Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CZQr-PRmWuDNH9i1aiSwIugdjoA.roa
File: CZQr-PRmWuDNH9i1aiSwIugdjoA.roa (raw, json)
Hash identifier: k5wVBEbjmeTCz7e5okTovaA9Rry3N0f3Cozmd1LLfzE=
Subject key identifier: 09:94:2B:F8:F4:66:5A:E0:CD:1F:D8:B5:6A:24:B0:22:E8:1D:8E:80
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0195EB4CBCFBCE006027E315A6112207BA68
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CZQr-PRmWuDNH9i1aiSwIugdjoA.roa
Signing time: Mon 31 Mar 2025 08:23:49 +0000
ROA not before: Mon 31 Mar 2025 08:23:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42821
IP address blocks: 77.90.128.0/24 maxlen: 24
77.90.129.0/24 maxlen: 24
77.90.130.0/24 maxlen: 24
77.90.132.0/24 maxlen: 24
77.90.133.0/24 maxlen: 24
77.90.134.0/24 maxlen: 24
77.90.136.0/24 maxlen: 24
77.90.137.0/24 maxlen: 24
77.90.139.0/24 maxlen: 24
77.90.140.0/24 maxlen: 24
77.90.142.0/24 maxlen: 24
77.90.143.0/24 maxlen: 24
77.90.144.0/24 maxlen: 24
77.90.146.0/24 maxlen: 24
77.90.147.0/24 maxlen: 24
77.90.148.0/24 maxlen: 24
77.90.164.0/24 maxlen: 24
213.209.138.0/24 maxlen: 24
2a04:29c2::/32 maxlen: 32
2a04:29c7::/32 maxlen: 32
2a04:29c7:1280:24::/64 maxlen: 64
2a04:29c7:1280:27::/64 maxlen: 64
2a04:29c7:1290:24::/64 maxlen: 64
2a04:29c7:1300:24::/64 maxlen: 64
2a04:29c7:1371:6027::/64 maxlen: 64
2a04:29c7:1420::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:4c:bc:fb:ce:00:60:27:e3:15:a6:11:22:07:ba:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Mar 31 08:23:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09942bf8f4665ae0cd1fd8b56a24b022e81d8e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0d:18:8b:5c:e9:47:6b:d3:ee:50:4b:37:a7:
51:92:a3:6e:65:f8:0d:70:67:e5:35:ca:fa:fd:ae:
fb:f7:db:c4:62:38:36:ec:40:92:00:29:99:6e:72:
f0:ac:d2:af:e1:17:24:5a:47:2f:1b:a2:64:80:57:
9a:a8:b2:12:2f:ba:07:3b:09:a5:63:04:4a:cd:04:
61:97:d8:c7:14:81:19:60:57:fd:d6:66:a8:f9:44:
a4:94:34:2d:ae:a6:c5:09:7f:5d:5e:f5:c2:b0:26:
da:4a:a9:bb:6f:48:e0:59:90:f2:93:12:f0:bf:6e:
3a:bc:01:59:d2:4d:64:20:75:f7:aa:71:b0:7d:fe:
0e:cc:f3:7a:f3:87:1e:30:2c:7f:6d:55:82:5a:03:
81:63:0a:69:43:90:89:bc:43:33:8f:9c:1b:14:d8:
65:7a:3b:f1:07:c1:cf:93:eb:c3:8d:d6:8f:fc:85:
ce:c6:91:c6:47:d6:93:c7:9d:1d:6c:b0:a9:77:e4:
da:a7:5d:57:f9:be:55:01:96:f3:c9:74:e2:fc:a9:
02:05:d9:dc:a8:02:69:55:aa:df:68:5b:01:15:fd:
8e:7e:5d:b7:9e:00:d1:35:01:49:e8:26:27:a5:3a:
ea:a4:d4:19:fe:ec:51:74:33:22:dd:7f:97:80:d8:
75:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:94:2B:F8:F4:66:5A:E0:CD:1F:D8:B5:6A:24:B0:22:E8:1D:8E:80
