Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/3v8yr5gJI83WUjRJ9OZVqhkkR7c.roa
File: 3v8yr5gJI83WUjRJ9OZVqhkkR7c.roa (raw, json)
Hash identifier: fBGuRwwzNL/uOKrTf6Q2PyK8x8wJZZLUSDBTYI2GL84=
Subject key identifier: DE:FF:32:AF:98:09:23:CD:D6:52:34:49:F4:E6:55:AA:19:24:47:B7
Certificate issuer: /CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Certificate serial: 0194221FEF94F38427B6C8C25C39808CCA04
Authority key identifier: 10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/3v8yr5gJI83WUjRJ9OZVqhkkR7c.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8685
IP address blocks: 81.21.160.0/20 maxlen: 24
81.21.160.0/21 maxlen: 21
81.21.161.0/24 maxlen: 24
81.21.164.0/22 maxlen: 22
81.21.166.0/24 maxlen: 24
81.21.167.0/24 maxlen: 24
81.21.168.0/21 maxlen: 24
81.21.169.0/24 maxlen: 24
81.21.170.0/23 maxlen: 23
81.21.170.0/24 maxlen: 24
81.21.174.0/24 maxlen: 24
82.151.128.0/19 maxlen: 24
82.151.128.0/20 maxlen: 20
82.151.131.0/24 maxlen: 24
82.151.132.0/24 maxlen: 24
82.151.133.0/24 maxlen: 24
82.151.134.0/24 maxlen: 24
82.151.138.0/24 maxlen: 24
82.151.140.0/24 maxlen: 24
82.151.142.0/24 maxlen: 24
82.151.143.0/24 maxlen: 24
82.151.144.0/20 maxlen: 20
82.151.144.0/24 maxlen: 24
82.151.154.0/23 maxlen: 24
94.102.64.0/20 maxlen: 24
94.102.64.0/21 maxlen: 21
94.102.70.0/23 maxlen: 24
94.102.72.0/21 maxlen: 24
94.102.76.0/24 maxlen: 24
185.58.244.0/22 maxlen: 24
212.2.192.0/19 maxlen: 24
212.2.192.0/21 maxlen: 21
212.2.192.0/24 maxlen: 24
212.2.193.0/24 maxlen: 24
212.2.194.0/24 maxlen: 24
212.2.195.0/24 maxlen: 24
212.2.196.0/24 maxlen: 24
212.2.197.0/24 maxlen: 24
212.2.198.0/24 maxlen: 24
212.2.199.0/24 maxlen: 24
212.2.204.0/22 maxlen: 22
212.2.204.0/23 maxlen: 23
212.2.204.0/24 maxlen: 24
212.2.205.0/24 maxlen: 24
212.2.206.0/24 maxlen: 24
212.2.208.0/24 maxlen: 24
212.2.209.0/24 maxlen: 24
212.2.210.0/24 maxlen: 24
212.2.211.0/24 maxlen: 24
212.2.212.0/23 maxlen: 23
212.2.212.0/24 maxlen: 24
212.2.213.0/24 maxlen: 24
212.2.215.0/24 maxlen: 24
212.2.216.0/21 maxlen: 21
212.2.216.0/24 maxlen: 24
212.2.217.0/24 maxlen: 24
212.2.222.0/24 maxlen: 24
212.58.0.0/19 maxlen: 24
212.58.0.0/21 maxlen: 21
212.58.0.0/24 maxlen: 24
212.58.8.0/21 maxlen: 24
212.58.13.0/24 maxlen: 24
212.58.16.0/21 maxlen: 24
212.58.16.0/24 maxlen: 24
212.58.18.0/24 maxlen: 24
212.58.24.0/21 maxlen: 24
212.58.28.0/24 maxlen: 24
212.58.31.0/24 maxlen: 24
213.155.96.0/19 maxlen: 19
213.155.96.0/21 maxlen: 21
213.155.99.0/24 maxlen: 24
213.155.103.0/24 maxlen: 24
213.155.104.0/21 maxlen: 24
213.155.112.0/21 maxlen: 24
213.155.120.0/23 maxlen: 24
213.155.121.0/24 maxlen: 24
213.155.122.0/23 maxlen: 24
213.155.124.0/22 maxlen: 24
2a02:480::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ef:94:f3:84:27:b6:c8:c2:5c:39:80:8c:ca:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=deff32af980923cdd6523449f4e655aa192447b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c1:8e:96:08:ba:3f:29:f7:8a:8e:db:1a:bb:
95:a9:77:12:67:d4:f6:80:95:e8:6b:3b:09:cd:59:
d4:d3:a6:65:40:ce:ee:86:86:5c:68:52:95:45:38:
6f:1a:71:68:7f:e8:a4:55:0d:ef:a2:3d:3a:f9:7e:
15:61:2c:34:f5:1e:0b:ac:33:14:ac:df:26:bd:23:
4c:ca:e9:10:6a:3e:c7:28:3a:b2:54:c8:c7:c5:c0:
14:6d:c3:04:56:27:9c:0b:87:20:75:be:8d:10:dc:
7d:cc:e0:ae:85:c5:71:b9:33:9c:4d:4f:b2:3e:e7:
