Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ZI8Cc8TbOXHSTT6aTy4qes85u18.roa
File: ZI8Cc8TbOXHSTT6aTy4qes85u18.roa (raw, json)
Hash identifier: Gcf7oNxz6hoE1nbwGxOkKAeIU8snb4fxphzbF+WsHH8=
Subject key identifier: 64:8F:02:73:C4:DB:39:71:D2:4D:3E:9A:4F:2E:2A:7A:CF:39:BB:5F
Certificate issuer: /CN=a1f7882861c29ed599be4a937480c4d13e25bfc2
Certificate serial: 0194266BF3EAA62C7447B9488A890B5630DD
Authority key identifier: A1:F7:88:28:61:C2:9E:D5:99:BE:4A:93:74:80:C4:D1:3E:25:BF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ofeIKGHCntWZvkqTdIDE0T4lv8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ZI8Cc8TbOXHSTT6aTy4qes85u18.roa
Signing time: Thu 02 Jan 2025 09:49:56 +0000
ROA not before: Thu 02 Jan 2025 09:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33986
IP address blocks: 45.9.96.0/22 maxlen: 24
46.102.101.0/24 maxlen: 24
185.41.72.0/22 maxlen: 22
185.41.72.0/24 maxlen: 24
185.41.73.0/24 maxlen: 24
185.41.74.0/24 maxlen: 24
185.41.75.0/24 maxlen: 24
185.169.44.0/22 maxlen: 22
217.194.176.0/20 maxlen: 20
217.194.176.0/24 maxlen: 24
217.194.177.0/24 maxlen: 24
217.194.178.0/24 maxlen: 24
217.194.179.0/24 maxlen: 24
217.194.180.0/24 maxlen: 24
217.194.181.0/24 maxlen: 24
217.194.182.0/24 maxlen: 24
217.194.183.0/24 maxlen: 24
217.194.184.0/24 maxlen: 24
217.194.185.0/24 maxlen: 24
217.194.186.0/24 maxlen: 24
217.194.187.0/24 maxlen: 24
217.194.188.0/24 maxlen: 24
217.194.189.0/24 maxlen: 24
217.194.190.0/24 maxlen: 24
217.194.191.0/24 maxlen: 24
2a00:5b00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f3:ea:a6:2c:74:47:b9:48:8a:89:0b:56:30:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1f7882861c29ed599be4a937480c4d13e25bfc2
Validity
Not Before: Jan 2 09:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=648f0273c4db3971d24d3e9a4f2e2a7acf39bb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e0:ba:c0:ed:ec:91:47:fc:ed:a8:e2:a6:66:
fb:ba:76:28:01:2a:61:67:92:49:a5:ca:9f:72:f1:
ce:77:cc:43:ea:01:ae:ed:32:ab:79:34:2c:2f:49:
6f:78:bc:ea:8d:8f:cb:ea:29:28:84:36:f7:87:a6:
ca:18:ff:c9:6b:99:3f:49:57:e9:27:93:19:92:47:
fe:1a:ee:97:46:7b:27:24:f3:8e:db:83:07:86:f7:
a2:70:e7:6d:6e:c3:eb:8a:92:5c:a9:6b:e0:e3:b5:
74:15:9a:4e:a2:3f:7c:d1:2d:6f:07:b3:03:18:56:
6f:32:87:22:72:85:6d:cb:fe:8f:3e:89:18:d8:c3:
81:89:32:68:db:75:44:8c:57:66:13:3f:c7:07:b7:
47:c9:5a:17:20:3b:e0:ab:33:28:99:ed:bb:60:a7:
7e:bf:2f:91:ce:02:0d:d3:54:a8:4a:49:40:fe:1d:
b3:b0:f4:cb:69:f1:80:6b:77:29:5c:bf:17:d1:db:
77:fe:c0:cf:3e:c9:6e:da:33:2d:91:f1:91:0a:18:
bd:ce:98:f1:27:3b:aa:38:d1:57:1e:ac:37:c6:03:
0a:a3:82:1f:7a:bc:ad:e5:52:ad:f0:9d:70:69:67:
c8:4f:1f:64:15:05:5a:56:77:0d:49:6e:c4:ea:6a:
58:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:8F:02:73:C4:DB:39:71:D2:4D:3E:9A:4F:2E:2A:7A:CF:39:BB:5F
X509v3 Authority Key Identifier:
