Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2EXD27DpUxyiZCH4jnp8jx42t1A.roa
File: 2EXD27DpUxyiZCH4jnp8jx42t1A.roa (raw, json)
Hash identifier: 7hpsUKGtRqERcNOmrniPJovdneB4WTHHimklpq6Yc/k=
Subject key identifier: D8:45:C3:DB:B0:E9:53:1C:A2:64:21:F8:8E:7A:7C:8F:1E:36:B7:50
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 0195E7A427C134E74D9953349D711C024CB6
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2EXD27DpUxyiZCH4jnp8jx42t1A.roa
Signing time: Sun 30 Mar 2025 15:20:49 +0000
ROA not before: Sun 30 Mar 2025 15:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41564
IP address blocks: 5.153.236.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
23.92.127.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
192.40.88.0/24 maxlen: 24
2a02:5740::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:22::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e7:a4:27:c1:34:e7:4d:99:53:34:9d:71:1c:02:4c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Mar 30 15:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d845c3dbb0e9531ca26421f88e7a7c8f1e36b750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b7:c2:b2:41:fc:aa:f7:5c:24:48:17:86:bd:
68:21:ef:b1:89:a6:3a:9a:47:ba:4d:26:db:2d:f6:
7c:a6:99:f3:5a:57:34:06:34:aa:96:63:36:86:72:
4a:3c:6d:3b:4d:ec:d5:a7:7d:7a:79:1a:35:ba:44:
69:bf:52:76:81:89:80:11:6e:09:ec:ac:89:a3:cc:
29:89:3d:21:ea:de:da:bb:65:db:da:de:4d:ed:5d:
7c:10:5d:0f:98:a6:c7:b4:cc:49:ee:d3:5d:c1:32:
df:31:c2:89:75:c2:3d:ab:5b:20:48:f4:aa:03:ff:
40:3e:2e:a7:9b:07:97:c6:6b:19:69:4c:82:5b:fd:
0a:b8:74:f5:61:32:d4:14:70:9b:05:64:23:e3:a4:
95:48:e1:21:7f:dc:73:b4:bc:dc:96:b6:88:e9:07:
05:10:59:40:aa:ea:92:77:23:e6:f3:22:9f:51:12:
f7:8f:5a:dc:7c:85:04:29:8d:4b:26:92:8b:19:34:
45:ff:8d:f1:18:99:83:0c:ba:30:f5:5f:8f:62:5c:
79:ed:ae:8d:1b:63:5d:ca:03:e3:42:b4:3d:e8:6f:
c8:b1:eb:93:d1:1a:88:bd:9e:6c:e5:1b:1e:72:e1:
45:54:e9:7c:e0:ad:ff:e8:50:67:40:d4:a3:09:d4:
60:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:45:C3:DB:B0:E9:53:1C:A2:64:21:F8:8E:7A:7C:8F:1E:36:B7:50
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2EXD27DpUxyiZCH4jnp8jx42t1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.6.0/24
151.237.186.0/24
192.40.88.0/24
IPv6:
2a02:5740::/47
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::-2a02:5740:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7a:4a:a3:9c:7d:0b:ba:e9:cd:d8:c9:42:0e:ec:e3:33:86:38:
eb:d5:fd:7b:b9:64:84:46:a9:c4:48:f4:8d:58:bc:18:db:56:
8b:5a:ae:67:47:5d:31:64:fb:e1:32:9c:c7:9d:5a:52:1a:3a:
d9:14:b7:56:58:98:01:05:81:54:79:cb:eb:94:91:d1:2f:57:
b8:fd:09:6b:f8:b0:59:1e:22:82:3d:63:6b:0d:aa:fd:c0:d7:
a2:b8:b7:22:38:9f:ad:f8:2e:f8:7e:e5:d8:6e:b3:05:fd:a4:
4d:8e:1f:ef:2d:42:b9:57:0f:8c:7f:01:1d:db:ce:62:16:a1:
5b:50:49:33:e8:e2:ff:1f:2a:c5:a5:a2:e3:70:df:78:33:17:
4a:c1:c8:70:da:c3:b1:c7:c4:81:43:38:dd:d1:10:15:c6:57:
94:04:f5:4a:8a:27:22:f3:9d:f4:25:ae:36:fa:5d:05:33:dc:
5e:08:7f:7e:61:8f:1a:55:d6:1c:5f:80:ef:2f:16:cc:33:5a:
f1:78:5b:e7:8a:fe:56:c8:b0:69:4f:81:2c:73:0e:2b:5d:ff:
73:cc:6c:75:c5:45:1a:9c:94:47:57:9b:b3:31:7c:b3:a0:1d:
b8:1d:c8:45:99:61:b8:7c:22:59:41:f9:2f:21:75:00:1c:f2:
a6:09:2d:6d
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZXnpCfBNOdNmVM0nXEcAky2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwMzMwMTUyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ1YzNkYmIwZTk1MzFjYTI2NDIxZjg4ZTdhN2M4ZjFlMzZiNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorfCskH8qvdcJEgXhr1oIe+xiaY6
mke6TSbbLfZ8ppnzWlc0BjSqlmM2hnJKPG07TezVp316eRo1ukRpv1J2gYmAEW4J
7KyJo8wpiT0h6t7au2Xb2t5N7V18EF0PmKbHtMxJ7tNdwTLfMcKJdcI9q1sgSPSq
A/9APi6nmweXxmsZaUyCW/0KuHT1YTLUFHCbBWQj46SVSOEhf9xztLzclraI6QcF
EFlAquqSdyPm8yKfURL3j1rcfIUEKY1LJpKLGTRF/43xGJmDDLow9V+PYlx57a6N
G2NdygPjQrQ96G/IseuT0RqIvZ5s5RsecuFFVOl84K3/6FBnQNSjCdRgvwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFNhFw9uw6VMcomQh+I56fI8eNrdQMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvMkVYRDI3RHBVeHlpWkNINGpucDhqeDQydDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzB+BAIAATB4AwQABZns
AwQABZnvAwQABZ0IMAwDBAAFnQ0DBAAFnQ4DBAAFnREDBAAFnRYDBAAFnRswDAME
AAWdKQMEAAWdKgMEAAWdLQMEAAWdODAMAwQBBZ06AwQGBZ0AAwQAF1x/AwQAaKAC
AwQAaKAGAwQAl+26AwQAwChYMDUEAgACMC8DBwEqAldAAAADBwAqAldAABEDBwAq
AldAABgwEgMHACoCV0AAIQMHACoCV0AAIjANBgkqhkiG9w0BAQsFAAOCAQEAekqj
nH0LuunN2MlCDuzjM4Y469X9e7lkhEapxEj0jVi8GNtWi1quZ0ddMWT74TKcx51a
Uho62RS3VliYAQWBVHnL65SR0S9XuP0Ja/iwWR4igj1jaw2q/cDXori3Ijifrfgu
+H7l2G6zBf2kTY4f7y1CuVcPjH8BHdvOYhahW1BJM+ji/x8qxaWi43DfeDMXSsHI
cNrDscfEgUM43dEQFcZXlAT1SoonIvOd9CWuNvpdBTPcXgh/fmGPGlXWHF+A7y8W
zDNa8Xhb54r+VsiwaU+BLHMOK13/c8xsdcVFGpyUR1ebszF8s6AduB3IRZlhuHwi
WUH5LyF1ABzypgktbQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:25 2025 by rpki-client on console.sobornost.net