.240.0/21 maxlen: 21
81.177.248.0/22 maxlen: 22
81.177.252.0/23 maxlen: 23
91.207.136.0/23 maxlen: 23
149.255.24.0/21 maxlen: 21
178.237.176.0/20 maxlen: 20
178.237.176.0/21 maxlen: 21
178.237.176.0/22 maxlen: 22
178.237.180.0/22 maxlen: 22
178.237.184.0/21 maxlen: 21
178.237.188.0/23 maxlen: 23
178.237.190.0/23 maxlen: 23
185.8.20.0/22 maxlen: 22
213.59.144.0/22 maxlen: 22
213.59.146.0/24 maxlen: 24
213.59.148.0/23 maxlen: 23
213.59.150.0/24 maxlen: 24
213.59.154.0/24 maxlen: 24
213.59.186.0/23 maxlen: 23
213.59.186.0/24 maxlen: 24
213.59.188.0/22 maxlen: 22
213.59.190.0/23 maxlen: 23
213.222.224.0/21 maxlen: 21
213.222.224.0/22 maxlen: 22
213.222.232.0/21 maxlen: 21
213.222.232.0/22 maxlen: 22
213.222.236.0/22 maxlen: 22
213.222.240.0/20 maxlen: 20
213.222.240.0/21 maxlen: 21
213.222.248.0/21 maxlen: 21
2a03:aa00::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:47:0d:af:08:76:bf:1c:4e:a7:f8:e5:b1:b0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 2 09:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77ca723fce98eaec2acf577d654aabc370f856b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:24:5f:5f:8e:2b:00:5f:57:87:f5:48:98:
9f:63:1f:96:b0:54:a5:22:3e:75:37:24:34:3d:0f:
23:4b:3e:e4:af:4a:d4:cd:21:9f:38:27:69:85:b2:
ac:70:4e:48:01:31:6e:8a:e9:7a:1d:13:c8:88:c0:
66:2e:9b:ba:6b:2f:af:ff:a8:13:1c:6d:27:da:19:
f8:dd:45:c6:8a:22:f4:17:24:44:e6:04:32:dd:bb:
a9:e3:5a:ff:5c:9b:cf:82:66:30:71:74:9e:5c:27:
26:55:86:0a:21:a5:90:d7:a6:07:b8:80:97:be:6b:
5c:97:08:8a:15:04:c0:1b:76:ab:50:1f:3d:08:67:
82:4e:52:1c:95:a0:d6:98:63:4f:0c:64:a0:fb:a1:
51:fc:fc:0c:4e:5a:e7:64:58:ad:75:b5:60:72:e7:
91:92:41:8d:8e:07:18:f2:09:e7:5f:a6:9e:8e:b9:
de:4e:df:12:93:cc:95:4f:16:c9:8f:3b:5e:41:94:
37:65:a6:4d:cf:95:a8:25:0a:ae:f7:6f:77:22:bc:
c9:c6:2b:94:98:bc:a8:a2:93:f3:a1:b0:f9:f9:c9:
39:be:1a:0e:ae:23:62:f5:60:19:4e:41:38:8f:31:
a8:e7:d5:34:7c:e7:3c:a0:ab:54:7d:1a:81:c0:9d:
2d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CA:72:3F:CE:98:EA:EC:2A:CF:57:7D:65:4A:AB:C3:70:F8:56:B4
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/d8pyP86Y6uwqz1d9ZUqrw3D4VrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.152.0/21
62.122.240.0/21
81.177.56.0/21
81.177.184.0/24
81.177.187.0-81.177.191.255
81.177.195.0/24
81.177.198.0-81.177.207.255
81.177.224.0-81.177.253.255
91.207.136.0/23
149.255.24.0/21
178.237.176.0/20
185.8.20.0/22
213.59.144.0-213.59.150.255
213.59.154.0/24
213.59.186.0-213.59.191.255
213.222.224.0/19
IPv6:
2a03:aa00::/36
Signature Algorithm: sha256WithRSAEncryption
