Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/0qZlk63Gwo6PVve3R8hoNJeSalk.roa
File: 0qZlk63Gwo6PVve3R8hoNJeSalk.roa (raw, json)
Hash identifier: 9K8bAvhRQIcuHPJMwOdonfj+LysEV1qKdWBg1zShX+0=
Subject key identifier: D2:A6:65:93:AD:C6:C2:8E:8F:56:F7:B7:47:C8:68:34:97:92:6A:59
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 019427B60E71B5E68AFCB7FF1AA4031A4ED7
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/0qZlk63Gwo6PVve3R8hoNJeSalk.roa
Signing time: Thu 02 Jan 2025 15:50:30 +0000
ROA not before: Thu 02 Jan 2025 15:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58238
IP address blocks: 89.188.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0e:71:b5:e6:8a:fc:b7:ff:1a:a4:03:1a:4e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 15:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2a66593adc6c28e8f56f7b747c8683497926a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:5d:5e:47:c5:97:3f:8d:71:42:88:ba:8e:
38:b3:62:39:b9:1f:d0:c9:3e:05:68:d2:1f:b1:70:
e9:6d:b6:81:9b:ac:e6:cc:93:81:ca:25:e1:72:9f:
09:75:e4:e1:2e:71:03:e4:f5:f3:fb:ea:de:ce:90:
bc:3e:35:dd:31:80:e3:4c:6e:ad:8f:4b:b1:1b:ed:
ed:f8:22:0b:fd:f9:22:f2:8f:56:2e:f1:f7:5d:c3:
50:d3:cb:57:b6:09:fa:fe:2a:d6:0f:f3:23:7f:09:
46:fd:dd:5a:b0:f9:2e:cb:cc:8a:3d:b3:b9:96:02:
76:c5:e7:bb:9f:53:7c:bb:b3:73:99:e9:a7:9c:97:
aa:86:38:f1:9b:c1:f4:7a:9e:b3:7a:ff:c0:78:9e:
26:f6:2e:92:3d:23:11:39:8c:bc:8a:dc:5b:8c:dd:
cc:0a:1d:70:e6:81:41:44:71:a8:ed:2d:fb:e4:f6:
62:b2:96:27:d5:28:c2:e9:b6:f7:b9:71:6b:c9:3e:
1c:78:37:3c:9c:fb:c8:55:4d:cd:c3:d8:51:15:bd:
f1:ac:b2:01:9f:bd:1d:0d:93:f8:41:46:4e:6a:58:
e7:a1:c8:a7:2f:2c:6a:25:36:82:82:60:fd:73:c2:
6b:05:b2:2f:ea:9a:55:90:3e:d8:d6:0c:f0:42:5f:
99:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A6:65:93:AD:C6:C2:8E:8F:56:F7:B7:47:C8:68:34:97:92:6A:59
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/0qZlk63Gwo6PVve3R8hoNJeSalk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.166.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:13:30:f2:2d:49:e1:f0:f7:be:65:d5:db:18:b3:81:cb:37:
4c:c3:87:38:47:4c:80:de:33:cf:9e:4a:53:55:88:59:7a:50:
b3:f4:c3:03:71:7a:4e:36:f3:f9:e4:f5:cd:ac:a8:13:71:aa:
44:aa:dd:f6:21:f6:37:bf:1c:9f:f7:40:08:d7:38:0e:67:dd:
9d:b1:c9:47:73:02:9c:a1:7a:10:17:95:3b:0a:33:65:f2:56:
fc:cb:77:db:19:21:dc:33:14:cf:a4:b8:b8:ba:37:f3:8d:7d:
85:6d:ed:24:c3:e3:e0:6d:93:1b:05:33:d7:08:44:ea:b2:37:
9c:40:b0:88:d3:07:c3:6d:37:4e:fe:7a:3b:d8:b8:39:af:95:
3f:92:76:88:38:68:f3:35:06:5c:97:d2:74:ef:86:1e:25:ad:
54:71:f2:1b:7a:4b:d3:75:eb:ed:25:3c:48:96:6b:62:51:c2:
34:b9:91:c6:0f:33:27:94:f3:df:2a:55:0e:8d:38:69:7e:3e:
8a:c6:73:ca:bf:3c:f0:2c:0a:32:fa:38:e3:7b:2d:fa:db:03:
0a:87:57:9b:8d:75:ae:30:d6:c9:4b:95:c3:15:65:db:d4:33:
c7:3f:f7:3f:44:dc:7d:53:c2:80:91:28:bb:82:14:d0:c3:59:
f5:8d:55:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntg5xteaK/Lf/GqQDGk7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjUwMTAyMTU1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE2NjU5M2FkYzZjMjhlOGY1NmY3Yjc0N2M4NjgzNDk3OTI2YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0ZdXkfFlz+NcUKIuo44s2I5uR/Q
yT4FaNIfsXDpbbaBm6zmzJOByiXhcp8JdeThLnED5PXz++rezpC8PjXdMYDjTG6t
j0uxG+3t+CIL/fki8o9WLvH3XcNQ08tXtgn6/irWD/MjfwlG/d1asPkuy8yKPbO5
lgJ2xee7n1N8u7NzmemnnJeqhjjxm8H0ep6zev/AeJ4m9i6SPSMROYy8itxbjN3M
Ch1w5oFBRHGo7S375PZispYn1SjC6bb3uXFryT4ceDc8nPvIVU3Nw9hRFb3xrLIB
n70dDZP4QUZOaljnocinLyxqJTaCgmD9c8JrBbIv6ppVkD7Y1gzwQl+ZXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKmZZOtxsKOj1b3t0fIaDSXkmpZMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvMHFabGs2M0d3bzZQVnZlM1I4aG9OSmVTYWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbymMA0G
CSqGSIb3DQEBCwUAA4IBAQArEzDyLUnh8Pe+ZdXbGLOByzdMw4c4R0yA3jPPnkpT
VYhZelCz9MMDcXpONvP55PXNrKgTcapEqt32IfY3vxyf90AI1zgOZ92dsclHcwKc
oXoQF5U7CjNl8lb8y3fbGSHcMxTPpLi4ujfzjX2Fbe0kw+PgbZMbBTPXCETqsjec
QLCI0wfDbTdO/no72Lg5r5U/knaIOGjzNQZcl9J074YeJa1UcfIbekvTdevtJTxI
lmtiUcI0uZHGDzMnlPPfKlUOjThpfj6KxnPKvzzwLAoy+jjjey362wMKh1ebjXWu
MNbJS5XDFWXb1DPHP/c/RNx9U8KAkSi7ghTQw1n1jVXE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:18 2025 by rpki-client on console.sobornost.net