Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/DNDGijit1tE7Dh65U_Rn7rK7CwY.roa
File: DNDGijit1tE7Dh65U_Rn7rK7CwY.roa (raw, json)
Hash identifier: VpNaRZbCNDOpuzi3XZ5cV/hGOWgvHXBNg+qzd3fNY7E=
Subject key identifier: 0C:D0:C6:8A:38:AD:D6:D1:3B:0E:1E:B9:53:F4:67:EE:B2:BB:0B:06
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 01961EC2E7993A31E4536F30BA4DB4C20C58
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/DNDGijit1tE7Dh65U_Rn7rK7CwY.roa
Signing time: Thu 10 Apr 2025 08:13:31 +0000
ROA not before: Thu 10 Apr 2025 08:13:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.163.0/24 maxlen: 24
91.212.193.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
146.19.166.0/24 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.145.196.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2001:4ba6::/32 maxlen: 32
2a00:c320::/32 maxlen: 48
2a01:480::/32 maxlen: 32
2a0a:db80:1000::/36 maxlen: 36
2a0a:db80:2000::/36 maxlen: 36
2a0a:db80:3000::/36 maxlen: 36
2a0a:db80:4000::/36 maxlen: 36
2a0a:db80:5000::/36 maxlen: 36
2a0a:db80:8000::/36 maxlen: 36
2a0c:6b00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1e:c2:e7:99:3a:31:e4:53:6f:30:ba:4d:b4:c2:0c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Apr 10 08:13:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cd0c68a38add6d13b0e1eb953f467eeb2bb0b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f6:1d:d2:e6:e6:c5:26:a3:7c:1b:79:3a:2e:
e7:83:a4:6e:f7:d7:59:88:eb:65:b4:cb:73:18:8f:
2e:7c:34:33:f0:68:bf:f6:d5:03:87:24:6a:0b:00:
83:ac:25:93:b8:25:50:9f:9d:75:e1:98:95:bc:56:
81:1d:a9:35:95:46:b0:e1:41:8a:5e:1c:51:64:46:
16:f0:b6:35:8d:6b:67:7e:05:ff:71:7f:24:14:0a:
21:6e:dd:9b:7b:14:50:aa:11:0e:8e:7b:2f:3e:5a:
d3:73:82:a4:1a:2c:8f:42:7a:fa:a3:23:62:29:5f:
74:92:08:81:61:4c:3a:f5:fa:58:63:a5:83:6b:f4:
af:f0:c8:f8:fe:03:e8:5b:c2:aa:42:6c:4d:19:25:
9f:d0:2c:ae:92:8f:ad:c1:2a:93:13:55:38:b8:cf:
3f:bb:93:51:73:5e:c1:06:e3:bd:63:a3:f3:e1:ef:
88:0c:3b:e0:ed:0d:ea:5b:46:8f:84:37:cd:22:aa:
42:24:61:da:19:aa:da:ac:67:60:44:2b:32:4b:a4:
d6:f6:bd:e2:b5:37:a9:34:04:92:a7:2a:23:ef:e8:
98:f3:0e:9a:90:e3:1e:01:bd:3b:c6:4a:cf:ca:f4:
13:96:71:4f:52:bf:63:d1:74:2c:c4:7a:25:8c:48:
22:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D0:C6:8A:38:AD:D6:D1:3B:0E:1E:B9:53:F4:67:EE:B2:BB:0B:06
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/DNDGijit1tE7Dh65U_Rn7rK7CwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
91.212.163.0/24
91.212.193.0/24
93.186.192.0/20
146.0.32.0/20
146.19.166.0/24
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.145.196.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
195.93.242.0/23
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2001:4ba6::/32
