Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/ZYQ4-2oufH9zPfr4vrLJpyLsPiA.roa
File: ZYQ4-2oufH9zPfr4vrLJpyLsPiA.roa (raw, json)
Hash identifier: f8ni7kyS2BKNGc72nXgHFTK6sg8UqET3qEBE+UjaMdI=
Subject key identifier: 65:84:38:FB:6A:2E:7C:7F:73:3D:FA:F8:BE:B2:C9:A7:22:EC:3E:20
Certificate issuer: /CN=ab27ed1cea4321c49c3ca10f3affafdbdad532c2
Certificate serial: 01951EC4199EEAE8DAF7D06A145747A32479
Authority key identifier: AB:27:ED:1C:EA:43:21:C4:9C:3C:A1:0F:3A:FF:AF:DB:DA:D5:32:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qyftHOpDIcScPKEPOv-v29rVMsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/ZYQ4-2oufH9zPfr4vrLJpyLsPiA.roa
Signing time: Wed 19 Feb 2025 15:12:02 +0000
ROA not before: Wed 19 Feb 2025 15:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202870
IP address blocks: 5.152.128.0/23 maxlen: 23
5.152.128.0/24 maxlen: 24
5.152.129.0/24 maxlen: 24
5.152.130.0/23 maxlen: 23
5.152.130.0/24 maxlen: 24
5.152.131.0/24 maxlen: 24
45.133.154.0/23 maxlen: 24
45.133.154.0/24 maxlen: 24
45.133.155.0/24 maxlen: 24
185.152.44.0/22 maxlen: 24
185.152.44.0/24 maxlen: 24
185.152.45.0/24 maxlen: 24
185.152.46.0/24 maxlen: 24
185.152.47.0/24 maxlen: 24
2a07:7e80::/29 maxlen: 32
2a07:7e80::/30 maxlen: 30
2a07:7e80::/31 maxlen: 31
2a07:7e80::/32 maxlen: 32
2a07:7e81::/32 maxlen: 32
2a07:7e82::/31 maxlen: 31
2a07:7e82::/32 maxlen: 32
2a07:7e83::/32 maxlen: 32
2a07:7e84::/31 maxlen: 31
2a07:7e84::/32 maxlen: 32
2a07:7e85::/32 maxlen: 32
2a07:7e86::/31 maxlen: 31
2a07:7e86::/32 maxlen: 32
2a07:7e87::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:c4:19:9e:ea:e8:da:f7:d0:6a:14:57:47:a3:24:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab27ed1cea4321c49c3ca10f3affafdbdad532c2
Validity
Not Before: Feb 19 15:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=658438fb6a2e7c7f733dfaf8beb2c9a722ec3e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:7f:41:39:c2:d4:d5:82:c2:21:8e:be:a2:13:
2a:55:9f:51:8e:35:eb:c5:90:64:c5:bc:0b:45:a4:
d1:51:d5:2e:e1:a9:86:59:ed:0f:15:1f:cd:51:f0:
28:50:09:f7:44:c6:0f:2c:86:6e:5c:c1:da:e1:ad:
30:be:e3:42:2b:e9:a4:d3:d9:4c:cd:ec:9e:61:55:
8c:3e:fb:2e:ce:9f:7c:b2:b5:be:ee:80:5c:54:36:
fb:fb:89:f1:af:a8:d3:bc:c7:96:e3:28:c0:45:3c:
02:4f:39:1c:ea:94:fe:6c:b4:7b:e8:5c:c3:b8:a0:
9d:f4:e6:25:1b:d0:73:50:50:d6:ff:53:92:ad:37:
a8:c3:89:b0:b4:bb:7d:8c:68:f3:88:7b:c2:b8:4f:
af:28:c7:70:ed:89:69:21:2f:43:51:a3:89:8b:83:
5a:33:64:03:e2:ca:ee:d6:96:23:59:bf:a1:28:ce:
45:a6:bb:22:25:5e:43:01:c6:b5:92:8a:21:81:ca:
6e:15:2e:17:d7:7a:70:44:ac:f8:50:d1:17:a2:de:
8c:e4:98:1c:0c:71:05:e5:1c:1e:e9:18:57:f5:0a:
7c:e1:70:69:3b:a1:35:27:29:3f:41:8e:52:e9:d7:
e1:d5:ba:8e:14:dd:de:7e:b1:38:c0:d2:af:3f:78:
b5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:84:38:FB:6A:2E:7C:7F:73:3D:FA:F8:BE:B2:C9:A7:22:EC:3E:20
X509v3 Authority Key Identifier:
