Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/sD3TQhmqpMeiNDRMe_Cg9c8gcQg.roa
File: sD3TQhmqpMeiNDRMe_Cg9c8gcQg.roa (raw, json)
Hash identifier: YpFE/XWsvo+iSqItJdBs7pFneblfjbKHabl7GMSfsrA=
Subject key identifier: B0:3D:D3:42:19:AA:A4:C7:A2:34:34:4C:7B:F0:A0:F5:CF:20:71:08
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 019546427BB686FAF52410C9FB0791295B17
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/sD3TQhmqpMeiNDRMe_Cg9c8gcQg.roa
Signing time: Thu 27 Feb 2025 07:15:17 +0000
ROA not before: Thu 27 Feb 2025 07:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61173
IP address blocks: 5.182.44.0/24 maxlen: 24
5.182.45.0/24 maxlen: 24
5.182.46.0/24 maxlen: 24
5.182.47.0/24 maxlen: 24
45.159.112.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
62.3.42.0/24 maxlen: 24
85.208.252.0/24 maxlen: 24
85.208.253.0/24 maxlen: 24
85.208.254.0/24 maxlen: 24
85.208.255.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.165.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
193.141.126.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
2a05:ab80::/48 maxlen: 48
2a05:ab80:1::/48 maxlen: 48
2a05:ab80:3::/48 maxlen: 48
2a05:ab80:4::/48 maxlen: 48
2a05:ab80:100::/48 maxlen: 48
2a05:ab80:200::/48 maxlen: 48
2a05:ab80:300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:46:42:7b:b6:86:fa:f5:24:10:c9:fb:07:91:29:5b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Feb 27 07:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b03dd34219aaa4c7a234344c7bf0a0f5cf207108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:52:4e:a5:df:d3:1e:f2:a0:03:74:42:ad:de:
a4:69:87:f6:01:3f:ce:8d:6c:0e:ef:bc:1c:14:f2:
ac:c0:09:1a:9c:8e:a2:8b:f3:3b:ff:cf:98:5d:4e:
f8:68:05:11:a4:24:60:b1:69:11:94:d1:8c:8d:81:
d9:79:1e:c5:cd:82:d2:d5:e8:ae:07:62:ca:65:f0:
fa:04:36:3c:5f:0a:19:82:3c:82:8d:36:95:7c:7b:
31:75:f1:b9:32:5f:24:5c:ea:55:7b:04:7b:05:3a:
73:c2:57:a6:42:c4:e2:40:e7:c3:73:fc:2e:89:d8:
f6:2d:81:27:4c:b5:52:89:d9:d6:96:1e:0a:54:83:
54:e2:36:08:f3:ff:12:6a:ce:14:c7:a6:6f:58:27:
93:c0:99:9f:35:ec:cd:7c:af:23:a5:cf:98:7e:83:
3f:4e:33:c6:dd:4e:7c:2f:09:65:89:e2:51:7a:8d:
7b:04:8f:70:54:11:63:4a:d8:89:96:4a:92:45:a9:
b5:b0:1e:13:b2:ca:f7:de:a8:c2:4a:ce:e5:0d:f7:
c9:c4:a2:2e:59:8a:5c:5d:d1:ed:3d:0a:fa:4f:53:
e3:5e:98:cb:8a:97:72:b6:68:3c:0d:c1:9b:16:c9:
5a:2f:76:d6:f5:58:c9:89:b8:97:38:00:84:99:66:
47:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3D:D3:42:19:AA:A4:C7:A2:34:34:4C:7B:F0:A0:F5:CF:20:71:08
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/sD3TQhmqpMeiNDRMe_Cg9c8gcQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.44.0/22
45.159.112.0/22
62.3.42.0/24
