Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/vSMC03xF3Snq4PbwejEYmKC5xA8.roa
File: vSMC03xF3Snq4PbwejEYmKC5xA8.roa (raw, json)
Hash identifier: lor2/ytjOqvz0xUD/2lQZcDVV/2+zaabfuosOQOfz3U=
Subject key identifier: BD:23:02:D3:7C:45:DD:29:EA:E0:F6:F0:7A:31:18:98:A0:B9:C4:0F
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0195E7146B163CC692C0047F1F8DAFBB874E
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/vSMC03xF3Snq4PbwejEYmKC5xA8.roa
Signing time: Sun 30 Mar 2025 12:43:49 +0000
ROA not before: Sun 30 Mar 2025 12:43:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1680
IP address blocks: 37.26.144.0/21 maxlen: 21
37.26.145.0/24 maxlen: 24
37.26.146.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
37.26.150.0/24 maxlen: 24
37.26.151.0/24 maxlen: 24
46.116.0.0/16 maxlen: 17
46.117.0.0/16 maxlen: 16
46.210.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.88.0/22 maxlen: 24
62.0.92.0/23 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
62.90.0.0/16 maxlen: 24
62.90.135.0/24 maxlen: 24
62.90.143.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
82.166.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
82.166.201.128/25 maxlen: 25
85.64.0.0/16 maxlen: 16
85.65.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
89.138.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
93.172.0.0/16 maxlen: 16
93.173.0.0/16 maxlen: 16
95.35.0.0/16 maxlen: 24
109.186.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
147.161.8.0/21 maxlen: 24
147.234.17.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
147.234.28.0/24 maxlen: 24
147.234.43.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
176.12.128.0/17 maxlen: 24
176.13.0.0/16 maxlen: 24
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
192.118.30.0/23 maxlen: 23
194.90.0.0/16 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.229.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.21.0/24 maxlen: 24
199.203.76.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
207.232.0.0/18 maxlen: 18
207.232.50.0/24 maxlen: 24
212.29.192.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
212.143.0.0/16 maxlen: 24
212.143.194.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
217.132.0.0/16 maxlen: 16
2001:4df0::/29 maxlen: 32
2001:4df0::/32 maxlen: 32
2001:4df1::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e7:14:6b:16:3c:c6:92:c0:04:7f:1f:8d:af:bb:87:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Mar 30 12:43:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd2302d37c45dd29eae0f6f07a311898a0b9c40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5b:2a:dc:3a:d6:21:78:5b:44:c0:84:89:3d:
83:21:6f:f1:3b:09:33:10:00:2b:6e:ee:8a:74:df:
18:3c:59:fa:61:f4:14:e7:f8:8e:c9:62:ab:2f:da:
74:ad:25:c5:a3:95:2b:89:d5:cd:7b:39:95:1d:db:
f9:e7:12:90:6c:d6:e0:df:54:be:77:69:29:af:a4:
d7:7e:f3:70:39:ef:00:6a:af:15:58:ce:0f:25:31:
20:4a:15:1c:75:09:73:85:80:42:67:9a:c7:e7:f5:
7b:f3:fa:9c:2b:e2:f8:55:c5:df:19:ff:3f:7a:73:
3b:23:8c:46:21:b9:32:e3:d1:db:c0:fa:f3:51:84:
db:c4:9b:89:ab:3d:47:a8:e2:11:5c:4c:96:d9:ea:
66:6e:a3:83:d6:10:24:3f:c1:56:50:03:0b:5b:eb:
