Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/r9xTyNget5zcXlE9TLs7M3SNT04.roa
File: r9xTyNget5zcXlE9TLs7M3SNT04.roa (raw, json)
Hash identifier: AESrTW2Rp0Ova6EIN8mRWsiWri5RUSzYkj7e2h2UwnM=
Subject key identifier: AF:DC:53:C8:D8:1E:B7:9C:DC:5E:51:3D:4C:BB:3B:33:74:8D:4F:4E
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 0195E7A5FC14BF893737E1336BD12D2F89C6
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/r9xTyNget5zcXlE9TLs7M3SNT04.roa
Signing time: Sun 30 Mar 2025 15:22:49 +0000
ROA not before: Sun 30 Mar 2025 15:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57858
IP address blocks: 5.34.240.0/24 maxlen: 24
5.34.241.0/24 maxlen: 24
5.34.242.0/24 maxlen: 24
5.34.243.0/24 maxlen: 24
5.34.244.0/24 maxlen: 24
5.34.245.0/24 maxlen: 24
5.34.246.0/24 maxlen: 24
5.34.247.0/24 maxlen: 24
5.153.233.0/24 maxlen: 24
5.153.234.0/24 maxlen: 24
5.153.235.0/24 maxlen: 24
5.153.237.0/24 maxlen: 24
5.153.238.0/24 maxlen: 24
5.157.0.0/24 maxlen: 24
5.157.1.0/24 maxlen: 24
5.157.5.0/24 maxlen: 24
5.157.7.0/24 maxlen: 24
5.157.9.0/24 maxlen: 24
5.157.10.0/24 maxlen: 24
5.157.12.0/24 maxlen: 24
5.157.15.0/24 maxlen: 24
5.157.16.0/24 maxlen: 24
5.157.18.0/24 maxlen: 24
5.157.20.0/24 maxlen: 24
5.157.25.0/24 maxlen: 24
5.157.28.0/24 maxlen: 24
5.157.35.0/24 maxlen: 24
5.157.36.0/24 maxlen: 24
5.157.38.0/24 maxlen: 24
5.157.39.0/24 maxlen: 24
5.157.40.0/24 maxlen: 24
5.157.44.0/24 maxlen: 24
5.157.46.0/24 maxlen: 24
5.157.47.0/24 maxlen: 24
5.157.48.0/24 maxlen: 24
5.157.49.0/24 maxlen: 24
5.157.50.0/24 maxlen: 24
5.157.52.0/24 maxlen: 24
5.157.54.0/24 maxlen: 24
37.72.187.0/24 maxlen: 24
37.72.188.0/24 maxlen: 24
37.72.189.0/24 maxlen: 24
37.72.190.0/24 maxlen: 24
37.72.191.0/24 maxlen: 24
37.203.208.0/24 maxlen: 24
37.203.209.0/24 maxlen: 24
37.203.210.0/24 maxlen: 24
37.203.211.0/24 maxlen: 24
37.203.212.0/24 maxlen: 24
37.203.213.0/24 maxlen: 24
37.203.214.0/24 maxlen: 24
46.29.248.0/23 maxlen: 23
46.29.250.0/23 maxlen: 23
46.29.252.0/24 maxlen: 24
46.29.253.0/24 maxlen: 24
46.29.254.0/24 maxlen: 24
46.29.255.0/24 maxlen: 24
91.108.176.0/24 maxlen: 24
91.108.177.0/24 maxlen: 24
91.108.178.0/24 maxlen: 24
91.108.179.0/24 maxlen: 24
91.108.180.0/24 maxlen: 24
91.108.181.0/24 maxlen: 24
91.108.182.0/24 maxlen: 24
91.108.183.0/24 maxlen: 24
130.185.152.0/24 maxlen: 24
130.185.154.0/24 maxlen: 24
130.185.155.0/24 maxlen: 24
130.185.156.0/24 maxlen: 24
130.185.157.0/24 maxlen: 24
130.185.158.0/24 maxlen: 24
130.185.159.0/24 maxlen: 24
151.237.176.0/24 maxlen: 24
151.237.177.0/24 maxlen: 24
151.237.178.0/24 maxlen: 24
151.237.179.0/24 maxlen: 24
151.237.180.0/24 maxlen: 24
