Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/gNm_8ubIRnghkX5x5Ecf8j59a50.roa
File: gNm_8ubIRnghkX5x5Ecf8j59a50.roa (raw, json)
Hash identifier: XP/CkQ+YATIXyfDMuhBgJq4Rpc3X3KQf0SBIa7k3ss0=
Subject key identifier: 80:D9:BF:F2:E6:C8:46:78:21:91:7E:71:E4:47:1F:F2:3E:7D:6B:9D
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 01942826CF63C9D00D4FDD77CCD81597EE75
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/gNm_8ubIRnghkX5x5Ecf8j59a50.roa
Signing time: Thu 02 Jan 2025 17:53:39 +0000
ROA not before: Thu 02 Jan 2025 17:53:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.88.140.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.71.136.0/21 maxlen: 24
109.197.240.0/21 maxlen: 24
109.205.0.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.71.148.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/23 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
185.246.26.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
193.176.64.0/22 maxlen: 24
194.88.112.0/21 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a01:6603::/32 maxlen: 32
2a01:6604::/32 maxlen: 32
2a01:6605::/32 maxlen: 32
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:cf:63:c9:d0:0d:4f:dd:77:cc:d8:15:97:ee:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jan 2 17:53:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80d9bff2e6c8467821917e71e4471ff23e7d6b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bd:b8:66:89:69:6f:0a:c7:b6:19:7a:6c:4d:
30:05:70:e4:7a:2d:b9:3a:31:24:b2:a5:00:77:6d:
14:9c:55:ff:ee:3f:20:91:9d:55:d3:ec:01:cc:12:
da:ab:8c:4d:7f:50:9d:18:c0:a5:69:e4:da:8c:11:
c3:20:c1:6c:8a:ec:1f:6c:dd:cb:70:e6:f6:ce:00:
49:93:6b:4d:00:93:bf:ca:10:24:c5:c5:cc:03:23:
4f:04:5b:a7:78:36:65:0f:51:65:0b:e6:e2:8c:38:
b3:be:bb:fb:3f:59:7a:fc:21:41:d6:11:76:91:2b:
64:8b:fe:55:56:09:f5:6d:ac:d2:1b:46:64:d5:33:
d4:a3:f6:bd:93:37:91:ba:30:c4:13:af:a5:bb:3a:
c3:51:33:65:2b:ab:41:bd:98:68:89:01:bd:2c:19:
f9:04:c8:82:5e:f2:31:33:69:b0:fc:20:35:e6:19:
64:26:27:7f:9c:75:1f:25:3d:fa:ef:84:5f:c8:89:
0e:d7:20:c4:7f:4e:6c:e0:60:0b:1e:21:38:1b:ee:
df:3d:67:56:cc:65:34:8e:c4:6d:d4:47:60:7b:10:
98:eb:74:c7:11:28:b7:ad:c7:09:f7:eb:76:71:27:
4d:74:bf:75:4d:29:68:c7:1e:15:28:e3:7c:40:57:
d3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D9:BF:F2:E6:C8:46:78:21:91:7E:71:E4:47:1F:F2:3E:7D:6B:9D
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/gNm_8ubIRnghkX5x5Ecf8j59a50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.88.140.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.71.136.0/21
109.197.240.0/21
109.205.0.0/21
185.31.148.0/22
185.39.168.0/22
185.71.148.0/22
185.75.140.0/22
185.117.18.0/23
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.220.72.0/22
185.227.0.0/22
185.230.96.0/22
185.246.26.0/24
