Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/cmQy3O27JTVMgc0scAWzRQz1k34.roa
File: cmQy3O27JTVMgc0scAWzRQz1k34.roa (raw, json)
Hash identifier: JrHBwEb+drqrBDZnlCxDUthDJ1gAVyMOlFCkBCL2cqI=
Subject key identifier: 72:64:32:DC:ED:BB:25:35:4C:81:CD:2C:70:05:B3:45:0C:F5:93:7E
Certificate issuer: /CN=612c1c53f6c1d996236cbb37ba3247670399a62d
Certificate serial: 019424B385BF643690C098F806CDB065E172
Authority key identifier: 61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/cmQy3O27JTVMgc0scAWzRQz1k34.roa
Signing time: Thu 02 Jan 2025 01:48:52 +0000
ROA not before: Thu 02 Jan 2025 01:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49215
IP address blocks: 83.220.0.0/21 maxlen: 21
83.220.9.0/24 maxlen: 24
83.220.10.0/24 maxlen: 24
83.220.11.0/24 maxlen: 24
83.220.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:85:bf:64:36:90:c0:98:f8:06:cd:b0:65:e1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=612c1c53f6c1d996236cbb37ba3247670399a62d
Validity
Not Before: Jan 2 01:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=726432dcedbb25354c81cd2c7005b3450cf5937e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d3:78:02:14:74:b4:4b:14:b5:82:e0:5d:c0:
c5:9b:ea:9b:56:78:4f:8b:5b:fd:38:0c:fd:c2:19:
5b:04:a5:16:fd:05:eb:db:03:65:73:d3:09:c6:e9:
f2:5f:0f:7f:aa:b0:1f:25:9a:45:7e:17:55:19:0d:
f7:e5:e6:7b:0c:97:b8:02:30:e7:22:07:64:cb:69:
03:55:85:10:1b:6a:53:43:02:b0:8e:63:9d:59:b8:
cd:06:43:6e:94:16:d0:63:d1:c3:75:66:bd:ee:c2:
14:1e:f2:59:39:aa:8f:6e:88:e7:9f:0d:c0:8f:52:
90:0c:a8:94:a2:8a:10:2f:92:ac:5a:18:c1:11:c8:
92:a7:59:a3:9c:b7:71:9d:45:b4:73:c3:14:1d:d4:
8b:33:bc:c6:da:60:06:cd:6e:a5:9d:7f:ba:0e:b7:
b3:b2:b0:de:11:fc:fc:11:bd:9f:da:9d:7d:18:b0:
fc:79:b9:60:19:b4:21:66:45:09:15:7c:f1:3d:c1:
00:d9:29:87:5d:25:7b:71:0f:af:f2:5f:0e:e8:78:
3a:05:b2:48:92:90:e0:0a:c6:08:2c:08:64:d7:23:
34:78:3a:fd:40:f7:cf:95:c6:56:32:6b:45:8e:93:
e7:a2:9d:fe:38:a4:9f:42:98:02:e6:ea:93:58:b0:
fc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:64:32:DC:ED:BB:25:35:4C:81:CD:2C:70:05:B3:45:0C:F5:93:7E
X509v3 Authority Key Identifier:
keyid:61:2C:1C:53:F6:C1:D9:96:23:6C:BB:37:BA:32:47:67:03:99:A6:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/cmQy3O27JTVMgc0scAWzRQz1k34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/f0078e-d0c7-428e-9524-ecaf578a34e3/1/YSwcU_bB2ZYjbLs3ujJHZwOZpi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.0.0/21
83.220.9.0-83.220.15.255
Signature Algorithm: sha256WithRSAEncryption
