Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/9VmL_fQchW1s3XwBgJzBDEYWXlk.roa
File: 9VmL_fQchW1s3XwBgJzBDEYWXlk.roa (raw, json)
Hash identifier: Z9KtMogxIjuy1OfjUmSUtrJGNHG92P8lCwtn4wpHdcY=
Subject key identifier: F5:59:8B:FD:F4:1C:85:6D:6C:DD:7C:01:80:9C:C1:0C:46:16:5E:59
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 0193D91B47623452D3103BB83BB511CBC392
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/9VmL_fQchW1s3XwBgJzBDEYWXlk.roa
Signing time: Wed 18 Dec 2024 09:31:03 +0000
ROA not before: Wed 18 Dec 2024 09:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23764
IP address blocks: 5.10.136.0/24 maxlen: 24
5.10.136.112/29 maxlen: 29
5.10.136.208/30 maxlen: 30
5.10.141.8/30 maxlen: 30
5.10.141.136/30 maxlen: 30
5.10.142.0/24 maxlen: 24
5.154.128.0/24 maxlen: 24
5.154.129.0/24 maxlen: 24
5.154.144.0/24 maxlen: 24
5.154.145.0/24 maxlen: 24
5.154.146.0/24 maxlen: 24
5.154.147.0/24 maxlen: 24
5.154.154.0/24 maxlen: 24
5.154.155.0/24 maxlen: 24
5.154.156.0/24 maxlen: 24
5.154.157.0/24 maxlen: 24
5.154.158.0/24 maxlen: 24
5.154.159.0/24 maxlen: 24
79.139.0.0/24 maxlen: 24
79.139.1.0/24 maxlen: 24
79.139.2.0/24 maxlen: 24
79.139.3.0/24 maxlen: 24
79.139.4.0/24 maxlen: 24
79.139.5.0/24 maxlen: 24
79.139.6.0/24 maxlen: 24
79.139.7.0/24 maxlen: 24
79.139.8.0/24 maxlen: 24
79.139.9.0/24 maxlen: 24
79.139.10.0/24 maxlen: 24
79.139.11.0/24 maxlen: 24
79.139.12.0/24 maxlen: 24
79.139.13.0/24 maxlen: 24
79.139.14.0/24 maxlen: 24
79.139.15.0/24 maxlen: 24
87.120.16.0/24 maxlen: 24
87.120.17.0/24 maxlen: 24
87.120.18.0/24 maxlen: 24
87.120.19.0/24 maxlen: 24
87.120.20.0/24 maxlen: 24
87.120.21.0/24 maxlen: 24
87.120.22.0/24 maxlen: 24
87.120.23.0/24 maxlen: 24
87.120.24.0/24 maxlen: 24
87.120.25.0/24 maxlen: 24
87.120.26.0/24 maxlen: 24
87.120.27.0/24 maxlen: 24
95.130.192.0/24 maxlen: 24
95.130.194.0/24 maxlen: 24
95.130.199.0/24 maxlen: 24
145.14.64.0/24 maxlen: 24
145.14.66.0/24 maxlen: 24
145.14.68.0/24 maxlen: 24
145.14.69.0/24 maxlen: 24
145.14.70.0/24 maxlen: 24
145.14.73.0/24 maxlen: 24
145.14.76.0/24 maxlen: 24
145.14.77.0/24 maxlen: 24
145.14.78.0/24 maxlen: 24
145.14.80.0/24 maxlen: 24
145.14.83.0/24 maxlen: 24
145.14.85.0/24 maxlen: 24
145.14.87.0/24 maxlen: 24
145.14.89.0/24 maxlen: 24
145.14.91.0/24 maxlen: 24
145.14.92.0/24 maxlen: 24
145.14.93.0/24 maxlen: 24
2a04:f580:9001::/48 maxlen: 48
2a04:f580:9030:100::/56 maxlen: 56
2a04:f580:9210::/48 maxlen: 48
2a04:f581:110a::/48 maxlen: 48
2a04:f581:110b::/48 maxlen: 48
2a04:f581:8040::/48 maxlen: 48
2a04:f581:8070::/48 maxlen: 48
2a04:f581:8090::/48 maxlen: 48
2a04:f581:80b0::/48 maxlen: 48
2a04:f581:8140::/48 maxlen: 48
2a04:f581:8170::/48 maxlen: 48
