Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/dDDN-pm8MlP2fOpMtU7-mmZpLLc.roa
File: dDDN-pm8MlP2fOpMtU7-mmZpLLc.roa (raw, json)
Hash identifier: GvJAp02zQtdWF4HXdYEMtMpvRfe1B4IDC0v2UHRYRus=
Subject key identifier: 74:30:CD:FA:99:BC:32:53:F6:7C:EA:4C:B5:4E:FE:9A:66:69:2C:B7
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 019426D8730EE5B8FACBD1C8F3650412F700
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/dDDN-pm8MlP2fOpMtU7-mmZpLLc.roa
Signing time: Thu 02 Jan 2025 11:48:26 +0000
ROA not before: Thu 02 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48854
IP address blocks: 46.36.204.0/22 maxlen: 22
46.36.208.0/21 maxlen: 21
77.243.128.0/20 maxlen: 20
80.70.0.0/23 maxlen: 23
80.70.6.0/23 maxlen: 23
80.70.6.0/24 maxlen: 24
80.70.7.0/24 maxlen: 24
81.95.240.0/20 maxlen: 20
81.95.249.0/24 maxlen: 24
89.188.72.0/21 maxlen: 21
91.197.248.0/22 maxlen: 22
91.217.201.0/24 maxlen: 24
93.191.152.0/21 maxlen: 21
93.191.152.0/22 maxlen: 22
93.191.156.0/24 maxlen: 24
93.191.157.0/24 maxlen: 24
93.191.158.0/24 maxlen: 24
94.143.8.0/21 maxlen: 21
94.231.96.0/20 maxlen: 20
94.231.103.0/24 maxlen: 24
109.71.56.0/21 maxlen: 21
178.251.0.0/21 maxlen: 21
178.251.1.0/24 maxlen: 24
185.20.204.0/22 maxlen: 22
185.20.205.0/24 maxlen: 24
185.20.206.0/23 maxlen: 23
185.21.40.0/22 maxlen: 22
185.25.140.0/24 maxlen: 24
185.25.141.0/24 maxlen: 24
185.25.142.0/24 maxlen: 24
185.25.143.0/24 maxlen: 24
185.134.28.0/22 maxlen: 22
185.154.240.0/22 maxlen: 22
185.221.36.0/22 maxlen: 22
185.223.24.0/22 maxlen: 22
185.235.52.0/22 maxlen: 22
185.235.52.0/24 maxlen: 24
193.239.96.0/22 maxlen: 22
194.150.112.0/22 maxlen: 22
195.69.128.0/22 maxlen: 22
195.178.14.0/23 maxlen: 23
212.97.132.0/22 maxlen: 22
212.97.140.0/22 maxlen: 22
212.97.140.0/24 maxlen: 24
212.97.141.0/24 maxlen: 24
212.97.142.0/24 maxlen: 24
212.97.143.0/24 maxlen: 24
212.237.248.0/23 maxlen: 23
217.61.236.0/22 maxlen: 22
2a02:2338::/32 maxlen: 48
2a02:2339::/36 maxlen: 36
2a02:2339:4000::/34 maxlen: 48
2a03:2740::/47 maxlen: 48
2a06:eac0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:73:0e:e5:b8:fa:cb:d1:c8:f3:65:04:12:f7:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 2 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7430cdfa99bc3253f67cea4cb54efe9a66692cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:55:ae:f5:5e:c9:9b:99:b4:2b:64:eb:5a:b5:
a0:1a:99:d6:51:1f:49:1a:bc:7f:45:0c:75:fa:40:
19:a7:0a:60:ab:99:d2:8b:aa:50:b3:30:0c:81:97:
e2:2c:92:83:77:a8:f5:66:b9:3e:9a:aa:7d:28:d7:
a0:07:35:20:8c:e3:96:35:01:43:38:ad:4e:97:a3:
9d:68:7e:48:60:18:cd:4b:48:76:96:58:45:e7:2d:
ed:f2:bc:ad:f8:ce:79:af:ca:df:7b:13:25:f0:66:
56:cd:ee:56:51:15:85:14:20:ce:52:35:2d:4b:a1:
e9:d4:87:1b:64:8c:80:71:51:ca:00:83:66:9f:7b:
a9:f6:a6:6d:55:5f:6d:38:70:c4:14:00:9b:25:bf:
6a:d9:f5:a8:ef:aa:b3:4f:2e:01:db:42:45:a1:10:
41:4c:45:ba:33:78:23:81:42:76:63:8c:4a:75:6b:
9c:c5:c8:f2:04:a0:90:98:62:4d:f5:21:07:1d:95:
3e:20:b9:57:fb:56:72:fa:0d:f2:4e:3c:01:df:7d:
31:e3:b9:1a:dc:b2:64:8b:5d:cb:3c:f5:cf:6c:dd:
b0:9a:38:55:5b:6d:cb:1b:3e:4f:8e:a0:06:ec:d8:
2b:2b:fb:fe:cb:1d:ba:a4:73:f8:fa:49:5b:0f:a9:
1e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:30:CD:FA:99:BC:32:53:F6:7C:EA:4C:B5:4E:FE:9A:66:69:2C:B7