b0:1a:08:60:1c:62:53:da:e9:d9:05:9b:8a:3e:05:77:ed:d3:
80:9a:66:22:4a:37:70:02:7f:ab:74:eb:7a:6e:02:fc:df:62:
4b:f0:5f:5c:4b:c5:07:5b:80:17:64:4e:a0:13:f8:df:d2:95:
2f:d9:fb:07:08:3a:96:c2:2b:6d:fc:0a:e6:b7:c7:84:ae:f9:
2b:e1:c8:d5:21:c6:b0:e2:de:9b:da:c8:40:e0:ea:14:25:0b:
28:47:72:1e:c2:6d:8f:c9:47:bd:45:2c:f9:37:22:80:a9:2e:
56:6f:c7:a4:58:9b:9d:15:d4:a7:71:5d:a9:c5:d9:94:6b:dc:
24:2a:b3:ce:b4:bf:76:51:8e:c2:16:d9:90:26:c4:3e:c0:f3:
0d:f1:de:12:4c:d4:e4:00:87:7a:4a:a6:33:2b:26:57:5c:07:
44:bc:47:27:86:52:b2:07:11:ee:23:f8:07:2c:a7:c7:a5:4f:
37:d4:68:29:83:56:18:46:04:9b:6c:95:be:d3:52:bc:81:ea:
f4:78:79:71:3b:36:1b:b0:6f:d6:c4:07:07:f7:82:d9:02:75:
82:50:c0:25:f0:99:4f:be:8e:a0:6c:9b:1d:da:46:20:01:90:
93:12:b7:9d:8a:e6:d7:b8:4d:b0:41:6a:2f:33:4e:a2:5c:14:
01:7a:30:96
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQma0cNrwh2vxxOp/jlsbBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjRiMWMwYmZiYWQ0NmI4MTFlZWU1NjhhMThmYmFhMTRh
OWQ2ODcwHhcNMjUwMTAyMDk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2NhNzIzZmNlOThlYWVjMmFjZjU3N2Q2NTRhYWJjMzcwZjg1NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMckX1+OKwBfV4f1SJifYx+WsFSl
Ij51NyQ0PQ8jSz7kr0rUzSGfOCdphbKscE5IATFuiul6HRPIiMBmLpu6ay+v/6gT
HG0n2hn43UXGiiL0FyRE5gQy3bup41r/XJvPgmYwcXSeXCcmVYYKIaWQ16YHuICX
vmtclwiKFQTAG3arUB89CGeCTlIclaDWmGNPDGSg+6FR/PwMTlrnZFitdbVgcueR
kkGNjgcY8gnnX6aejrneTt8Sk8yVTxbJjzteQZQ3ZaZNz5WoJQqu9293IrzJxiuU
mLyoopPzobD5+ck5vhoOriNi9WAZTkE4jzGo59U0fOc8oKtUfRqBwJ0tLwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFHfKcj/OmOrsKs9XfWVKq8Nw+Fa0MB8GA1UdIwQY
MBaAFJL0scC/utRrgR7uVooY+6oUqdaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMt
YTA4NGY3NmM4ZTJiLzEvZDhweVA4Nlk2dXdxejFkOVpVcXJ3M0Q0VnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMtYTA4NGY3NmM4ZTJi
LzEva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBjwQCAAEwgYgDBAMl
EpgDBAM+evADBANRsTgDBABRsbgwDAMEAFGxuwMEBlGxgAMEAFGxwzAMAwQBUbHG
AwQEUbHAMAwDBAVRseADBAFRsfwDBAFbz4gDBAOV/xgDBASy7bADBAK5CBQwDAME
BNU7kAMEANU7lgMEANU7mjAMAwQB1Tu6AwQG1TuAAwQF1d7gMA4EAgACMAgDBgQq
A6oAADANBgkqhkiG9w0BAQsFAAOCAQEAsBoIYBxiU9rp2QWbij4Fd+3TgJpmIko3
cAJ/q3Trem4C/N9iS/BfXEvFB1uAF2ROoBP439KVL9n7Bwg6lsIrbfwK5rfHhK75
K+HI1SHGsOLem9rIQODqFCULKEdyHsJtj8lHvUUs+TcigKkuVm/HpFibnRXUp3Fd
qcXZlGvcJCqzzrS/dlGOwhbZkCbEPsDzDfHeEkzU5ACHekqmMysmV1wHRLxHJ4ZS
sgcR7iP4Byynx6VPN9RoKYNWGEYEm2yVvtNSvIHq9Hh5cTs2G7Bv1sQHB/eC2QJ1
glDAJfCZT76OoGybHdpGIAGQkxK3nYrm17hNsEFqLzNOolwUAXowlg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:02 2025 by rpki-client on console.sobornost.net