Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/r2WMhRCwbSCjLzJ9wLxSEaghOhE.roa
File: r2WMhRCwbSCjLzJ9wLxSEaghOhE.roa (raw, json)
Hash identifier: V82qyJQ+GupFP3wRoKbtiYze5r0IjY1jZD5aRxfeWR4=
Subject key identifier: AF:65:8C:85:10:B0:6D:20:A3:2F:32:7D:C0:BC:52:11:A8:21:3A:11
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0195B2FFA331D7A59CD31975AF58A39F5D1E
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/r2WMhRCwbSCjLzJ9wLxSEaghOhE.roa
Signing time: Thu 20 Mar 2025 10:00:52 +0000
ROA not before: Thu 20 Mar 2025 10:00:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.0.0/23 maxlen: 23
77.76.4.0/22 maxlen: 22
78.128.2.0/23 maxlen: 23
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.88.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.115.0/24 maxlen: 24
78.128.116.0/23 maxlen: 23
78.128.120.0/23 maxlen: 23
78.128.122.0/24 maxlen: 24
78.128.123.0/24 maxlen: 24
78.142.9.0/24 maxlen: 24
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
83.222.185.0/24 maxlen: 24
84.201.224.0/20 maxlen: 20
91.148.149.0/24 maxlen: 24
91.148.150.0/23 maxlen: 23
91.148.152.0/21 maxlen: 21
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.166.0/24 maxlen: 24
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/23 maxlen: 23
130.185.227.0/24 maxlen: 24
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b2:ff:a3:31:d7:a5:9c:d3:19:75:af:58:a3:9f:5d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Mar 20 10:00:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af658c8510b06d20a32f327dc0bc5211a8213a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:83:b3:09:93:b2:bc:30:4e:d6:09:18:b3:dc:
b7:00:9c:98:df:07:d6:59:9d:0e:95:4d:8f:5d:94:
d2:55:bf:54:98:a9:e9:fa:e1:8e:1f:c6:79:0c:1b:
7e:da:c4:5e:5e:2b:aa:8a:8f:96:6a:01:6f:b4:91:
a2:a3:97:ea:d9:a2:83:b5:41:38:c1:9e:76:66:39:
b1:32:1c:48:43:95:7c:03:3e:a7:0a:7b:27:c5:be:
b1:ec:7c:e4:ab:d9:fc:50:ea:66:19:dc:b9:e6:b9:
c9:db:88:6c:52:e3:66:2d:24:43:fa:53:cf:e0:73:
4d:36:2e:69:9f:c1:c5:77:48:c7:69:d5:5f:63:19:
be:fb:ca:6b:00:e5:6c:c8:28:74:67:3f:03:1f:b5:
9a:05:53:bf:bf:36:39:46:1d:6c:fb:fd:2d:d1:e2:
e5:32:38:fa:95:99:bb:af:ce:2e:cf:e6:9e:90:1b:
80:c4:0a:e5:2e:1c:75:22:a2:e9:dd:d5:80:4f:6a:
31:c9:3c:f2:2e:42:3d:60:50:13:0f:af:e5:c5:11:
d5:88:a0:ea:8d:03:96:12:08:5b:37:f4:c5:98:6b:
6d:19:a0:d4:6e:f2:d9:b9:0e:7c:97:1b:2b:1b:54:
2c:18:d4:7a:2c:42:6d:63:fa:fd:55:b4:1b:4e:13:
0b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:65:8C:85:10:B0:6D:20:A3:2F:32:7D:C0:BC:52:11:A8:21:3A:11
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/r2WMhRCwbSCjLzJ9wLxSEaghOhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.0.0/23
77.76.4.0/22
78.128.2.0/23
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.115.0-78.128.117.255
