Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/zqm8sqmxX0F8ohqYYWfQXp8iRJ4.roa
File: zqm8sqmxX0F8ohqYYWfQXp8iRJ4.roa (raw, json)
Hash identifier: dDiUuU6g/ottfUPpI3HwKpho2gKA2x4esWjcJownMww=
Subject key identifier: CE:A9:BC:B2:A9:B1:5F:41:7C:A2:1A:98:61:67:D0:5E:9F:22:44:9E
Certificate issuer: /CN=bb57561ca2dbf750e8f5e0b7389ef09ce9b5bcea
Certificate serial: 01941F8C61B715CA21B2ADCA98572E771E9B
Authority key identifier: BB:57:56:1C:A2:DB:F7:50:E8:F5:E0:B7:38:9E:F0:9C:E9:B5:BC:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u1dWHKLb91Do9eC3OJ7wnOm1vOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/zqm8sqmxX0F8ohqYYWfQXp8iRJ4.roa
Signing time: Wed 01 Jan 2025 01:48:01 +0000
ROA not before: Wed 01 Jan 2025 01:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2852
IP address blocks: 193.84.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:61:b7:15:ca:21:b2:ad:ca:98:57:2e:77:1e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb57561ca2dbf750e8f5e0b7389ef09ce9b5bcea
Validity
Not Before: Jan 1 01:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cea9bcb2a9b15f417ca21a986167d05e9f22449e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:00:75:18:b1:a5:04:89:ad:42:a2:f5:90:1e:
2d:1e:59:e2:4d:2a:55:88:fe:5f:a8:b9:29:88:a7:
4e:7d:42:1e:83:86:05:2c:bf:54:e1:c3:e1:52:1f:
ef:3e:60:48:e6:9e:e6:4f:72:96:8a:46:7e:eb:47:
f6:6c:d5:f5:38:56:c6:7d:29:86:d5:3f:db:c2:9b:
2b:73:85:0d:a7:a1:e1:30:b3:8d:41:2f:2b:b6:6a:
88:17:91:93:80:f4:32:38:70:f4:dc:c1:17:a7:e5:
63:6d:d2:95:ec:30:9b:36:19:3e:52:8e:08:71:96:
12:22:ad:86:43:5a:99:92:f6:66:39:9b:38:01:c0:
8f:f3:e7:84:f3:0a:a2:98:1b:a6:cd:f3:ad:1a:93:
d5:da:96:63:55:25:55:c5:63:d8:01:89:98:ef:c9:
33:97:3c:b1:42:3e:39:4c:94:bc:86:87:3c:4b:c2:
4c:0f:e0:df:71:3b:3f:4c:b9:e4:ef:da:2f:35:b2:
df:15:5e:5e:c2:fd:11:38:ac:71:06:71:f7:79:54:
27:31:f7:17:e2:91:29:44:d1:2a:87:a8:f6:2f:34:
3d:92:50:dc:44:92:90:07:69:25:e2:43:f1:fe:59:
d3:dc:7b:03:72:32:77:dd:87:3f:88:8d:bb:70:f4:
cc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A9:BC:B2:A9:B1:5F:41:7C:A2:1A:98:61:67:D0:5E:9F:22:44:9E
X509v3 Authority Key Identifier:
keyid:BB:57:56:1C:A2:DB:F7:50:E8:F5:E0:B7:38:9E:F0:9C:E9:B5:BC:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u1dWHKLb91Do9eC3OJ7wnOm1vOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/zqm8sqmxX0F8ohqYYWfQXp8iRJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d5f9aa-337b-4d60-8f5e-02125e44e3a8/1/u1dWHKLb91Do9eC3OJ7wnOm1vOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.32.0/20
