Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/RL3xJ4ezhmNdZ1rcVqISik-0MMo.roa
File: RL3xJ4ezhmNdZ1rcVqISik-0MMo.roa (raw, json)
Hash identifier: xlGD8LTXAgZF6ai7L4BH7qy3aFEkBhgRkokviaW4/Ws=
Subject key identifier: 44:BD:F1:27:87:B3:86:63:5D:67:5A:DC:56:A2:12:8A:4F:B4:30:CA
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 01951E212310EB73DE719AF126F0E403ECF8
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/RL3xJ4ezhmNdZ1rcVqISik-0MMo.roa
Signing time: Wed 19 Feb 2025 12:14:02 +0000
ROA not before: Wed 19 Feb 2025 12:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.85.132.0/24 maxlen: 24
45.88.140.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.71.136.0/21 maxlen: 24
109.197.240.0/21 maxlen: 24
109.205.0.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.71.148.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/23 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
185.246.26.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
193.176.64.0/22 maxlen: 24
194.88.112.0/21 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a01:6603::/32 maxlen: 32
2a01:6604::/32 maxlen: 32
2a01:6605::/32 maxlen: 32
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:21:23:10:eb:73:de:71:9a:f1:26:f0:e4:03:ec:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Feb 19 12:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44bdf12787b386635d675adc56a2128a4fb430ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0c:f5:4f:20:97:1f:6b:06:5c:cc:d9:4b:af:
c5:d3:6b:18:fe:94:c6:bb:f8:ea:b3:5e:5f:d2:1f:
3d:fd:0c:1e:00:2f:a1:e0:51:28:7e:1d:62:31:24:
43:d4:3d:b8:14:16:65:50:2c:ed:1a:8e:b3:52:23:
c9:1c:d5:6f:c8:be:6a:c0:af:41:84:e6:7e:11:46:
70:35:d9:15:27:d6:a3:9c:f1:3a:3b:73:85:7b:11:
5e:58:0a:02:61:d9:01:e6:9f:36:09:30:c5:a8:29:
87:d2:0c:09:92:69:ba:b2:8b:f4:4c:4f:1e:b8:34:
00:22:4f:7d:84:6e:bc:ee:d6:2c:b9:f4:ee:fb:32:
04:96:ea:d4:67:78:6d:60:a6:0d:03:61:e3:15:03:
3e:c2:d3:b3:8e:c2:a2:56:ab:22:be:2b:b3:71:0c:
ac:93:66:7a:e3:de:fe:ad:e8:eb:18:83:39:96:e3:
9f:a3:4e:a0:d3:1e:f0:e6:c7:20:31:df:fc:2d:ea:
b4:74:0c:76:43:4f:f5:c8:d6:f9:f1:c3:ab:6d:5b:
a4:cd:90:ad:de:6a:7d:a1:fc:16:0c:a2:b9:64:f2:
a1:64:67:02:2b:5a:f9:28:00:5f:b2:36:9f:ff:f6:
2f:19:09:38:df:cb:e7:ae:3a:cb:f0:c8:88:9d:cb:
ed:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BD:F1:27:87:B3:86:63:5D:67:5A:DC:56:A2:12:8A:4F:B4:30:CA
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/RL3xJ4ezhmNdZ1rcVqISik-0MMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.85.132.0/24
45.88.140.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.71.136.0/21
109.197.240.0/21
109.205.0.0/21
185.31.148.0/22
185.39.168.0/22
185.71.148.0/22
185.75.140.0/22
185.117.18.0/23
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.220.72.0/22
