Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/ZCDIooS_ImzZeN5QrbFaFhO5dyA.roa
File: ZCDIooS_ImzZeN5QrbFaFhO5dyA.roa (raw, json)
Hash identifier: TP421izhVwKSZitQyZKTA1SgQgPy6vE7WxBJa4Db6y0=
Subject key identifier: 64:20:C8:A2:84:BF:22:6C:D9:78:DE:50:AD:B1:5A:16:13:B9:77:20
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 01942825C0439F67C4891EBB073BD2376F1A
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/ZCDIooS_ImzZeN5QrbFaFhO5dyA.roa
Signing time: Thu 02 Jan 2025 17:52:30 +0000
ROA not before: Thu 02 Jan 2025 17:52:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41998
IP address blocks: 5.42.136.0/22 maxlen: 22
5.42.140.0/22 maxlen: 22
31.25.40.0/21 maxlen: 21
37.25.48.0/21 maxlen: 21
46.182.136.0/21 maxlen: 21
62.152.160.0/19 maxlen: 19
83.242.36.0/22 maxlen: 22
83.242.40.0/21 maxlen: 21
83.242.48.0/20 maxlen: 20
91.103.112.0/21 maxlen: 21
93.118.0.0/21 maxlen: 21
93.118.8.0/21 maxlen: 21
93.118.16.0/21 maxlen: 21
93.118.24.0/21 maxlen: 21
94.124.208.0/21 maxlen: 21
94.176.240.0/20 maxlen: 20
145.14.192.0/20 maxlen: 20
149.249.56.0/21 maxlen: 21
153.92.80.0/20 maxlen: 20
171.33.176.0/22 maxlen: 22
171.33.180.0/22 maxlen: 22
185.3.80.0/22 maxlen: 22
185.36.120.0/22 maxlen: 22
185.61.28.0/22 maxlen: 22
185.107.4.0/22 maxlen: 22
185.108.230.0/23 maxlen: 23
188.93.216.0/21 maxlen: 21
188.244.100.0/22 maxlen: 22
193.151.4.0/22 maxlen: 22
194.140.112.0/20 maxlen: 20
212.86.176.0/22 maxlen: 22
212.86.184.0/22 maxlen: 22
213.153.68.0/22 maxlen: 22
213.153.76.0/22 maxlen: 22
213.153.80.0/22 maxlen: 22
213.153.84.0/22 maxlen: 22
213.153.88.0/22 maxlen: 22
213.153.92.0/22 maxlen: 22
217.66.136.0/21 maxlen: 21
217.78.160.0/20 maxlen: 20
2a00:79c0::/32 maxlen: 32
2a02:17b0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:c0:43:9f:67:c4:89:1e:bb:07:3b:d2:37:6f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Jan 2 17:52:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6420c8a284bf226cd978de50adb15a1613b97720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0f:ff:6b:84:8d:71:af:09:29:cc:c2:da:32:
8c:57:e4:fa:2e:c6:6c:66:60:10:36:1e:1f:0c:82:
71:04:85:8a:3c:b4:6a:b1:86:6b:10:07:ac:59:7c:
57:cc:3d:66:34:ad:59:1e:32:2b:37:c9:f8:de:35:
07:9c:1e:15:6c:17:2a:e3:80:f7:31:fa:a2:06:3c:
66:5e:84:57:42:2e:4b:f8:87:cf:46:2d:f9:33:0e:
31:5e:9e:c8:33:87:e8:da:2c:66:a4:ed:cf:0c:3c:
cb:a8:a5:a0:af:cf:3c:79:40:ab:2f:0b:2e:f2:b3:
a0:56:c7:70:2b:74:48:d2:2f:f0:10:a4:f3:3e:a4:
3c:af:83:04:6b:42:f8:59:c1:4a:5c:47:1d:36:4d:
59:5d:cb:fd:c9:76:46:08:56:a9:9b:99:9a:6d:0f:
56:ea:bc:d6:f7:5c:05:90:bd:eb:ab:e8:bc:36:b3:
4c:97:42:98:48:1e:04:80:89:8c:f2:5d:99:69:24:
50:62:df:40:db:8a:7a:c3:dd:89:64:e2:5c:8e:fb:
66:b5:74:50:bc:d3:c2:43:bc:c5:b7:c6:7a:e4:3d:
72:0a:e2:e8:36:e7:ac:1b:47:a3:c3:ab:be:66:dc:
3f:a1:0a:c3:84:2f:8b:e4:fb:ce:e9:3a:65:36:9e:
6d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:20:C8:A2:84:BF:22:6C:D9:78:DE:50:AD:B1:5A:16:13:B9:77:20
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/ZCDIooS_ImzZeN5QrbFaFhO5dyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.136.0/21
