Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/fRzbAslgW_SAqBISmLdEq4_Ip8g.roa
File: fRzbAslgW_SAqBISmLdEq4_Ip8g.roa (raw, json)
Hash identifier: 1Cn7vnLtj1suLQs3SYDPaMb1LLeXieFRoZaIcIC1wMc=
Subject key identifier: 7D:1C:DB:02:C9:60:5B:F4:80:A8:12:12:98:B7:44:AB:8F:C8:A7:C8
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0195FF5845D28CE100CD09F6EACB3F633C8B
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/fRzbAslgW_SAqBISmLdEq4_Ip8g.roa
Signing time: Fri 04 Apr 2025 05:48:49 +0000
ROA not before: Fri 04 Apr 2025 05:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57344
IP address blocks: 5.104.168.0/23 maxlen: 23
5.104.174.0/24 maxlen: 24
77.76.8.0/24 maxlen: 24
77.76.10.0/24 maxlen: 24
77.76.11.0/24 maxlen: 24
78.128.0.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.67.0/24 maxlen: 24
78.128.72.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.79.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.92.0/24 maxlen: 24
78.128.94.0/24 maxlen: 24
78.128.98.0/24 maxlen: 24
78.128.108.0/23 maxlen: 23
78.142.1.0/24 maxlen: 24
78.142.4.0/23 maxlen: 23
78.142.17.0/24 maxlen: 24
78.142.20.0/24 maxlen: 24
78.142.24.0/24 maxlen: 24
78.142.33.0/24 maxlen: 24
78.142.34.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.48.0/24 maxlen: 24
78.142.60.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.0.0/24 maxlen: 24
79.124.15.0/24 maxlen: 24
79.124.20.0/23 maxlen: 23
79.124.23.0/24 maxlen: 24
79.124.24.0/22 maxlen: 24
79.124.28.0/24 maxlen: 24
79.124.47.0/24 maxlen: 24
79.124.50.0/24 maxlen: 24
79.124.51.0/24 maxlen: 24
79.124.73.0/24 maxlen: 24
79.124.74.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.79.0/24 maxlen: 24
79.124.82.0/24 maxlen: 24
82.118.224.0/24 maxlen: 24
82.118.236.0/24 maxlen: 24
82.118.238.0/24 maxlen: 24
82.118.244.0/24 maxlen: 24
82.118.246.0/23 maxlen: 23
87.246.2.0/24 maxlen: 24
91.148.131.0/24 maxlen: 24
91.148.140.0/24 maxlen: 24
91.148.160.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
91.191.216.0/23 maxlen: 24
94.72.145.0/24 maxlen: 24
94.72.148.0/22 maxlen: 24
94.72.158.0/24 maxlen: 24
94.72.159.0/24 maxlen: 24
130.185.224.0/24 maxlen: 24
130.185.226.0/24 maxlen: 24
130.185.229.0/24 maxlen: 24
130.185.235.0/24 maxlen: 24
130.185.236.0/24 maxlen: 24
130.185.237.0/24 maxlen: 24
130.185.248.0/24 maxlen: 24
130.185.250.0/24 maxlen: 24
176.241.176.0/23 maxlen: 24
178.132.80.0/24 maxlen: 24
178.132.81.0/24 maxlen: 24
178.132.82.0/23 maxlen: 24
178.132.84.0/23 maxlen: 24
185.148.160.0/22 maxlen: 22
185.148.162.0/24 maxlen: 24
185.232.159.0/24 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.148.0/24 maxlen: 24
217.174.149.0/24 maxlen: 24
