Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/aI0hPjuUp-ZUQqbn5UpeRYIznig.roa
File: aI0hPjuUp-ZUQqbn5UpeRYIznig.roa (raw, json)
Hash identifier: YCVGUCemZnQ6KgkmmQCzCkcTcY0K66IMIL9lDqRMeWI=
Subject key identifier: 68:8D:21:3E:3B:94:A7:E6:54:42:A6:E7:E5:4A:5E:45:82:33:9E:28
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0194CB90695C80EA4F7182ED9533291CFFB1
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/aI0hPjuUp-ZUQqbn5UpeRYIznig.roa
Signing time: Mon 03 Feb 2025 11:27:06 +0000
ROA not before: Mon 03 Feb 2025 11:27:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.176.0/22 maxlen: 22
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/19 maxlen: 19
2a01:8ca0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:90:69:5c:80:ea:4f:71:82:ed:95:33:29:1c:ff:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Feb 3 11:27:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=688d213e3b94a7e65442a6e7e54a5e4582339e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:b7:d3:68:b5:b7:9f:39:4f:75:2e:42:b9:
37:0d:5d:cc:29:99:ad:17:40:02:2b:01:c4:f1:72:
43:1d:7c:65:0f:fe:ef:46:f2:25:fa:0d:ed:dd:25:
f1:66:4a:39:97:24:ac:e6:dd:e2:e6:44:13:fc:95:
c2:a3:2a:92:89:e7:71:74:9a:00:1c:11:76:c6:b3:
e0:6f:92:14:bf:3f:d8:24:1c:c0:d3:9b:de:f5:47:
71:1e:06:e1:96:5f:f8:ca:82:1b:37:2f:2f:24:e4:
61:ae:e3:7f:50:ee:df:dd:bd:2e:76:48:90:48:a3:
50:63:16:0d:f2:96:f8:3c:5e:6d:6b:64:28:e5:22:
30:e5:d1:ef:e9:22:c8:30:6a:51:87:d4:61:a0:82:
88:47:d2:e9:f1:68:13:29:1d:2d:ef:90:1d:b5:1e:
70:25:d4:e7:bd:38:e8:5b:19:ff:96:56:63:01:00:
d4:6e:44:c9:c3:f3:3e:ef:20:df:3d:7a:8c:4a:31:
89:41:39:51:83:33:43:8c:3a:72:10:29:02:e8:7b:
25:37:ce:7c:27:eb:eb:3b:4d:ab:a8:15:c9:9e:29:
ab:d3:cb:c4:d1:5d:57:91:e9:00:29:c9:9e:9f:fb:
51:33:20:fe:95:79:ab:32:9a:b5:13:42:92:b8:a0:
ad:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8D:21:3E:3B:94:A7:E6:54:42:A6:E7:E5:4A:5E:45:82:33:9E:28
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/aI0hPjuUp-ZUQqbn5UpeRYIznig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0/22
176.103.184.0/24
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:69:58:52:63:4c:d7:8b:b6:55:ee:3d:9b:08:be:ff:40:ca:
f2:35:d4:0c:60:72:d3:dc:ca:ab:0c:f7:e9:c1:68:29:50:3d:
df:3b:4d:94:fd:ee:f0:1a:26:0b:e3:50:f1:01:94:c3:05:77:
7e:1d:55:b7:6c:de:57:d7:bd:68:a2:ee:f7:58:82:25:8c:d8:
eb:7d:73:8b:51:35:b2:b6:36:b2:c2:25:89:e7:ec:32:1a:15:
7f:60:92:d9:02:73:a3:d6:8e:48:25:11:ae:d2:33:f2:26:27:
4d:49:6b:f0:ec:ba:de:3a:9b:68:fc:55:41:11:d9:2e:02:8a:
4f:cb:4c:ec:39:ac:8b:91:b3:98:df:2d:0d:ef:67:26:cf:ac:
ee:77:6e:65:0c:3d:74:c2:d8:68:1c:51:27:ff:24:28:e4:df:
dc:9b:96:ab:3e:40:4d:b5:c0:39:7d:14:11:2b:34:40:14:17:
00:f9:36:61:53:40:63:32:58:d0:55:dc:7d:f9:2a:c9:e5:a2:
a7:62:62:a3:3c:70:79:33:36:30:6a:77:58:68:65:57:17:bf:
e7:eb:a2:05:0e:b3:c4:4f:ea:5e:76:69:16:75:32:fa:7a:1d:
4b:a8:a3:b8:2b:60:32:ea:11:60:26:d4:ac:6d:5f:6a:a0:4b:
b7:6e:43:5a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZTLkGlcgOpPcYLtlTMpHP+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwMjAzMTEyNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODhkMjEzZTNiOTRhN2U2NTQ0MmE2ZTdlNTRhNWU0NTgyMzM5ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquO302i1t585T3UuQrk3DV3MKZmt
F0ACKwHE8XJDHXxlD/7vRvIl+g3t3SXxZko5lySs5t3i5kQT/JXCoyqSiedxdJoA
HBF2xrPgb5IUvz/YJBzA05ve9UdxHgbhll/4yoIbNy8vJORhruN/UO7f3b0udkiQ
SKNQYxYN8pb4PF5ta2Qo5SIw5dHv6SLIMGpRh9RhoIKIR9Lp8WgTKR0t75AdtR5w
JdTnvTjoWxn/llZjAQDUbkTJw/M+7yDfPXqMSjGJQTlRgzNDjDpyECkC6HslN858
J+vrO02rqBXJnimr08vE0V1XkekAKcmen/tRMyD+lXmrMpq1E0KSuKCtMQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFGiNIT47lKfmVEKm5+VKXkWCM54oMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvYUkwaFBqdVVwLVpVUXFibjVVcGVSWUl6bmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdoDBAKwZ7ADBACwZ7gDBASwajADBAOwamAwDAMEBbBqoAMEA7BqsAME
AbkvCgMEArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF1W5A
MA0EAgACMAcDBQAqAYygMA0GCSqGSIb3DQEBCwUAA4IBAQCOaVhSY0zXi7ZV7j2b
CL7/QMryNdQMYHLT3MqrDPfpwWgpUD3fO02U/e7wGiYL41DxAZTDBXd+HVW3bN5X
171oou73WIIljNjrfXOLUTWytjaywiWJ5+wyGhV/YJLZAnOj1o5IJRGu0jPyJidN
SWvw7LreOpto/FVBEdkuAopPy0zsOayLkbOY3y0N72cmz6zud25lDD10wthoHFEn
/yQo5N/cm5arPkBNtcA5fRQRKzRAFBcA+TZhU0BjMljQVdx9+SrJ5aKnYmKjPHB5
MzYwandYaGVXF7/n66IFDrPET+pedmkWdTL6eh1LqKO4K2Ay6hFgJtSsbV9qoEu3
bkNa
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:48:22 2025 by rpki-client on console.sobornost.net