Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/ZJAl9ImjoPtFm7tGn32RwL0IJHQ.roa
File: ZJAl9ImjoPtFm7tGn32RwL0IJHQ.roa (raw, json)
Hash identifier: 9vVACgeehLJBLJEdL35dqakk6HDNA29yLh2EDLIP5+w=
Subject key identifier: 64:90:25:F4:89:A3:A0:FB:45:9B:BB:46:9F:7D:91:C0:BD:08:24:74
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 0194214410E35B5EB9B1B91493517F7F1CDB
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/ZJAl9ImjoPtFm7tGn32RwL0IJHQ.roa
Signing time: Wed 01 Jan 2025 09:48:16 +0000
ROA not before: Wed 01 Jan 2025 09:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3227
IP address blocks: 185.37.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:10:e3:5b:5e:b9:b1:b9:14:93:51:7f:7f:1c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Jan 1 09:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=649025f489a3a0fb459bbb469f7d91c0bd082474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:c7:8c:bb:57:c5:b1:24:8a:61:2a:5d:e4:
44:62:f4:86:c5:4b:37:75:2b:a2:ea:70:79:ca:4a:
a5:a4:c3:0a:32:d1:55:4f:68:0c:db:ac:ac:4e:e4:
4b:3e:f2:8a:57:64:c7:74:56:ae:b3:b8:5b:dc:3b:
1e:d7:c0:d9:a0:4c:d1:aa:bb:f9:fc:8f:48:6d:40:
2b:7b:1d:ed:fd:8e:3c:8c:7d:a5:f3:49:54:15:94:
f7:66:80:a4:c8:44:92:20:ef:eb:4d:b1:30:86:cb:
e4:34:6f:ed:3f:fe:8f:fe:dc:81:94:0c:0b:28:b3:
74:40:fb:6e:d8:f5:d4:fd:7a:7b:05:0a:ab:b4:32:
18:83:85:84:2a:15:87:bd:f1:21:67:97:ee:36:75:
6a:99:93:a3:c4:fc:76:fa:a7:e0:83:45:5c:c9:d6:
38:f6:e8:54:52:ea:aa:d0:38:d2:f1:30:5f:a8:0f:
de:ec:de:a4:4f:a8:7a:62:0e:31:a0:4f:d8:cb:f0:
d9:da:4c:18:ea:32:e6:26:d2:8c:c5:26:69:93:31:
60:3a:1b:5b:b7:b0:52:1e:59:67:aa:8f:17:52:0a:
27:d1:5f:ca:03:a6:55:61:50:a2:79:aa:ea:2e:ad:
2b:f6:82:2d:82:42:82:ee:90:2d:b4:5a:73:30:8d:
72:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:90:25:F4:89:A3:A0:FB:45:9B:BB:46:9F:7D:91:C0:BD:08:24:74
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/ZJAl9ImjoPtFm7tGn32RwL0IJHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.61.0/24
Signature Algorithm: sha256WithRSAEncryption
16:cb:d0:5e:a3:9f:e8:ec:6c:07:da:dc:27:a8:f0:68:03:cd:
42:92:77:8e:19:d0:6f:52:89:83:d3:d2:77:71:4d:4a:00:0c:
2a:81:aa:f9:91:12:91:c1:15:ad:e1:ab:f9:c7:2e:4e:f6:1e:
ee:f9:55:c9:73:cb:dc:ea:b0:09:b3:b3:86:6a:4e:0e:39:65:
eb:ec:c5:d7:a3:0d:4d:b0:72:81:ef:37:f9:d0:f9:fd:61:41:
8f:ba:84:82:4a:dc:d5:ec:c4:a7:eb:ad:bd:0a:af:5b:96:a2:
80:6f:28:00:76:86:f4:52:b2:fc:3f:fa:e6:71:34:58:2d:0f:
16:83:0f:7f:02:94:dd:a6:db:cd:50:01:21:b7:73:c0:e5:3c:
2a:60:bc:48:25:1d:5e:99:37:29:65:f0:d1:87:5a:13:7c:8c:
14:1d:ee:58:30:35:fa:67:24:47:96:6e:4e:6b:c4:30:71:e3:
89:fd:9d:85:d0:b9:1c:40:81:d1:6c:48:2c:9e:0a:6f:99:0a:
26:c7:fc:ba:da:df:8f:6a:dc:21:01:e9:2e:07:b4:8a:d4:14:
e9:74:5c:80:da:5c:ea:c0:43:98:47:06:2d:fe:26:00:14:f1:
41:83:bd:dc:81:2b:38:3b:d2:01:a4:92:40:75:33:7b:00:91:
b9:80:e6:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBDjW165sbkUk1F/fxzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjUwMTAxMDk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDkwMjVmNDg5YTNhMGZiNDU5YmJiNDY5ZjdkOTFjMGJkMDgyNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+3HjLtXxbEkimEqXeREYvSGxUs3
dSui6nB5ykqlpMMKMtFVT2gM26ysTuRLPvKKV2THdFaus7hb3Dse18DZoEzRqrv5
/I9IbUArex3t/Y48jH2l80lUFZT3ZoCkyESSIO/rTbEwhsvkNG/tP/6P/tyBlAwL
KLN0QPtu2PXU/Xp7BQqrtDIYg4WEKhWHvfEhZ5fuNnVqmZOjxPx2+qfgg0VcydY4
9uhUUuqq0DjS8TBfqA/e7N6kT6h6Yg4xoE/Yy/DZ2kwY6jLmJtKMxSZpkzFgOhtb
t7BSHllnqo8XUgon0V/KA6ZVYVCiearqLq0r9oItgkKC7pAttFpzMI1yEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSQJfSJo6D7RZu7Rp99kcC9CCR0MB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvWkpBbDlJbWpvUHRGbTd0R24zMlJ3TDBJSkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSU9MA0G
CSqGSIb3DQEBCwUAA4IBAQAWy9Beo5/o7GwH2twnqPBoA81CkneOGdBvUomD09J3
cU1KAAwqgar5kRKRwRWt4av5xy5O9h7u+VXJc8vc6rAJs7OGak4OOWXr7MXXow1N
sHKB7zf50Pn9YUGPuoSCStzV7MSn6629Cq9blqKAbygAdob0UrL8P/rmcTRYLQ8W
gw9/ApTdptvNUAEht3PA5TwqYLxIJR1emTcpZfDRh1oTfIwUHe5YMDX6ZyRHlm5O
a8QwceOJ/Z2F0LkcQIHRbEgsngpvmQomx/y62t+PatwhAekuB7SK1BTpdFyA2lzq
wEOYRwYt/iYAFPFBg73cgSs4O9IBpJJAdTN7AJG5gObl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:03 2025 by rpki-client on console.sobornost.net