Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/3n4D1SR6scBc56Ie3xGq3b0L8M0.roa
File: 3n4D1SR6scBc56Ie3xGq3b0L8M0.roa (raw, json)
Hash identifier: aBbdE/LoKCgkOQOFc+caUhkJgro6NFyptlXPezVha0Q=
Subject key identifier: DE:7E:03:D5:24:7A:B1:C0:5C:E7:A2:1E:DF:11:AA:DD:BD:0B:F0:CD
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 0194F40783476DEA1E529666C97B6CB8844E
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/3n4D1SR6scBc56Ie3xGq3b0L8M0.roa
Signing time: Tue 11 Feb 2025 08:02:00 +0000
ROA not before: Tue 11 Feb 2025 08:02:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8784
IP address blocks: 83.169.64.0/18 maxlen: 18
83.169.64.0/23 maxlen: 23
83.169.66.0/24 maxlen: 24
83.169.67.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.70.0/23 maxlen: 23
83.169.70.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.73.0/24 maxlen: 24
83.169.74.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.83.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.89.0/24 maxlen: 24
83.169.92.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.100.0/22 maxlen: 22
83.169.100.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.114.0/23 maxlen: 23
83.169.114.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.116.0/22 maxlen: 22
83.169.116.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.118.0/24 maxlen: 24
83.169.119.0/24 maxlen: 24
83.169.120.0/22 maxlen: 22
83.169.120.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.124.0/24 maxlen: 24
83.169.125.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
194.117.208.0/20 maxlen: 20
194.117.208.0/24 maxlen: 24
194.117.211.0/24 maxlen: 24
194.117.216.0/24 maxlen: 24
194.117.219.0/24 maxlen: 24
194.153.214.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
195.46.193.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.198.0/24 maxlen: 24
195.46.199.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
212.37.192.0/19 maxlen: 19
213.139.96.0/19 maxlen: 19
213.139.111.0/24 maxlen: 24
213.139.112.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
2001:4b90::/32 maxlen: 32
2a02:d50::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:07:83:47:6d:ea:1e:52:96:66:c9:7b:6c:b8:84:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Feb 11 08:02:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de7e03d5247ab1c05ce7a21edf11aaddbd0bf0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:af:d0:ce:e9:63:64:ed:98:fe:dc:b5:f1:
ce:c5:28:ba:98:8d:cd:4b:34:87:5e:a2:14:7d:11:
e1:e9:93:11:6e:9f:3a:5e:ff:a8:06:ae:76:70:29:
e3:84:0c:7f:62:e7:fd:f2:11:6d:21:fa:9d:e5:54:
98:31:ee:ee:90:3d:18:ab:f1:01:64:96:85:18:fc:
e5:08:e4:3a:ba:c0:5c:01:62:ca:19:62:ff:a1:db:
05:60:9d:d9:44:4b:79:be:3e:48:cb:7c:00:e1:ef:
22:b1:5f:d8:72:a4:33:82:d7:4e:3a:1e:85:51:fb:
24:0c:4b:1b:66:88:30:5a:3c:54:94:da:7b:62:50:
13:94:8c:6e:33:8a:60:b7:01:c9:17:f7:f8:b0:28:
a0:34:78:aa:13:d2:ae:62:7d:5b:04:d0:c6:aa:c5:
41:71:5b:eb:ad:00:ab:87:be:af:64:b0:8a:3c:f5:
6f:64:c7:26:fc:81:bd:07:fb:2f:69:54:06:b5:ca:
84:8a:20:51:ff:9b:e0:c2:5e:34:50:cf:96:37:13:
52:96:ca:a0:52:df:d3:b2:5f:ae:9b:76:9d:a2:1c:
00:07:2e:62:40:ff:eb:e7:2d:bd:4e:f9:e5:52:e0:
02:62:e9:22:aa:bb:e8:c6:b0:c9:ed:2e:50:5f:56:
b0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7E:03:D5:24:7A:B1:C0:5C:E7:A2:1E:DF:11:AA:DD:BD:0B:F0:CD
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/3n4D1SR6scBc56Ie3xGq3b0L8M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
32:bb:b9:5d:78:b2:bf:e4:3b:1a:5e:9f:73:96:6d:ab:11:b8:
8b:d1:8a:27:e3:50:ff:e5:b7:6a:56:66:57:0d:b5:89:55:c2:
b4:e8:83:ce:19:3a:22:6f:50:bc:8a:81:f5:e5:ee:fd:3e:13:
98:5e:42:93:55:5e:54:55:df:d8:59:67:73:95:da:d7:93:bb:
bb:77:a8:39:76:f5:65:b3:30:4a:62:ae:4d:7f:d3:46:6e:3f:
91:e6:22:50:25:65:ab:ca:90:77:8e:5f:12:23:75:41:59:cd:
29:c6:50:98:cc:90:0a:c4:b2:a8:3d:06:b2:b3:23:88:27:98:
7f:14:93:a2:47:93:27:18:4b:32:e6:e1:33:cb:03:fa:72:17:
e6:c8:78:9f:b8:ac:4e:9a:e4:96:eb:e3:0d:50:74:53:3e:c4:
63:8b:70:a3:72:c2:90:c3:26:a2:09:e1:20:81:7e:7f:54:33:
62:cf:62:8c:8e:4e:91:9b:32:53:d8:c7:fb:28:35:68:7a:61:
f1:77:9a:50:eb:0f:62:bc:7c:6e:c5:65:ac:62:69:64:a7:9e:
71:4f:84:2c:bd:eb:26:38:61:31:22:91:63:3b:70:17:74:5c:
f2:e9:b0:cc:f0:a2:05:55:4f:5f:cc:89:52:cd:81:00:e2:a6:
47:f5:32:d5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZT0B4NHbeoeUpZmyXtsuIROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjUwMjExMDgwMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdlMDNkNTI0N2FiMWMwNWNlN2EyMWVkZjExYWFkZGJkMGJmMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHav0M7pY2TtmP7ctfHOxSi6mI3N
SzSHXqIUfRHh6ZMRbp86Xv+oBq52cCnjhAx/Yuf98hFtIfqd5VSYMe7ukD0Yq/EB
ZJaFGPzlCOQ6usBcAWLKGWL/odsFYJ3ZREt5vj5Iy3wA4e8isV/YcqQzgtdOOh6F
UfskDEsbZogwWjxUlNp7YlATlIxuM4pgtwHJF/f4sCigNHiqE9KuYn1bBNDGqsVB
cVvrrQCrh76vZLCKPPVvZMcm/IG9B/svaVQGtcqEiiBR/5vgwl40UM+WNxNSlsqg
Ut/Tsl+um3adohwABy5iQP/r5y29TvnlUuACYukiqrvoxrDJ7S5QX1awzQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFN5+A9UkerHAXOeiHt8Rqt29C/DNMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvM240RDFTUjZzY0JjNTZJZTN4R3EzYjBMOE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEAMru5XXiyv+Q7Gl6fc5ZtqxG4i9GK
J+NQ/+W3alZmVw21iVXCtOiDzhk6Im9QvIqB9eXu/T4TmF5Ck1VeVFXf2Flnc5Xa
15O7u3eoOXb1ZbMwSmKuTX/TRm4/keYiUCVlq8qQd45fEiN1QVnNKcZQmMyQCsSy
qD0GsrMjiCeYfxSTokeTJxhLMubhM8sD+nIX5sh4n7isTprkluvjDVB0Uz7EY4tw
o3LCkMMmognhIIF+f1QzYs9ijI5OkZsyU9jH+yg1aHph8XeaUOsPYrx8bsVlrGJp
ZKeecU+ELL3rJjhhMSKRYztwF3Rc8umwzPCiBVVPX8yJUs2BAOKmR/Uy1Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net