6e:7c:8c:8d:64:a8:84:e2:13:09:33:2f:c2:bf:ac:
65:14:88:36:12:db:49:5c:25:13:fb:5e:50:63:52:
67:e2:bf:ea:f5:fc:cf:ad:ec:35:fb:bd:74:06:61:
8b:b0:e3:22:ca:b7:ef:40:f0:f7:6a:be:c4:4f:67:
b5:68:c6:c0:d5:45:37:c4:6b:f4:be:8d:48:44:03:
6d:c8:9c:4b:0a:e9:7f:9d:aa:0f:66:ff:d5:44:ac:
31:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:23:02:D3:7C:45:DD:29:EA:E0:F6:F0:7A:31:18:98:A0:B9:C4:0F
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/vSMC03xF3Snq4PbwejEYmKC5xA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.27.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
23:cc:e9:eb:ac:61:61:fe:dc:6c:47:f0:9e:92:ea:99:cd:85:
9b:c0:a4:11:22:90:45:5a:ec:71:cb:6e:2e:9e:be:36:9e:e4:
8e:b2:27:63:1d:48:4e:93:b6:87:6e:00:03:1a:5a:e2:6c:48:
1c:0a:62:ad:56:cc:af:07:83:7b:c3:37:d6:4b:77:66:bd:5b:
2c:5b:22:af:aa:36:07:73:83:c6:2b:b2:15:48:31:d1:f2:25:
80:c8:de:d8:26:f2:aa:78:3f:2a:ac:7c:74:48:2e:f6:f5:e1:
9b:71:90:e2:bb:30:a5:1e:09:59:f5:15:73:50:37:61:4b:53:
4c:66:f2:56:1e:db:5e:4e:02:45:a8:a7:5c:ed:62:98:f2:f3:
80:3d:c0:10:0b:2f:81:f2:ee:b9:55:68:e8:75:85:30:72:d2:
f1:92:63:d8:a2:f9:74:35:5e:8c:7e:ae:a5:35:97:7d:03:bb:
d6:93:e8:4b:9b:de:02:c1:bd:f9:94:7b:1d:2c:e3:36:4b:5d:
60:f8:8b:9f:24:d0:bc:94:4d:c2:6d:d4:45:c1:2d:5a:38:bb:
c3:7c:57:9e:3c:d3:12:cf:3e:77:2a:50:50:b7:14:4d:a4:2a:
89:46:9c:ab:b8:24:09:c4:c4:34:7a:d2:5a:25:7a:2e:5c:a9:
96:fa:e6:49
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAZXnFGsWPMaSwAR/H42vu4dOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMzMwMTI0MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDIzMDJkMzdjNDVkZDI5ZWFlMGY2ZjA3YTMxMTg5OGEwYjljNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21sq3DrWIXhbRMCEiT2DIW/xOwkz
EAArbu6KdN8YPFn6YfQU5/iOyWKrL9p0rSXFo5UridXNezmVHdv55xKQbNbg31S+
d2kpr6TXfvNwOe8Aaq8VWM4PJTEgShUcdQlzhYBCZ5rH5/V78/qcK+L4VcXfGf8/
enM7I4xGIbky49HbwPrzUYTbxJuJqz1HqOIRXEyW2epmbqOD1hAkP8FWUAMLW+tu
fIyNZKiE4hMJMy/Cv6xlFIg2EttJXCUT+15QY1Jn4r/q9fzPrew1+710BmGLsOMi
yrfvQPD3ar7ET2e1aMbA1UU3xGv0vo1IRANtyJxLCul/naoPZv/VRKwxewIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFL0jAtN8Rd0p6uD28HoxGJigucQPMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvdlNNQzAzeEYzU25xNFBid2VqRVltS0M1eEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdMEAgABMIHMAwQD
JRqQAwMBLnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoDAwFZ
igMDAV2sAwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oRAwQA
k+oWMAwDBACT6hsDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjALAwQH
sAyAAwMBsAwDBALAdhwDAwDCWgMDAMfLAwQGz+gAAwQG1B3AAwMA1I8DAwDUlgME
B9TrAAMDANmEMBsEAgACMBUDBQMgAU3wAwUDKgIBSAMFACoDxcAwDQYJKoZIhvcN
AQELBQADggEBACPM6eusYWH+3GxH8J6S6pnNhZvApBEikEVa7HHLbi6evjae5I6y
J2MdSE6TtoduAAMaWuJsSBwKYq1WzK8Hg3vDN9ZLd2a9WyxbIq+qNgdzg8YrshVI
MdHyJYDI3tgm8qp4PyqsfHRILvb14ZtxkOK7MKUeCVn1FXNQN2FLU0xm8lYe215O
AkWop1ztYpjy84A9wBALL4Hy7rlVaOh1hTBy0vGSY9ii+XQ1Xox+rqU1l30Du9aT
6Eub3gLBvfmUex0s4zZLXWD4i58k0LyUTcJt1EXBLVo4u8N8V5480xLPPncqUFC3
FE2kKolGnKu4JAnExDR60lolei5cqZb65kk=
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:26:24 2025 by rpki-client on console.sobornost.net