151.237.181.0/24 maxlen: 24
151.237.182.0/24 maxlen: 24
151.237.183.0/24 maxlen: 24
151.237.184.0/24 maxlen: 24
151.237.185.0/24 maxlen: 24
151.237.187.0/24 maxlen: 24
151.237.189.0/24 maxlen: 24
151.237.190.0/24 maxlen: 24
151.237.191.0/24 maxlen: 24
176.61.136.0/24 maxlen: 24
176.61.137.0/24 maxlen: 24
176.61.138.0/24 maxlen: 24
176.61.139.0/24 maxlen: 24
176.61.140.0/24 maxlen: 24
176.61.141.0/24 maxlen: 24
176.61.142.0/24 maxlen: 24
176.61.143.0/24 maxlen: 24
178.216.48.0/24 maxlen: 24
178.216.49.0/24 maxlen: 24
178.216.50.0/24 maxlen: 24
178.216.51.0/24 maxlen: 24
178.216.52.0/24 maxlen: 24
178.216.53.0/24 maxlen: 24
178.216.54.0/24 maxlen: 24
178.216.55.0/24 maxlen: 24
185.3.132.0/24 maxlen: 24
185.3.133.0/24 maxlen: 24
185.3.134.0/24 maxlen: 24
185.3.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e7:a5:fc:14:bf:89:37:37:e1:33:6b:d1:2d:2f:89:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Mar 30 15:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afdc53c8d81eb79cdc5e513d4cbb3b33748d4f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:93:3f:9b:1e:46:0b:46:40:80:4e:f6:4b:
c6:7d:0d:7c:e4:1f:c2:3e:4c:a6:74:89:a8:02:a8:
e3:db:3e:7c:cd:30:fb:10:23:7f:5a:d6:51:dd:77:
63:43:14:11:d1:41:d2:ba:77:09:b3:c7:00:aa:48:
2e:52:da:3a:1a:45:3c:76:ed:0e:f9:f7:90:7f:54:
24:28:bd:10:ed:30:43:04:8b:07:30:4c:13:12:af:
a2:25:eb:8a:f9:56:5c:eb:60:00:06:93:1f:a0:bb:
26:00:c1:5a:f2:a1:66:9d:70:a6:d7:e9:aa:cc:75:
3b:79:87:99:32:68:00:28:bf:07:27:ab:c3:ae:fc:
aa:76:3d:28:15:23:c7:e3:d0:d4:35:08:0a:38:84:
98:ba:5c:e8:30:20:63:85:4f:3a:f2:6e:b6:0b:ea:
7d:59:9c:2d:ed:bb:36:29:98:bb:79:64:8c:81:75:
ab:3f:93:7d:f7:c9:3a:01:01:df:ae:36:01:8a:54:
6c:a5:af:4c:fe:b2:9b:0c:8b:99:69:57:bc:f3:c2:
d5:80:fd:6f:8a:5f:f1:4b:e2:45:6c:4e:6e:07:d5:
e7:54:5c:2d:37:06:cf:8e:e0:80:43:40:78:ba:b7:
b1:53:42:eb:21:92:01:c9:8e:7f:6b:bf:16:4f:24:
eb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DC:53:C8:D8:1E:B7:9C:DC:5E:51:3D:4C:BB:3B:33:74:8D:4F:4E
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/r9xTyNget5zcXlE9TLs7M3SNT04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.240.0/21
5.153.233.0-5.153.235.255
5.153.237.0-5.153.238.255
5.157.0.0/23
5.157.5.0/24
5.157.7.0/24
5.157.9.0-5.157.10.255
5.157.12.0/24
5.157.15.0-5.157.16.255
5.157.18.0/24
5.157.20.0/24
5.157.25.0/24
5.157.28.0/24
5.157.35.0-5.157.36.255
5.157.38.0-5.157.40.255
5.157.44.0/24
5.157.46.0-5.157.50.255
5.157.52.0/24
5.157.54.0/24
37.72.187.0-37.72.191.255
37.203.208.0-37.203.214.255
46.29.248.0/21
91.108.176.0/21
130.185.152.0/24
130.185.154.0-130.185.159.255
151.237.176.0-151.237.185.255
151.237.187.0/24
