Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/Is9JTB3qpYCXgaYmijlcB5JL6E0.roa
File: Is9JTB3qpYCXgaYmijlcB5JL6E0.roa (raw, json)
Hash identifier: 5cCcN4nvSzdk5qJCAY98zRx7wOt+NOoIVD5IiJyh0Uk=
Subject key identifier: 22:CF:49:4C:1D:EA:A5:80:97:81:A6:26:8A:39:5C:07:92:4B:E8:4D
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 01961FFE4B9E1F953C54312550475F5FAD8D
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/Is9JTB3qpYCXgaYmijlcB5JL6E0.roa
Signing time: Thu 10 Apr 2025 13:58:01 +0000
ROA not before: Thu 10 Apr 2025 13:58:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 5.250.176.0/20 maxlen: 24
46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
85.184.248.0/22 maxlen: 24
87.106.0.0/16 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.104.0/24 maxlen: 32
157.97.105.0/24 maxlen: 32
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
194.164.4.0/22 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.164.88.0/21 maxlen: 24
194.164.120.0/21 maxlen: 24
194.164.160.0/20 maxlen: 24
194.164.192.0/20 maxlen: 24
195.20.224.0/19 maxlen: 24
212.132.64.0/18 maxlen: 24
212.227.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
213.244.192.0/24 maxlen: 24
217.72.192.0/20 maxlen: 24
217.154.0.0/21 maxlen: 24
217.154.8.0/22 maxlen: 24
217.154.13.0/24 maxlen: 24
217.154.14.0/23 maxlen: 24
217.154.16.0/21 maxlen: 24
217.154.50.0/23 maxlen: 24
217.154.52.0/22 maxlen: 24
217.154.56.0/21 maxlen: 24
217.154.64.0/21 maxlen: 24
217.154.74.0/23 maxlen: 24
217.154.76.0/22 maxlen: 24
217.154.80.0/21 maxlen: 24
217.154.88.0/23 maxlen: 24
217.154.91.0/24 maxlen: 24
217.154.92.0/22 maxlen: 24
217.154.240.0/22 maxlen: 24
217.160.0.0/16 maxlen: 24
217.160.124.0/23 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:fe:4b:9e:1f:95:3c:54:31:25:50:47:5f:5f:ad:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Apr 10 13:58:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22cf494c1deaa5809781a6268a395c07924be84d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:a5:0b:e6:ed:5f:ea:96:8e:f1:28:b8:2b:
5a:34:c2:05:25:42:c0:6d:b4:0a:1a:ab:b6:e7:b3:
27:9b:45:a3:5a:f8:c9:ce:e2:ad:61:5a:ca:02:f7:
54:e7:b1:aa:4b:e5:9d:22:9b:d3:76:30:53:a2:7b:
a1:7f:23:3a:5c:8f:e4:c6:46:15:55:44:84:1a:81:
49:43:4f:19:6a:7b:07:11:b9:fc:ed:e5:62:a8:16:
6b:cb:9c:9b:b0:16:e5:4f:13:45:74:a0:0b:60:11:
18:91:94:24:40:54:bd:d0:e6:6c:9c:ea:0b:10:fe:
70:c6:42:27:29:e2:bb:d8:dc:53:c1:dc:79:40:61:
5a:ad:81:90:f7:a1:b1:8f:33:56:ff:2f:4e:34:1a:
83:ad:82:c4:2f:6f:43:4a:5a:78:10:d3:77:0e:09:
18:91:02:5c:e5:8d:88:10:5a:4d:0d:db:28:0f:d0:
f1:49:df:a4:80:ed:df:70:9d:7a:90:ae:aa:f9:b7:
61:a0:9e:46:db:ba:84:6f:d8:5f:a9:20:02:86:a4:
b5:92:de:4f:45:ed:76:e9:de:53:75:a8:93:ba:ba:
09:cb:fd:a7:06:17:0a:75:d1:08:3b:2d:2e:08:76:
9f:d0:ba:82:00:05:89:f1:49:16:41:a4:c3:4a:e0:
54:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:CF:49:4C:1D:EA:A5:80:97:81:A6:26:8A:39:5C:07:92:4B:E8:4D
