Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/0hi9j7gCc_Pqdv-Fsd_V7DV6XlI.roa
File: 0hi9j7gCc_Pqdv-Fsd_V7DV6XlI.roa (raw, json)
Hash identifier: OQKZgfo7/A95LIYxAeQF3FF7Rgm8ohLilR+CLLxqiys=
Subject key identifier: D2:18:BD:8F:B8:02:73:F3:EA:76:FF:85:B1:DF:D5:EC:35:7A:5E:52
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01953DBA25E4795CCA9717B3ED6CF67CDE60
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/0hi9j7gCc_Pqdv-Fsd_V7DV6XlI.roa
Signing time: Tue 25 Feb 2025 15:29:24 +0000
ROA not before: Tue 25 Feb 2025 15:29:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
2.59.111.0/24 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
45.92.132.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
89.44.36.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.85.255.0/24 maxlen: 24
185.102.204.0/22 maxlen: 24
185.103.148.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.223.216.0/24 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
185.243.136.0/22 maxlen: 24
193.108.206.0/23 maxlen: 24
193.108.230.0/23 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:ba:25:e4:79:5c:ca:97:17:b3:ed:6c:f6:7c:de:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Feb 25 15:29:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d218bd8fb80273f3ea76ff85b1dfd5ec357a5e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f6:17:3f:bd:f9:4f:c3:49:ad:29:e3:40:81:
58:84:7c:b1:5a:4d:a4:f5:14:fd:97:c9:0a:20:6f:
a6:95:97:f2:ce:6d:c9:75:73:65:20:51:75:d6:86:
59:f1:69:46:42:6c:bd:45:3f:8d:58:ca:19:e3:c2:
07:6c:73:eb:45:81:22:47:b6:91:b5:23:d0:19:8f:
be:68:44:b9:84:8d:a6:ee:ec:9c:ab:ae:50:d7:89:
82:26:b0:27:dc:62:10:fb:70:cb:e4:54:97:71:c0:
c1:de:50:8b:0e:01:bd:37:52:9b:a6:5e:83:f3:bb:
c3:e8:45:18:db:1d:6e:02:38:22:0d:ad:96:34:03:
d4:27:62:d8:a0:0d:1b:9f:68:03:a6:8e:5a:b5:ad:
fd:38:1c:df:5d:28:34:1a:06:3a:8a:d1:49:5f:e1:
60:a7:79:c0:15:2f:ab:89:09:0b:c3:14:92:fc:71:
8f:22:2c:0c:74:c9:18:ed:d0:22:6f:92:be:96:03:
68:56:71:dc:d2:7f:f3:1b:70:8a:0c:3a:c6:5e:3a:
0d:d1:8d:4c:ff:12:0b:ae:c4:68:9a:dd:14:52:e8:
8e:53:4e:df:c3:60:71:e7:e5:e6:76:96:3a:e5:61:
cb:62:0d:43:f2:c8:57:07:b0:95:c7:45:7a:03:30:
bb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:18:BD:8F:B8:02:73:F3:EA:76:FF:85:B1:DF:D5:EC:35:7A:5E:52
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/0hi9j7gCc_Pqdv-Fsd_V7DV6XlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
45.92.132.0/22
46.28.160.0/21
89.40.84.0/22
89.44.36.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.85.255.0/24
185.102.204.0/22
185.103.148.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
185.243.136.0/22
