Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vlNqGdvOfmOXR8V_IXSCM5KByYo.roa
File: vlNqGdvOfmOXR8V_IXSCM5KByYo.roa (raw, json)
Hash identifier: wqdSnJjhle/8RlQRdLykBTKBNUokl5wd4moMJ2rIYtk=
Subject key identifier: BE:53:6A:19:DB:CE:7E:63:97:47:C5:7F:21:74:82:33:92:81:C9:8A
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019421B250D2779BC726DFCDEEBD00370D8B
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vlNqGdvOfmOXR8V_IXSCM5KByYo.roa
Signing time: Wed 01 Jan 2025 11:48:41 +0000
ROA not before: Wed 01 Jan 2025 11:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3267
IP address blocks: 80.250.160.0/19 maxlen: 24
82.137.128.0/18 maxlen: 24
82.137.176.0/20 maxlen: 22
82.179.32.0/20 maxlen: 24
82.179.63.0/24 maxlen: 24
82.179.64.0/19 maxlen: 24
82.179.140.0/23 maxlen: 23
82.179.160.0/20 maxlen: 24
82.179.192.0/19 maxlen: 24
83.149.192.0/18 maxlen: 24
85.142.8.0/21 maxlen: 21
85.142.16.0/20 maxlen: 24
85.142.32.0/21 maxlen: 24
85.142.52.0/22 maxlen: 24
85.142.56.0/22 maxlen: 24
85.142.102.0/23 maxlen: 24
85.142.104.0/21 maxlen: 24
85.142.116.0/22 maxlen: 24
85.142.120.0/21 maxlen: 24
85.142.148.0/23 maxlen: 24
85.142.153.0/24 maxlen: 24
85.142.162.0/23 maxlen: 24
85.143.0.0/20 maxlen: 24
85.143.18.0/23 maxlen: 24
85.143.26.0/24 maxlen: 24
85.143.96.0/22 maxlen: 24
85.143.112.0/22 maxlen: 24
85.143.124.0/22 maxlen: 24
85.143.224.0/21 maxlen: 21
85.143.239.0/24 maxlen: 24
86.110.96.0/24 maxlen: 24
86.110.101.0/24 maxlen: 24
86.110.102.0/23 maxlen: 24
185.71.96.0/22 maxlen: 22
185.141.124.0/22 maxlen: 22
188.93.107.0/24 maxlen: 24
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
194.85.168.0/23 maxlen: 23
194.85.174.0/23 maxlen: 23
194.149.64.0/24 maxlen: 24
194.149.70.0/23 maxlen: 24
194.190.232.0/21 maxlen: 24
194.190.240.0/23 maxlen: 24
194.190.247.0/24 maxlen: 24
194.190.249.0/24 maxlen: 24
194.190.254.0/23 maxlen: 23
194.226.192.0/19 maxlen: 24
195.209.224.0/22 maxlen: 22
195.209.234.0/24 maxlen: 24
195.209.236.0/23 maxlen: 23
195.209.240.0/22 maxlen: 22
2001:b08:22::/48 maxlen: 48
2001:b08:26::/48 maxlen: 48
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2a07:a6c4::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:50:d2:77:9b:c7:26:df:cd:ee:bd:00:37:0d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be536a19dbce7e639747c57f217482339281c98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:24:9d:09:d5:62:26:46:ad:97:2a:74:dd:9d:
c3:6e:83:0e:a9:f1:70:e7:a7:0d:c0:a7:80:e7:65:
da:75:84:f1:a1:04:3c:0c:76:b9:db:5c:03:12:91:
e1:74:c4:58:9b:39:26:bd:dc:57:57:3b:d4:7c:1c:
e0:5a:57:bc:35:43:5a:07:ef:5e:03:0e:1c:24:ef:
ef:17:f1:61:cc:7b:1d:30:8f:60:82:91:f3:1d:c0:
81:3b:3f:b3:42:10:ee:cd:ee:d9:5c:2e:d2:8f:73:
c3:14:72:a3:59:69:e9:6d:f6:09:d8:4e:58:c4:99:
6a:9c:0c:be:f5:ba:43:ba:68:c1:c5:97:0b:82:58:
13:b3:e8:0d:dd:e4:09:fd:e8:4e:8d:81:78:8c:07:
3c:6a:2b:f3:c9:93:28:03:ee:c4:28:ec:ff:5f:8d:
e8:24:86:4e:8f:19:37:93:74:a7:30:3b:4b:f7:ef:
0c:cb:c2:5c:45:88:52:3e:07:39:7b:cf:08:91:d9:
44:25:0c:13:3f:e9:13:a0:6a:17:3f:0c:6f:a3:57:
ec:44:e4:55:66:c8:3c:0e:b5:77:66:df:db:e9:81:
aa:23:9c:49:cf:16:64:54:48:1d:9d:3a:87:58:91:
3d:f0:22:97:bd:0c:7f:38:0f:8d:10:e1:92:c3:ba:
cd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:53:6A:19:DB:CE:7E:63:97:47:C5:7F:21:74:82:33:92:81:C9:8A
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/vlNqGdvOfmOXR8V_IXSCM5KByYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.128.0/18
82.179.32.0/20
