Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/53yfdczv1so3h7m6p_kJKapwYb0.roa
File: 53yfdczv1so3h7m6p_kJKapwYb0.roa (raw, json)
Hash identifier: 8fm3UETmOMmwp3oE4jpSkcDNkIYvAEXotF2eKRsyjLw=
Subject key identifier: E7:7C:9F:75:CC:EF:D6:CA:37:87:B9:BA:A7:F9:09:29:AA:70:61:BD
Certificate issuer: /CN=adf0df77114741e13a17d7213e6956bf9627b558
Certificate serial: 01942067BFA3E933AC562635228ADEDAB3D9
Authority key identifier: AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/53yfdczv1so3h7m6p_kJKapwYb0.roa
Signing time: Wed 01 Jan 2025 05:47:37 +0000
ROA not before: Wed 01 Jan 2025 05:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62319
IP address blocks: 37.44.248.0/23 maxlen: 23
37.44.250.0/24 maxlen: 24
91.142.136.0/24 maxlen: 24
91.194.36.0/23 maxlen: 23
91.216.118.0/24 maxlen: 24
178.209.160.0/22 maxlen: 22
178.209.165.0/24 maxlen: 24
178.209.166.0/24 maxlen: 24
178.209.167.0/24 maxlen: 24
178.209.168.0/24 maxlen: 24
178.209.169.0/24 maxlen: 24
178.209.170.0/24 maxlen: 24
178.209.171.0/24 maxlen: 24
178.209.172.0/24 maxlen: 24
178.209.173.0/24 maxlen: 24
178.209.174.0/24 maxlen: 24
178.209.175.0/24 maxlen: 24
178.209.176.0/23 maxlen: 23
178.209.178.0/23 maxlen: 23
178.209.180.0/22 maxlen: 22
178.209.184.0/22 maxlen: 22
178.209.188.0/23 maxlen: 23
178.209.190.0/24 maxlen: 24
178.209.191.0/24 maxlen: 24
185.4.216.0/23 maxlen: 23
185.4.218.0/24 maxlen: 24
185.4.219.0/24 maxlen: 24
185.40.44.0/22 maxlen: 22
185.66.184.0/22 maxlen: 22
185.150.72.0/22 maxlen: 22
185.203.0.0/22 maxlen: 22
193.106.120.0/22 maxlen: 22
193.169.74.0/23 maxlen: 23
194.116.178.0/23 maxlen: 23
194.126.192.0/24 maxlen: 24
2a02:c900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:bf:a3:e9:33:ac:56:26:35:22:8a:de:da:b3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf0df77114741e13a17d7213e6956bf9627b558
Validity
Not Before: Jan 1 05:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e77c9f75ccefd6ca3787b9baa7f90929aa7061bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:45:4a:fa:39:18:25:69:3d:93:bc:21:90:
c6:42:21:f7:0b:c3:74:53:48:88:80:7c:3a:9f:9e:
6c:63:6e:d9:2f:06:07:6a:22:cb:ae:96:e8:ec:62:
7f:54:0e:2f:e5:00:f2:8f:fb:ac:a1:dc:3d:b6:01:
58:de:ff:58:3b:a7:5b:91:34:f7:69:98:27:44:2c:
4f:09:83:fb:d5:79:6a:a9:e0:fd:97:9c:4d:4b:53:
4c:0c:6a:3e:03:c8:1d:f3:85:56:3d:96:55:9e:43:
db:e0:ec:1e:57:c5:38:aa:71:0f:0e:24:ba:fe:2f:
76:8c:8e:7d:2e:f6:de:6e:b4:de:60:d7:8f:8c:2c:
08:0f:c3:4c:dc:2a:e1:c1:b5:c2:5f:c4:62:a3:a6:
d4:c7:eb:4f:08:7d:4a:ed:5d:18:a3:81:49:f2:33:
df:bb:12:89:21:39:65:06:77:9d:9e:14:8e:5a:0e:
98:09:41:e0:73:e2:1d:2c:6b:56:0c:dc:cf:81:fb:
06:40:36:f1:ef:d6:a0:21:ff:36:a5:21:2d:fd:78:
7e:8d:26:cb:7d:5c:1c:05:49:c9:42:a0:b9:8c:1b:
26:00:fc:bf:71:d5:5a:e5:3d:25:55:5a:61:6d:8c:
63:fb:b9:83:32:5e:bc:a3:51:c0:49:7a:83:ca:af:
56:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7C:9F:75:CC:EF:D6:CA:37:87:B9:BA:A7:F9:09:29:AA:70:61:BD
X509v3 Authority Key Identifier:
keyid:AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/53yfdczv1so3h7m6p_kJKapwYb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.248.0-37.44.250.255
91.142.136.0/24
91.194.36.0/23
91.216.118.0/24
178.209.160.0/22
178.209.165.0-178.209.191.255
185.4.216.0/22
185.40.44.0/22
185.66.184.0/22
185.150.72.0/22
185.203.0.0/22
193.106.120.0/22
193.169.74.0/23
194.116.178.0/23
194.126.192.0/24
IPv6:
2a02:c900::/29
Signature Algorithm: sha256WithRSAEncryption
61:03:fe:7c:63:4a:fd:a5:ba:ef:ec:da:c4:45:c6:0d:61:6d:
45:4e:4b:a1:73:f8:1f:91:9d:98:66:d5:74:8c:db:92:61:e4:
04:52:7a:61:c5:82:ee:4f:48:f7:3b:ea:84:a4:69:77:23:63:
dc:26:51:92:67:ca:43:ed:07:77:95:45:5e:b8:4d:7a:56:aa:
29:a7:97:59:16:ed:b7:7e:7f:57:28:87:66:7d:d0:0b:72:16:
02:76:b0:eb:c9:f0:0e:13:17:dd:87:67:6e:4f:bd:cb:fb:40:
a2:90:05:d2:16:d9:c6:0a:30:8b:1c:e8:11:55:2f:be:7b:21:
04:72:8c:1a:95:3b:92:d7:a4:c5:e5:68:e5:97:ef:c6:94:93:
ca:1a:2a:96:e5:a6:5f:9d:47:98:53:b6:4c:d8:85:6f:79:63:
25:99:c8:b1:b7:f3:96:96:9a:94:3d:0b:2c:df:a7:7d:78:1b:
62:b0:7a:46:db:54:08:5a:71:20:1c:6e:37:39:3b:0e:d5:40:
f8:33:61:b4:d1:a7:69:a4:fc:fe:60:c2:64:ec:ae:e7:ab:e8:
86:2a:e7:44:de:3e:77:ab:fd:6f:50:f0:15:7e:9d:98:40:d0:
94:5a:ce:79:26:a0:86:fc:8b:f9:dd:72:e7:34:4a:97:99:3e:
d1:0e:66:b1
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQgZ7+j6TOsViY1Iore2rPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjBkZjc3MTE0NzQxZTEzYTE3ZDcyMTNlNjk1NmJmOTYy
N2I1NTgwHhcNMjUwMTAxMDU0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzdjOWY3NWNjZWZkNmNhMzc4N2I5YmFhN2Y5MDkyOWFhNzA2MWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aFFSvo5GCVpPZO8IZDGQiH3C8N0
U0iIgHw6n55sY27ZLwYHaiLLrpbo7GJ/VA4v5QDyj/usodw9tgFY3v9YO6dbkTT3
aZgnRCxPCYP71XlqqeD9l5xNS1NMDGo+A8gd84VWPZZVnkPb4OweV8U4qnEPDiS6
/i92jI59LvbebrTeYNePjCwID8NM3CrhwbXCX8Rio6bUx+tPCH1K7V0Yo4FJ8jPf
uxKJITllBnednhSOWg6YCUHgc+IdLGtWDNzPgfsGQDbx79agIf82pSEt/Xh+jSbL
fVwcBUnJQqC5jBsmAPy/cdVa5T0lVVphbYxj+7mDMl68o1HASXqDyq9WewIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOd8n3XM79bKN4e5uqf5CSmqcGG9MB8GA1UdIwQY
MBaAFK3w33cRR0HhOhfXIT5pVr+WJ7VYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZEZmR4RkhRZUU2RjljaFBtbFd2NVludFZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hMzBiZWEtOWU5My00MDkxLWI2ZTEt
ZTFlZjI3NzcyZWFmLzEvNTN5ZmRjenYxc28zaDdtNnBfa0pLYXB3WWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hMzBiZWEtOWU5My00MDkxLWI2ZTEtZTFlZjI3NzcyZWFm
LzEvcmZEZmR4RkhRZUU2RjljaFBtbFd2NVludFZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqMAwDBAMl
LPgDBAAlLPoDBABbjogDBAFbwiQDBABb2HYDBAKy0aAwDAMEALLRpQMEBrLRgAME
ArkE2AMEArkoLAMEArlCuAMEArmWSAMEArnLAAMEAsFqeAMEAcGpSgMEAcJ0sgME
AMJ+wDANBAIAAjAHAwUDKgLJADANBgkqhkiG9w0BAQsFAAOCAQEAYQP+fGNK/aW6
7+zaxEXGDWFtRU5LoXP4H5GdmGbVdIzbkmHkBFJ6YcWC7k9I9zvqhKRpdyNj3CZR
kmfKQ+0Hd5VFXrhNelaqKaeXWRbtt35/VyiHZn3QC3IWAnaw68nwDhMX3Ydnbk+9
y/tAopAF0hbZxgowixzoEVUvvnshBHKMGpU7ktekxeVo5ZfvxpSTyhoqluWmX51H
mFO2TNiFb3ljJZnIsbfzlpaalD0LLN+nfXgbYrB6RttUCFpxIBxuNzk7DtVA+DNh
tNGnaaT8/mDCZOyu56vohirnRN4+d6v9b1DwFX6dmEDQlFrOeSaghvyL+d1y5zRK
l5k+0Q5msQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net