185.227.0.0/22
185.230.96.0/22
185.246.26.0/24
185.246.96.0/22
185.252.156.0/22
193.176.64.0/22
194.88.112.0/21
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a01:6603::-2a01:6605:ffff:ffff:ffff:ffff:ffff:ffff
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
9f:c8:c3:d9:b7:a7:68:a9:ce:6a:b3:9f:a0:ca:8a:be:ba:e4:
11:05:5d:c0:b7:f1:69:dd:27:d0:24:a0:e3:bf:67:59:e0:77:
da:9a:96:14:96:2e:04:a6:09:e0:e1:62:74:ac:26:45:32:4a:
52:57:5b:79:c4:99:8f:76:4d:ef:4c:2d:2b:ff:f8:73:76:43:
03:69:39:2b:ca:5c:6d:78:78:61:c1:8c:50:0b:12:54:d5:c7:
38:5b:82:7f:93:72:11:13:b2:16:f7:42:63:65:73:84:31:ec:
8c:92:47:50:2c:40:f9:11:7a:65:86:d1:76:84:1b:35:7c:e2:
48:d3:53:d2:31:3c:d1:58:ee:a4:08:9d:ce:85:02:ea:51:f5:
6a:cc:18:23:74:43:f3:c4:ab:f1:69:78:b4:c1:55:d9:ec:a0:
c8:60:49:49:9f:3e:c8:7d:98:62:99:58:0b:0f:51:e7:e6:df:
9c:0e:d6:d9:5e:11:29:b5:47:50:ba:e8:f1:b5:9d:85:e7:2c:
d5:fe:c9:02:21:5a:dc:a0:73:65:24:2f:1c:79:ea:7e:ad:43:
c7:5b:17:b1:91:c5:09:f9:d4:f9:8b:65:c8:22:5a:14:0f:80:
24:b4:a3:0e:79:10:3c:be:32:fd:c4:de:3f:76:55:20:5f:3d:
e1:8b:d1:b3
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAZUeISMQ63PecZrxJvDkA+z4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjUwMjE5MTIxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGJkZjEyNzg3YjM4NjYzNWQ2NzVhZGM1NmEyMTI4YTRmYjQzMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswz1TyCXH2sGXMzZS6/F02sY/pTG
u/jqs15f0h89/QweAC+h4FEofh1iMSRD1D24FBZlUCztGo6zUiPJHNVvyL5qwK9B
hOZ+EUZwNdkVJ9ajnPE6O3OFexFeWAoCYdkB5p82CTDFqCmH0gwJkmm6sov0TE8e
uDQAIk99hG687tYsufTu+zIElurUZ3htYKYNA2HjFQM+wtOzjsKiVqsiviuzcQys
k2Z6497+rejrGIM5luOfo06g0x7w5scgMd/8Leq0dAx2Q0/1yNb58cOrbVukzZCt
3mp9ofwWDKK5ZPKhZGcCK1r5KABfsjaf//YvGQk438vnrjrL8MiIncvtLwIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFES98SeHs4ZjXWda3FaiEopPtDDKMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvUkwzeEo0ZXpobU5kWjFyY1ZxSVNpay0wTU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCB0wQCAAEwgcwD
BAAlEE4DBAMl61gDBAItD8wDBAAtVYQDBAItWIwDBAItisADBAMuHXgDBAJV0NgD
BABb1OwDBABb5YgDBAJenrQDBANtR4gDBANtxfADBANtzQADBAK5H5QDBAK5J6gD
BAK5R5QDBAK5S4wDBAG5dRIDBAK5oSwDBAC5p0wDBAK5tQQDBAK52tQDBAK53EgD
BAK54wADBAK55mADBAC59hoDBAK59mADBAK5/JwDBALBsEADBAPCWHADBADCfrID
BALDWnQDBADDvhswQwQCAAIwPTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYAKgFm
AC4wDgMFACoBZgMDBQEqAWYEAwUAKgIhyAMFAyoJjEAwDQYJKoZIhvcNAQELBQAD
ggEBAJ/Iw9m3p2ipzmqzn6DKir665BEFXcC38WndJ9AkoOO/Z1ngd9qalhSWLgSm
CeDhYnSsJkUySlJXW3nEmY92Te9MLSv/+HN2QwNpOSvKXG14eGHBjFALElTVxzhb
gn+TchETshb3QmNlc4Qx7IySR1AsQPkRemWG0XaEGzV84kjTU9IxPNFY7qQInc6F
AupR9WrMGCN0Q/PEq/FpeLTBVdnsoMhgSUmfPsh9mGKZWAsPUefm35wO1tleESm1
R1C66PG1nYXnLNX+yQIhWtygc2UkLxx56n6tQ8dbF7GRxQn51PmLZcgiWhQPgCS0
ow55EDy+Mv3E3j92VSBfPeGL0bM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net