Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/cztvIRkmsCPXq2-H_4GpkaNyzII.roa
File: cztvIRkmsCPXq2-H_4GpkaNyzII.roa (raw, json)
Hash identifier: wGz2hIDGmVI+VZFGQswcvNseSHozmizv0NMUMTJqa4c=
Subject key identifier: 73:3B:6F:21:19:26:B0:23:D7:AB:6F:87:FF:81:A9:91:A3:72:CC:82
Certificate issuer: /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial: 01958E90331BC7156A544497D3A1965089AA
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/cztvIRkmsCPXq2-H_4GpkaNyzII.roa
Signing time: Thu 13 Mar 2025 08:12:49 +0000
ROA not before: Thu 13 Mar 2025 08:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206618
IP address blocks: 143.163.1.0/24 maxlen: 24
143.163.12.0/22 maxlen: 22
143.163.16.0/23 maxlen: 23
143.163.22.0/24 maxlen: 24
143.163.66.0/23 maxlen: 23
143.163.66.0/24 maxlen: 24
143.163.67.0/24 maxlen: 24
193.23.96.0/24 maxlen: 24
194.114.32.0/23 maxlen: 23
194.114.40.0/23 maxlen: 23
194.114.61.0/24 maxlen: 24
194.114.62.0/23 maxlen: 23
194.114.62.0/24 maxlen: 24
194.114.63.0/24 maxlen: 24
194.114.64.0/23 maxlen: 23
194.114.66.0/23 maxlen: 23
194.114.70.0/23 maxlen: 23
194.114.74.0/24 maxlen: 24
194.114.77.0/24 maxlen: 24
194.114.78.0/23 maxlen: 23
194.114.80.0/23 maxlen: 23
194.114.82.0/24 maxlen: 24
194.114.84.0/24 maxlen: 24
194.114.85.0/24 maxlen: 24
194.114.94.0/23 maxlen: 23
194.114.96.0/22 maxlen: 22
194.114.96.0/23 maxlen: 23
194.114.96.0/24 maxlen: 24
194.114.97.0/24 maxlen: 24
194.114.98.0/23 maxlen: 23
194.114.100.0/22 maxlen: 22
194.114.104.0/21 maxlen: 21
194.114.104.0/24 maxlen: 24
194.114.112.0/22 maxlen: 22
194.114.116.0/22 maxlen: 22
194.114.125.0/24 maxlen: 24
194.114.126.0/24 maxlen: 24
2a01:4dc0::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:90:33:1b:c7:15:6a:54:44:97:d3:a1:96:50:89:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Validity
Not Before: Mar 13 08:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=733b6f211926b023d7ab6f87ff81a991a372cc82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b8:1f:be:e5:09:38:c4:f9:5f:9d:0d:a3:5b:
40:33:d9:dc:31:84:ad:77:a8:15:de:21:cc:69:71:
2c:4b:4d:be:be:eb:3e:0a:56:7e:62:5b:9d:e2:10:
a2:34:25:69:3a:ea:e4:a8:79:89:16:a7:3f:4e:d7:
b2:53:a6:e7:ea:06:59:f6:6a:75:5b:72:20:84:3f:
bc:5e:0b:61:cb:e4:19:63:38:95:53:68:12:ac:ee:
60:6b:93:4c:22:77:63:64:9f:c8:1d:3d:0f:94:e3:
a9:8d:23:cc:1f:b9:85:91:65:a6:b6:a8:12:c8:58:
f9:37:cb:c7:9b:57:eb:0a:f4:67:93:b2:51:da:ba:
50:b6:d2:3b:ae:f0:d3:4c:11:c8:2b:bd:ab:74:39:
4d:e3:4b:d1:60:99:71:bd:50:9e:9c:a7:9c:c5:ee:
80:4a:dc:77:ab:6c:f4:eb:63:41:66:eb:d0:57:46:
e9:9a:99:7b:b0:1c:75:6a:51:71:3f:be:26:e2:cb:
d9:f1:fd:0d:10:b0:e6:f7:5b:a9:e5:8a:98:08:40:
40:a8:dc:ea:4b:d4:fb:66:b7:23:5d:de:e4:4a:65:
86:77:80:59:45:4e:c9:fa:3c:41:f4:06:31:66:d0:
e8:8f:1f:1e:03:1a:06:82:a3:c1:2c:15:6a:2a:a7:
45:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3B:6F:21:19:26:B0:23:D7:AB:6F:87:FF:81:A9:91:A3:72:CC:82
X509v3 Authority Key Identifier:
keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/cztvIRkmsCPXq2-H_4GpkaNyzII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.163.1.0/24
143.163.12.0-143.163.17.255
143.163.22.0/24
143.163.66.0/23
193.23.96.0/24
194.114.32.0/23
194.114.40.0/23
194.114.61.0-194.114.67.255
194.114.70.0/23
194.114.74.0/24
194.114.77.0-194.114.82.255
194.114.84.0/23
194.114.94.0-194.114.119.255
194.114.125.0-194.114.126.255
IPv6:
2a01:4dc0::/42
Signature Algorithm: sha256WithRSAEncryption
9f:78:90:b2:55:27:83:1e:21:90:50:5e:ab:9b:c4:21:6c:ad:
8a:1a:5d:32:e0:81:c8:f6:e7:f6:db:5a:01:7a:36:f5:5f:c2:
2e:55:d8:36:12:a3:5f:f8:e2:b6:1c:be:b1:9a:88:13:32:d1:
af:29:a9:16:0a:13:a1:a5:bc:9a:2e:b1:61:96:0a:7e:04:e3:
e2:54:0d:bc:df:57:e8:3e:5f:47:d8:09:59:38:d6:c8:80:ee:
53:82:d8:c9:50:bc:31:0a:1f:5c:6c:6f:0c:9e:2a:5e:c5:91:
49:4d:93:29:50:87:c4:bc:60:c7:43:42:72:87:5b:56:d0:2e:
d3:3b:23:a2:e3:b9:e0:0f:0a:56:ac:04:b8:74:96:4c:83:cd:
6e:33:02:46:20:f0:6e:53:9e:45:d7:3b:5a:61:71:1c:2c:3b:
07:f5:75:9b:41:ad:07:44:31:03:1c:f9:37:d9:cf:d2:b3:f8:
ee:3c:df:c0:27:b6:99:e9:6e:e6:4a:c9:5d:22:98:87:4b:b1:
73:ce:fc:9c:4a:19:e1:de:45:a8:89:9e:06:ab:47:4e:b5:04:
1a:7a:ec:a8:b5:24:67:3d:af:d2:7e:3a:56:ec:bb:0b:86:9c:
3a:a2:3a:cd:85:55:c0:19:58:a8:37:6f:02:12:1c:35:59:03:
f8:73:88:77
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZWOkDMbxxVqVESX06GWUImqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjA0Yjc4YjJlZWRmOTk4ZWRkNWNjMWU4ODY3MWM4ZDEw
ZjE4NjUwHhcNMjUwMzEzMDgxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzNiNmYyMTE5MjZiMDIzZDdhYjZmODdmZjgxYTk5MWEzNzJjYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprgfvuUJOMT5X50No1tAM9ncMYSt
d6gV3iHMaXEsS02+vus+ClZ+Ylud4hCiNCVpOurkqHmJFqc/TteyU6bn6gZZ9mp1
W3IghD+8Xgthy+QZYziVU2gSrO5ga5NMIndjZJ/IHT0PlOOpjSPMH7mFkWWmtqgS
yFj5N8vHm1frCvRnk7JR2rpQttI7rvDTTBHIK72rdDlN40vRYJlxvVCenKecxe6A
Stx3q2z062NBZuvQV0bpmpl7sBx1alFxP74m4svZ8f0NELDm91up5YqYCEBAqNzq
S9T7ZrcjXd7kSmWGd4BZRU7J+jxB9AYxZtDojx8eAxoGgqPBLBVqKqdFgQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFHM7byEZJrAj16tvh/+BqZGjcsyCMB8GA1UdIwQY
MBaAFMfwS3iy7t+Zjt1cweiGccjRDxhlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzct
ZjQzNzgzOTA5NWQxLzEvY3p0dklSa21zQ1BYcTItSF80R3BrYU55eklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQx
LzEveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBggQCAAEwfAMEAI+j
ATAMAwQCj6MMAwQBj6MQAwQAj6MWAwQBj6NCAwQAwRdgAwQBwnIgAwQBwnIoMAwD
BADCcj0DBALCckADBAHCckYDBADCckowDAMEAMJyTQMEAMJyUgMEAcJyVDAMAwQB
wnJeAwQDwnJwMAwDBADCcn0DBADCcn4wDwQCAAIwCQMHBioBTcAAADANBgkqhkiG
9w0BAQsFAAOCAQEAn3iQslUngx4hkFBeq5vEIWytihpdMuCByPbn9ttaAXo29V/C
LlXYNhKjX/jithy+sZqIEzLRrympFgoToaW8mi6xYZYKfgTj4lQNvN9X6D5fR9gJ
WTjWyIDuU4LYyVC8MQofXGxvDJ4qXsWRSU2TKVCHxLxgx0NCcodbVtAu0zsjouO5
4A8KVqwEuHSWTIPNbjMCRiDwblOeRdc7WmFxHCw7B/V1m0GtB0QxAxz5N9nP0rP4
7jzfwCe2melu5krJXSKYh0uxc878nEoZ4d5FqImeBqtHTrUEGnrsqLUkZz2v0n46
Vuy7C4acOqI6zYVVwBlYqDdvAhIcNVkD+HOIdw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net