Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/ZmJk3i0UqR_uJ_XLaSjGUe2aH00.roa
File: ZmJk3i0UqR_uJ_XLaSjGUe2aH00.roa (raw, json)
Hash identifier: BCwdh7j1ZUyJ+mVEfLtfrzwX+n9rg9YN807VJjPHsUE=
Subject key identifier: 66:62:64:DE:2D:14:A9:1F:EE:27:F5:CB:69:28:C6:51:ED:9A:1F:4D
Certificate issuer: /CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Certificate serial: 019423D6BD5FB72660D19BE36489B9F83A85
Authority key identifier: 44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/ZmJk3i0UqR_uJ_XLaSjGUe2aH00.roa
Signing time: Wed 01 Jan 2025 21:47:43 +0000
ROA not before: Wed 01 Jan 2025 21:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12508
IP address blocks: 212.89.224.0/19 maxlen: 32
2a09:6c0::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bd:5f:b7:26:60:d1:9b:e3:64:89:b9:f8:3a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Validity
Not Before: Jan 1 21:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=666264de2d14a91fee27f5cb6928c651ed9a1f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:8a:28:ad:d9:ca:d0:2c:6a:76:d4:92:e4:
24:62:ae:cf:d6:da:c5:3e:54:c8:9a:fd:64:c5:51:
16:8e:0d:5a:cd:0a:4f:a6:09:d1:a8:35:30:3e:55:
df:bc:5a:1d:0b:86:1d:ba:2e:b3:d3:60:1f:90:e2:
37:0d:0d:69:12:25:5a:a9:dd:be:53:17:0a:7d:98:
ad:01:55:9a:4e:3c:05:3b:a8:62:7d:e3:38:ca:78:
c1:00:6a:79:9f:13:d0:53:c5:68:41:30:5b:f3:ce:
88:a3:f2:90:e1:5b:23:28:33:6d:36:94:7b:ac:0f:
74:68:9a:ef:3c:97:5c:f4:7d:49:7b:5d:cd:e5:c9:
21:e6:49:59:02:66:0b:f4:84:04:9e:a7:1f:f9:41:
25:c0:de:71:51:53:54:64:dd:17:b3:05:0c:62:31:
1a:4a:08:3e:ad:5f:d6:f1:d2:1e:f6:10:ae:73:54:
ac:d1:84:64:e3:50:c0:48:fd:d3:95:ac:1b:56:79:
54:4d:ba:f0:ee:c9:e3:46:60:ee:6a:c3:32:bc:cb:
10:d0:8e:a9:e6:28:29:61:e8:d3:96:1e:0b:3d:fd:
e8:28:0a:19:47:d8:88:5c:5b:10:41:6e:48:ee:72:
45:c4:a1:80:13:3e:0a:8b:9e:17:a3:23:ba:3b:27:
17:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:62:64:DE:2D:14:A9:1F:EE:27:F5:CB:69:28:C6:51:ED:9A:1F:4D
X509v3 Authority Key Identifier:
keyid:44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/ZmJk3i0UqR_uJ_XLaSjGUe2aH00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.89.224.0/19
IPv6:
2a09:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
03:b1:db:29:ec:a2:3b:5c:11:39:8e:df:eb:62:7e:2c:a6:2c:
40:f2:12:9e:96:3c:b0:60:73:ee:df:8e:2b:72:9c:91:9b:8f:
bf:8a:5a:ab:43:4d:58:74:9e:f7:d8:88:37:13:38:5f:7b:77:
b3:a8:7c:68:b5:96:3b:5c:6e:aa:ed:b8:5d:fd:b1:e0:76:4c:
93:bf:08:fb:90:34:e0:e1:f9:3b:fc:e1:94:9d:d2:c5:c3:93:
47:13:0c:4c:01:a0:33:59:72:eb:18:17:aa:34:78:d9:24:b4:
85:8d:50:a1:da:42:08:87:53:92:0f:6a:75:a5:1b:92:f9:8c:
aa:ee:10:5f:34:74:a2:3d:10:a4:e2:0c:07:1a:25:3a:0f:5d:
d2:6d:2e:73:66:6e:11:1b:73:bb:fa:cc:78:17:2a:7f:50:72:
17:82:67:5e:10:99:67:34:12:6b:ab:b2:ed:6f:00:c7:1c:c1:
d8:ca:38:58:ea:76:0a:66:47:45:54:46:e5:b3:01:35:b7:59:
d8:04:29:16:b1:7b:dc:3c:d1:ae:41:21:19:bb:8e:ee:9a:19:
7a:b9:d4:17:1f:d3:5f:5b:f8:5a:0c:9f:5a:48:de:e0:63:e1:
2a:01:6c:5e:85:00:ca:4c:51:5f:58:bd:f1:9a:05:03:57:cf:
06:30:2e:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1r1ftyZg0ZvjZIm5+DqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjYxMGY4NzJjZjMxYjdjMzIyNGNkMmMxNjY5Yzk5Njgz
NTBiN2EwHhcNMjUwMTAxMjE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjYyNjRkZTJkMTRhOTFmZWUyN2Y1Y2I2OTI4YzY1MWVkOWExZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYaKKK3ZytAsanbUkuQkYq7P1trF
PlTImv1kxVEWjg1azQpPpgnRqDUwPlXfvFodC4Ydui6z02AfkOI3DQ1pEiVaqd2+
UxcKfZitAVWaTjwFO6hifeM4ynjBAGp5nxPQU8VoQTBb886Io/KQ4VsjKDNtNpR7
rA90aJrvPJdc9H1Je13N5ckh5klZAmYL9IQEnqcf+UElwN5xUVNUZN0XswUMYjEa
Sgg+rV/W8dIe9hCuc1Ss0YRk41DASP3TlawbVnlUTbrw7snjRmDuasMyvMsQ0I6p
5igpYejTlh4LPf3oKAoZR9iIXFsQQW5I7nJFxKGAEz4Ki54XoyO6OycXHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGZiZN4tFKkf7if1y2koxlHtmh9NMB8GA1UdIwQY
MBaAFET2EPhyzzG3wyJM0sFmnJloNQt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYt
OWI1MDllNTkzMWY5LzEvWm1KazNpMFVxUl91Sl9YTGFTakdVZTJhSDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYtOWI1MDllNTkzMWY5
LzEvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1FngMA0E
AgACMAcDBQMqCQbAMA0GCSqGSIb3DQEBCwUAA4IBAQADsdsp7KI7XBE5jt/rYn4s
pixA8hKeljywYHPu344rcpyRm4+/ilqrQ01YdJ732Ig3Ezhfe3ezqHxotZY7XG6q
7bhd/bHgdkyTvwj7kDTg4fk7/OGUndLFw5NHEwxMAaAzWXLrGBeqNHjZJLSFjVCh
2kIIh1OSD2p1pRuS+Yyq7hBfNHSiPRCk4gwHGiU6D13SbS5zZm4RG3O7+sx4Fyp/
UHIXgmdeEJlnNBJrq7LtbwDHHMHYyjhY6nYKZkdFVEblswE1t1nYBCkWsXvcPNGu
QSEZu47umhl6udQXH9NfW/haDJ9aSN7gY+EqAWxehQDKTFFfWL3xmgUDV88GMC45
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:23 2025 by rpki-client on console.sobornost.net