Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/NZjfqu9x3wDiLJo6GWe02XnKyKc.roa
File: NZjfqu9x3wDiLJo6GWe02XnKyKc.roa (raw, json)
Hash identifier: qGIOcPlEtKKS51xxkiaAUzuK860Uixd+cejLEfWAaRA=
Subject key identifier: 35:98:DF:AA:EF:71:DF:00:E2:2C:9A:3A:19:67:B4:D9:79:CA:C8:A7
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 019427B5BC64D4CF3613E58C45E88915DCF3
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/NZjfqu9x3wDiLJo6GWe02XnKyKc.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.80.0/21 maxlen: 21
140.228.88.0/22 maxlen: 22
140.228.92.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.168.0/21 maxlen: 21
143.58.176.0/21 maxlen: 21
143.58.184.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.192.0/21 maxlen: 21
143.58.200.0/21 maxlen: 21
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.232.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
143.58.240.0/21 maxlen: 21
143.58.248.0/21 maxlen: 21
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.116.0/22 maxlen: 22
152.37.120.0/22 maxlen: 22
152.37.124.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.210.212.0/22 maxlen: 22
188.210.212.0/23 maxlen: 23
188.210.214.0/23 maxlen: 23
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.64.0/21 maxlen: 21
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:d000::/36 maxlen: 36
2a01:4b00:e000::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bc:64:d4:cf:36:13:e5:8c:45:e8:89:15:dc:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3598dfaaef71df00e22c9a3a1967b4d979cac8a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:41:36:07:df:42:08:7f:5d:07:1e:30:c4:e4:
ed:1a:02:f4:72:a6:4c:af:cf:c3:b4:ad:70:45:53:
1a:e2:c7:60:56:3a:3e:d7:47:8b:fc:d7:67:ea:2b:
b1:08:0a:d2:e7:a9:c1:ba:00:f2:22:16:34:20:57:
c6:0a:b5:b1:03:18:63:41:75:6e:b3:95:99:42:4d:
39:26:4d:d1:68:10:aa:80:33:df:32:ec:00:21:b8:
8d:f7:e3:fe:4f:49:00:e3:6d:77:60:05:4e:15:7e:
a4:26:8f:ef:f7:43:6d:d8:63:f3:e7:dd:40:ec:a7:
29:05:cc:22:b3:bf:24:6b:dc:b0:2b:54:4a:99:4c:
31:69:1b:ca:70:22:84:be:ae:50:1c:26:03:6b:4e:
03:45:16:e3:62:84:9c:e5:61:f1:4b:2f:c5:56:b3:
10:d3:d9:9a:7f:78:52:cc:c3:bd:71:08:1c:e4:60:
5b:34:51:b7:80:8e:30:87:bf:63:20:6e:a0:fd:f7:
a7:79:0b:eb:78:12:70:13:60:82:e3:b8:96:bc:20:
0b:a2:8f:81:b4:33:d0:77:79:2c:32:35:60:72:f3:
42:1d:bc:62:c5:e1:fe:b4:a7:03:69:d2:c2:8f:74:
ae:e8:dd:a6:a3:1d:08:20:5c:87:97:8f:ea:fc:f0:
d2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:98:DF:AA:EF:71:DF:00:E2:2C:9A:3A:19:67:B4:D9:79:CA:C8:A7
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/NZjfqu9x3wDiLJo6GWe02XnKyKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
37:9c:b0:c4:2a:94:59:5f:54:e2:67:a1:67:3c:44:35:20:63:
73:a3:dc:0f:32:30:eb:81:84:c6:c5:bd:64:8b:86:db:d6:49:
ca:23:e5:45:5e:ab:97:ca:51:75:b8:37:07:3e:32:c7:44:42:
08:22:73:68:f0:00:30:3c:a9:51:71:e2:52:45:07:d3:0b:56:
5e:22:56:75:ce:39:c6:fc:c9:9c:c7:bc:b2:79:ca:89:ba:e4:
5e:18:88:36:8d:e7:c1:dc:6d:c0:33:fb:b4:d9:53:6a:59:0c:
75:04:30:1a:91:22:1e:7d:04:37:92:7b:a0:25:f6:2d:3c:c6:
79:75:5a:53:ef:95:4f:d0:98:3b:d6:de:07:44:a9:43:28:1a:
92:80:58:b2:bb:99:3f:f5:11:e1:6b:fb:6a:82:a8:c9:07:90:
59:cf:69:c1:c1:9f:1e:98:e0:eb:ea:37:da:5b:e0:57:90:64:
15:47:d1:23:10:d2:db:32:98:66:0c:86:68:18:2d:93:64:44:
db:ce:5a:bf:6c:1c:26:f8:35:40:b2:63:dd:07:e6:a1:6b:19:
6c:0f:8c:96:c7:6d:01:6e:4a:2b:5a:4f:63:5c:20:fd:41:78:
14:1f:1d:51:37:71:00:0d:90:32:d5:6f:ae:e0:77:90:69:21:
47:f1:fb:98
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZQntbxk1M82E+WMReiJFdzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk4ZGZhYWVmNzFkZjAwZTIyYzlhM2ExOTY3YjRkOTc5Y2FjOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEE2B99CCH9dBx4wxOTtGgL0cqZM
r8/DtK1wRVMa4sdgVjo+10eL/Ndn6iuxCArS56nBugDyIhY0IFfGCrWxAxhjQXVu
s5WZQk05Jk3RaBCqgDPfMuwAIbiN9+P+T0kA4213YAVOFX6kJo/v90Nt2GPz591A
7KcpBcwis78ka9ywK1RKmUwxaRvKcCKEvq5QHCYDa04DRRbjYoSc5WHxSy/FVrMQ
09maf3hSzMO9cQgc5GBbNFG3gI4wh79jIG6g/feneQvreBJwE2CC47iWvCALoo+B
tDPQd3ksMjVgcvNCHbxixeH+tKcDadLCj3Su6N2mox0IIFyHl4/q/PDSVQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFDWY36rvcd8A4iyaOhlntNl5ysinMB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvTlpqZnF1OXgzd0RpTEpvNkdXZTAyWG5LeUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIf
DvgDBAIlnEgDBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZJ4gDBAJZ
LCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAMEBpglQAME
ArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDANBAIAAjAH
AwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEAN5ywxCqUWV9U4mehZzxENSBjc6Pc
DzIw64GExsW9ZIuG29ZJyiPlRV6rl8pRdbg3Bz4yx0RCCCJzaPAAMDypUXHiUkUH
0wtWXiJWdc45xvzJnMe8snnKibrkXhiINo3nwdxtwDP7tNlTalkMdQQwGpEiHn0E
N5J7oCX2LTzGeXVaU++VT9CYO9beB0SpQygakoBYsruZP/UR4Wv7aoKoyQeQWc9p
wcGfHpjg6+o32lvgV5BkFUfRIxDS2zKYZgyGaBgtk2RE285av2wcJvg1QLJj3Qfm
oWsZbA+MlsdtAW5KK1pPY1wg/UF4FB8dUTdxAA2QMtVvruB3kGkhR/H7mA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:56 2025 by rpki-client on console.sobornost.net