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/dDDN-pm8MlP2fOpMtU7-mmZpLLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.204.0-46.36.215.255
77.243.128.0/20
80.70.0.0/23
80.70.6.0/23
81.95.240.0/20
89.188.72.0/21
91.197.248.0/22
91.217.201.0/24
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
109.71.56.0/21
178.251.0.0/21
185.20.204.0/22
185.21.40.0/22
185.25.140.0/22
185.134.28.0/22
185.154.240.0/22
185.221.36.0/22
185.223.24.0/22
185.235.52.0/22
193.239.96.0/22
194.150.112.0/22
195.69.128.0/22
195.178.14.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a02:2338::-2a02:2339:fff:ffff:ffff:ffff:ffff:ffff
2a02:2339:4000::/34
2a03:2740::/47
2a06:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
48:9f:fb:35:50:c8:cc:c2:b7:22:05:15:13:19:59:56:c7:d1:
d4:39:12:23:96:df:c2:bf:31:4c:36:3b:43:27:1f:25:e2:67:
3c:21:9a:4f:94:33:9d:b4:71:92:8d:32:30:18:3a:e2:8b:e6:
60:e3:15:77:e3:59:59:b8:92:f1:48:65:67:64:69:bd:35:93:
51:9a:7c:2c:a5:ef:49:b9:4c:16:f8:3f:2e:e7:7e:fa:a7:32:
d3:ab:87:40:fa:ce:31:fa:0b:78:89:73:6c:03:4a:1c:02:65:
f1:7b:cb:b9:f8:8b:d9:70:38:69:40:a4:51:fa:2b:f8:9f:77:
b3:89:ca:41:0d:07:a0:ed:0c:d5:8d:18:ef:6b:e0:ef:f2:22:
eb:d4:8d:bd:82:28:d2:9a:5e:05:db:36:37:55:c5:7c:74:ca:
75:27:2b:83:3c:6c:cb:a2:1b:ec:a7:11:57:4c:a4:c7:43:a7:
8d:c7:69:46:40:7c:87:f0:ef:84:09:34:6d:22:f4:88:a3:da:
83:c5:69:65:a7:20:53:c6:47:f4:17:0b:b8:be:1f:99:4e:29:
f8:5a:1a:db:c7:a9:1e:25:15:68:97:5a:bd:02:45:81:54:2b:
54:4c:2e:74:32:7d:bb:5d:88:52:42:d9:0f:6d:7e:33:6c:10:
69:e0:c4:b7
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZQm2HMO5bj6y9HI82UEEvcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjUwMTAyMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDMwY2RmYTk5YmMzMjUzZjY3Y2VhNGNiNTRlZmU5YTY2NjkyY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9lWu9V7Jm5m0K2TrWrWgGpnWUR9J
Grx/RQx1+kAZpwpgq5nSi6pQszAMgZfiLJKDd6j1Zrk+mqp9KNegBzUgjOOWNQFD
OK1Ol6OdaH5IYBjNS0h2llhF5y3t8ryt+M55r8rfexMl8GZWze5WURWFFCDOUjUt
S6Hp1IcbZIyAcVHKAINmn3up9qZtVV9tOHDEFACbJb9q2fWo76qzTy4B20JFoRBB
TEW6M3gjgUJ2Y4xKdWucxcjyBKCQmGJN9SEHHZU+ILlX+1Zy+g3yTjwB330x47ka
3LJki13LPPXPbN2wmjhVW23LGz5PjqAG7NgrK/v+yx26pHP4+klbD6keoQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFHQwzfqZvDJT9nzqTLVO/ppmaSy3MB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvZERETi1wbThNbFAyZk9wTXRVNy1tbVpwTExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgb0EAgABMIG2MAwD
BAIuJMwDBAMuJNADBARN84ADBAFQRgADBAFQRgYDBARRX/ADBANZvEgDBAJbxfgD
BABb2ckDBANdv5gDBANejwgDBARe52ADBANtRzgDBAOy+wADBAK5FMwDBAK5FSgD
BAK5GYwDBAK5hhwDBAK5mvADBAK53SQDBAK53xgDBAK56zQDBALB72ADBALClnAD
BALDRYADBAHDsg4DBALUYYQDBALUYYwDBAHU7fgDBALZPewwLwQCAAIwKTAPAwUD
KgIjOAMGBCoCIzkAAwYGKgIjOUADBwEqAydAAAADBQMqBurAMA0GCSqGSIb3DQEB
CwUAA4IBAQBIn/s1UMjMwrciBRUTGVlWx9HUORIjlt/CvzFMNjtDJx8l4mc8IZpP
lDOdtHGSjTIwGDrii+Zg4xV341lZuJLxSGVnZGm9NZNRmnwspe9JuUwW+D8u5376
pzLTq4dA+s4x+gt4iXNsA0ocAmXxe8u5+IvZcDhpQKRR+iv4n3ezicpBDQeg7QzV
jRjva+Dv8iLr1I29gijSml4F2zY3VcV8dMp1JyuDPGzLohvspxFXTKTHQ6eNx2lG
QHyH8O+ECTRtIvSIo9qDxWllpyBTxkf0Fwu4vh+ZTin4Whrbx6keJRVol1q9AkWB
VCtUTC50Mn27XYhSQtkPbX4zbBBp4MS3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:26 2025 by rpki-client on console.sobornost.net