Signature Algorithm: sha256WithRSAEncryption
08:73:5b:33:4d:0d:fd:72:7c:ec:20:31:ee:a0:d8:9b:c8:62:
a6:65:2d:32:aa:6c:3a:b2:f0:80:40:4c:e3:ba:b4:e8:00:a6:
d1:e4:88:1b:fa:70:d2:53:5f:a0:c2:2d:b0:f8:35:aa:d9:4b:
5d:db:74:f1:6f:29:61:32:b0:82:ce:1c:28:76:e2:88:3e:56:
13:a5:82:73:97:ff:25:c7:d7:60:f0:9b:86:dc:ae:01:7c:b3:
79:e6:2e:0c:9f:11:2d:a1:36:50:5c:46:3f:02:32:a0:f3:93:
dd:ee:53:6e:d6:c7:b5:65:2f:41:01:f7:9e:eb:6b:b4:de:17:
29:a8:95:e0:00:6d:76:b6:4e:7a:1b:75:c4:37:0d:9c:d0:3c:
ea:82:c5:6e:ce:61:da:b4:71:8f:45:e6:42:33:34:b3:2d:87:
7a:cb:38:39:fd:c5:e2:43:26:21:b5:31:0f:33:24:99:a8:ca:
e0:1e:e4:a0:6a:e9:72:4b:32:fd:1b:4f:2b:40:0f:25:b1:0e:
b6:94:2d:5a:9b:6b:cb:3f:6f:e4:6b:31:e1:79:21:d6:89:c5:
c2:df:b1:9e:d4:7f:20:19:0c:39:e1:c9:ef:da:4f:a0:cb:aa:
ba:d3:e4:31:8e:3c:b4:4c:5a:39:d5:0e:96:af:a8:c5:3a:22:
e1:bc:1a:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjGG3Fcohsq3KmFcudx6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNTc1NjFjYTJkYmY3NTBlOGY1ZTBiNzM4OWVmMDljZTli
NWJjZWEwHhcNMjUwMTAxMDE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWE5YmNiMmE5YjE1ZjQxN2NhMjFhOTg2MTY3ZDA1ZTlmMjI0NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwB1GLGlBImtQqL1kB4tHlniTSpV
iP5fqLkpiKdOfUIeg4YFLL9U4cPhUh/vPmBI5p7mT3KWikZ+60f2bNX1OFbGfSmG
1T/bwpsrc4UNp6HhMLONQS8rtmqIF5GTgPQyOHD03MEXp+VjbdKV7DCbNhk+Uo4I
cZYSIq2GQ1qZkvZmOZs4AcCP8+eE8wqimBumzfOtGpPV2pZjVSVVxWPYAYmY78kz
lzyxQj45TJS8hoc8S8JMD+DfcTs/TLnk79ovNbLfFV5ewv0ROKxxBnH3eVQnMfcX
4pEpRNEqh6j2LzQ9klDcRJKQB2kl4kPx/lnT3HsDcjJ33Yc/iI27cPTM2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6pvLKpsV9BfKIamGFn0F6fIkSeMB8GA1UdIwQY
MBaAFLtXVhyi2/dQ6PXgtzie8JzptbzqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTFkV0hLTGI5MURvOWVDM09KN3duT20xdk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNWY5YWEtMzM3Yi00ZDYwLThmNWUt
MDIxMjVlNDRlM2E4LzEvenFtOHNxbXhYMEY4b2hxWVlXZlFYcDhpUko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNWY5YWEtMzM3Yi00ZDYwLThmNWUtMDIxMjVlNDRlM2E4
LzEvdTFkV0hLTGI5MURvOWVDM09KN3duT20xdk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwVQgMA0G
CSqGSIb3DQEBCwUAA4IBAQAIc1szTQ39cnzsIDHuoNibyGKmZS0yqmw6svCAQEzj
urToAKbR5Igb+nDSU1+gwi2w+DWq2Utd23TxbylhMrCCzhwoduKIPlYTpYJzl/8l
x9dg8JuG3K4BfLN55i4MnxEtoTZQXEY/AjKg85Pd7lNu1se1ZS9BAfee62u03hcp
qJXgAG12tk56G3XENw2c0DzqgsVuzmHatHGPReZCMzSzLYd6yzg5/cXiQyYhtTEP
MySZqMrgHuSgaulySzL9G08rQA8lsQ62lC1am2vLP2/kazHheSHWicXC37Ge1H8g
GQw54cnv2k+gy6q60+Qxjjy0TFo51Q6Wr6jFOiLhvBr4
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:08 2025 by rpki-client on console.sobornost.net