Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/3DeOifSeLxMUCM20VxHQS5cXQE4.roa
File: 3DeOifSeLxMUCM20VxHQS5cXQE4.roa (raw, json)
Hash identifier: 783WmkyHs/Bvag8AxFOjFyrEJCCbAmS83HXavAaPMKY=
Subject key identifier: DC:37:8E:89:F4:9E:2F:13:14:08:CD:B4:57:11:D0:4B:97:17:40:4E
Certificate issuer: /CN=c90b394ac63337607fa1bb0eaba11453a831f398
Certificate serial: 01942827428188B10C69D1983C08FC0D4DD4
Authority key identifier: C9:0B:39:4A:C6:33:37:60:7F:A1:BB:0E:AB:A1:14:53:A8:31:F3:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yQs5SsYzN2B_obsOq6EUU6gx85g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/3DeOifSeLxMUCM20VxHQS5cXQE4.roa
Signing time: Thu 02 Jan 2025 17:54:09 +0000
ROA not before: Thu 02 Jan 2025 17:54:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50223
IP address blocks: 46.251.192.0/24 maxlen: 24
46.251.193.0/24 maxlen: 24
46.251.194.0/24 maxlen: 24
46.251.195.0/24 maxlen: 24
46.251.196.0/24 maxlen: 24
46.251.197.0/24 maxlen: 24
46.251.198.0/24 maxlen: 24
46.251.199.0/24 maxlen: 24
46.251.200.0/24 maxlen: 24
46.251.201.0/24 maxlen: 24
46.251.202.0/24 maxlen: 24
46.251.204.0/24 maxlen: 24
46.251.205.0/24 maxlen: 24
46.251.206.0/24 maxlen: 24
46.251.207.0/24 maxlen: 24
46.251.208.0/24 maxlen: 24
46.251.209.0/24 maxlen: 24
46.251.210.0/24 maxlen: 24
46.251.211.0/24 maxlen: 24
46.251.212.0/24 maxlen: 24
46.251.213.0/24 maxlen: 24
46.251.214.0/24 maxlen: 24
46.251.215.0/24 maxlen: 24
46.251.216.0/24 maxlen: 24
46.251.217.0/24 maxlen: 24
46.251.218.0/24 maxlen: 24
46.251.221.0/24 maxlen: 24
109.71.224.0/24 maxlen: 24
109.71.226.0/24 maxlen: 24
109.71.229.0/24 maxlen: 24
109.71.230.0/24 maxlen: 24
109.71.231.0/24 maxlen: 24
185.48.136.0/24 maxlen: 24
185.48.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:42:81:88:b1:0c:69:d1:98:3c:08:fc:0d:4d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c90b394ac63337607fa1bb0eaba11453a831f398
Validity
Not Before: Jan 2 17:54:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc378e89f49e2f131408cdb45711d04b9717404e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d5:2c:a7:d5:69:77:34:19:99:a8:e3:71:53:
8f:bc:ba:1a:ff:6d:9f:44:26:93:98:6f:8c:a4:cc:
ad:5c:3c:3a:23:7b:71:3c:ac:39:36:3e:3b:62:79:
be:0c:d2:ae:87:2e:23:be:b4:e2:81:e9:d3:fd:80:
47:3d:c7:cd:a9:60:c7:bd:16:cb:85:06:d4:af:32:
b4:cf:7f:62:19:5f:69:33:3f:d3:23:1f:99:8d:6f:
5a:46:b2:e4:b1:a6:db:79:b5:0a:4a:49:0e:75:39:
92:09:47:e3:2d:88:4d:73:74:60:da:57:55:a5:6b:
0a:75:11:15:4b:89:b5:24:11:12:6b:6f:1e:32:63:
73:55:0d:ed:86:0b:c7:ab:8c:5b:ab:d7:a5:53:99:
1a:60:21:98:41:f6:47:b0:26:46:b2:50:2d:cf:f5:
a5:8a:33:73:55:0c:09:37:c8:17:35:75:63:2b:2c:
ab:d4:7a:ba:fd:83:4b:5c:0d:92:1f:05:60:d8:1b:
ca:31:07:ca:f0:9b:f9:71:86:3c:7b:7a:d2:cd:df:
62:f6:06:69:37:f6:bc:b9:47:df:81:d5:cf:f2:ed:
3a:3a:40:16:0c:3d:c1:7b:4a:8e:25:5d:0f:54:fa:
17:d9:e8:64:e3:c6:93:b1:f9:2c:b1:aa:8e:26:66:
ae:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:37:8E:89:F4:9E:2F:13:14:08:CD:B4:57:11:D0:4B:97:17:40:4E
X509v3 Authority Key Identifier:
keyid:C9:0B:39:4A:C6:33:37:60:7F:A1:BB:0E:AB:A1:14:53:A8:31:F3:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQs5SsYzN2B_obsOq6EUU6gx85g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/3DeOifSeLxMUCM20VxHQS5cXQE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7d784b-6639-4bc0-9ab9-1a200e41b006/1/yQs5SsYzN2B_obsOq6EUU6gx85g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.192.0-46.251.202.255
46.251.204.0-46.251.218.255
46.251.221.0/24
109.71.224.0/24
109.71.226.0/24
109.71.229.0-109.71.231.255
185.48.136.0/24
185.48.139.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:f8:73:db:4d:ec:72:64:a2:df:68:de:44:56:ff:12:07:32:
c2:f9:73:15:e7:b2:16:aa:04:c7:21:83:99:13:37:93:94:f8:
11:4d:6f:88:d0:12:18:46:99:3a:e4:e1:bb:14:9e:29:83:b3:
7e:ba:fe:0e:b7:86:bf:b8:05:43:0c:62:87:fa:ea:91:00:f2:
25:df:c3:37:fd:1b:3a:e5:cb:91:83:c9:eb:30:0b:74:00:9c:
98:02:78:e0:46:56:96:2d:51:05:60:0a:c6:9f:4b:f7:5f:b0:
66:c0:95:60:0b:5a:72:ad:3f:a8:82:88:ef:fe:e8:62:44:d5:
1a:1a:5a:47:d3:62:38:70:6c:e3:77:c9:cf:df:2f:d3:f6:1a:
28:64:f0:96:96:1c:d9:ce:9a:18:8d:83:c7:b0:a1:ff:24:d2:
4e:7f:d0:ed:2c:1f:60:24:76:dc:db:f5:eb:e3:29:20:fe:08:
24:0a:c6:bc:44:31:09:63:b1:8c:c4:fb:42:3b:91:da:63:35:
ff:ae:5e:57:0e:96:ee:26:58:57:5e:9f:5a:cd:53:65:ab:8e:
18:11:4e:69:f8:c3:17:11:fc:54:d3:1e:94:66:58:31:90:0c:
22:0d:55:ea:7d:77:09:f3:78:c9:0c:84:dd:0b:87:1d:d9:4b:
d8:75:69:3f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQoJ0KBiLEMadGYPAj8DU3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MGIzOTRhYzYzMzM3NjA3ZmExYmIwZWFiYTExNDUzYTgz
MWYzOTgwHhcNMjUwMTAyMTc1NDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM3OGU4OWY0OWUyZjEzMTQwOGNkYjQ1NzExZDA0Yjk3MTc0MDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNUsp9VpdzQZmajjcVOPvLoa/22f
RCaTmG+MpMytXDw6I3txPKw5Nj47Ynm+DNKuhy4jvrTigenT/YBHPcfNqWDHvRbL
hQbUrzK0z39iGV9pMz/TIx+ZjW9aRrLksabbebUKSkkOdTmSCUfjLYhNc3Rg2ldV
pWsKdREVS4m1JBESa28eMmNzVQ3thgvHq4xbq9elU5kaYCGYQfZHsCZGslAtz/Wl
ijNzVQwJN8gXNXVjKyyr1Hq6/YNLXA2SHwVg2BvKMQfK8Jv5cYY8e3rSzd9i9gZp
N/a8uUffgdXP8u06OkAWDD3Be0qOJV0PVPoX2ehk48aTsfkssaqOJmausQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNw3jon0ni8TFAjNtFcR0EuXF0BOMB8GA1UdIwQY
MBaAFMkLOUrGMzdgf6G7DquhFFOoMfOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFzNVNzWXpOMkJfb2JzT3E2RVVVNmd4ODVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni83ZDc4NGItNjYzOS00YmMwLTlhYjkt
MWEyMDBlNDFiMDA2LzEvM0RlT2lmU2VMeE1VQ00yMFZ4SFFTNWNYUUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni83ZDc4NGItNjYzOS00YmMwLTlhYjktMWEyMDBlNDFiMDA2
LzEveVFzNVNzWXpOMkJfb2JzT3E2RVVVNmd4ODVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAYu+8AD
BAAu+8owDAMEAi77zAMEAC772gMEAC773QMEAG1H4AMEAG1H4jAMAwQAbUflAwQD
bUfgAwQAuTCIAwQAuTCLMA0GCSqGSIb3DQEBCwUAA4IBAQCg+HPbTexyZKLfaN5E
Vv8SBzLC+XMV57IWqgTHIYOZEzeTlPgRTW+I0BIYRpk65OG7FJ4pg7N+uv4Ot4a/
uAVDDGKH+uqRAPIl38M3/Rs65cuRg8nrMAt0AJyYAnjgRlaWLVEFYArGn0v3X7Bm
wJVgC1pyrT+ogojv/uhiRNUaGlpH02I4cGzjd8nP3y/T9hooZPCWlhzZzpoYjYPH
sKH/JNJOf9DtLB9gJHbc2/Xr4ykg/ggkCsa8RDEJY7GMxPtCO5HaYzX/rl5XDpbu
JlhXXp9azVNlq44YEU5p+MMXEfxU0x6UZlgxkAwiDVXqfXcJ83jJDITdC4cd2UvY
dWk/
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:42 2025 by rpki-client on console.sobornost.net