85.208.252.0/22
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/22
185.255.88.0/22
193.141.64.0/23
193.141.126.0/23
IPv6:
2a05:ab80::/47
2a05:ab80:3::-2a05:ab80:4:ffff:ffff:ffff:ffff:ffff
2a05:ab80:100::/48
2a05:ab80:200::/48
2a05:ab80:300::/48
Signature Algorithm: sha256WithRSAEncryption
53:7d:6f:f8:5d:0e:36:6b:b1:99:8b:2e:32:78:46:7b:a3:9f:
55:1f:0d:f7:11:8c:e8:05:c1:50:20:7e:ef:be:79:af:a3:47:
10:c3:34:18:ea:8d:ac:2c:e3:8f:b2:0c:78:74:47:35:cb:32:
72:76:d5:89:71:ac:c3:71:fb:27:dc:7d:95:df:98:06:93:e6:
2c:e5:26:56:60:c0:8e:6a:7c:99:3c:ba:69:e6:1b:7b:a9:ba:
33:e1:66:47:ef:de:e7:10:f0:19:81:4f:3e:57:b7:ac:5b:dd:
b6:78:9d:99:7b:d4:17:51:b1:e2:3d:45:60:c3:05:39:ff:b9:
c9:02:cf:90:ca:5a:94:d9:8f:8a:c1:2f:25:ba:83:5b:a7:62:
24:0c:66:ff:26:c4:29:5a:96:c9:71:50:85:db:dd:3d:02:c7:
05:5c:53:7d:24:ff:39:2c:59:55:2e:a4:f0:23:60:25:43:74:
5e:a0:0a:13:2e:e2:b6:f8:83:f2:f0:06:29:6e:3a:46:29:23:
05:b0:8b:02:42:cf:37:fc:ba:2f:98:77:9d:05:3b:87:42:1a:
92:6a:cf:79:61:3b:5a:84:6c:20:d3:79:9e:70:f3:09:27:00:
c0:33:ac:f6:51:9a:64:a1:34:c2:5f:c6:87:af:e5:8a:77:e8:
79:27:76:34
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZVGQnu2hvr1JBDJ+weRKVsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjUwMjI3MDcxNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNkZDM0MjE5YWFhNGM3YTIzNDM0NGM3YmYwYTBmNWNmMjA3MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01JOpd/THvKgA3RCrd6kaYf2AT/O
jWwO77wcFPKswAkanI6ii/M7/8+YXU74aAURpCRgsWkRlNGMjYHZeR7FzYLS1eiu
B2LKZfD6BDY8XwoZgjyCjTaVfHsxdfG5Ml8kXOpVewR7BTpzwlemQsTiQOfDc/wu
idj2LYEnTLVSidnWlh4KVINU4jYI8/8Sas4Ux6ZvWCeTwJmfNezNfK8jpc+YfoM/
TjPG3U58LwllieJReo17BI9wVBFjStiJlkqSRam1sB4Tssr33qjCSs7lDffJxKIu
WYpcXdHtPQr6T1PjXpjLipdytmg8DcGbFslaL3bW9VjJibiXOACEmWZHAwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFLA900IZqqTHojQ0THvwoPXPIHEIMB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvc0QzVFFobXFwTWVpTkRSTWVfQ2c5YzhnY1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjBQBAIAATBKAwQCBbYs
AwQCLZ9wAwQAPgMqAwQCVdD8AwQCuQQcMAwDBAC5MiUDBAO5MiADBAK5dKADBAK5
1aQDBAK5/1gDBAHBjUADBAHBjX4wPgQCAAIwOAMHASoFq4AAADASAwcAKgWrgAAD
AwcAKgWrgAAEAwcAKgWrgAEAAwcAKgWrgAIAAwcAKgWrgAMAMA0GCSqGSIb3DQEB
CwUAA4IBAQBTfW/4XQ42a7GZiy4yeEZ7o59VHw33EYzoBcFQIH7vvnmvo0cQwzQY
6o2sLOOPsgx4dEc1yzJydtWJcazDcfsn3H2V35gGk+Ys5SZWYMCOanyZPLpp5ht7
qboz4WZH797nEPAZgU8+V7esW922eJ2Ze9QXUbHiPUVgwwU5/7nJAs+QylqU2Y+K
wS8luoNbp2IkDGb/JsQpWpbJcVCF2909AscFXFN9JP85LFlVLqTwI2AlQ3ReoAoT
LuK2+IPy8AYpbjpGKSMFsIsCQs83/LovmHedBTuHQhqSas95YTtahGwg03mecPMJ
JwDAM6z2UZpkoTTCX8aHr+WKd+h5J3Y0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:03 2025 by rpki-client on console.sobornost.net