keyid:A1:F7:88:28:61:C2:9E:D5:99:BE:4A:93:74:80:C4:D1:3E:25:BF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofeIKGHCntWZvkqTdIDE0T4lv8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ZI8Cc8TbOXHSTT6aTy4qes85u18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03bab8-6c43-4a20-a960-c37a5982f466/1/ofeIKGHCntWZvkqTdIDE0T4lv8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.96.0/22
46.102.101.0/24
185.41.72.0/22
185.169.44.0/22
217.194.176.0/20
IPv6:
2a00:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
3f:3e:68:6f:50:63:b8:9f:52:59:d6:f4:31:4f:7f:21:14:69:
26:b1:04:76:64:9d:aa:45:62:43:3a:b2:af:5f:88:a5:5f:5c:
a5:7e:91:16:41:43:d2:08:4b:c2:ae:53:62:8a:60:39:a1:2a:
25:f7:77:18:5e:12:7f:8e:09:03:cf:40:1d:b5:c9:de:1d:94:
87:18:59:e5:0b:d8:ca:4b:94:7f:3c:59:e1:d3:4c:be:cc:ed:
ee:83:47:3b:f6:2d:7e:da:3a:30:96:49:e6:48:01:21:f8:8c:
7a:09:5b:56:7e:5f:d1:de:e7:a7:6c:95:44:f6:f2:34:77:9e:
df:8c:98:33:0c:00:73:c7:ec:b6:13:84:3f:77:25:91:29:7e:
92:df:33:98:88:5f:4a:ee:53:6a:71:16:10:f0:0d:9c:19:b6:
85:ac:e4:05:fc:4d:d7:48:24:4b:48:4f:6e:e0:fc:16:5e:75:
91:3c:66:e0:a6:70:41:d1:c8:6e:0a:0e:50:ac:59:61:5c:6d:
90:78:15:6e:3c:74:a2:54:0e:0a:7f:61:6a:6d:c6:ea:25:31:
de:dc:ff:18:65:0f:e1:2e:8d:4a:4b:8c:84:81:b6:3e:eb:c3:
8c:a0:f4:32:80:ef:d0:ec:ca:5b:eb:e5:55:9a:96:9b:b4:ed:
3d:93:ce:29
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQma/Pqpix0R7lIiokLVjDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjc4ODI4NjFjMjllZDU5OWJlNGE5Mzc0ODBjNGQxM2Uy
NWJmYzIwHhcNMjUwMTAyMDk0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDhmMDI3M2M0ZGIzOTcxZDI0ZDNlOWE0ZjJlMmE3YWNmMzliYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuC6wO3skUf87ajipmb7unYoASph
Z5JJpcqfcvHOd8xD6gGu7TKreTQsL0lveLzqjY/L6ikohDb3h6bKGP/Ja5k/SVfp
J5MZkkf+Gu6XRnsnJPOO24MHhveicOdtbsPripJcqWvg47V0FZpOoj980S1vB7MD
GFZvMocicoVty/6PPokY2MOBiTJo23VEjFdmEz/HB7dHyVoXIDvgqzMome27YKd+
vy+RzgIN01SoSklA/h2zsPTLafGAa3cpXL8X0dt3/sDPPslu2jMtkfGRChi9zpjx
JzuqONFXHqw3xgMKo4Iferyt5VKt8J1waWfITx9kFQVaVncNSW7E6mpYJQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGSPAnPE2zlx0k0+mk8uKnrPObtfMB8GA1UdIwQY
MBaAFKH3iChhwp7Vmb5Kk3SAxNE+Jb/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZlSUtHSENudFdadmtxVGRJREUwVDRsdjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wM2JhYjgtNmM0My00YTIwLWE5NjAt
YzM3YTU5ODJmNDY2LzEvWkk4Q2M4VGJPWEhTVFQ2YVR5NHFlczg1dTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wM2JhYjgtNmM0My00YTIwLWE5NjAtYzM3YTU5ODJmNDY2
LzEvb2ZlSUtHSENudFdadmtxVGRJREUwVDRsdjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLQlgAwQA
LmZlAwQCuSlIAwQCuaksAwQE2cKwMA0EAgACMAcDBQMqAFsAMA0GCSqGSIb3DQEB
CwUAA4IBAQA/PmhvUGO4n1JZ1vQxT38hFGkmsQR2ZJ2qRWJDOrKvX4ilX1ylfpEW
QUPSCEvCrlNiimA5oSol93cYXhJ/jgkDz0AdtcneHZSHGFnlC9jKS5R/PFnh00y+
zO3ug0c79i1+2jowlknmSAEh+Ix6CVtWfl/R3uenbJVE9vI0d57fjJgzDABzx+y2
E4Q/dyWRKX6S3zOYiF9K7lNqcRYQ8A2cGbaFrOQF/E3XSCRLSE9u4PwWXnWRPGbg
pnBB0chuCg5QrFlhXG2QeBVuPHSiVA4Kf2FqbcbqJTHe3P8YZQ/hLo1KS4yEgbY+
68OMoPQygO/Q7Mpb6+VVmpabtO09k84p
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:15 2025 by rpki-client on console.sobornost.net