Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/xXop6TH9jb4MWemz5XxHSSby6QI.roa
File: xXop6TH9jb4MWemz5XxHSSby6QI.roa (raw, json)
Hash identifier: VzRXyzIpF2fjwuXfymirOKn6Z/dMGFrxlr5uIAq5fAE=
Subject key identifier: C5:7A:29:E9:31:FD:8D:BE:0C:59:E9:B3:E5:7C:47:49:26:F2:E9:02
Certificate issuer: /CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Certificate serial: 019543FB12C51A4E069A3694C4F37C985FC9
Authority key identifier: 9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/xXop6TH9jb4MWemz5XxHSSby6QI.roa
Signing time: Wed 26 Feb 2025 20:38:02 +0000
ROA not before: Wed 26 Feb 2025 20:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20676
IP address blocks: 62.8.128.0/17 maxlen: 17
62.8.168.0/21 maxlen: 21
62.8.176.0/20 maxlen: 20
62.145.0.0/19 maxlen: 19
62.206.0.0/16 maxlen: 16
62.206.164.0/24 maxlen: 24
62.206.165.0/24 maxlen: 24
62.206.166.0/24 maxlen: 24
83.236.0.0/16 maxlen: 16
83.236.0.0/20 maxlen: 20
83.236.16.0/20 maxlen: 20
83.236.32.0/21 maxlen: 21
84.245.128.0/18 maxlen: 18
85.8.132.0/22 maxlen: 22
87.193.0.0/16 maxlen: 16
87.234.0.0/16 maxlen: 16
92.192.0.0/16 maxlen: 16
92.193.0.0/16 maxlen: 16
92.193.0.0/17 maxlen: 17
92.193.128.0/17 maxlen: 17
92.194.0.0/15 maxlen: 15
92.194.0.0/17 maxlen: 17
92.194.128.0/17 maxlen: 17
92.195.0.0/17 maxlen: 17
92.195.128.0/17 maxlen: 17
92.196.0.0/14 maxlen: 14
92.196.0.0/19 maxlen: 19
92.196.96.0/20 maxlen: 20
92.196.112.0/20 maxlen: 20
92.196.128.0/20 maxlen: 20
92.196.144.0/20 maxlen: 20
92.196.160.0/20 maxlen: 20
92.196.176.0/20 maxlen: 20
92.196.192.0/20 maxlen: 20
92.196.208.0/20 maxlen: 20
92.196.224.0/19 maxlen: 19
92.197.130.0/24 maxlen: 24
92.198.96.0/19 maxlen: 19
92.198.144.0/20 maxlen: 20
92.198.160.0/19 maxlen: 19
92.198.192.0/20 maxlen: 20
92.198.208.0/20 maxlen: 20
92.198.224.0/20 maxlen: 20
92.198.240.0/20 maxlen: 20
92.199.16.0/20 maxlen: 20
92.199.64.0/20 maxlen: 20
92.199.96.0/20 maxlen: 20
92.199.112.0/20 maxlen: 20
92.199.128.0/20 maxlen: 20
92.199.144.0/20 maxlen: 20
92.199.176.0/20 maxlen: 20
92.199.208.0/20 maxlen: 20
92.200.0.0/16 maxlen: 16
185.144.188.0/22 maxlen: 22
194.9.127.0/24 maxlen: 24
194.140.96.0/20 maxlen: 20
195.32.128.0/17 maxlen: 17
195.80.192.0/19 maxlen: 19
195.90.0.0/19 maxlen: 19
195.90.8.0/21 maxlen: 21
195.158.160.0/19 maxlen: 19
212.4.160.0/19 maxlen: 19
212.4.176.0/20 maxlen: 20
212.5.0.0/19 maxlen: 19
212.5.8.0/21 maxlen: 21
212.5.16.0/20 maxlen: 20
212.60.192.0/18 maxlen: 18
212.63.32.0/19 maxlen: 19
212.84.208.0/20 maxlen: 20
212.84.224.0/19 maxlen: 19
212.105.192.0/19 maxlen: 19
212.110.192.0/19 maxlen: 19
212.202.0.0/16 maxlen: 16
212.202.0.0/19 maxlen: 19
212.202.40.0/21 maxlen: 21
212.202.48.0/20 maxlen: 20
212.202.168.0/21 maxlen: 21
212.202.176.0/20 maxlen: 20
213.148.128.0/19 maxlen: 19
213.148.128.0/24 maxlen: 24
213.148.129.0/24 maxlen: 24
