Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Zj-6KAkyK5-uOxBzRulIBx_nCWw.roa
File: Zj-6KAkyK5-uOxBzRulIBx_nCWw.roa (raw, json)
Hash identifier: 07kNnjyW7/TR0U85g69HMNgyJGZyH9KrbGOnY6jiV8c=
Subject key identifier: 66:3F:BA:28:09:32:2B:9F:AE:3B:10:73:46:E9:48:07:1F:E7:09:6C
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B60846CA7EC27C6DD094226F0E822
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Zj-6KAkyK5-uOxBzRulIBx_nCWw.roa
Signing time: Thu 02 Jan 2025 09:49:18 +0000
ROA not before: Thu 02 Jan 2025 09:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198668
IP address blocks: 37.221.240.0/20 maxlen: 32
45.153.192.0/22 maxlen: 24
85.255.88.0/22 maxlen: 22
185.19.0.0/22 maxlen: 32
185.64.222.0/24 maxlen: 32
185.74.60.0/23 maxlen: 32
185.97.24.0/22 maxlen: 22
185.188.100.0/22 maxlen: 24
185.188.100.0/24 maxlen: 24
2a03:d840::/32 maxlen: 48
2a03:d840:ffff::/48 maxlen: 48
2a04:c740::/29 maxlen: 48
2a0d:3140::/29 maxlen: 29
2a0f:9300::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:60:84:6c:a7:ec:27:c6:dd:09:42:26:f0:e8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=663fba2809322b9fae3b107346e948071fe7096c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:30:d6:c5:24:6a:24:0a:c7:20:57:1d:6f:79:
bb:23:ae:17:ff:cd:22:c5:f3:b0:f6:5e:71:7f:7f:
cb:a0:fe:3d:23:c8:d4:8a:05:e2:2c:05:9f:38:42:
4f:20:26:3c:c8:90:7c:0b:c6:03:f9:38:5a:8e:d6:
c4:96:75:29:bf:df:89:3d:90:ff:2d:e1:44:cb:36:
ee:66:6c:0b:8b:50:36:f7:f6:55:95:65:4e:a8:d7:
57:25:ef:e9:55:cc:2f:26:71:0f:41:fe:0c:53:ac:
e1:cc:a5:af:84:fa:13:35:8a:91:fe:85:10:8d:83:
64:c3:93:e5:70:c2:44:a4:57:61:09:a6:ed:87:94:
c1:87:bf:03:6a:10:cf:f8:d7:c5:e0:5c:c9:ea:1b:
00:1e:fd:d2:d1:24:e5:b7:f9:5f:8c:75:c3:7b:e7:
46:36:8f:00:f9:a8:92:3c:b1:4a:64:c0:34:05:fc:
50:bf:fa:f6:f3:0b:58:7c:ed:b8:f4:25:09:50:ba:
d0:4d:62:54:57:ad:10:bf:a1:a5:af:d8:40:b1:8a:
14:fe:25:bc:7b:5d:e0:49:fc:39:1f:6c:1c:7e:8b:
d5:9c:fb:e7:dd:04:02:b1:36:cf:f6:d8:ff:1a:25:
1c:37:28:15:e1:55:57:1b:ee:b2:4d:39:83:9a:06:
8c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3F:BA:28:09:32:2B:9F:AE:3B:10:73:46:E9:48:07:1F:E7:09:6C
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/Zj-6KAkyK5-uOxBzRulIBx_nCWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.240.0/20
45.153.192.0/22
85.255.88.0/22
185.19.0.0/22
185.64.222.0/24
185.74.60.0/23
185.97.24.0/22