keyid:AB:27:ED:1C:EA:43:21:C4:9C:3C:A1:0F:3A:FF:AF:DB:DA:D5:32:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyftHOpDIcScPKEPOv-v29rVMsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/ZYQ4-2oufH9zPfr4vrLJpyLsPiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/865490-78e7-43b4-b2fd-1d0bf5208f90/1/qyftHOpDIcScPKEPOv-v29rVMsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.128.0/22
45.133.154.0/23
185.152.44.0/22
IPv6:
2a07:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
74:39:ac:29:8f:8f:df:f2:b6:39:bc:22:6b:22:f9:17:70:19:
93:e5:fd:e1:73:f4:f6:1c:d5:f5:70:f6:af:ff:b1:23:c2:06:
cf:63:ac:02:ec:78:01:6f:2e:74:83:f2:b1:09:1e:ff:c5:50:
20:30:ea:7a:e9:d5:69:c3:23:19:40:2c:ea:46:29:db:26:6a:
dc:45:68:b3:19:d7:aa:13:00:f9:e0:d8:40:7d:c4:ee:6f:34:
51:6c:eb:b0:31:e8:a7:6b:6e:7c:b5:a5:36:f1:1d:d9:2f:42:
4f:42:d3:77:a5:77:74:c2:d5:72:3d:db:c6:bf:4f:b3:18:f7:
fa:66:e5:c4:1b:05:30:97:89:43:cb:6a:76:7c:76:b4:8e:f0:
b4:45:51:f9:86:ce:8b:93:28:d3:e7:ee:fd:4f:a3:c4:25:ac:
82:6d:a8:31:82:a2:47:e5:e2:24:68:ee:1d:9e:1e:b1:3e:4f:
1e:4e:63:d7:5d:6c:cb:50:b3:af:0b:83:54:f9:e0:71:90:32:
68:05:69:2b:dc:c9:ac:d7:c3:45:7a:b7:89:7d:53:4a:99:01:
63:e6:cd:05:e4:09:f9:6c:c2:a3:cc:6c:e5:a4:76:4c:01:07:
18:8f:05:32:02:86:fd:a9:55:ec:3c:83:db:3b:1e:40:fd:d4:
c1:97:97:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZUexBme6uja99BqFFdHoyR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMjdlZDFjZWE0MzIxYzQ5YzNjYTEwZjNhZmZhZmRiZGFk
NTMyYzIwHhcNMjUwMjE5MTUxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg0MzhmYjZhMmU3YzdmNzMzZGZhZjhiZWIyYzlhNzIyZWMzZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA739BOcLU1YLCIY6+ohMqVZ9RjjXr
xZBkxbwLRaTRUdUu4amGWe0PFR/NUfAoUAn3RMYPLIZuXMHa4a0wvuNCK+mk09lM
zeyeYVWMPvsuzp98srW+7oBcVDb7+4nxr6jTvMeW4yjARTwCTzkc6pT+bLR76FzD
uKCd9OYlG9BzUFDW/1OSrTeow4mwtLt9jGjziHvCuE+vKMdw7YlpIS9DUaOJi4Na
M2QD4sru1pYjWb+hKM5FprsiJV5DAca1koohgcpuFS4X13pwRKz4UNEXot6M5Jgc
DHEF5Rwe6RhX9Qp84XBpO6E1Jyk/QY5S6dfh1bqOFN3efrE4wNKvP3i1eQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGWEOPtqLnx/cz36+L6yyaci7D4gMB8GA1UdIwQY
MBaAFKsn7RzqQyHEnDyhDzr/r9va1TLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXlmdEhPcERJY1NjUEtFUE92LXYyOXJWTXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84NjU0OTAtNzhlNy00M2I0LWIyZmQt
MWQwYmY1MjA4ZjkwLzEvWllRNC0yb3VmSDl6UGZyNHZyTEpweUxzUGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84NjU0OTAtNzhlNy00M2I0LWIyZmQtMWQwYmY1MjA4Zjkw
LzEvcXlmdEhPcERJY1NjUEtFUE92LXYyOXJWTXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBZiAAwQB
LYWaAwQCuZgsMA0EAgACMAcDBQMqB36AMA0GCSqGSIb3DQEBCwUAA4IBAQB0Oawp
j4/f8rY5vCJrIvkXcBmT5f3hc/T2HNX1cPav/7EjwgbPY6wC7HgBby50g/KxCR7/
xVAgMOp66dVpwyMZQCzqRinbJmrcRWizGdeqEwD54NhAfcTubzRRbOuwMeina258
taU28R3ZL0JPQtN3pXd0wtVyPdvGv0+zGPf6ZuXEGwUwl4lDy2p2fHa0jvC0RVH5
hs6LkyjT5+79T6PEJayCbagxgqJH5eIkaO4dnh6xPk8eTmPXXWzLULOvC4NU+eBx
kDJoBWkr3Mms18NFereJfVNKmQFj5s0F5An5bMKjzGzlpHZMAQcYjwUyAob9qVXs
PIPbOx5A/dTBl5eC
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:50:06 2025 by rpki-client on console.sobornost.net