Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1HICxm5XE1Xa3W6sHyVTFrtXseg.roa
File: 1HICxm5XE1Xa3W6sHyVTFrtXseg.roa (raw, json)
Hash identifier: dvRfAeOxxHgIJPYeNT72xoJv94KAdeauRs8VH7xBqws=
Subject key identifier: D4:72:02:C6:6E:57:13:55:DA:DD:6E:AC:1F:25:53:16:BB:57:B1:E8
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01961AD862B74E729E80B209CA4EA9D197CB
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1HICxm5XE1Xa3W6sHyVTFrtXseg.roa
Signing time: Wed 09 Apr 2025 13:58:30 +0000
ROA not before: Wed 09 Apr 2025 13:58:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12325
IP address blocks: 37.156.35.0/24 maxlen: 24
46.102.191.0/24 maxlen: 24
77.81.183.0/24 maxlen: 24
84.247.36.0/22 maxlen: 24
86.105.151.0/24 maxlen: 24
86.105.224.0/24 maxlen: 24
86.107.47.0/24 maxlen: 24
86.107.77.0/24 maxlen: 24
86.107.184.0/24 maxlen: 24
86.107.244.0/23 maxlen: 24
89.33.81.0/24 maxlen: 24
89.33.87.0/24 maxlen: 24
89.34.90.0/24 maxlen: 24
89.34.174.0/24 maxlen: 24
89.35.26.0/24 maxlen: 24
89.35.51.0/24 maxlen: 24
89.35.172.0/24 maxlen: 24
89.37.142.0/24 maxlen: 24
89.39.64.0/23 maxlen: 24
89.39.80.0/24 maxlen: 24
89.39.90.0/24 maxlen: 24
89.40.65.0/24 maxlen: 24
89.40.69.0/24 maxlen: 24
89.40.104.0/23 maxlen: 24
89.40.204.0/24 maxlen: 24
89.40.233.0/24 maxlen: 24
89.42.158.0/23 maxlen: 24
92.114.104.0/23 maxlen: 24
93.113.98.0/23 maxlen: 24
93.113.214.0/23 maxlen: 24
93.117.175.0/24 maxlen: 24
94.176.3.0/24 maxlen: 24
94.177.58.0/24 maxlen: 24
176.223.163.0/24 maxlen: 24
188.215.78.0/24 maxlen: 24
188.240.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:d8:62:b7:4e:72:9e:80:b2:09:ca:4e:a9:d1:97:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 9 13:58:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d47202c66e571355dadd6eac1f255316bb57b1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ad:13:e4:a3:43:be:b1:0b:76:93:8e:ae:76:
e3:be:de:f1:d3:79:19:a4:8c:49:03:9e:2c:19:c6:
ff:32:a3:c4:c5:b2:f8:0a:25:ad:63:ff:84:0d:d2:
78:a0:b6:1c:12:1d:2c:f8:ee:ec:db:4c:3b:19:0e:
be:2a:3d:99:9a:00:74:9b:41:49:66:03:04:a5:c3:
55:0a:92:02:bb:61:db:bf:aa:80:55:d2:af:ed:ba:
19:aa:47:5f:d6:98:b0:4a:ef:84:51:f1:34:97:c7:
9b:53:33:32:dc:cf:a3:78:4f:ab:44:56:f3:51:44:
ec:34:08:b7:17:ab:64:b1:62:ac:fb:78:f7:3e:d1:
4e:3a:fd:eb:b9:5c:b6:29:29:d9:bb:1d:54:98:85:
70:7d:83:4d:c2:86:bd:10:16:d0:d8:17:06:01:0b:
02:79:49:4e:bf:62:be:0e:c2:d7:ac:69:8b:98:ac:
71:9f:31:a7:98:cc:60:3b:37:67:d5:9e:69:f7:33:
9a:74:bc:3a:9c:aa:bd:d4:92:3c:d0:ec:44:95:86:
1e:b1:c1:da:fe:1b:10:12:4f:ff:93:cd:7d:48:40:
ff:4e:ac:cd:5f:95:14:4d:fe:7c:87:bd:bf:ec:44:
50:23:b1:b8:18:67:b9:4d:20:c0:e8:88:f7:8d:d8:
8f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:72:02:C6:6E:57:13:55:DA:DD:6E:AC:1F:25:53:16:BB:57:B1:E8
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1HICxm5XE1Xa3W6sHyVTFrtXseg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.35.0/24
46.102.191.0/24
77.81.183.0/24
84.247.36.0/22
86.105.151.0/24
86.105.224.0/24