78.128.120.0/22
78.142.9.0-78.142.15.255
78.142.30.0/23
83.222.185.0/24
84.201.224.0/20
91.148.149.0-91.148.159.255
91.148.162.0-91.148.166.255
91.148.169.0-91.148.183.255
91.148.186.0/23
130.185.227.0/24
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
41:d0:54:f3:70:db:17:fe:ad:90:7f:bb:b9:6e:e4:7a:70:85:
1f:ab:12:f8:96:68:63:17:1d:e3:e8:33:53:9c:4c:fd:0d:2a:
ba:85:c6:33:0d:b1:9a:86:5c:41:75:d4:ea:0d:ca:d2:a5:a7:
8d:52:60:54:38:de:14:8a:86:7d:0b:fb:45:2f:bd:1f:a6:c4:
8e:ed:6e:d5:c2:33:21:11:90:82:f3:44:6d:61:a9:52:54:6a:
e5:89:2c:0b:5f:8c:78:37:67:b9:7d:81:49:ff:41:ee:97:da:
e6:53:c8:c0:7e:99:f7:1f:e6:c2:3c:03:61:87:ea:d9:a8:c4:
ee:75:e0:33:66:45:2a:ba:67:68:23:b3:38:f7:fc:32:77:44:
55:e9:37:98:90:9a:8d:b0:ab:71:8f:22:a1:6d:f0:50:26:22:
89:3d:40:9e:8b:3b:0b:64:f0:81:6b:8f:e6:2b:3d:c8:c1:00:
1e:87:ed:4a:7f:67:8a:46:4e:1d:99:3b:ae:b4:27:cb:c6:36:
f4:92:9a:17:07:2f:61:b5:67:5a:09:dd:21:02:fb:7c:ec:6a:
e4:d3:f8:81:c0:02:6e:b2:7e:54:26:c0:cf:e0:67:87:55:30:
9a:a4:0d:22:e7:ff:da:f8:23:da:82:32:48:a0:74:41:99:b7:
33:f0:3e:dd
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZWy/6Mx16Wc0xl1r1ijn10eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMzIwMTAwMDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY1OGM4NTEwYjA2ZDIwYTMyZjMyN2RjMGJjNTIxMWE4MjEzYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIOzCZOyvDBO1gkYs9y3AJyY3wfW
WZ0OlU2PXZTSVb9UmKnp+uGOH8Z5DBt+2sReXiuqio+WagFvtJGio5fq2aKDtUE4
wZ52ZjmxMhxIQ5V8Az6nCnsnxb6x7Hzkq9n8UOpmGdy55rnJ24hsUuNmLSRD+lPP
4HNNNi5pn8HFd0jHadVfYxm++8prAOVsyCh0Zz8DH7WaBVO/vzY5Rh1s+/0t0eLl
Mjj6lZm7r84uz+aekBuAxArlLhx1IqLp3dWAT2oxyTzyLkI9YFATD6/lxRHViKDq
jQOWEghbN/TFmGttGaDUbvLZuQ58lxsrG1QsGNR6LEJtY/r9VbQbThMLbwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFK9ljIUQsG0goy8yfcC8UhGoIToRMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvcjJXTWhSQ3diU0NqTHpKOXdMeFNFYWdoT2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAFN
TAADBAJNTAQDBAFOgAIwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJO
gDQDBAJOgDgwDAMEAU6AUgMEAk6AWAMEAU6AYDAMAwQCToBkAwQCToBoMAwDBABO
gHMDBAFOgHQDBAJOgHgwDAMEAE6OCQMEBE6OAAMEAU6OHgMEAFPeuQMEBFTJ4DAM
AwQAW5SVAwQFW5SAMAwDBAFblKIDBABblKYwDAMEAFuUqQMEA1uUsAMEAVuUugME
AIK54wMEAsEY8AMEAcHIDjANBgkqhkiG9w0BAQsFAAOCAQEAQdBU83DbF/6tkH+7
uW7kenCFH6sS+JZoYxcd4+gzU5xM/Q0quoXGMw2xmoZcQXXU6g3K0qWnjVJgVDje
FIqGfQv7RS+9H6bEju1u1cIzIRGQgvNEbWGpUlRq5YksC1+MeDdnuX2BSf9B7pfa
5lPIwH6Z9x/mwjwDYYfq2ajE7nXgM2ZFKrpnaCOzOPf8MndEVek3mJCajbCrcY8i
oW3wUCYiiT1Anos7C2TwgWuP5is9yMEAHoftSn9nikZOHZk7rrQny8Y29JKaFwcv
YbVnWgndIQL7fOxq5NP4gcACbrJ+VCbAz+Bnh1UwmqQNIuf/2vgj2oIySKB0QZm3
M/A+3Q==
-----END CERTIFICATE-----
Generated at Tue Mar 25 14:45:13 2025 by rpki-client on console.sobornost.net