213.148.130.0/24 maxlen: 24
213.148.133.0/24 maxlen: 24
213.160.0.0/19 maxlen: 19
213.160.0.0/24 maxlen: 24
213.217.64.0/18 maxlen: 18
217.146.128.0/19 maxlen: 19
2001:658::/29 maxlen: 29
2001:1a80::/29 maxlen: 29
2001:1a80:800::/48 maxlen: 48
2001:1a80:801::/48 maxlen: 48
2001:1a80:802::/48 maxlen: 48
2001:1a81:1000::/36 maxlen: 40
2001:1a81:1000::/40 maxlen: 48
2001:1a81:2000::/36 maxlen: 40
2001:1a81:2000::/40 maxlen: 48
2001:1a81:3000::/36 maxlen: 40
2001:1a81:3000::/40 maxlen: 48
2001:1a81:4000::/36 maxlen: 40
2001:1a81:4000::/40 maxlen: 48
2001:1a81:5000::/36 maxlen: 40
2001:1a81:5000::/40 maxlen: 48
2001:1a81:6000::/36 maxlen: 40
2001:1a81:6000::/40 maxlen: 48
2001:1a81:7000::/36 maxlen: 40
2001:1a81:7000::/40 maxlen: 48
2a09:7100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:fb:12:c5:1a:4e:06:9a:36:94:c4:f3:7c:98:5f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d066cb8488dae7e4234aa7c892430dad11fe5b1
Validity
Not Before: Feb 26 20:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c57a29e931fd8dbe0c59e9b3e57c474926f2e902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f4:da:76:2f:92:c3:8c:14:ce:5d:2d:cd:9c:
4b:d6:f4:d0:0f:38:7e:84:ee:b3:02:0f:70:ff:4d:
97:37:f8:92:04:07:1b:93:62:69:c4:d1:4d:a9:b2:
bd:32:51:5c:f7:be:cd:28:35:e6:be:75:2b:d0:2a:
a5:13:e2:53:c7:ff:5c:e0:31:69:15:50:13:f1:15:
43:05:62:cd:3c:5b:e5:43:88:6a:1f:7c:f1:15:13:
c8:9c:49:d8:3a:4e:84:1b:e6:3a:d2:7e:28:4c:c5:
44:f4:51:b4:ee:bd:13:8b:58:51:e5:1a:d7:29:87:
03:3c:b6:59:b0:ca:4d:e2:0b:a9:7a:04:a2:6a:a8:
c3:2f:3a:87:99:f6:aa:de:c7:34:ec:ca:26:01:7e:
0e:0d:91:f5:4d:b6:2c:ba:86:45:cf:eb:2a:aa:c8:
61:fe:49:c6:a0:05:a3:83:03:64:1f:31:4f:fe:08:
7e:c5:b1:b9:e2:ea:9e:95:1a:9f:ca:07:d8:2c:d7:
f4:86:18:1c:06:67:e7:cb:3e:30:c7:0b:3e:4a:ef:
f8:fd:19:62:b4:a9:99:1e:e1:c2:56:b2:7c:47:0f:
ba:93:0e:57:bf:9a:3c:29:e5:30:4d:c4:ea:6f:09:
0c:f6:42:d1:05:a2:e1:f1:fb:92:e8:e7:f9:55:b1:
1c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7A:29:E9:31:FD:8D:BE:0C:59:E9:B3:E5:7C:47:49:26:F2:E9:02
X509v3 Authority Key Identifier:
keyid:9D:06:6C:B8:48:8D:AE:7E:42:34:AA:7C:89:24:30:DA:D1:1F:E5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQZsuEiNrn5CNKp8iSQw2tEf5bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/xXop6TH9jb4MWemz5XxHSSby6QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d0d2fd-aa90-4207-9104-3ef02d5140b7/1/nQZsuEiNrn5CNKp8iSQw2tEf5bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.8.128.0/17
62.145.0.0/19
62.206.0.0/16
83.236.0.0/16
84.245.128.0/18
85.8.132.0/22
87.193.0.0/16
87.234.0.0/16
92.192.0.0-92.200.255.255
185.144.188.0/22
194.9.127.0/24
194.140.96.0/20
195.32.128.0/17
195.80.192.0/19
195.90.0.0/19
195.158.160.0/19
212.4.160.0/19
212.5.0.0/19
212.60.192.0/18
212.63.32.0/19
212.84.208.0-212.84.255.255
212.105.192.0/19
212.110.192.0/19
212.202.0.0/16