65:61:60:6f:fb:6b:f1:c2:56:dc:43:b5:25:16:c3:
b0:01:58:cd:4b:79:06:9f:58:a3:a0:e8:4a:0d:8b:
92:dd:7d:8d:13:78:36:f3:1a:e7:98:1a:d9:89:8b:
40:93:d6:e4:54:38:41:8b:cf:8a:28:4e:b3:30:42:
2a:04:2f:e0:6c:3a:28:07:56:99:71:29:20:7b:15:
ec:c2:90:fe:e6:44:18:95:27:37:6f:ae:8c:ac:38:
d6:74:2e:0e:78:f2:52:8a:9c:d2:3f:d4:52:42:09:
93:60:a5:21:1f:d3:10:ba:5d:ee:e6:49:68:11:d8:
ee:d1:e7:5c:9f:e7:e6:e6:24:8c:9d:5d:4e:72:a9:
d9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FF:32:AF:98:09:23:CD:D6:52:34:49:F4:E6:55:AA:19:24:47:B7
X509v3 Authority Key Identifier:
keyid:10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/3v8yr5gJI83WUjRJ9OZVqhkkR7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.160.0/20
82.151.128.0/19
94.102.64.0/20
185.58.244.0/22
212.2.192.0/19
212.58.0.0/19
213.155.96.0/19
IPv6:
2a02:480::/32
Signature Algorithm: sha256WithRSAEncryption
70:ef:8a:ad:9f:54:67:67:c9:89:f2:ba:01:03:ba:33:7c:8a:
da:85:5d:18:74:c2:b7:9f:50:81:22:c4:04:29:1f:fd:30:03:
ce:7b:6e:f4:1b:93:be:cc:49:47:7c:88:38:78:6d:11:ff:98:
90:d2:b9:48:24:28:d8:e6:b9:f7:af:a4:26:51:ae:b5:12:7a:
9c:a1:1f:87:c9:c3:17:cd:76:94:f0:41:57:38:ef:dc:84:20:
c3:12:df:5e:c9:63:7c:77:aa:52:09:9f:54:35:0c:5a:60:68:
ff:fc:2a:2e:b6:a4:08:8a:ae:b6:00:ef:24:42:e5:ad:38:77:
90:20:f0:3a:84:60:0b:96:f7:65:cc:35:57:0f:15:0d:44:74:
5e:d8:39:b1:61:a0:65:57:06:55:64:b3:8b:ec:06:53:72:27:
63:d9:37:ba:a2:99:68:0b:c9:de:b5:6f:c1:94:65:e1:82:06:
7d:8f:a3:bc:f6:cb:33:c3:5c:74:0f:b5:78:94:81:7f:76:30:
29:e6:7e:2d:a1:46:8b:2d:f5:2f:f7:b3:89:53:06:1c:69:9a:
1b:7c:be:69:9c:1a:f9:de:51:f3:5f:2b:9a:d9:d1:8c:a8:27:
fe:8f:71:b9:72:0d:f9:22:f0:ed:44:35:f9:39:34:8c:88:0c:
3f:27:3b:6a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQiH++U84QntsjCXDmAjMoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzRkYjk2NDAyZmY1Y2YxODc1NjQ1NjBlYThmMTNlZWVi
NWZmZWIwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWZmMzJhZjk4MDkyM2NkZDY1MjM0NDlmNGU2NTVhYTE5MjQ0N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8GOlgi6Pyn3io7bGruVqXcSZ9T2
gJXoazsJzVnU06ZlQM7uhoZcaFKVRThvGnFof+ikVQ3voj06+X4VYSw09R4LrDMU
rN8mvSNMyukQaj7HKDqyVMjHxcAUbcMEViecC4cgdb6NENx9zOCuhcVxuTOcTU+y
PudlYWBv+2vxwlbcQ7UlFsOwAVjNS3kGn1ijoOhKDYuS3X2NE3g28xrnmBrZiYtA
k9bkVDhBi8+KKE6zMEIqBC/gbDooB1aZcSkgexXswpD+5kQYlSc3b66MrDjWdC4O
ePJSipzSP9RSQgmTYKUhH9MQul3u5kloEdju0edcn+fm5iSMnV1OcqnZCwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFN7/Mq+YCSPN1lI0SfTmVaoZJEe3MB8GA1UdIwQY
MBaAFBB025ZAL/XPGHVkVg6o8T7utf/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEt
YWI0MGI1OGEyODkyLzEvM3Y4eXI1Z0pJODNXVWpSSjlPWlZxaGtrUjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEtYWI0MGI1OGEyODky
LzEvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEURWgAwQF
UpeAAwQEXmZAAwQCuTr0AwQF1ALAAwQF1DoAAwQF1ZtgMA0EAgACMAcDBQAqAgSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBw74qtn1RnZ8mJ8roBA7ozfIrahV0YdMK3n1CB
IsQEKR/9MAPOe270G5O+zElHfIg4eG0R/5iQ0rlIJCjY5rn3r6QmUa61EnqcoR+H
ycMXzXaU8EFXOO/chCDDEt9eyWN8d6pSCZ9UNQxaYGj//CoutqQIiq62AO8kQuWt
OHeQIPA6hGALlvdlzDVXDxUNRHRe2DmxYaBlVwZVZLOL7AZTcidj2Te6oploC8ne
tW/BlGXhggZ9j6O89sszw1x0D7V4lIF/djAp5n4toUaLLfUv97OJUwYcaZobfL5p
nBr53lHzXyua2dGMqCf+j3G5cg35IvDtRDX5OTSMiAw/Jztq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:55 2025 by rpki-client on console.sobornost.net