185.246.96.0/22
185.252.156.0/22
193.176.64.0/22
194.88.112.0/21
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a01:6603::-2a01:6605:ffff:ffff:ffff:ffff:ffff:ffff
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
93:fa:78:69:27:ef:b3:35:9c:2e:a8:10:a3:a8:36:28:a0:f6:
79:ce:95:0d:fa:77:e1:58:15:b5:da:19:b9:9e:dc:85:d5:06:
de:2f:e3:bd:8e:64:48:f9:dc:5f:1e:de:ce:eb:ea:ea:00:0c:
b5:6e:bf:ac:aa:d3:30:1e:a8:bc:9f:b2:8c:c9:6d:35:03:96:
b8:42:e5:cf:fe:37:f7:de:b3:c1:47:ed:b1:e3:64:d5:aa:00:
e7:b5:74:0c:95:b6:5f:03:f5:04:68:33:44:18:93:ed:ed:3d:
3a:7a:f0:c8:c6:46:ae:31:8f:69:38:1a:90:64:94:88:85:ca:
32:6a:a3:f8:22:e3:c4:ea:02:72:4e:22:62:da:09:ad:86:a1:
20:4f:16:5c:31:0d:e1:fe:9e:20:5d:b0:76:19:2a:ca:ea:4b:
a0:86:37:24:2e:7e:80:ff:44:28:b8:76:fb:cc:08:ed:4b:64:
79:53:09:df:79:0e:ab:d7:98:96:ba:c7:b9:61:ca:6e:c9:c7:
e8:a5:5b:11:d1:ab:65:68:7c:73:e3:99:bf:bc:6c:4d:fd:56:
ec:99:b5:93:2c:3a:f4:42:14:15:3b:a2:6b:3b:f6:47:5c:26:
e0:59:5e:79:05:17:24:b5:0e:d4:d9:62:45:c7:26:95:c8:12:
cd:92:a1:58
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAZQoJs9jydANT913zNgVl+51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjUwMTAyMTc1MzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ5YmZmMmU2Yzg0Njc4MjE5MTdlNzFlNDQ3MWZmMjNlN2Q2YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr24ZolpbwrHthl6bE0wBXDkei25
OjEksqUAd20UnFX/7j8gkZ1V0+wBzBLaq4xNf1CdGMClaeTajBHDIMFsiuwfbN3L
cOb2zgBJk2tNAJO/yhAkxcXMAyNPBFuneDZlD1FlC+bijDizvrv7P1l6/CFB1hF2
kStki/5VVgn1bazSG0Zk1TPUo/a9kzeRujDEE6+luzrDUTNlK6tBvZhoiQG9LBn5
BMiCXvIxM2mw/CA15hlkJid/nHUfJT3674RfyIkO1yDEf05s4GALHiE4G+7fPWdW
zGU0jsRt1EdgexCY63THESi3rccJ9+t2cSdNdL91TSloxx4VKON8QFfTuwIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFIDZv/LmyEZ4IZF+ceRHH/I+fWudMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvZ05tXzh1YklSbmdoa1g1eDVFY2Y4ajU5YTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCBzQQCAAEwgcYD
BAAlEE4DBAMl61gDBAItD8wDBAItWIwDBAItisADBAMuHXgDBAJV0NgDBABb1OwD
BABb5YgDBAJenrQDBANtR4gDBANtxfADBANtzQADBAK5H5QDBAK5J6gDBAK5R5QD
BAK5S4wDBAG5dRIDBAK5oSwDBAC5p0wDBAK5tQQDBAK52tQDBAK53EgDBAK54wAD
BAK55mADBAC59hoDBAK59mADBAK5/JwDBALBsEADBAPCWHADBADCfrIDBALDWnQD
BADDvhswQwQCAAIwPTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYAKgFmAC4wDgMF
ACoBZgMDBQEqAWYEAwUAKgIhyAMFAyoJjEAwDQYJKoZIhvcNAQELBQADggEBAJP6
eGkn77M1nC6oEKOoNiig9nnOlQ36d+FYFbXaGbme3IXVBt4v472OZEj53F8e3s7r
6uoADLVuv6yq0zAeqLyfsozJbTUDlrhC5c/+N/fes8FH7bHjZNWqAOe1dAyVtl8D
9QRoM0QYk+3tPTp68MjGRq4xj2k4GpBklIiFyjJqo/gi48TqAnJOImLaCa2GoSBP
FlwxDeH+niBdsHYZKsrqS6CGNyQufoD/RCi4dvvMCO1LZHlTCd95DqvXmJa6x7lh
ym7Jx+ilWxHRq2VofHPjmb+8bE39VuyZtZMsOvRCFBU7oms79kdcJuBZXnkFFyS1
DtTZYkXHJpXIEs2SoVg=
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:32:14 2025 by rpki-client on console.sobornost.net