213.148.128.0/19
213.160.0.0/19
213.217.64.0/18
217.146.128.0/19
IPv6:
2001:658::/29
2001:1a80::/29
2a09:7100::/29
Signature Algorithm: sha256WithRSAEncryption
8b:88:58:2e:35:38:bc:7b:4e:ac:2a:c7:6c:29:9e:f5:5f:9d:
5b:3c:50:fe:48:b1:c3:0f:8e:44:d1:3d:5b:78:12:21:8d:b1:
c9:a6:2c:7a:dd:38:34:41:ae:61:a2:c7:5b:2e:c4:92:67:18:
db:75:e9:92:00:69:e3:fb:59:ea:02:9b:41:eb:77:95:fa:23:
2b:88:ca:a0:67:d0:98:7e:35:1d:28:38:6d:be:1b:d0:ce:a2:
b9:21:6a:08:23:9b:46:b1:5b:14:3a:9f:a2:0f:d4:36:6b:ae:
8b:73:b3:8c:fe:15:87:84:01:d6:da:6b:29:9e:23:25:45:9f:
d8:6d:d2:f4:4f:ab:83:3c:d5:db:66:25:69:79:a8:94:12:52:
5a:29:24:1d:46:58:d7:39:84:b1:f7:c6:5d:a9:01:e6:c0:dd:
4b:90:b3:bf:09:c7:0f:f7:e7:3c:50:94:05:e2:ef:a9:57:0f:
85:45:95:bc:c2:d0:51:ba:9d:4e:75:90:93:18:b0:00:b4:30:
4f:51:7f:b6:9e:c0:a6:c6:aa:2c:bd:22:65:9e:97:fb:b5:69:
4f:4b:14:49:a3:3b:64:f8:b4:05:f5:e9:e9:0d:c0:0a:28:7a:
81:a7:78:72:86:c5:8c:c2:40:4f:3c:11:76:78:3d:d3:46:1e:
19:67:39:23
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZVD+xLFGk4GmjaUxPN8mF/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDY2Y2I4NDg4ZGFlN2U0MjM0YWE3Yzg5MjQzMGRhZDEx
ZmU1YjEwHhcNMjUwMjI2MjAzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTdhMjllOTMxZmQ4ZGJlMGM1OWU5YjNlNTdjNDc0OTI2ZjJlOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifTadi+Sw4wUzl0tzZxL1vTQDzh+
hO6zAg9w/02XN/iSBAcbk2JpxNFNqbK9MlFc977NKDXmvnUr0CqlE+JTx/9c4DFp
FVAT8RVDBWLNPFvlQ4hqH3zxFRPInEnYOk6EG+Y60n4oTMVE9FG07r0Ti1hR5RrX
KYcDPLZZsMpN4gupegSiaqjDLzqHmfaq3sc07MomAX4ODZH1TbYsuoZFz+sqqshh
/knGoAWjgwNkHzFP/gh+xbG54uqelRqfygfYLNf0hhgcBmfnyz4wxws+Su/4/Rli
tKmZHuHCVrJ8Rw+6kw5Xv5o8KeUwTcTqbwkM9kLRBaLh8fuS6Of5VbEceQIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFMV6Kekx/Y2+DFnps+V8R0km8ukCMB8GA1UdIwQY
MBaAFJ0GbLhIja5+QjSqfIkkMNrRH+WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQt
M2VmMDJkNTE0MGI3LzEveFhvcDZUSDlqYjRNV2VtejVYeEhTU2J5NlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMGQyZmQtYWE5MC00MjA3LTkxMDQtM2VmMDJkNTE0MGI3
LzEvblFac3VFaU5ybjVDTktwOGlTUXcydEVmNWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbADBAc+
CIADBAU+kQADAwA+zgMDAFPsAwQGVPWAAwQCVQiEAwMAV8EDAwBX6jAKAwMGXMAD
AwBcyAMEArmQvAMEAMIJfwMEBMKMYAMEB8MggAMEBcNQwAMEBcNaAAMEBcOeoAME
BdQEoAMEBdQFAAMEBtQ8wAMEBdQ/IDALAwQE1FTQAwMA1FQDBAXUacADBAXUbsAD
AwDUygMEBdWUgAMEBdWgAAMEBtXZQAMEBdmSgDAbBAIAAjAVAwUDIAEGWAMFAyAB
GoADBQMqCXEAMA0GCSqGSIb3DQEBCwUAA4IBAQCLiFguNTi8e06sKsdsKZ71X51b
PFD+SLHDD45E0T1beBIhjbHJpix63Tg0Qa5hosdbLsSSZxjbdemSAGnj+1nqAptB
63eV+iMriMqgZ9CYfjUdKDhtvhvQzqK5IWoII5tGsVsUOp+iD9Q2a66Lc7OM/hWH
hAHW2mspniMlRZ/YbdL0T6uDPNXbZiVpeaiUElJaKSQdRljXOYSx98ZdqQHmwN1L
kLO/CccP9+c8UJQF4u+pVw+FRZW8wtBRup1OdZCTGLAAtDBPUX+2nsCmxqosvSJl
npf7tWlPSxRJoztk+LQF9enpDcAKKHqBp3hyhsWMwkBPPBF2eD3TRh4ZZzkj
-----END CERTIFICATE-----
Generated at Tue Mar 25 18:10:55 2025 by rpki-client on console.sobornost.net