Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/aCgy_alXVm5fhWtUpRo7QNEISHE.roa
File: aCgy_alXVm5fhWtUpRo7QNEISHE.roa (raw, json)
Hash identifier: k8KIN9/snXjGTZ3SmfqZoJEWYTGsTGXkU29Y3c+sGXE=
Subject key identifier: 68:28:32:FD:A9:57:56:6E:5F:85:6B:54:A5:1A:3B:40:D1:08:48:71
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 01942368DD05F7D0C40B37455299AA28D796
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/aCgy_alXVm5fhWtUpRo7QNEISHE.roa
Signing time: Wed 01 Jan 2025 19:47:42 +0000
ROA not before: Wed 01 Jan 2025 19:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13097
IP address blocks: 46.229.80.0/20 maxlen: 20
46.229.80.0/24 maxlen: 24
46.229.81.0/24 maxlen: 24
46.229.82.0/24 maxlen: 24
46.229.83.0/24 maxlen: 24
46.229.84.0/24 maxlen: 24
46.229.85.0/24 maxlen: 24
46.229.86.0/24 maxlen: 24
46.229.87.0/24 maxlen: 24
46.229.88.0/24 maxlen: 24
46.229.89.0/24 maxlen: 24
46.229.90.0/24 maxlen: 24
46.229.91.0/24 maxlen: 24
46.229.92.0/24 maxlen: 24
46.229.93.0/24 maxlen: 24
46.229.94.0/24 maxlen: 24
46.229.95.0/24 maxlen: 24
80.70.116.0/22 maxlen: 22
80.70.116.0/24 maxlen: 24
80.70.117.0/24 maxlen: 24
80.70.118.0/24 maxlen: 24
80.70.119.0/24 maxlen: 24
82.163.32.0/22 maxlen: 22
82.163.32.0/24 maxlen: 24
82.163.33.0/24 maxlen: 24
82.163.34.0/24 maxlen: 24
82.163.35.0/24 maxlen: 24
84.234.100.0/22 maxlen: 22
84.234.100.0/24 maxlen: 24
84.234.101.0/24 maxlen: 24
84.234.102.0/24 maxlen: 24
84.234.103.0/24 maxlen: 24
89.189.32.0/20 maxlen: 20
89.189.32.0/24 maxlen: 24
89.189.33.0/24 maxlen: 24
89.189.34.0/24 maxlen: 24
89.189.35.0/24 maxlen: 24
89.189.36.0/24 maxlen: 24
89.189.37.0/24 maxlen: 24
89.189.38.0/24 maxlen: 24
89.189.39.0/24 maxlen: 24
89.189.40.0/24 maxlen: 24
89.189.41.0/24 maxlen: 24
89.189.42.0/24 maxlen: 24
89.189.43.0/24 maxlen: 24
89.189.44.0/24 maxlen: 24
89.189.45.0/24 maxlen: 24
89.189.46.0/24 maxlen: 24
89.189.47.0/24 maxlen: 24
89.189.56.0/21 maxlen: 21
89.189.56.0/24 maxlen: 24
89.189.57.0/24 maxlen: 24
89.189.58.0/24 maxlen: 24
89.189.59.0/24 maxlen: 24
89.189.60.0/24 maxlen: 24
89.189.61.0/24 maxlen: 24
89.189.62.0/24 maxlen: 24
89.189.63.0/24 maxlen: 24
185.138.36.0/22 maxlen: 22
185.138.36.0/23 maxlen: 23
185.138.36.0/24 maxlen: 24
185.138.37.0/24 maxlen: 24
185.138.38.0/23 maxlen: 23
185.138.38.0/24 maxlen: 24
185.138.39.0/24 maxlen: 24
185.178.12.0/22 maxlen: 22
185.178.12.0/24 maxlen: 24
185.178.13.0/24 maxlen: 24
185.178.14.0/24 maxlen: 24
185.178.15.0/24 maxlen: 24
213.178.192.0/20 maxlen: 20
213.178.192.0/24 maxlen: 24
213.178.193.0/24 maxlen: 24
213.178.194.0/24 maxlen: 24
213.178.195.0/24 maxlen: 24
213.178.196.0/24 maxlen: 24
213.178.197.0/24 maxlen: 24
213.178.198.0/24 maxlen: 24
213.178.199.0/24 maxlen: 24
213.178.200.0/24 maxlen: 24
213.178.201.0/24 maxlen: 24
213.178.202.0/24 maxlen: 24
213.178.203.0/24 maxlen: 24
213.178.204.0/24 maxlen: 24
213.178.205.0/24 maxlen: 24
213.178.206.0/24 maxlen: 24
213.178.207.0/24 maxlen: 24
2a01:7540::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:dd:05:f7:d0:c4:0b:37:45:52:99:aa:28:d7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Jan 1 19:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682832fda957566e5f856b54a51a3b40d1084871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:24:85:56:d1:e1:c5:d3:2e:29:07:6b:e7:bd:
eb:01:5f:be:7e:b4:26:5b:0f:c2:3f:4a:7b:e2:7d:
f2:86:3e:e9:49:bb:c7:36:1c:39:d0:80:cf:52:0c:
1c:42:bb:cd:a8:de:c9:b7:f9:ea:be:3c:36:30:c2:
86:fb:b7:77:6f:e1:0a:09:12:ed:c6:ae:73:3c:7a:
c7:84:f6:ce:d2:e9:86:7f:9a:66:53:7b:ec:a0:14:
77:fb:8b:80:b9:51:17:ce:33:28:8c:82:d5:2b:ed:
4c:75:0f:e3:d9:d9:a6:19:95:9f:0d:54:26:5c:25:
17:f0:9c:bc:0b:8b:6b:69:60:8f:b4:7b:75:3f:bb:
f1:08:27:5d:22:67:d6:92:2f:cb:b0:14:f9:e8:53:
76:70:32:89:bd:aa:1f:3b:da:77:69:53:81:d5:4a:
8e:e3:f5:88:c1:7b:a6:0a:35:0e:f7:c9:11:0d:91:
f7:3b:65:48:72:c8:68:a7:ec:05:ca:8f:c7:c3:2d:
18:78:44:80:1b:f2:47:23:ba:e5:5b:1f:57:05:51:
88:de:bc:34:53:3a:3e:c0:03:24:d8:ed:cc:86:e6:
4b:ef:b8:df:18:5d:68:ad:e3:13:e4:98:37:eb:79:
2c:4d:a2:e3:68:44:c3:81:a4:97:73:42:0e:5a:a9:
d4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:28:32:FD:A9:57:56:6E:5F:85:6B:54:A5:1A:3B:40:D1:08:48:71
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/aCgy_alXVm5fhWtUpRo7QNEISHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.80.0/20
80.70.116.0/22
82.163.32.0/22
84.234.100.0/22
89.189.32.0/20
89.189.56.0/21
185.138.36.0/22
185.178.12.0/22
213.178.192.0/20
IPv6:
2a01:7540::/32
Signature Algorithm: sha256WithRSAEncryption
75:ea:f3:65:9e:e9:bc:84:e9:2e:8d:7a:e4:27:2f:07:41:9e:
47:f9:c7:1f:fa:0c:81:6e:92:71:b3:82:d1:ab:da:02:df:de:
0e:92:40:32:e6:f2:61:ab:ec:9b:1b:d6:4c:db:a7:1f:e7:ef:
b5:f8:18:a1:45:0f:44:ec:00:2d:f6:6e:3d:26:60:5d:00:5b:
59:2d:b3:bb:6c:bf:05:b1:3f:49:94:a0:f5:e3:23:60:93:a2:
7c:e6:83:69:98:2c:35:8f:a0:fa:55:ec:67:bb:77:72:cd:e1:
50:94:0f:4b:44:a0:75:d1:c1:e3:78:24:7c:23:2e:9f:12:3d:
82:b6:9c:05:9a:8e:0f:43:87:5c:f5:c6:37:d0:1e:da:34:da:
05:96:b9:de:27:ea:bc:4f:46:84:8b:17:6c:bd:c6:59:ed:7b:
5c:5c:da:3a:0a:77:df:bc:cd:d1:ad:0f:14:ff:bc:28:6b:7c:
75:0f:a7:c7:b9:d4:1e:2b:df:79:04:9f:8c:7e:51:27:12:d5:
4d:f6:68:5a:ae:e8:81:0a:81:7c:4f:8c:15:97:ad:92:d6:fe:
93:41:89:71:20:ce:4c:7e:b4:74:a9:cb:90:34:ce:eb:54:f8:
16:54:63:e0:52:b4:a8:82:cb:8d:69:fd:08:37:ae:0b:36:a6:
f6:16:d6:8b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQjaN0F99DECzdFUpmqKNeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjUwMTAxMTk0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI4MzJmZGE5NTc1NjZlNWY4NTZiNTRhNTFhM2I0MGQxMDg0ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CSFVtHhxdMuKQdr573rAV++frQm
Ww/CP0p74n3yhj7pSbvHNhw50IDPUgwcQrvNqN7Jt/nqvjw2MMKG+7d3b+EKCRLt
xq5zPHrHhPbO0umGf5pmU3vsoBR3+4uAuVEXzjMojILVK+1MdQ/j2dmmGZWfDVQm
XCUX8Jy8C4traWCPtHt1P7vxCCddImfWki/LsBT56FN2cDKJvaofO9p3aVOB1UqO
4/WIwXumCjUO98kRDZH3O2VIcshop+wFyo/Hwy0YeESAG/JHI7rlWx9XBVGI3rw0
Uzo+wAMk2O3MhuZL77jfGF1oreMT5Jg363ksTaLjaETDgaSXc0IOWqnUvQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGgoMv2pV1ZuX4VrVKUaO0DRCEhxMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvYUNneV9hbFhWbTVmaFd0VXBSbzdRTkVJU0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQELuVQAwQC
UEZ0AwQCUqMgAwQCVOpkAwQEWb0gAwQDWb04AwQCuYokAwQCubIMAwQE1bLAMA0E
AgACMAcDBQAqAXVAMA0GCSqGSIb3DQEBCwUAA4IBAQB16vNlnum8hOkujXrkJy8H
QZ5H+ccf+gyBbpJxs4LRq9oC394OkkAy5vJhq+ybG9ZM26cf5++1+BihRQ9E7AAt
9m49JmBdAFtZLbO7bL8FsT9JlKD14yNgk6J85oNpmCw1j6D6Vexnu3dyzeFQlA9L
RKB10cHjeCR8Iy6fEj2CtpwFmo4PQ4dc9cY30B7aNNoFlrneJ+q8T0aEixdsvcZZ
7XtcXNo6CnffvM3RrQ8U/7woa3x1D6fHudQeK995BJ+MflEnEtVN9mharuiBCoF8
T4wVl62S1v6TQYlxIM5MfrR0qcuQNM7rVPgWVGPgUrSogsuNaf0IN64LNqb2FtaL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:08 2025 by rpki-client on console.sobornost.net