Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/D6CNODpYyHvlsmJoLkD5NkQqz2I.roa
File: D6CNODpYyHvlsmJoLkD5NkQqz2I.roa (raw, json)
Hash identifier: GR+jWxRwux3tN/Amoa/0zcsqEh8ihXapWtATgAcfxGs=
Subject key identifier: 0F:A0:8D:38:3A:58:C8:7B:E5:B2:62:68:2E:40:F9:36:44:2A:CF:62
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 01962012E7B322C27706280D22F0D957E821
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/D6CNODpYyHvlsmJoLkD5NkQqz2I.roa
Signing time: Thu 10 Apr 2025 14:20:31 +0000
ROA not before: Thu 10 Apr 2025 14:20:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60404
IP address blocks: 5.2.64.0/20 maxlen: 20
5.2.67.0/24 maxlen: 24
5.2.70.0/24 maxlen: 24
5.255.96.0/19 maxlen: 19
103.251.164.0/22 maxlen: 22
150.129.8.0/22 maxlen: 22
150.129.8.0/24 maxlen: 24
185.31.172.0/22 maxlen: 22
192.76.150.0/24 maxlen: 24
192.76.153.0/24 maxlen: 24
192.76.160.0/24 maxlen: 24
192.76.163.0/24 maxlen: 24
2a01:6340::/29 maxlen: 29
2a04:52c0::/32 maxlen: 32
2a04:52c0:1::/48 maxlen: 64
2a04:52c0:5001::/48 maxlen: 64
2a0f:6bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:12:e7:b3:22:c2:77:06:28:0d:22:f0:d9:57:e8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Apr 10 14:20:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fa08d383a58c87be5b262682e40f936442acf62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e9:d8:d2:42:ed:a1:cd:e4:8a:53:a6:89:a6:
33:9a:6b:b3:ca:dd:5e:e9:c2:e0:5d:9b:27:dc:16:
4f:b1:ec:a2:7c:c2:ca:48:e8:36:96:ab:0a:4b:9b:
09:49:57:5c:4d:38:77:42:0d:de:fa:42:80:b5:6f:
d2:27:37:78:aa:23:b2:f4:1f:ea:f1:f6:8f:e5:da:
1a:ee:1c:2e:6d:ac:1f:c9:a7:9d:4f:53:d0:ae:d9:
76:f0:84:5d:5f:44:0a:a3:2d:cc:f5:98:46:8e:0b:
7c:3f:5b:f2:21:5f:cc:b1:3b:ad:94:6a:91:c8:eb:
11:31:02:44:e9:76:ad:db:f1:f1:51:e4:66:cc:06:
be:c8:81:a0:3d:36:c5:68:6d:a7:71:a4:3c:f0:7a:
17:90:e9:e7:84:30:78:7a:32:81:8f:fd:a2:bb:71:
f1:9e:86:b7:7b:0c:60:40:d4:28:db:7b:b8:bb:27:
b2:0e:f3:89:02:45:6f:97:96:9e:9f:93:b7:0c:32:
83:96:ff:d5:34:f0:c5:d6:52:48:c0:8e:12:fb:a2:
41:19:1c:26:90:7b:85:3e:1f:fd:0a:7f:d7:e9:b9:
c7:81:e1:ad:2e:55:30:0c:47:bf:cc:01:36:07:45:
c0:a9:11:8b:5d:1f:8a:d6:f9:4b:cc:6f:5e:ee:4f:
cb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A0:8D:38:3A:58:C8:7B:E5:B2:62:68:2E:40:F9:36:44:2A:CF:62
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/D6CNODpYyHvlsmJoLkD5NkQqz2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.64.0/20
5.255.96.0/19
103.251.164.0/22