193.108.206.0/23
193.108.230.0/23
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
bc:43:6d:a0:a8:05:d1:92:57:67:01:2e:03:1e:53:b3:d5:bd:
4b:33:1b:a0:20:14:ed:3c:77:6c:63:73:e9:6d:ed:37:2e:eb:
58:b0:37:bd:2b:d6:0c:a7:a9:82:dc:58:22:0a:74:d4:4d:9b:
20:ae:54:59:6b:2f:fc:ed:3f:75:8b:d9:d1:fe:97:e5:a7:dd:
d9:99:92:d3:97:0c:f5:59:37:a3:84:46:f5:6c:84:70:07:d9:
ef:75:df:1b:62:58:09:4f:8c:f2:c9:c3:54:37:b4:4a:a4:32:
b2:cb:15:30:ea:f2:32:7b:23:02:76:8d:e7:a4:99:30:fc:af:
2e:41:08:cb:f6:6c:22:00:95:4a:1e:c0:f8:54:9f:b4:67:9e:
f6:2e:35:9d:02:68:af:c5:3e:1e:9c:6c:5c:52:a5:d4:fa:d6:
84:a4:f7:3e:50:07:da:6b:b9:32:7b:ed:72:52:72:5d:35:75:
fa:c7:0c:da:69:54:73:28:f5:e4:da:cf:64:ba:2c:dc:4b:82:
f4:70:f6:58:de:d8:95:d6:ab:18:92:30:c3:6a:e4:8c:fa:0b:
1a:af:6a:67:00:2c:9a:d2:5b:cd:bb:a8:84:db:a3:96:af:76:
09:c9:27:54:eb:c3:20:88:f0:a6:53:1d:98:3f:3a:f5:4b:29:
b2:21:c3:86
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZU9uiXkeVzKlxez7Wz2fN5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMjI1MTUyOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE4YmQ4ZmI4MDI3M2YzZWE3NmZmODViMWRmZDVlYzM1N2E1ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPYXP735T8NJrSnjQIFYhHyxWk2k
9RT9l8kKIG+mlZfyzm3JdXNlIFF11oZZ8WlGQmy9RT+NWMoZ48IHbHPrRYEiR7aR
tSPQGY++aES5hI2m7uycq65Q14mCJrAn3GIQ+3DL5FSXccDB3lCLDgG9N1Kbpl6D
87vD6EUY2x1uAjgiDa2WNAPUJ2LYoA0bn2gDpo5ata39OBzfXSg0GgY6itFJX+Fg
p3nAFS+riQkLwxSS/HGPIiwMdMkY7dAib5K+lgNoVnHc0n/zG3CKDDrGXjoN0Y1M
/xILrsRomt0UUuiOU07fw2Bx5+XmdpY65WHLYg1D8shXB7CVx0V6AzC7VwIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFNIYvY+4AnPz6nb/hbHf1ew1el5SMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvMGhpOWo3Z0NjX1BxZHYtRnNkX1Y3RFY2WGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCBxQQCAAEwgb4D
BAICO2wDBAMfGbADBAAletsDBAItXIQDBAMuHKADBAJZKFQDBAJZLCQDBAJb8pQD
BANt6xADBAWwOEADBAK5BCADBAK5BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAC5Vf8D
BAK5ZswDBAK5Z5QDBAK5mRADBAK5sGgwDAMEALnN/QMEALnN/gMEArnf2AMEArnk
fAMEArnvoAMEArnziAMEAcFszgMEAcFs5jAMAwQBwfaaAwQBwfacAwQCwpxIMEUE
AgACMD8DBQAqAl3AAwUAKgJfwAMFACoDBEADBQMqBZsAAwUDKgWoAAMFAyoGPAAD
BQMqCerAAwUDKgoSgAMFAyoLDEAwDQYJKoZIhvcNAQELBQADggEBALxDbaCoBdGS
V2cBLgMeU7PVvUszG6AgFO08d2xjc+lt7Tcu61iwN70r1gynqYLcWCIKdNRNmyCu
VFlrL/ztP3WL2dH+l+Wn3dmZktOXDPVZN6OERvVshHAH2e913xtiWAlPjPLJw1Q3
tEqkMrLLFTDq8jJ7IwJ2jeekmTD8ry5BCMv2bCIAlUoewPhUn7RnnvYuNZ0CaK/F
Ph6cbFxSpdT61oSk9z5QB9pruTJ77XJScl01dfrHDNppVHMo9eTaz2S6LNxLgvRw
9lje2JXWqxiSMMNq5Iz6CxqvamcALJrSW827qITbo5avdgnJJ1TrwyCI8KZTHZg/
OvVLKbIhw4Y=
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:49:13 2025 by rpki-client on console.sobornost.net