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/Is9JTB3qpYCXgaYmijlcB5JL6E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.154.0.0-217.154.11.255
217.154.13.0-217.154.23.255
217.154.50.0-217.154.71.255
217.154.74.0-217.154.89.255
217.154.91.0-217.154.95.255
217.154.240.0/22
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
cc:b6:a6:79:68:68:a0:27:5b:96:a5:b2:07:3c:74:a0:69:ec:
03:47:49:3c:c4:6c:36:f1:ab:ca:f3:56:b7:88:50:14:cb:81:
ab:6f:c7:e8:3c:ee:b6:f9:56:81:9e:d5:ef:08:d1:f9:ca:fe:
6c:be:01:2d:4d:37:97:0b:c2:44:5f:88:c8:47:b0:5b:74:08:
99:3d:c6:21:b8:80:cc:87:9c:fd:98:93:36:4d:af:ff:41:67:
13:1c:29:e5:d5:74:cc:f4:ff:0d:72:aa:c0:94:da:2d:0c:98:
c2:4f:99:e8:b1:84:28:92:cd:06:95:11:27:eb:7e:6d:50:14:
4f:51:30:70:f3:3c:08:dd:e9:52:40:49:e9:43:44:02:f2:3d:
16:5d:82:7a:0d:e5:d5:be:04:af:39:ed:c2:b4:d1:95:6d:19:
84:8b:ac:a6:95:cf:8b:63:e6:8e:fd:c8:27:92:d9:83:68:da:
5b:f3:f7:8b:06:93:e1:9e:18:21:d7:60:1a:8d:e6:74:be:93:
2e:2c:ea:b3:2c:4b:cb:d2:02:62:32:ee:4c:57:63:c9:e3:53:
1d:cc:14:dc:85:13:6a:67:3e:25:62:7d:89:21:72:1a:17:63:
e5:40:5d:5d:ee:fa:6b:2d:fb:1e:48:f7:a5:c2:1c:96:37:0b:
9c:dc:c6:a1
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAZYf/kueH5U8VDElUEdfX62NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjUwNDEwMTM1ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmNmNDk0YzFkZWFhNTgwOTc4MWE2MjY4YTM5NWMwNzkyNGJlODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0mlC+btX+qWjvEouCtaNMIFJULA
bbQKGqu257Mnm0WjWvjJzuKtYVrKAvdU57GqS+WdIpvTdjBTonuhfyM6XI/kxkYV
VUSEGoFJQ08ZansHEbn87eViqBZry5ybsBblTxNFdKALYBEYkZQkQFS90OZsnOoL
EP5wxkInKeK72NxTwdx5QGFarYGQ96GxjzNW/y9ONBqDrYLEL29DSlp4ENN3DgkY
kQJc5Y2IEFpNDdsoD9DxSd+kgO3fcJ16kK6q+bdhoJ5G27qEb9hfqSAChqS1kt5P
Re126d5TdaiTuroJy/2nBhcKddEIOy0uCHaf0LqCAAWJ8UkWQaTDSuBUVQIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFCLPSUwd6qWAl4GmJoo5XAeSS+hNMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvSXM5SlRCM3FwWUNYZ2FZbWlqbGNCNUpMNkUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEwYIKwYBBQUHAQcBAf8EggECMIH/MIHmBAIAATCB3wME
BAX6sAMEAy4QSAMEA06JYAMEAlGtcAMDAFKlAwQCVbj4AwMAV2oDBAOdYWgDBAK5
MHQDBADCfs4wDAMEAsKkBAMEAsKkCAMEBMKkEAMEBMKkMAMEA8KkWAMEA8KkeAME
BMKkoAMEBMKkwAMEBcMU4AMEBtSEQAMDANTjAwQF1aVAAwQA1fTAAwQE2UjAMAsD
AwHZmgMEAtmaCDAMAwQA2ZoNAwQD2ZoQMAwDBAHZmjIDBAPZmkAwDAMEAdmaSgME
AdmaWDAMAwQA2ZpbAwQF2ZpAAwQC2ZrwAwMA2aAwFAQCAAIwDgMFACABCNgDBQMq
AiR4MA0GCSqGSIb3DQEBCwUAA4IBAQDMtqZ5aGigJ1uWpbIHPHSgaewDR0k8xGw2
8avK81a3iFAUy4Grb8foPO62+VaBntXvCNH5yv5svgEtTTeXC8JEX4jIR7BbdAiZ
PcYhuIDMh5z9mJM2Ta//QWcTHCnl1XTM9P8NcqrAlNotDJjCT5nosYQoks0GlREn
635tUBRPUTBw8zwI3elSQEnpQ0QC8j0WXYJ6DeXVvgSvOe3CtNGVbRmEi6ymlc+L
Y+aO/cgnktmDaNpb8/eLBpPhnhgh12AajeZ0vpMuLOqzLEvL0gJiMu5MV2PJ41Md
zBTchRNqZz4lYn2JIXIaF2PlQF1d7vprLfseSPelwhyWNwuc3Mah
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:45 2025 by rpki-client on console.sobornost.net