217.174.150.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.152.0/24 maxlen: 24
217.174.153.0/24 maxlen: 24
217.174.154.0/24 maxlen: 24
217.174.159.0/24 maxlen: 24
2a01:8740::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:58:45:d2:8c:e1:00:cd:09:f6:ea:cb:3f:63:3c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Apr 4 05:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d1cdb02c9605bf480a8121298b744ab8fc8a7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9c:54:fa:67:29:09:08:e8:46:79:e9:6e:46:
62:54:b9:c9:c6:e1:8b:92:2d:1a:4a:0a:bf:1c:68:
3d:1d:f7:46:3e:d0:36:ff:1f:89:05:96:f8:bf:8b:
89:41:e2:8a:2e:f3:84:22:67:a8:b3:1c:d9:69:46:
bd:1a:11:79:c5:4c:69:16:b0:72:83:be:58:c7:82:
e7:6d:d1:83:a0:4a:3f:a9:4f:9c:11:15:af:ab:cf:
d3:b1:ab:0d:91:e1:09:84:f2:f9:d5:5a:f7:57:67:
a6:d4:56:cb:3d:59:33:67:63:2b:3a:7d:4d:1b:71:
95:7e:1d:08:40:87:94:ed:7a:0e:c9:b4:0d:71:a3:
9b:94:7b:02:94:61:61:67:d5:65:d2:d4:f4:87:73:
ed:80:e3:29:d8:6a:04:7d:38:7f:af:ea:be:ea:3f:
83:7b:57:e0:f8:52:d8:2c:8e:ea:5b:3e:73:10:f3:
3e:d7:cc:31:7e:c3:5b:5f:15:bb:f2:9f:8a:47:46:
80:a1:f3:77:a3:cd:d0:b9:91:d9:bd:24:94:7b:d1:
47:3b:b8:99:39:a9:0f:65:5e:92:4e:de:73:8e:68:
4b:9c:50:bc:b8:e2:a9:59:c1:8b:54:76:31:c8:02:
36:d6:f0:8c:5c:ec:dc:53:21:b0:f0:24:c3:44:5d:
f1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1C:DB:02:C9:60:5B:F4:80:A8:12:12:98:B7:44:AB:8F:C8:A7:C8
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/fRzbAslgW_SAqBISmLdEq4_Ip8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.168.0/23
5.104.174.0/24
77.76.8.0/24
77.76.10.0/23
78.128.0.0/24
78.128.8.0/24
78.128.43.0/24
78.128.60.0/24
78.128.67.0/24
78.128.72.0/24
78.128.76.0/24
78.128.79.0/24
78.128.81.0/24
78.128.92.0/24
78.128.94.0/24
78.128.98.0/24
78.128.108.0/23
78.142.1.0/24
78.142.4.0/23
78.142.17.0/24
78.142.20.0/24
78.142.24.0/24
78.142.33.0-78.142.34.255
78.142.47.0-78.142.48.255
78.142.60.0/24
78.142.63.0/24
79.124.0.0/24
79.124.15.0/24
79.124.20.0/23
79.124.23.0-79.124.28.255
79.124.47.0/24
79.124.50.0/23
79.124.73.0-79.124.74.255
79.124.76.0/24
79.124.79.0/24
79.124.82.0/24
82.118.224.0/24
82.118.236.0/24
82.118.238.0/24
82.118.244.0/24
82.118.246.0/23
87.246.2.0/24
91.148.131.0/24
91.148.140.0/24
91.148.160.0/24
91.148.168.0/24
91.191.216.0/23
94.72.145.0/24
94.72.148.0/22
94.72.158.0/23
130.185.224.0/24
130.185.226.0/24
130.185.229.0/24
130.185.235.0-130.185.237.255
130.185.248.0/24
130.185.250.0/24
176.241.176.0/23
178.132.80.0-178.132.85.255
185.148.160.0/22
185.232.159.0/24
217.174.148.0-217.174.150.255
217.174.152.0-217.174.154.255
217.174.159.0/24
IPv6:
2a01:8740::/32
Signature Algorithm: sha256WithRSAEncryption
b7:f1:8f:6a:d6:63:13:6c:d2:ff:d8:9f:57:e3:85:48:dc:10:
6f:ff:a7:57:ca:c4:b9:98:62:3e:0c:fa:e1:90:96:55:d4:ba:
62:6b:bb:0e:3f:a0:09:25:84:0e:80:45:0e:e6:27:2d:82:dc:
8d:c3:b7:ae:08:65:88:ff:a0:be:45:72:9d:b4:56:1b:2f:a6:
ed:ae:83:a1:6e:bc:5e:50:5d:29:de:06:dc:06:c7:99:20:c1:
ef:7e:29:3c:dd:41:ca:8c:a1:bb:5f:9b:51:21:14:45:7c:9f:
1e:99:0a:c0:b9:a2:75:e6:62:e6:6f:b4:89:59:63:31:8e:e4:
03:7f:08:a3:62:3f:cf:5f:7f:98:a3:a2:1f:e5:2f:d4:43:d5:
ca:15:a2:5b:67:7d:84:ec:bf:0e:7b:1d:5a:e7:15:79:62:3e:
db:2f:78:d1:a1:ab:d5:4d:ba:c1:33:6d:f6:35:42:41:2d:fb:
4b:c5:63:05:f1:07:f5:80:ac:f7:90:6e:92:91:ae:8a:7b:74:
57:7a:76:7c:00:6d:16:ad:71:7b:2d:72:d5:1d:ab:41:d4:41:
d9:99:bf:6c:60:8c:dd:d3:56:10:b7:44:20:cb:b9:63:f4:8f:
8d:10:67:69:cc:05:43:c6:3b:24:d3:80:0d:56:e0:2f:0a:9d:
51:b1:11:82
-----BEGIN CERTIFICATE-----
MIIGyjCCBbKgAwIBAgISAZX/WEXSjOEAzQn26ss/YzyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNDA0MDU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDFjZGIwMmM5NjA1YmY0ODBhODEyMTI5OGI3NDRhYjhmYzhhN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJxU+mcpCQjoRnnpbkZiVLnJxuGL
ki0aSgq/HGg9HfdGPtA2/x+JBZb4v4uJQeKKLvOEImeosxzZaUa9GhF5xUxpFrBy
g75Yx4LnbdGDoEo/qU+cERWvq8/TsasNkeEJhPL51Vr3V2em1FbLPVkzZ2MrOn1N
G3GVfh0IQIeU7XoOybQNcaOblHsClGFhZ9Vl0tT0h3PtgOMp2GoEfTh/r+q+6j+D
e1fg+FLYLI7qWz5zEPM+18wxfsNbXxW78p+KR0aAofN3o83QuZHZvSSUe9FHO7iZ
OakPZV6STt5zjmhLnFC8uOKpWcGLVHYxyAI21vCMXOzcUyGw8CTDRF3xywIDAQAB
o4ID1jCCA9IwHQYDVR0OBBYEFH0c2wLJYFv0gKgSEpi3RKuPyKfIMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZlJ6YkFzbGdXX1NBcUJJU21MZEVxNF9JcDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6gYIKwYBBQUHAQcBAf8EggHZMIIB1TCCAcIEAgABMIIB
ugMEAQVoqAMEAAVorgMEAE1MCAMEAU1MCgMEAE6AAAMEAE6ACAMEAE6AKwMEAE6A
PAMEAE6AQwMEAE6ASAMEAE6ATAMEAE6ATwMEAE6AUQMEAE6AXAMEAE6AXgMEAE6A
YgMEAU6AbAMEAE6OAQMEAU6OBAMEAE6OEQMEAE6OFAMEAE6OGDAMAwQATo4hAwQA
To4iMAwDBABOji8DBABOjjADBABOjjwDBABOjj8DBABPfAADBABPfA8DBAFPfBQw
DAMEAE98FwMEAE98HAMEAE98LwMEAU98MjAMAwQAT3xJAwQAT3xKAwQAT3xMAwQA
T3xPAwQAT3xSAwQAUnbgAwQAUnbsAwQAUnbuAwQAUnb0AwQBUnb2AwQAV/YCAwQA
W5SDAwQAW5SMAwQAW5SgAwQAW5SoAwQBW7/YAwQAXkiRAwQCXkiUAwQBXkieAwQA
grngAwQAgrniAwQAgrnlMAwDBACCuesDBAGCuewDBACCufgDBACCufoDBAGw8bAw
DAMEBLKEUAMEAbKEVAMEArmUoAMEALnonzAMAwQC2a6UAwQA2a6WMAwDBAPZrpgD
BADZrpoDBADZrp8wDQQCAAIwBwMFACoBh0AwDQYJKoZIhvcNAQELBQADggEBALfx
j2rWYxNs0v/Yn1fjhUjcEG//p1fKxLmYYj4M+uGQllXUumJruw4/oAklhA6ARQ7m
Jy2C3I3Dt64IZYj/oL5Fcp20Vhsvpu2ug6FuvF5QXSneBtwGx5kgwe9+KTzdQcqM
obtfm1EhFEV8nx6ZCsC5onXmYuZvtIlZYzGO5AN/CKNiP89ff5ijoh/lL9RD1coV
oltnfYTsvw57HVrnFXliPtsveNGhq9VNusEzbfY1QkEt+0vFYwXxB/WArPeQbpKR
rop7dFd6dnwAbRatcXstctUdq0HUQdmZv2xgjN3TVhC3RCDLuWP0j40QZ2nMBUPG
OyTTgA1W4C8KnVGxEYI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:14 2025 by rpki-client on console.sobornost.net