86.107.47.0/24
86.107.77.0/24
86.107.184.0/24
86.107.244.0/23
89.33.81.0/24
89.33.87.0/24
89.34.90.0/24
89.34.174.0/24
89.35.26.0/24
89.35.51.0/24
89.35.172.0/24
89.37.142.0/24
89.39.64.0/23
89.39.80.0/24
89.39.90.0/24
89.40.65.0/24
89.40.69.0/24
89.40.104.0/23
89.40.204.0/24
89.40.233.0/24
89.42.158.0/23
92.114.104.0/23
93.113.98.0/23
93.113.214.0/23
93.117.175.0/24
94.176.3.0/24
94.177.58.0/24
176.223.163.0/24
188.215.78.0/24
188.240.17.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:45:3c:08:89:c4:a5:fc:ec:60:3a:2f:99:a2:c4:6a:f2:c9:
bc:a0:e5:42:1e:68:5c:da:1d:70:ca:eb:39:59:a3:0c:d0:dd:
d0:be:2b:54:d1:bb:a4:1c:62:13:50:36:08:46:d4:5e:ee:59:
91:92:8c:5d:0a:b7:63:9a:85:ef:7a:92:9c:ce:f1:cf:5d:8f:
fb:08:90:f7:e5:8f:37:a0:af:68:53:43:17:2c:59:6b:f9:4b:
35:3b:b4:08:b4:f2:dc:3f:e0:eb:ec:e1:be:a5:b3:9d:89:66:
5a:4d:17:d9:03:94:7c:d2:62:04:05:b7:5c:1a:f9:16:eb:ac:
30:01:3e:2a:43:cb:1e:ae:08:32:62:3e:e5:06:d1:a8:81:5a:
59:af:6e:c6:03:c1:08:2e:ca:d2:df:a1:d2:48:1a:15:02:f5:
12:2d:ca:ff:64:aa:e8:06:94:ce:d7:49:3c:02:9a:ec:1c:d6:
44:49:d9:c4:00:72:f9:a1:fb:4c:bb:df:7e:23:79:66:cc:58:
b6:d7:65:6a:fe:bb:c9:a8:e6:63:c6:4a:80:6a:3b:0d:0f:7c:
c9:3f:00:dd:d1:32:9d:f0:44:ab:63:5c:d7:5d:10:31:e6:45:
99:bf:eb:cd:27:a6:7a:cd:79:7f:99:d8:f4:7b:9a:35:b4:11:
56:dc:89:48
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZYa2GK3TnKegLIJyk6p0ZfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwNDA5MTM1ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDcyMDJjNjZlNTcxMzU1ZGFkZDZlYWMxZjI1NTMxNmJiNTdiMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA260T5KNDvrELdpOOrnbjvt7x03kZ
pIxJA54sGcb/MqPExbL4CiWtY/+EDdJ4oLYcEh0s+O7s20w7GQ6+Kj2ZmgB0m0FJ
ZgMEpcNVCpICu2Hbv6qAVdKv7boZqkdf1piwSu+EUfE0l8ebUzMy3M+jeE+rRFbz
UUTsNAi3F6tksWKs+3j3PtFOOv3ruVy2KSnZux1UmIVwfYNNwoa9EBbQ2BcGAQsC
eUlOv2K+DsLXrGmLmKxxnzGnmMxgOzdn1Z5p9zOadLw6nKq91JI80OxElYYescHa
/hsQEk//k819SED/TqzNX5UUTf58h72/7ERQI7G4GGe5TSDA6Ij3jdiPuwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFNRyAsZuVxNV2t1urB8lUxa7V7HoMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzFISUN4bTVYRTFYYTNXNnNIeVZURnJ0WHNlZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgfUGCCsGAQUFBwEHAQH/BIHlMIHiMIHfBAIAATCB2AME
ACWcIwMEAC5mvwMEAE1RtwMEAlT3JAMEAFZplwMEAFZp4AMEAFZrLwMEAFZrTQME
AFZruAMEAVZr9AMEAFkhUQMEAFkhVwMEAFkiWgMEAFkirgMEAFkjGgMEAFkjMwME
AFkjrAMEAFkljgMEAVknQAMEAFknUAMEAFknWgMEAFkoQQMEAFkoRQMEAVkoaAME
AFkozAMEAFko6QMEAVkqngMEAVxyaAMEAV1xYgMEAV1x1gMEAF11rwMEAF6wAwME
AF6xOgMEALDfowMEALzXTgMEALzwETANBgkqhkiG9w0BAQsFAAOCAQEAPUU8CInE
pfzsYDovmaLEavLJvKDlQh5oXNodcMrrOVmjDNDd0L4rVNG7pBxiE1A2CEbUXu5Z
kZKMXQq3Y5qF73qSnM7xz12P+wiQ9+WPN6CvaFNDFyxZa/lLNTu0CLTy3D/g6+zh
vqWznYlmWk0X2QOUfNJiBAW3XBr5FuusMAE+KkPLHq4IMmI+5QbRqIFaWa9uxgPB
CC7K0t+h0kgaFQL1Ei3K/2Sq6AaUztdJPAKa7BzWREnZxABy+aH7TLvffiN5ZsxY
ttdlav67yajmY8ZKgGo7DQ98yT8A3dEynfBEq2Nc110QMeZFmb/rzSemes15f5nY
9HuaNbQRVtyJSA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:00 2025 by rpki-client on console.sobornost.net