2a04:f581:8190::/48 maxlen: 48
2a04:f581:81b0::/48 maxlen: 48
2a04:f581:8240::/48 maxlen: 48
2a04:f581:8270::/48 maxlen: 48
2a04:f581:8290::/48 maxlen: 48
2a04:f581:82b0::/48 maxlen: 48
2a04:f581:a00e:a001::/64 maxlen: 64
2a04:f581:a00e:a002::/64 maxlen: 64
2a04:f581:a00e:a003::/64 maxlen: 64
2a04:f581:a00e:a004::/64 maxlen: 64
2a04:f581:a00f::/48 maxlen: 48
2a04:f581:a111::/48 maxlen: 48
2a04:f581:a123::/48 maxlen: 48
2a04:f581:a125::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:1b:47:62:34:52:d3:10:3b:b8:3b:b5:11:cb:c3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Dec 18 09:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5598bfdf41c856d6cdd7c01809cc10c46165e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:2c:9a:b5:30:e5:6c:bd:c7:ca:1a:72:6f:
6b:22:2e:07:f0:b4:64:f5:e8:0b:73:d7:9e:7c:42:
54:00:0f:25:35:65:3b:5f:dc:5d:53:bf:e1:d6:94:
42:6a:95:54:65:a6:8f:be:f7:0c:3c:36:fa:84:21:
34:8b:48:1e:da:88:f8:75:b6:00:84:f1:83:35:81:
62:73:2d:fb:9c:7a:fc:04:95:b5:9f:9a:33:87:f1:
2f:29:5a:11:16:fd:30:f8:b7:41:97:40:e4:a7:78:
73:64:59:3a:f4:db:8e:57:cf:70:d6:d2:1f:db:a7:
29:1d:14:a2:44:f3:38:fe:35:4b:0e:9f:ff:a2:5c:
c1:97:a6:c3:65:8b:eb:23:55:92:e6:fd:b9:52:29:
f9:11:2b:97:3e:72:e2:1b:ee:99:f5:b2:03:8c:61:
e9:03:d7:7a:a5:1d:93:3a:ce:76:3d:8b:0c:9a:87:
c3:b2:90:c4:fa:f1:c5:42:50:36:b6:24:95:d6:b0:
f3:60:1e:e3:d1:4a:00:4f:90:9e:07:0f:c5:7e:68:
87:5a:23:ba:d6:e8:40:9c:0a:b8:a8:92:93:e2:18:
85:8d:4c:01:43:d2:88:fd:f4:16:45:f9:4f:c4:4a:
db:98:92:fa:69:69:03:e3:eb:dc:9a:b2:49:e4:da:
fc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:59:8B:FD:F4:1C:85:6D:6C:DD:7C:01:80:9C:C1:0C:46:16:5E:59
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/9VmL_fQchW1s3XwBgJzBDEYWXlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.136.0/24
5.10.141.8/30
5.10.141.136/30
5.10.142.0/24
5.154.128.0/23
5.154.144.0/22
5.154.154.0-5.154.159.255
79.139.0.0/20
87.120.16.0-87.120.27.255
95.130.192.0/24
95.130.194.0/24
95.130.199.0/24
145.14.64.0/24
145.14.66.0/24
145.14.68.0-145.14.70.255
145.14.73.0/24
145.14.76.0-145.14.78.255
145.14.80.0/24
145.14.83.0/24
145.14.85.0/24
145.14.87.0/24
145.14.89.0/24
145.14.91.0-145.14.93.255
IPv6:
2a04:f580:9001::/48
2a04:f580:9030:100::/56
2a04:f580:9210::/48
2a04:f581:110a::/47
2a04:f581:8040::/48
2a04:f581:8070::/48
2a04:f581:8090::/48
2a04:f581:80b0::/48
2a04:f581:8140::/48
2a04:f581:8170::/48
2a04:f581:8190::/48
2a04:f581:81b0::/48
2a04:f581:8240::/48
2a04:f581:8270::/48
2a04:f581:8290::/48
2a04:f581:82b0::/48
2a04:f581:a00e:a001::-2a04:f581:a00e:a004:ffff:ffff:ffff:ffff
2a04:f581:a00f::/48
2a04:f581:a111::/48
2a04:f581:a123::/48
2a04:f581:a125::/48
Signature Algorithm: sha256WithRSAEncryption