151.237.189.0-151.237.191.255
176.61.136.0/21
178.216.48.0/21
185.3.132.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:0c:3d:ae:ee:7b:04:cc:1b:e4:8e:4f:07:18:58:58:51:0d:
ae:5e:14:a5:dd:60:34:e8:0c:17:e5:7c:3d:58:c8:30:87:c5:
7c:dd:f3:fd:c9:8a:92:a2:a9:f9:0d:7f:bf:cf:39:d3:ca:53:
51:cb:9d:e5:1a:25:b2:a2:ce:e4:8f:32:79:57:41:99:b9:e3:
a5:22:41:06:a1:7e:e0:9f:c6:ab:43:80:4f:35:2f:fa:69:fb:
48:6a:7e:3b:09:d8:83:f0:02:c1:02:c5:41:26:dd:95:e2:e5:
39:81:c4:29:2e:7b:bc:35:6b:24:4c:f1:66:11:b2:d2:bc:d3:
dd:e6:70:48:dd:1a:2d:ec:81:2c:66:53:f1:8c:1f:11:89:a1:
54:7c:b6:8e:a6:e9:0a:aa:c1:f7:0d:92:17:7d:82:51:10:10:
be:ee:f0:dd:5c:82:d1:af:59:fa:cd:95:1a:d7:3a:c0:06:71:
72:d0:04:5f:cb:fc:64:9f:0a:65:dc:fd:2f:cb:7c:bc:26:a9:
ca:bb:6f:d1:02:ff:71:f6:22:fc:f5:93:a0:47:ba:8c:92:18:
d1:a1:8e:65:ab:67:2b:d7:37:a8:91:34:01:94:99:a6:33:3c:
04:6d:63:56:ba:82:bd:26:85:1e:c8:90:96:0b:c2:39:ea:0b:
f0:bb:fb:3d
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZXnpfwUv4k3N+Eza9EtL4nGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwMzMwMTUyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmRjNTNjOGQ4MWViNzljZGM1ZTUxM2Q0Y2JiM2IzMzc0OGQ0ZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3CTP5seRgtGQIBO9kvGfQ185B/C
PkymdImoAqjj2z58zTD7ECN/WtZR3XdjQxQR0UHSuncJs8cAqkguUto6GkU8du0O
+feQf1QkKL0Q7TBDBIsHMEwTEq+iJeuK+VZc62AABpMfoLsmAMFa8qFmnXCm1+mq
zHU7eYeZMmgAKL8HJ6vDrvyqdj0oFSPH49DUNQgKOISYulzoMCBjhU868m62C+p9
WZwt7bs2KZi7eWSMgXWrP5N998k6AQHfrjYBilRspa9M/rKbDIuZaVe888LVgP1v
il/xS+JFbE5uB9XnVFwtNwbPjuCAQ0B4urexU0LrIZIByY5/a78WTyTrCQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFK/cU8jYHrec3F5RPUy7OzN0jU9OMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvcjl4VHlOZ2V0NXpjWGxFOVRMczdNM1NOVDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAwUi8DAMAwQABZnpAwQCBZnoMAwDBAAFme0DBAAFme4DBAEFnQADBAAFnQUD
BAAFnQcwDAMEAAWdCQMEAAWdCgMEAAWdDDAMAwQABZ0PAwQABZ0QAwQABZ0SAwQA
BZ0UAwQABZ0ZAwQABZ0cMAwDBAAFnSMDBAAFnSQwDAMEAQWdJgMEAAWdKAMEAAWd
LDAMAwQBBZ0uAwQABZ0yAwQABZ00AwQABZ02MAwDBAAlSLsDBAYlSIAwDAMEBCXL
0AMEACXL1gMEAy4d+AMEA1tssAMEAIK5mDAMAwQBgrmaAwQFgrmAMAwDBASX7bAD
BAGX7bgDBACX7bswDAMEAJftvQMEBpftgAMEA7A9iAMEA7LYMAMEArkDhDANBgkq
hkiG9w0BAQsFAAOCAQEAKww9ru57BMwb5I5PBxhYWFENrl4Upd1gNOgMF+V8PVjI
MIfFfN3z/cmKkqKp+Q1/v88508pTUcud5RolsqLO5I8yeVdBmbnjpSJBBqF+4J/G
q0OATzUv+mn7SGp+OwnYg/ACwQLFQSbdleLlOYHEKS57vDVrJEzxZhGy0rzT3eZw
SN0aLeyBLGZT8YwfEYmhVHy2jqbpCqrB9w2SF32CURAQvu7w3VyC0a9Z+s2VGtc6
wAZxctAEX8v8ZJ8KZdz9L8t8vCapyrtv0QL/cfYi/PWToEe6jJIY0aGOZatnK9c3
qJE0AZSZpjM8BG1jVrqCvSaFHsiQlgvCOeoL8Lv7PQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:25 2025 by rpki-client on console.sobornost.net