185.188.100.0/22
IPv6:
2a03:d840::/32
2a04:c740::/29
2a0d:3140::/29
2a0f:9300::/29
Signature Algorithm: sha256WithRSAEncryption
90:d3:94:4d:f7:c9:34:21:ce:1b:5a:c0:a8:7f:3b:79:13:0d:
8a:c7:4e:65:d7:b4:6d:fb:1f:cb:c5:43:3f:63:7a:50:77:6f:
0b:ba:dc:27:72:95:e4:ba:f7:d4:b9:cc:fb:40:a4:14:9a:f1:
74:3c:f5:84:63:a4:c1:b6:65:58:34:ec:42:1d:c8:51:3c:aa:
19:3b:15:b8:ac:02:c8:a8:53:be:bd:a8:97:91:8b:49:6c:9d:
bd:55:dd:79:1f:48:4c:06:22:98:44:e5:6c:ba:81:c6:73:e7:
2c:23:f3:f6:ed:08:a4:18:81:cb:1c:35:cc:ea:d7:ab:61:41:
05:ea:f4:c7:68:e3:2e:bb:5b:75:55:f0:e6:15:48:f2:03:0a:
73:3d:8b:13:ba:5b:7e:49:3b:85:4d:5d:30:07:3a:77:9c:1d:
c7:45:f2:10:00:e7:43:45:c1:63:ab:48:0b:52:e4:72:3f:d1:
d5:48:67:ca:22:4c:42:57:5d:93:e6:54:1e:08:47:4f:14:2c:
2d:e3:7b:5a:43:9c:06:cf:b6:a0:d4:04:ba:db:e8:99:da:79:
37:a4:8c:29:b3:1f:34:0a:1b:b5:8a:e8:32:40:49:f1:98:39:
ce:99:ce:41:69:b2:6a:61:b1:60:9e:0a:78:fc:97:1f:6e:83:
fa:ee:88:2a
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQma2CEbKfsJ8bdCUIm8OgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjNmYmEyODA5MzIyYjlmYWUzYjEwNzM0NmU5NDgwNzFmZTcwOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDDWxSRqJArHIFcdb3m7I64X/80i
xfOw9l5xf3/LoP49I8jUigXiLAWfOEJPICY8yJB8C8YD+ThajtbElnUpv9+JPZD/
LeFEyzbuZmwLi1A29/ZVlWVOqNdXJe/pVcwvJnEPQf4MU6zhzKWvhPoTNYqR/oUQ
jYNkw5PlcMJEpFdhCabth5TBh78DahDP+NfF4FzJ6hsAHv3S0STlt/lfjHXDe+dG
No8A+aiSPLFKZMA0BfxQv/r28wtYfO249CUJULrQTWJUV60Qv6Glr9hAsYoU/iW8
e13gSfw5H2wcfovVnPvn3QQCsTbP9tj/GiUcNygV4VVXG+6yTTmDmgaMyQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGY/uigJMiufrjsQc0bpSAcf5wlsMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvWmotNktBa3lLNS11T3hCelJ1bElCeF9uQ1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQEJd3wAwQC
LZnAAwQCVf9YAwQCuRMAAwQAuUDeAwQBuUo8AwQCuWEYAwQCubxkMCIEAgACMBwD
BQAqA9hAAwUDKgTHQAMFAyoNMUADBQMqD5MAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
05RN98k0Ic4bWsCofzt5Ew2Kx05l17Rt+x/LxUM/Y3pQd28LutwncpXkuvfUucz7
QKQUmvF0PPWEY6TBtmVYNOxCHchRPKoZOxW4rALIqFO+vaiXkYtJbJ29Vd15H0hM
BiKYROVsuoHGc+csI/P27QikGIHLHDXM6terYUEF6vTHaOMuu1t1VfDmFUjyAwpz
PYsTult+STuFTV0wBzp3nB3HRfIQAOdDRcFjq0gLUuRyP9HVSGfKIkxCV12T5lQe
CEdPFCwt43taQ5wGz7ag1AS62+iZ2nk3pIwpsx80Chu1iugyQEnxmDnOmc5BabJq
YbFgngp4/JcfboP67ogq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:30 2025 by rpki-client on console.sobornost.net