Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/ZFcvFlhDWryyoXWXMpIDlrIOANM.roa
File: ZFcvFlhDWryyoXWXMpIDlrIOANM.roa (raw, json)
Hash identifier: vf4LDljSHDeogKMO6SAS7Y9xTDtYGGINc31+p97CZuM=
Subject key identifier: 64:57:2F:16:58:43:5A:BC:B2:A1:75:97:32:92:03:96:B2:0E:00:D3
Certificate issuer: /CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Certificate serial: 0194228E23E89DB442A45634F7640F9C5D82
Authority key identifier: 3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/ZFcvFlhDWryyoXWXMpIDlrIOANM.roa
Signing time: Wed 01 Jan 2025 15:48:48 +0000
ROA not before: Wed 01 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29549
IP address blocks: 185.63.120.0/24 maxlen: 24
185.63.121.0/24 maxlen: 24
185.63.122.0/24 maxlen: 24
185.63.123.0/24 maxlen: 24
193.105.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:23:e8:9d:b4:42:a4:56:34:f7:64:0f:9c:5d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea53ac9a8dc446fb7e0113b68b38e970c19f7cc
Validity
Not Before: Jan 1 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64572f1658435abcb2a1759732920396b20e00d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1d:74:79:3c:10:1a:c8:c1:d0:6e:88:0a:f5:
c1:98:21:40:4b:a2:20:7b:a1:d1:33:64:90:18:71:
9d:62:8d:8a:c6:39:e2:07:4e:90:c9:49:98:17:4f:
39:27:1f:94:60:b9:52:04:8a:9c:26:e6:45:5a:dd:
cd:b5:6c:e7:53:24:ae:ea:25:74:53:a5:ff:96:63:
65:67:77:0a:62:f7:3b:54:8b:9b:0f:77:f8:88:0d:
2b:0f:c3:94:cc:63:be:7c:56:30:ce:a8:ac:a5:b8:
83:bf:43:3d:1d:32:0e:f2:28:57:7a:41:73:45:03:
ef:ae:4d:db:e7:fc:5f:50:51:40:16:e2:15:b8:f2:
5f:a1:b0:3c:77:3b:4f:6a:20:80:6d:37:85:32:a9:
d2:1d:cb:21:6a:09:d5:22:14:37:0d:49:d7:6b:16:
2b:19:b1:8b:8a:a9:fc:19:76:d3:a2:72:30:de:ec:
0b:7d:49:77:d0:c9:b8:b9:8a:97:2f:79:dd:75:1f:
dc:f9:7d:e8:4a:b0:17:0c:64:8f:e9:19:ce:9b:c6:
1d:f0:17:a9:23:87:9d:58:34:60:bc:a9:32:28:58:
a4:76:0e:50:7c:44:1c:81:26:b8:ac:91:1d:fa:1e:
a5:69:91:2b:83:6b:a4:bb:59:59:bc:37:71:e7:fc:
3b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:57:2F:16:58:43:5A:BC:B2:A1:75:97:32:92:03:96:B2:0E:00:D3
X509v3 Authority Key Identifier:
keyid:3E:A5:3A:C9:A8:DC:44:6F:B7:E0:11:3B:68:B3:8E:97:0C:19:F7:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqU6yajcRG-34BE7aLOOlwwZ98w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/ZFcvFlhDWryyoXWXMpIDlrIOANM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/e73cb5-8bfc-4139-9a27-351c21192c65/1/PqU6yajcRG-34BE7aLOOlwwZ98w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.120.0/22