150.129.8.0/22
185.31.172.0/22
192.76.150.0/24
192.76.153.0/24
192.76.160.0/24
192.76.163.0/24
IPv6:
2a01:6340::/29
2a04:52c0::/32
2a0f:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:7b:88:f9:46:8d:3d:9b:ff:18:70:e6:f7:59:1a:47:14:31:
f3:ce:39:bf:1d:2d:6d:b0:df:93:7a:09:46:4b:04:57:b9:6e:
03:a6:18:fc:93:14:4b:88:8c:da:b4:3a:68:c4:40:74:31:0e:
c6:6d:ed:fd:b8:08:71:de:b6:9e:7f:ca:b2:f6:e4:a9:b6:af:
62:05:91:91:c4:92:64:75:b7:5d:d9:f5:70:47:45:b5:42:f7:
7e:da:14:43:50:98:28:88:0b:98:80:12:8c:59:fe:a6:d8:6f:
55:8f:1e:61:d1:9e:92:d5:6d:df:ef:ca:ba:82:f2:61:3d:8c:
7f:20:48:47:04:61:84:58:b6:40:b1:f3:44:3c:23:64:af:d1:
31:2f:18:6e:93:57:bd:09:a6:7b:7c:27:16:d1:69:0c:0f:04:
2e:b6:2d:b3:47:cd:2f:0b:96:e4:3e:63:f3:59:89:5b:f5:56:
3c:db:92:23:0c:7b:f3:37:93:aa:ac:10:85:ec:8b:db:f5:34:
c6:18:81:ca:a4:f5:33:89:4e:45:0f:d8:41:8e:31:95:1d:4e:
1e:7f:c0:29:02:21:51:6d:a4:8d:1d:f1:27:f3:8b:19:7b:4b:
67:fc:25:a6:39:db:57:87:82:89:ac:32:cb:94:f7:ef:0e:ce:
12:ee:27:87
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZYgEuezIsJ3BigNIvDZV+ghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjUwNDEwMTQyMDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmEwOGQzODNhNThjODdiZTViMjYyNjgyZTQwZjkzNjQ0MmFjZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+nY0kLtoc3kilOmiaYzmmuzyt1e
6cLgXZsn3BZPseyifMLKSOg2lqsKS5sJSVdcTTh3Qg3e+kKAtW/SJzd4qiOy9B/q
8faP5doa7hwubawfyaedT1PQrtl28IRdX0QKoy3M9ZhGjgt8P1vyIV/MsTutlGqR
yOsRMQJE6Xat2/HxUeRmzAa+yIGgPTbFaG2ncaQ88HoXkOnnhDB4ejKBj/2iu3Hx
noa3ewxgQNQo23u4uyeyDvOJAkVvl5aen5O3DDKDlv/VNPDF1lJIwI4S+6JBGRwm
kHuFPh/9Cn/X6bnHgeGtLlUwDEe/zAE2B0XAqRGLXR+K1vlLzG9e7k/LFQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFA+gjTg6WMh75bJiaC5A+TZEKs9iMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvRDZDTk9EcFl5SHZsc21Kb0xrRDVOa1FxejJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQEBQJAAwQF
Bf9gAwQCZ/ukAwQCloEIAwQCuR+sAwQAwEyWAwQAwEyZAwQAwEygAwQAwEyjMBsE
AgACMBUDBQMqAWNAAwUAKgRSwAMFAyoPa8AwDQYJKoZIhvcNAQELBQADggEBAKR7
iPlGjT2b/xhw5vdZGkcUMfPOOb8dLW2w35N6CUZLBFe5bgOmGPyTFEuIjNq0OmjE
QHQxDsZt7f24CHHetp5/yrL25Km2r2IFkZHEkmR1t13Z9XBHRbVC937aFENQmCiI
C5iAEoxZ/qbYb1WPHmHRnpLVbd/vyrqC8mE9jH8gSEcEYYRYtkCx80Q8I2Sv0TEv
GG6TV70Jpnt8JxbRaQwPBC62LbNHzS8LluQ+Y/NZiVv1VjzbkiMMe/M3k6qsEIXs
i9v1NMYYgcqk9TOJTkUP2EGOMZUdTh5/wCkCIVFtpI0d8Sfzixl7S2f8JaY521eH
gomsMsuU9+8OzhLuJ4c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:57 2025 by rpki-client on console.sobornost.net