82.179.63.0-82.179.95.255
82.179.140.0/23
82.179.160.0/20
82.179.192.0/19
83.149.192.0/18
85.142.8.0-85.142.39.255
85.142.52.0-85.142.59.255
85.142.102.0-85.142.111.255
85.142.116.0-85.142.127.255
85.142.148.0/23
85.142.153.0/24
85.142.162.0/23
85.143.0.0/20
85.143.18.0/23
85.143.26.0/24
85.143.96.0/22
85.143.112.0/22
85.143.124.0/22
85.143.224.0/21
85.143.239.0/24
86.110.96.0/24
86.110.101.0-86.110.103.255
185.71.96.0/22
185.141.124.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.168.0/23
194.85.174.0/23
194.149.64.0/24
194.149.70.0/23
194.190.232.0-194.190.241.255
194.190.247.0/24
194.190.249.0/24
194.190.254.0/23
194.226.192.0/19
195.209.224.0/22
195.209.234.0/24
195.209.236.0/23
195.209.240.0/22
IPv6:
2001:b08:22::/48
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
35:a0:44:4e:05:0c:56:da:cf:cc:24:3c:b8:ad:88:40:13:29:
23:c7:2f:de:31:3b:49:ec:4c:d7:ef:3e:02:7a:42:78:4a:ad:
9e:f0:3b:08:2f:fa:dd:d5:f0:d4:b3:fb:ec:99:99:9a:65:6f:
88:d3:bd:ea:ed:f6:43:93:00:76:86:5a:fa:c4:78:ac:27:88:
0d:d2:ae:dc:42:c1:25:d2:c5:67:b6:c0:d4:cd:79:47:9c:fd:
61:5d:ed:59:e2:2d:a8:a9:66:4b:26:ad:21:84:7d:03:d5:20:
65:af:5a:1c:d1:3d:80:9a:5c:63:1a:0a:bd:a7:f3:16:16:58:
2c:30:25:16:2f:06:68:61:25:af:5f:7c:f9:15:51:cb:47:0d:
fd:62:93:9b:b7:8d:91:f6:38:8a:aa:98:9f:20:36:25:b6:9f:
97:b1:09:e9:47:5d:d8:ef:1f:6e:61:82:78:39:82:57:1c:e3:
13:d5:83:0b:39:89:06:1c:b2:57:51:80:0e:a1:0d:b7:76:c5:
3b:a0:44:e7:ee:e9:0b:a9:6a:6c:c8:8c:1e:3d:96:81:a6:42:
4f:ee:d1:68:10:b5:f9:9b:be:22:2d:91:43:09:68:f9:35:e4:
09:1a:39:85:c6:12:ba:43:0e:fa:a4:5f:5d:6a:87:53:b2:1a:
fa:20:de:50
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAZQhslDSd5vHJt/N7r0ANw2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjUwMTAxMTE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTUzNmExOWRiY2U3ZTYzOTc0N2M1N2YyMTc0ODIzMzkyODFjOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSSdCdViJkatlyp03Z3DboMOqfFw
56cNwKeA52XadYTxoQQ8DHa521wDEpHhdMRYmzkmvdxXVzvUfBzgWle8NUNaB+9e
Aw4cJO/vF/FhzHsdMI9ggpHzHcCBOz+zQhDuze7ZXC7Sj3PDFHKjWWnpbfYJ2E5Y
xJlqnAy+9bpDumjBxZcLglgTs+gN3eQJ/ehOjYF4jAc8aivzyZMoA+7EKOz/X43o
JIZOjxk3k3SnMDtL9+8My8JcRYhSPgc5e88IkdlEJQwTP+kToGoXPwxvo1fsRORV
Zsg8DrV3Zt/b6YGqI5xJzxZkVEgdnTqHWJE98CKXvQx/OA+NEOGSw7rN5QIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFL5Tahnbzn5jl0fFfyF0gjOSgcmKMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdmxOcUdkdk9mbU9YUjhWX0lYU0NNNUtCeVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAUIEAgABMIIB
OgMEBVD6oAMEBlKJgAMEBFKzIDAMAwQAUrM/AwQFUrNAAwQBUrOMAwQEUrOgAwQF
UrPAAwQGU5XAMAwDBANVjggDBANVjiAwDAMEAlWONAMEAlWOODAMAwQBVY5mAwQE
VY5gMAwDBAJVjnQDBAdVjgADBAFVjpQDBABVjpkDBAFVjqIDBARVjwADBAFVjxID
BABVjxoDBAJVj2ADBAJVj3ADBAJVj3wDBANVj+ADBABVj+8DBABWbmAwDAMEAFZu
ZQMEA1ZuYAMEArlHYAMEArmNfAMEALxdawMEAcEb1gMEBMJVIAMEAcJVqAMEAcJV
rgMEAMKVQAMEAcKVRjAMAwQDwr7oAwQBwr7wAwQAwr73AwQAwr75AwQBwr7+AwQF
wuLAAwQCw9HgAwQAw9HqAwQBw9HsAwQCw9HwMCYEAgACMCADBwAgAQsIACIDBwAg
AQsIACYDBQAqAA24AwUDKgemwDANBgkqhkiG9w0BAQsFAAOCAQEANaBETgUMVtrP
zCQ8uK2IQBMpI8cv3jE7SexM1+8+AnpCeEqtnvA7CC/63dXw1LP77JmZmmVviNO9
6u32Q5MAdoZa+sR4rCeIDdKu3ELBJdLFZ7bA1M15R5z9YV3tWeItqKlmSyatIYR9
A9UgZa9aHNE9gJpcYxoKvafzFhZYLDAlFi8GaGElr198+RVRy0cN/WKTm7eNkfY4
iqqYnyA2Jbafl7EJ6Udd2O8fbmGCeDmCVxzjE9WDCzmJBhyyV1GADqENt3bFO6BE
5+7pC6lqbMiMHj2WgaZCT+7RaBC1+Zu+Ii2RQwlo+TXkCRo5hcYSukMO+qRfXWqH
U7Ia+iDeUA==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:15:57 2025 by rpki-client on console.sobornost.net