2a00:c320::/32
2a01:480::/32
2a0a:db80:1000::-2a0a:db80:5fff:ffff:ffff:ffff:ffff:ffff
2a0a:db80:8000::/36
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
a3:82:bb:ae:60:71:b9:1e:b4:de:60:46:99:a9:a2:cf:85:12:
fe:bb:e5:97:e5:fd:a8:cd:ff:ab:c7:99:bf:eb:4d:87:5a:5b:
6a:ab:54:ed:59:d6:60:72:4b:8c:19:41:7c:cd:a4:7a:56:ae:
3c:dd:13:8c:ff:da:17:f6:97:98:2a:54:be:9d:fa:70:a2:a5:
1d:13:88:06:2a:5a:57:bd:00:03:bd:10:0c:8e:30:f3:5c:6f:
b0:1e:1b:40:77:ef:22:a4:12:41:c4:a5:b2:71:eb:67:ae:58:
b6:5b:2e:65:7f:99:36:91:36:1e:e4:66:3f:48:5e:5e:e7:ab:
26:52:a1:3a:4a:98:51:50:a6:15:f5:33:d3:d7:00:3e:0b:04:
68:8d:ce:2f:07:b6:d6:2e:92:06:02:89:c1:8e:41:46:0f:8c:
4d:37:d3:ff:18:01:99:e7:03:7f:ad:42:87:c4:de:ca:99:ce:
7e:57:a6:5d:a0:23:6c:30:d1:c9:20:05:5a:ca:4c:67:de:b9:
52:fb:ef:c7:ef:a4:d6:0b:e8:cb:5c:97:66:fe:70:0b:41:8a:
74:6b:99:1a:9a:42:03:47:50:ef:14:a9:64:cd:86:6c:51:28:
ac:89:a2:92:ff:87:08:32:a5:e8:07:62:1d:18:05:e7:f7:ce:
cb:4c:9e:36
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAZYewueZOjHkU28wuk20wgxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjUwNDEwMDgxMzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2QwYzY4YTM4YWRkNmQxM2IwZTFlYjk1M2Y0NjdlZWIyYmIwYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fYd0ubmxSajfBt5Oi7ng6Ru99dZ
iOtltMtzGI8ufDQz8Gi/9tUDhyRqCwCDrCWTuCVQn5114ZiVvFaBHak1lUaw4UGK
XhxRZEYW8LY1jWtnfgX/cX8kFAohbt2bexRQqhEOjnsvPlrTc4KkGiyPQnr6oyNi
KV90kgiBYUw69fpYY6WDa/Sv8Mj4/gPoW8KqQmxNGSWf0Cyuko+twSqTE1U4uM8/
u5NRc17BBuO9Y6Pz4e+IDDvg7Q3qW0aPhDfNIqpCJGHaGararGdgRCsyS6TW9r3i
tTepNASSpyoj7+iY8w6akOMeAb07xkrPyvQTlnFPUr9j0XQsxHoljEgiDwIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFAzQxoo4rdbROw4euVP0Z+6yuwsGMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvRE5ER2lqaXQxdEU3RGg2NVVfUm43cks3Q3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzCBxwQCAAEwgcAD
BAMFaGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtAD
BARRHpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8D
BABb1KMDBABb1MEDBARdusADBASSACADBACSE6YDBAKYWVwDBAK5D/QDBAK5LfgD
BAK5kcQDBAK529ADBAHBb8YDBADCa4EDBADCfsYDBAHDXfIDBAbVysADBATZT7Aw
UwQCAAIwTQMFASABS6AwDgMFACABS6MDBQAgAUukAwUAIAFLpgMFACoAwyADBQAq
AQSAMBADBgQqCtuAEAMGBSoK24BAAwYEKgrbgIADBQAqDGsAMA0GCSqGSIb3DQEB
CwUAA4IBAQCjgruuYHG5HrTeYEaZqaLPhRL+u+WX5f2ozf+rx5m/602HWltqq1Tt
WdZgckuMGUF8zaR6Vq483ROM/9oX9peYKlS+nfpwoqUdE4gGKlpXvQADvRAMjjDz
XG+wHhtAd+8ipBJBxKWycetnrli2Wy5lf5k2kTYe5GY/SF5e56smUqE6SphRUKYV
9TPT1wA+CwRojc4vB7bWLpIGAonBjkFGD4xNN9P/GAGZ5wN/rUKHxN7Kmc5+V6Zd
oCNsMNHJIAVaykxn3rlS++/H76TWC+jLXJdm/nALQYp0a5kamkIDR1DvFKlkzYZs
USisiaKS/4cIMqXoB2IdGAXn987LTJ42
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:05 2025 by rpki-client on console.sobornost.net