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/CZQr-PRmWuDNH9i1aiSwIugdjoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.128.0-77.90.130.255
77.90.132.0-77.90.134.255
77.90.136.0/23
77.90.139.0-77.90.140.255
77.90.142.0-77.90.144.255
77.90.146.0-77.90.148.255
77.90.164.0/24
213.209.138.0/24
IPv6:
2a04:29c2::/32
2a04:29c7::/32
Signature Algorithm: sha256WithRSAEncryption
57:92:23:2c:a4:8d:db:b7:df:b2:01:23:8d:99:49:e9:e0:6a:
6a:cb:cb:c5:36:3a:52:db:25:92:cc:15:33:78:f5:9f:49:70:
d7:ac:a7:d2:65:76:d8:8d:87:5b:03:00:09:3a:7c:7e:6a:e2:
a3:4e:9d:4c:a0:2c:08:cd:15:09:37:6d:6a:2d:ee:60:aa:32:
38:97:1d:ee:5a:5a:0b:f5:5a:00:ab:11:4b:02:29:ff:d4:e5:
59:05:37:b5:fa:b5:90:5e:a9:99:2f:16:f8:23:d9:8a:a5:4f:
45:67:a1:21:c7:4e:e5:34:3e:4b:d4:4d:de:4a:f6:81:cf:db:
d5:75:44:5e:bb:ae:be:78:83:7f:59:6b:a4:91:85:99:9f:de:
e9:11:cc:96:c4:e6:17:02:66:5e:e6:bf:15:88:9c:49:5b:3a:
a7:62:7b:7b:ee:05:ba:a9:79:46:b3:3c:ef:61:5e:e5:ee:df:
0c:0b:61:aa:58:34:20:9d:e0:15:02:1f:f0:9d:c4:01:6c:27:
c0:f1:18:b8:70:e4:e1:41:27:3e:28:60:7f:e7:a8:60:18:21:
fc:f1:84:4c:9f:ea:6a:89:c9:01:0e:bb:70:4f:a0:4b:52:c3:
ad:b0:f8:ae:21:6a:54:fb:5a:c0:ea:00:e6:be:e9:2a:0e:65:
21:2b:ab:5d
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZXrTLz7zgBgJ+MVphEiB7poMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjUwMzMxMDgyMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk0MmJmOGY0NjY1YWUwY2QxZmQ4YjU2YTI0YjAyMmU4MWQ4ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ0Yi1zpR2vT7lBLN6dRkqNuZfgN
cGflNcr6/a7799vEYjg27ECSACmZbnLwrNKv4RckWkcvG6JkgFeaqLISL7oHOwml
YwRKzQRhl9jHFIEZYFf91mao+USklDQtrqbFCX9dXvXCsCbaSqm7b0jgWZDykxLw
v246vAFZ0k1kIHX3qnGwff4OzPN684ceMCx/bVWCWgOBYwppQ5CJvEMzj5wbFNhl
ejvxB8HPk+vDjdaP/IXOxpHGR9aTx50dbLCpd+Tap11X+b5VAZbzyXTi/KkCBdnc
qAJpVarfaFsBFf2Ofl23ngDRNQFJ6CYnpTrqpNQZ/uxRdDMi3X+XgNh1UwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFAmUK/j0ZlrgzR/YtWoksCLoHY6AMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvQ1pRci1QUm1XdUROSDlpMWFpU3dJdWdkam9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWDAMAwQHTVqA
AwQATVqCMAwDBAJNWoQDBABNWoYDBAFNWogwDAMEAE1aiwMEAE1ajDAMAwQBTVqO
AwQATVqQMAwDBAFNWpIDBABNWpQDBABNWqQDBADV0YowFAQCAAIwDgMFACoEKcID
BQAqBCnHMA0GCSqGSIb3DQEBCwUAA4IBAQBXkiMspI3bt9+yASONmUnp4Gpqy8vF
NjpS2yWSzBUzePWfSXDXrKfSZXbYjYdbAwAJOnx+auKjTp1MoCwIzRUJN21qLe5g
qjI4lx3uWloL9VoAqxFLAin/1OVZBTe1+rWQXqmZLxb4I9mKpU9FZ6Ehx07lND5L
1E3eSvaBz9vVdUReu66+eIN/WWukkYWZn97pEcyWxOYXAmZe5r8ViJxJWzqnYnt7
7gW6qXlGszzvYV7l7t8MC2GqWDQgneAVAh/wncQBbCfA8Ri4cOThQSc+KGB/56hg
GCH88YRMn+pqickBDrtwT6BLUsOtsPiuIWpU+1rA6gDmvukqDmUhK6td
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:36 2025 by rpki-client on console.sobornost.net