193.105.240.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:cb:c1:7d:27:1b:c6:2e:e4:e1:e8:dc:c4:cd:07:c4:fe:1b:
1c:98:4d:d4:22:94:7b:49:35:a7:12:a8:ef:76:1f:73:11:15:
67:f8:23:3d:ac:5e:7e:ab:45:75:05:7f:5f:85:a0:19:8c:10:
05:74:ba:1c:ea:0e:8d:2c:08:b2:32:b8:0b:ca:2b:07:ce:c1:
01:73:66:20:41:ee:7c:40:ad:3a:22:8f:a1:01:ac:05:ad:03:
b5:16:ac:3a:e9:0a:5c:a7:2d:2e:21:00:3c:ed:7c:94:17:3a:
88:08:0d:e2:74:41:27:9d:d9:df:e2:5c:82:5f:18:04:22:9f:
54:c1:17:ec:6e:c7:ec:68:fd:a5:3a:67:6c:64:83:dc:b6:a1:
6d:85:7d:12:4a:19:1a:74:20:b3:20:f7:e4:62:4f:2c:11:d8:
c3:af:23:83:76:84:7d:06:88:07:0a:6c:33:8c:24:d6:15:a7:
63:98:a3:32:14:83:4a:a3:7d:9a:26:7d:ef:c4:90:f6:81:e1:
cb:fc:e3:d9:bc:f2:01:c3:4c:a2:99:8e:6c:70:35:8e:17:06:
6d:d9:5d:49:ff:5a:ff:bb:0b:61:fd:17:ab:24:3f:a2:7b:7c:
a3:8b:c7:ad:b2:a8:f9:d8:9c:b2:74:9c:bd:6d:ba:e6:6b:3d:
e1:5b:a6:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijiPonbRCpFY092QPnF2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTUzYWM5YThkYzQ0NmZiN2UwMTEzYjY4YjM4ZTk3MGMx
OWY3Y2MwHhcNMjUwMTAxMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU3MmYxNjU4NDM1YWJjYjJhMTc1OTczMjkyMDM5NmIyMGUwMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx10eTwQGsjB0G6ICvXBmCFAS6Ig
e6HRM2SQGHGdYo2KxjniB06QyUmYF085Jx+UYLlSBIqcJuZFWt3NtWznUySu6iV0
U6X/lmNlZ3cKYvc7VIubD3f4iA0rD8OUzGO+fFYwzqispbiDv0M9HTIO8ihXekFz
RQPvrk3b5/xfUFFAFuIVuPJfobA8dztPaiCAbTeFMqnSHcshagnVIhQ3DUnXaxYr
GbGLiqn8GXbTonIw3uwLfUl30Mm4uYqXL3nddR/c+X3oSrAXDGSP6RnOm8Yd8Bep
I4edWDRgvKkyKFikdg5QfEQcgSa4rJEd+h6laZErg2uku1lZvDdx5/w7YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGRXLxZYQ1q8sqF1lzKSA5ayDgDTMB8GA1UdIwQY
MBaAFD6lOsmo3ERvt+ARO2izjpcMGffMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjct
MzUxYzIxMTkyYzY1LzEvWkZjdkZsaERXcnl5b1hXWE1wSURscklPQU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9lNzNjYjUtOGJmYy00MTM5LTlhMjctMzUxYzIxMTkyYzY1
LzEvUHFVNnlhamNSRy0zNEJFN2FMT09sd3daOTh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuT94AwQA
wWnwMA0GCSqGSIb3DQEBCwUAA4IBAQAey8F9JxvGLuTh6NzEzQfE/hscmE3UIpR7
STWnEqjvdh9zERVn+CM9rF5+q0V1BX9fhaAZjBAFdLoc6g6NLAiyMrgLyisHzsEB
c2YgQe58QK06Io+hAawFrQO1Fqw66Qpcpy0uIQA87XyUFzqICA3idEEnndnf4lyC
XxgEIp9UwRfsbsfsaP2lOmdsZIPctqFthX0SShkadCCzIPfkYk8sEdjDryODdoR9
BogHCmwzjCTWFadjmKMyFINKo32aJn3vxJD2geHL/OPZvPIBw0yimY5scDWOFwZt
2V1J/1r/uwth/RerJD+ie3yji8etsqj52JyydJy9bbrmaz3hW6a6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:49 2025 by rpki-client on console.sobornost.net