d9:a2:b5:c8:67:a1:79:ed:1b:42:27:52:d6:79:3e:27:31:08:
4e:ee:8e:86:39:ea:4e:9e:cd:bf:74:81:f8:15:b1:06:d3:a4:
e2:f1:be:bc:c3:b8:fb:9f:ad:9f:30:bc:57:de:ae:15:8d:4e:
0a:d8:36:3e:53:9a:6c:53:b0:f4:75:ce:9c:f1:e8:73:e8:71:
cc:8d:60:69:97:a0:95:47:ae:84:e9:f3:7b:a6:7d:d0:45:63:
19:ff:48:db:4e:3a:92:2c:95:f3:af:6b:d9:55:48:b6:31:fa:
58:1f:8a:d7:50:84:21:f2:8d:49:05:a9:e4:33:00:ac:99:e3:
f4:13:fc:fe:4a:33:ec:c0:48:cf:05:a3:a8:0c:a9:9a:9e:51:
1b:51:4d:b9:3e:b1:d1:ec:8a:12:2a:5b:fa:37:f7:26:50:26:
5a:60:49:df:35:7f:c6:5b:1c:67:08:5a:9d:7e:05:09:ac:3c:
05:75:a8:8f:bc:0f:bf:2f:a9:2d:bf:34:0e:ee:f7:94:c4:18:
a2:1a:62:6b:45:c1:79:46:87:05:c8:ef:9e:a3:fd:af:6b:d2:
db:93:41:83:80:1d:58:a0:d9:1f:5d:c9:25:3a:ec:a5:56:0b:
ac:de:c9:ca:e6:1a:57:db:05:38:21:6d:73:21:3a:81:2e:b3:
70:a8:a0:02
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQks4W/ZDaQwJj4Bs2wZeFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMmMxYzUzZjZjMWQ5OTYyMzZjYmIzN2JhMzI0NzY3MDM5
OWE2MmQwHhcNMjUwMTAyMDE0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjY0MzJkY2VkYmIyNTM1NGM4MWNkMmM3MDA1YjM0NTBjZjU5MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tN4AhR0tEsUtYLgXcDFm+qbVnhP
i1v9OAz9whlbBKUW/QXr2wNlc9MJxunyXw9/qrAfJZpFfhdVGQ335eZ7DJe4AjDn
Igdky2kDVYUQG2pTQwKwjmOdWbjNBkNulBbQY9HDdWa97sIUHvJZOaqPbojnnw3A
j1KQDKiUoooQL5KsWhjBEciSp1mjnLdxnUW0c8MUHdSLM7zG2mAGzW6lnX+6Drez
srDeEfz8Eb2f2p19GLD8eblgGbQhZkUJFXzxPcEA2SmHXSV7cQ+v8l8O6Hg6BbJI
kpDgCsYILAhk1yM0eDr9QPfPlcZWMmtFjpPnop3+OKSfQpgC5uqTWLD8WwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHJkMtztuyU1TIHNLHAFs0UM9ZN+MB8GA1UdIwQY
MBaAFGEsHFP2wdmWI2y7N7oyR2cDmaYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVN3Y1VfYkIyWllqYkxzM3VqSkhad09acGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9mMDA3OGUtZDBjNy00MjhlLTk1MjQt
ZWNhZjU3OGEzNGUzLzEvY21ReTNPMjdKVFZNZ2Mwc2NBV3pSUXoxazM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9mMDA3OGUtZDBjNy00MjhlLTk1MjQtZWNhZjU3OGEzNGUz
LzEvWVN3Y1VfYkIyWllqYkxzM3VqSkhad09acGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDU9wAMAwD
BABT3AkDBART3AAwDQYJKoZIhvcNAQELBQADggEBANmitchnoXntG0InUtZ5Picx
CE7ujoY56k6ezb90gfgVsQbTpOLxvrzDuPufrZ8wvFferhWNTgrYNj5TmmxTsPR1
zpzx6HPoccyNYGmXoJVHroTp83umfdBFYxn/SNtOOpIslfOva9lVSLYx+lgfitdQ
hCHyjUkFqeQzAKyZ4/QT/P5KM+zASM8Fo6gMqZqeURtRTbk+sdHsihIqW/o39yZQ
JlpgSd81f8ZbHGcIWp1+BQmsPAV1qI+8D78vqS2/NA7u95TEGKIaYmtFwXlGhwXI
756j/a9r0tuTQYOAHVig2R9dySU67KVWC6zeycrmGlfbBTghbXMhOoEus3CooAI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:34 2025 by rpki-client on console.sobornost.net