31.25.40.0/21
37.25.48.0/21
46.182.136.0/21
62.152.160.0/19
83.242.36.0-83.242.63.255
91.103.112.0/21
93.118.0.0/19
94.124.208.0/21
94.176.240.0/20
145.14.192.0/20
149.249.56.0/21
153.92.80.0/20
171.33.176.0/21
185.3.80.0/22
185.36.120.0/22
185.61.28.0/22
185.107.4.0/22
185.108.230.0/23
188.93.216.0/21
188.244.100.0/22
193.151.4.0/22
194.140.112.0/20
212.86.176.0/22
212.86.184.0/22
213.153.68.0/22
213.153.76.0-213.153.95.255
217.66.136.0/21
217.78.160.0/20
IPv6:
2a00:79c0::/32
2a02:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:20:72:c6:8c:4e:73:bf:3b:29:4d:4b:b5:69:e3:77:c4:47:
87:05:f0:94:15:49:44:23:43:ec:44:91:8f:53:61:db:3a:7d:
3a:f3:4d:ea:15:ea:93:8a:df:7b:38:55:31:ae:32:03:4b:7d:
d6:1f:72:04:44:83:a1:8a:d3:b5:23:b2:55:1a:bf:cd:e1:e6:
df:c8:7d:20:b5:d2:ba:d5:77:9f:64:09:f4:8d:8f:88:c3:37:
98:f8:84:bf:f8:5e:b2:ca:a2:b0:69:d5:e1:0a:8b:78:b3:fa:
8b:45:9b:40:69:06:0b:00:0c:4d:26:ec:f8:2c:bf:62:1e:00:
87:6a:b1:b3:c3:c9:0a:1e:35:2c:0d:11:9f:d3:41:f4:39:03:
90:1d:cd:3f:84:37:92:c5:25:08:a0:30:b8:f1:99:cd:ab:1f:
d6:83:42:a0:bb:1e:f2:3e:b2:01:cc:76:81:58:9c:f8:b4:b3:
79:96:85:88:15:1b:c0:60:3b:85:0e:a3:35:8b:79:8b:28:13:
bd:aa:25:80:96:df:e3:93:97:1d:60:95:b3:e9:87:0e:ea:a7:
e4:d9:b9:36:9e:c9:db:cc:d4:61:2a:84:43:4b:fa:d6:09:bf:
a1:36:c1:21:96:a7:11:ea:a2:91:66:21:4f:42:48:69:67:67:
b0:6d:1f:12
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZQoJcBDn2fEiR67BzvSN28aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjUwMTAyMTc1MjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIwYzhhMjg0YmYyMjZjZDk3OGRlNTBhZGIxNWExNjEzYjk3NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA//a4SNca8JKczC2jKMV+T6LsZs
ZmAQNh4fDIJxBIWKPLRqsYZrEAesWXxXzD1mNK1ZHjIrN8n43jUHnB4VbBcq44D3
MfqiBjxmXoRXQi5L+IfPRi35Mw4xXp7IM4fo2ixmpO3PDDzLqKWgr888eUCrLwsu
8rOgVsdwK3RI0i/wEKTzPqQ8r4MEa0L4WcFKXEcdNk1ZXcv9yXZGCFapm5mabQ9W
6rzW91wFkL3rq+i8NrNMl0KYSB4EgImM8l2ZaSRQYt9A24p6w92JZOJcjvtmtXRQ
vNPCQ7zFt8Z65D1yCuLoNuesG0ejw6u+Ztw/oQrDhC+L5PvO6TplNp5tDQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFGQgyKKEvyJs2XjeUK2xWhYTuXcgMB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEvWkNESW9vU19JbXpaZU41UXJiRmFGaE81ZHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCBxQQCAAEwgb4DBAMF
KogDBAMfGSgDBAMlGTADBAMutogDBAU+mKAwDAMEAlPyJAMEBlPyAAMEA1tncAME
BV12AAMEA1580AMEBF6w8AMEBJEOwAMEA5X5OAMEBJlcUAMEA6shsAMEArkDUAME
ArkkeAMEArk9HAMEArlrBAMEAbls5gMEA7xd2AMEArz0ZAMEAsGXBAMEBMKMcAME
AtRWsAMEAtRWuAMEAtWZRDAMAwQC1ZlMAwQF1ZlAAwQD2UKIAwQE2U6gMBQEAgAC
MA4DBQAqAHnAAwUAKgIXsDANBgkqhkiG9w0BAQsFAAOCAQEAayByxoxOc787KU1L
tWnjd8RHhwXwlBVJRCND7ESRj1Nh2zp9OvNN6hXqk4rfezhVMa4yA0t91h9yBESD
oYrTtSOyVRq/zeHm38h9ILXSutV3n2QJ9I2PiMM3mPiEv/hessqisGnV4QqLeLP6
i0WbQGkGCwAMTSbs+Cy/Yh4Ah2qxs8PJCh41LA0Rn9NB9DkDkB3NP4Q3ksUlCKAw
uPGZzasf1oNCoLse8j6yAcx2gVic+LSzeZaFiBUbwGA7hQ6jNYt5iygTvaolgJbf
45OXHWCVs+mHDuqn5Nm5Np7J28zUYSqEQ0v61gm/oTbBIZanEeqikWYhT0JIaWdn
sG0fEg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:00 2025 by rpki-client on console.sobornost.net