Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/ZX4X6T20C-qsi1y3PTVJQfvjwic.roa
File: ZX4X6T20C-qsi1y3PTVJQfvjwic.roa (raw, json)
Hash identifier: Akw76KHY7x+jSERaftUQrqC3DO2BIHUJ2YNJNix3DxE=
Subject key identifier: 65:7E:17:E9:3D:B4:0B:EA:AC:8B:5C:B7:3D:35:49:41:FB:E3:C2:27
Certificate issuer: /CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Certificate serial: 0194258EFC3EF631442652C5165BACB9E985
Authority key identifier: D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/ZX4X6T20C-qsi1y3PTVJQfvjwic.roa
Signing time: Thu 02 Jan 2025 05:48:35 +0000
ROA not before: Thu 02 Jan 2025 05:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210103
IP address blocks: 146.19.11.0/24 maxlen: 24
2a12:1d00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:fc:3e:f6:31:44:26:52:c5:16:5b:ac:b9:e9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Validity
Not Before: Jan 2 05:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=657e17e93db40beaac8b5cb73d354941fbe3c227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a3:b8:4b:77:a1:ff:f5:b1:92:70:45:28:c3:
0d:53:ce:80:ec:ed:41:65:84:e0:fb:9f:f9:bd:d9:
a6:b8:78:f4:00:8f:0d:2d:cf:5c:15:07:fb:af:dd:
85:48:55:ab:96:fb:93:f0:85:ec:a1:25:59:76:9f:
e7:4f:35:14:c7:f7:1b:e9:ed:dc:0b:b2:17:5e:35:
33:76:75:46:3c:26:a9:9d:45:a6:1f:df:88:a5:7a:
e4:f6:27:48:f0:e9:22:66:74:ba:cf:93:a8:12:f7:
f1:e7:1d:e8:1e:49:18:15:e6:e4:79:f2:43:cd:4b:
4b:ed:f4:55:01:21:b5:77:52:6b:0d:fe:c3:22:2c:
af:31:15:be:07:29:01:b6:07:5d:91:4d:4a:bb:b9:
28:e8:66:48:b5:9f:b3:cb:02:9c:15:16:21:0d:0e:
df:d2:dc:f5:b6:dd:07:01:c4:0d:6b:96:6f:18:75:
bc:40:e2:9c:e0:0e:f4:bc:63:e6:48:ff:b9:aa:64:
62:73:25:27:07:ce:a2:30:2c:9c:8f:64:c0:27:94:
49:09:1c:e9:54:ed:da:94:9e:20:ec:94:4a:36:59:
40:c8:63:ef:7f:a5:79:63:93:3c:f0:c4:a6:04:7c:
ed:a9:ff:13:c2:f7:ee:1b:8e:d0:fd:0e:2a:57:9b:
56:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:7E:17:E9:3D:B4:0B:EA:AC:8B:5C:B7:3D:35:49:41:FB:E3:C2:27
X509v3 Authority Key Identifier:
keyid:D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/ZX4X6T20C-qsi1y3PTVJQfvjwic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.11.0/24
IPv6:
2a12:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
32:11:37:a1:b4:fe:d8:f3:96:28:df:ee:17:c1:79:c5:6e:b4:
db:bd:37:fd:92:f5:d1:8a:2e:09:36:a4:95:8d:47:a5:28:02:
98:5c:3b:3a:c4:63:b6:24:55:d4:ee:85:29:42:0d:d7:36:9d:
0a:3b:c1:ad:06:b4:8f:07:e6:61:1a:ef:ca:14:6c:d3:d2:2b:
43:37:a3:f7:ab:78:38:0b:59:03:9a:e6:63:2b:33:f4:21:e1:
57:0d:ae:33:ca:29:8c:7e:26:bb:e6:94:c2:b3:88:c6:c7:2d:
de:6f:6e:0a:92:1b:a8:f2:60:d0:fd:64:d3:db:c0:7d:f4:4f:
56:99:c2:7b:b8:88:94:0c:00:a6:10:3b:da:16:a5:6a:88:93:
62:97:20:04:6c:c3:b7:96:1e:88:3d:77:01:a8:5d:e0:1c:9c:
47:fc:f6:1e:f1:5e:d0:69:3c:21:e0:51:d3:6a:15:b4:96:1d:
6c:3e:bb:8a:ea:55:01:27:d9:fd:0a:ac:80:ac:be:5e:fa:e9:
5d:c8:74:25:75:82:2a:c7:0d:ae:86:72:60:44:64:52:db:9c:
23:88:3b:88:9e:9c:ce:f4:fa:01:a5:ec:ac:68:b2:3d:70:ba:
9d:b9:6f:0e:3a:f4:17:d0:cd:ea:c4:31:95:f8:11:98:0f:01:
36:ce:30:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljvw+9jFEJlLFFlusuemFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZmFmM2EzZjIxNDBjYjdjNmZmMGNkNmE3ZjU2MTRhMDVl
NGU0NjcwHhcNMjUwMTAyMDU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTdlMTdlOTNkYjQwYmVhYWM4YjVjYjczZDM1NDk0MWZiZTNjMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA86O4S3eh//WxknBFKMMNU86A7O1B
ZYTg+5/5vdmmuHj0AI8NLc9cFQf7r92FSFWrlvuT8IXsoSVZdp/nTzUUx/cb6e3c
C7IXXjUzdnVGPCapnUWmH9+IpXrk9idI8OkiZnS6z5OoEvfx5x3oHkkYFebkefJD
zUtL7fRVASG1d1JrDf7DIiyvMRW+BykBtgddkU1Ku7ko6GZItZ+zywKcFRYhDQ7f
0tz1tt0HAcQNa5ZvGHW8QOKc4A70vGPmSP+5qmRicyUnB86iMCycj2TAJ5RJCRzp
VO3alJ4g7JRKNllAyGPvf6V5Y5M88MSmBHztqf8TwvfuG47Q/Q4qV5tWrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGV+F+k9tAvqrItctz01SUH748InMB8GA1UdIwQY
MBaAFNf686PyFAy3xv8M1qf1YUoF5ORnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYt
ZjM3OTdjZmQ2NWFlLzEvWlg0WDZUMjBDLXFzaTF5M1BUVkpRZnZqd2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYtZjM3OTdjZmQ2NWFl
LzEvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkhMLMA0E
AgACMAcDBQMqEh0AMA0GCSqGSIb3DQEBCwUAA4IBAQAyETehtP7Y85Yo3+4XwXnF
brTbvTf9kvXRii4JNqSVjUelKAKYXDs6xGO2JFXU7oUpQg3XNp0KO8GtBrSPB+Zh
Gu/KFGzT0itDN6P3q3g4C1kDmuZjKzP0IeFXDa4zyimMfia75pTCs4jGxy3eb24K
khuo8mDQ/WTT28B99E9WmcJ7uIiUDACmEDvaFqVqiJNilyAEbMO3lh6IPXcBqF3g
HJxH/PYe8V7QaTwh4FHTahW0lh1sPruK6lUBJ9n9CqyArL5e+uldyHQldYIqxw2u
hnJgRGRS25wjiDuInpzO9PoBpeysaLI9cLqduW8OOvQX0M3qxDGV+BGYDwE2zjCq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:19 2025 by rpki-client on console.sobornost.net