37:71:02:0d:fc:3c:83:3c:67:d1:23:31:54:81:89:fc:fa:f5:
94:b0:ea:17:11:97:17:c0:5c:8f:f8:79:b4:0e:68:08:c7:a0:
bf:f0:7f:bc:ba:d7:e1:e5:70:d9:f1:9f:04:60:12:37:3f:88:
4b:3d:8e:30:c8:70:fa:8d:37:cb:ce:14:d0:6a:6a:2b:77:83:
73:99:a2:7d:04:cf:86:f5:31:2b:99:18:6b:c6:e4:04:81:e9:
65:c8:3b:b6:80:95:38:b3:16:85:5d:1a:07:55:c2:99:8b:f3:
53:e4:12:94:b7:32:1f:06:51:ab:70:16:00:5b:15:4d:82:6a:
b6:01:a2:28:58:16:5c:f9:2b:2f:ca:8c:ae:ae:a8:f0:f8:91:
29:91:96:ab:5e:2d:47:0d:e6:32:ec:1e:2a:44:1d:63:42:eb:
e0:c8:3f:ec:7f:37:b2:f4:ba:02:3a:f9:d1:1d:16:88:4a:0e:
6d:03:a5:c7:f0:78:a3:9a:69:29:4b:ef:5f:85:83:4f:32:ca:
26:e2:c6:04:2f:09:25:44:ac:f2:16:c3:52:7c:cb:b6:50:94:
fe:26:46:59:79:bd:b7:e0:9c:96:7a:1b:0f:60:fb:85:ad:5e:
e3:a8:39:6b:6a:ce:e2:6c:aa:71:06:db:20:b7:6c:e5:4d:43:
bf:9e:ba:25
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgISAZPZG0diNFLTEDu4O7URy8OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjQxMjE4MDkzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTU5OGJmZGY0MWM4NTZkNmNkZDdjMDE4MDljYzEwYzQ2MTY1ZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttEsmrUw5Wy9x8oacm9rIi4H8LRk
9egLc9eefEJUAA8lNWU7X9xdU7/h1pRCapVUZaaPvvcMPDb6hCE0i0ge2oj4dbYA
hPGDNYFicy37nHr8BJW1n5ozh/EvKVoRFv0w+LdBl0Dkp3hzZFk69NuOV89w1tIf
26cpHRSiRPM4/jVLDp//olzBl6bDZYvrI1WS5v25Uin5ESuXPnLiG+6Z9bIDjGHp
A9d6pR2TOs52PYsMmofDspDE+vHFQlA2tiSV1rDzYB7j0UoAT5CeBw/FfmiHWiO6
1uhAnAq4qJKT4hiFjUwBQ9KI/fQWRflPxErbmJL6aWkD4+vcmrJJ5Nr8gQIDAQAB
o4IDljCCA5IwHQYDVR0OBBYEFPVZi/30HIVtbN18AYCcwQxGFl5ZMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvOVZtTF9mUWNoVzFzM1h3QmdKekJERVlXWGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqgYIKwYBBQUHAQcBAf8EggGZMIIBlTCBuwQCAAEwgbQD
BAAFCogDBQIFCo0IAwUCBQqNiAMEAAUKjgMEAQWagAMEAgWakDAMAwQBBZqaAwQF
BZqAAwQET4sAMAwDBARXeBADBAJXeBgDBABfgsADBABfgsIDBABfgscDBACRDkAD
BACRDkIwDAMEApEORAMEAJEORgMEAJEOSTAMAwQCkQ5MAwQAkQ5OAwQAkQ5QAwQA
kQ5TAwQAkQ5VAwQAkQ5XAwQAkQ5ZMAwDBACRDlsDBAGRDlwwgdQEAgACMIHNAwcA
KgT1gJABAwgAKgT1gJAwAQMHACoE9YCSEAMHASoE9YERCgMHACoE9YGAQAMHACoE
9YGAcAMHACoE9YGAkAMHACoE9YGAsAMHACoE9YGBQAMHACoE9YGBcAMHACoE9YGB
kAMHACoE9YGBsAMHACoE9YGCQAMHACoE9YGCcAMHACoE9YGCkAMHACoE9YGCsDAW
AwkAKgT1gaAOoAEDCQAqBPWBoA6gBAMHACoE9YGgDwMHACoE9YGhEQMHACoE9YGh
IwMHACoE9YGhJTANBgkqhkiG9w0BAQsFAAOCAQEAN3ECDfw8gzxn0SMxVIGJ/Pr1
lLDqFxGXF8Bcj/h5tA5oCMegv/B/vLrX4eVw2fGfBGASNz+ISz2OMMhw+o03y84U
0GpqK3eDc5mifQTPhvUxK5kYa8bkBIHpZcg7toCVOLMWhV0aB1XCmYvzU+QSlLcy
HwZRq3AWAFsVTYJqtgGiKFgWXPkrL8qMrq6o8PiRKZGWq14tRw3mMuweKkQdY0Lr
4Mg/7H83svS6Ajr50R0WiEoObQOlx/B4o5ppKUvvX4WDTzLKJuLGBC8JJUSs8hbD
UnzLtlCU/iZGWXm9t+CclnobD2D7ha1e46g5a2rO4myqcQbbILds5U1Dv566JQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:23 2024 by rpki-client on console.sobornost.net