Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/0dzvDZ3ZJPmDvpiheCCfkaI1-88.roa
File: 0dzvDZ3ZJPmDvpiheCCfkaI1-88.roa (raw, json)
Hash identifier: M9SUV5FOyA0w1xMsV321NlcruOH8+CUhwUSTR5+XV3A=
Subject key identifier: D1:DC:EF:0D:9D:D9:24:F9:83:BE:98:A1:78:20:9F:91:A2:35:FB:CF
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 019425FDD48D78E20805E92C61E65A18C46C
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/0dzvDZ3ZJPmDvpiheCCfkaI1-88.roa
Signing time: Thu 02 Jan 2025 07:49:39 +0000
ROA not before: Thu 02 Jan 2025 07:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21267
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d4:8d:78:e2:08:05:e9:2c:61:e6:5a:18:c4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Jan 2 07:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1dcef0d9dd924f983be98a178209f91a235fbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:10:ad:38:e6:b1:10:e3:79:9a:5b:28:c4:da:
30:58:f7:b7:be:9e:78:95:8f:8d:17:e3:7c:5c:67:
b8:45:5b:91:c6:59:6a:e4:e9:48:fd:1a:14:82:4c:
80:14:dd:38:e1:0c:8a:72:ce:9a:8d:51:4c:57:a2:
ab:a8:41:d3:95:de:8d:aa:83:e2:a6:a3:e0:65:1e:
d8:ea:c0:3e:40:8e:4c:25:b1:98:2f:e2:1f:8e:27:
74:44:d1:ce:58:2e:54:4e:92:f7:3b:43:e6:fa:76:
a6:1f:4c:e9:4c:a1:7c:3f:5d:fa:7c:07:1f:1c:ed:
d9:71:2c:a3:3a:eb:41:51:5e:4e:5a:2e:3f:3d:3e:
b8:71:af:b7:fa:78:ac:46:52:ff:7f:b4:67:34:17:
43:7b:0b:8b:93:18:04:7e:99:4b:61:0c:a9:2f:d4:
bd:ab:a2:a2:54:61:19:16:e9:f9:79:2d:97:49:9f:
79:e1:b0:62:79:f8:41:9d:fa:09:40:8c:22:d6:c9:
cf:7a:46:9b:eb:72:23:1c:56:0b:4f:21:ba:53:eb:
d8:60:b1:92:c4:b5:91:7c:b2:21:90:e7:c0:aa:03:
54:e4:a2:3b:15:b1:de:9d:fb:ec:ec:45:a3:72:c2:
ec:0d:8a:c7:ce:35:a9:9e:7d:1d:3e:5f:9d:13:e1:
18:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DC:EF:0D:9D:D9:24:F9:83:BE:98:A1:78:20:9F:91:A2:35:FB:CF
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/0dzvDZ3ZJPmDvpiheCCfkaI1-88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:38:29:35:1e:a5:96:c8:d0:09:91:fd:06:9c:0e:d8:52:bc:
bb:53:8d:d0:09:0a:c9:f6:83:23:c8:b2:b7:7a:f9:c6:11:1f:
fc:79:ee:97:4a:10:09:34:37:f4:6f:9a:55:d1:ca:ae:a1:1a:
38:4e:de:f3:55:5b:7b:49:60:25:99:5a:54:16:8e:f7:95:ad:
86:01:71:f8:04:a4:94:ab:49:2c:5e:85:66:06:93:60:4c:26:
a9:95:0c:61:af:16:87:fa:39:19:dd:3d:ba:7f:b4:64:69:f0:
35:32:2b:ec:ea:bd:f8:60:12:af:18:e6:6b:f9:8c:4a:42:30:
4f:cd:d8:c3:3e:44:d2:2e:f7:78:8a:75:9d:4f:73:1b:f0:f1:
90:73:2c:24:b9:e8:e5:17:f3:b5:79:81:91:33:15:ec:e0:b5:
38:af:4c:68:2f:76:62:1a:fa:a1:02:67:70:e4:78:23:5f:49:
af:6b:ec:34:8e:44:37:f5:9d:86:21:58:94:3a:c3:cc:db:d6:
0f:94:eb:e0:55:3c:aa:e7:32:b7:8c:6b:d6:f2:d3:2f:b5:2e:
37:51:dc:3d:4e:98:f6:db:95:bd:bc:f4:94:29:16:48:97:d1:
15:38:9f:f4:77:f0:f0:76:81:7c:32:c0:ca:44:fd:02:65:74:
b1:60:75:54
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZQl/dSNeOIIBeksYeZaGMRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwMTAyMDc0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRjZWYwZDlkZDkyNGY5ODNiZTk4YTE3ODIwOWY5MWEyMzVmYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBCtOOaxEON5mlsoxNowWPe3vp54
lY+NF+N8XGe4RVuRxllq5OlI/RoUgkyAFN044QyKcs6ajVFMV6KrqEHTld6NqoPi
pqPgZR7Y6sA+QI5MJbGYL+Ifjid0RNHOWC5UTpL3O0Pm+namH0zpTKF8P136fAcf
HO3ZcSyjOutBUV5OWi4/PT64ca+3+nisRlL/f7RnNBdDewuLkxgEfplLYQypL9S9
q6KiVGEZFun5eS2XSZ954bBiefhBnfoJQIwi1snPekab63IjHFYLTyG6U+vYYLGS
xLWRfLIhkOfAqgNU5KI7FbHenfvs7EWjcsLsDYrHzjWpnn0dPl+dE+EY7wIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFNHc7w2d2ST5g76YoXggn5GiNfvPMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvMGR6dkRaM1pKUG1EdnBpaGVDQ2ZrYUkxLTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCB1QQCAAEwgc4D
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAK5+PwD
BAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgwDAMEAtQL
RAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSAAwUDKg12
gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQAAOCk1HqWWyNAJkf0G
nA7YUry7U43QCQrJ9oMjyLK3evnGER/8ee6XShAJNDf0b5pV0cquoRo4Tt7zVVt7
SWAlmVpUFo73la2GAXH4BKSUq0ksXoVmBpNgTCaplQxhrxaH+jkZ3T26f7RkafA1
Mivs6r34YBKvGOZr+YxKQjBPzdjDPkTSLvd4inWdT3Mb8PGQcywkuejlF/O1eYGR
MxXs4LU4r0xoL3ZiGvqhAmdw5HgjX0mva+w0jkQ39Z2GIViUOsPM29YPlOvgVTyq
5zK3jGvW8tMvtS43Udw9Tpj225W9vPSUKRZIl9EVOJ/0d/DwdoF8MsDKRP0CZXSx
YHVU
-----END CERTIFICATE-----
Generated at Tue Mar 25 18:28:57 2025 by rpki-client on console.sobornost.net