Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/zx101u70ZqQlVEGxCCt02a4mGR0.roa
File: zx101u70ZqQlVEGxCCt02a4mGR0.roa (raw, json)
Hash identifier: NpwYWVN0B1ZEpIEVkLkFuhMNQRXNYqDt5EhN2lDS0QU=
Subject key identifier: CF:1D:74:D6:EE:F4:66:A4:25:54:41:B1:08:2B:74:D9:AE:26:19:1D
Certificate issuer: /CN=62f4b147ab0efebf3e46e6dea985d751877cbb4e
Certificate serial: 018CC3B695B5DA2E26F654C14D3C3A07C180
Authority key identifier: 62:F4:B1:47:AB:0E:FE:BF:3E:46:E6:DE:A9:85:D7:51:87:7C:BB:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvSxR6sO_r8-RubeqYXXUYd8u04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/zx101u70ZqQlVEGxCCt02a4mGR0.roa
Signing time: Mon 01 Jan 2024 06:29:32 +0000
ROA not before: Mon 01 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206163
IP address blocks: 185.194.172.0/24 maxlen: 24
185.194.173.0/24 maxlen: 24
185.194.174.0/24 maxlen: 24
185.194.175.0/24 maxlen: 24
194.156.236.0/24 maxlen: 24
194.156.237.0/24 maxlen: 24
194.156.238.0/24 maxlen: 24
194.156.239.0/24 maxlen: 24
2a0a:86c0:1015::/48 maxlen: 48
2a0a:86c0:10::/48 maxlen: 48
2a0a:86c0:1010::/48 maxlen: 48
2a0a:86c0:1006::/48 maxlen: 48
2a0a:86c0:6::/48 maxlen: 48
2a0a:86c0:9::/48 maxlen: 48
2a0a:86c0:1009::/48 maxlen: 48
2a0a:86c0:1004::/48 maxlen: 48
2a0a:86c0:4::/48 maxlen: 48
2a0a:86c0:8::/48 maxlen: 48
2a0a:86c0:1008::/48 maxlen: 48
2a0a:86c0:1003::/48 maxlen: 48
2a0a:86c0:3::/48 maxlen: 48
2a0a:86c0:1::/48 maxlen: 48
2a0a:86c0:1001::/48 maxlen: 48
2a0a:86c0:1012::/48 maxlen: 48
2a0a:86c0:1005::/48 maxlen: 48
2a0a:86c0:5::/48 maxlen: 48
2a0a:86c0::/48 maxlen: 48
2a0a:86c0:1000::/48 maxlen: 48
2a0a:86c0:1014::/48 maxlen: 48
2a0a:86c0:1013::/48 maxlen: 48
2a0a:86c0:1011::/48 maxlen: 48
2a0a:86c0:1007::/48 maxlen: 48
2a0a:86c0:7::/48 maxlen: 48
2a0a:86c0:1002::/48 maxlen: 48
2a0a:86c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:95:b5:da:2e:26:f6:54:c1:4d:3c:3a:07:c1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62f4b147ab0efebf3e46e6dea985d751877cbb4e
Validity
Not Before: Jan 1 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf1d74d6eef466a4255441b1082b74d9ae26191d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:df:9a:02:5d:1d:30:de:d5:7a:0f:d1:3d:71:
c8:61:ee:81:6b:9d:99:f6:96:ba:96:34:c5:b0:c4:
2d:ae:83:00:50:c5:68:a0:99:11:3b:ed:5e:9f:6d:
b0:df:99:31:af:1a:4f:ae:97:74:b4:01:33:52:62:
87:64:5f:cf:25:23:55:e2:42:b0:ba:a9:9c:b9:23:
69:69:08:1d:1b:2a:75:a9:e8:fc:da:23:f7:c6:e6:
84:cd:1b:99:e7:ad:79:38:b3:c7:b2:95:94:11:62:
0f:84:f8:45:48:7e:ce:51:5e:33:04:ac:79:d5:90:
35:7f:44:d1:65:0c:a4:2d:8c:b3:8e:65:8e:21:3f:
54:f2:51:de:8a:3a:be:d3:ef:7c:2a:5f:74:6c:b8:
58:ef:47:c5:a5:88:76:0d:84:93:84:83:f4:6a:ff:
f7:d4:ce:4e:cd:db:ba:fc:bc:41:18:b7:99:46:b3:
4a:eb:83:08:05:9d:e7:a1:22:a6:97:35:89:ff:c4:
94:f4:70:e6:ba:89:75:2c:e2:1b:be:aa:dd:9a:80:
5b:e4:57:e5:71:79:74:8f:42:dd:d5:f7:56:ff:ad:
54:61:f1:e9:4d:0a:8a:2a:8f:12:1f:73:43:f7:b7:
bd:f8:24:58:89:1f:c2:ee:9b:8c:e5:0d:41:08:ca:
a9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1D:74:D6:EE:F4:66:A4:25:54:41:B1:08:2B:74:D9:AE:26:19:1D
X509v3 Authority Key Identifier:
keyid:62:F4:B1:47:AB:0E:FE:BF:3E:46:E6:DE:A9:85:D7:51:87:7C:BB:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvSxR6sO_r8-RubeqYXXUYd8u04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/zx101u70ZqQlVEGxCCt02a4mGR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/YvSxR6sO_r8-RubeqYXXUYd8u04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.172.0/22
194.156.236.0/22
IPv6:
2a0a:86c0::-2a0a:86c0:9:ffff:ffff:ffff:ffff:ffff
2a0a:86c0:10::/48
2a0a:86c0:1000::-2a0a:86c0:1009:ffff:ffff:ffff:ffff:ffff
2a0a:86c0:1010::-2a0a:86c0:1015:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:b9:2a:4b:28:3f:c2:1b:4f:ae:02:46:08:cd:70:1a:c9:f0:
0f:8e:d3:65:bc:62:b2:7d:c4:8f:18:72:ba:bc:03:bd:f2:db:
57:a9:1c:73:8d:5f:06:b7:e7:4b:10:31:7d:ba:01:cd:29:c4:
cf:c0:27:c9:f0:43:dc:b1:af:24:94:71:83:0a:74:f3:3a:d2:
0b:06:bf:e0:9a:db:e7:fa:4c:67:52:1c:e3:54:e7:b0:2a:65:
bb:d6:52:82:a9:bf:37:cc:1f:60:ca:c0:0b:b3:d6:5b:e5:8b:
e9:49:47:c8:d5:f3:40:37:e7:1d:55:7e:5d:c6:67:e8:a9:26:
21:42:41:89:e5:c5:50:22:fe:05:df:13:87:24:ce:28:ba:61:
77:d3:ed:9e:1f:72:77:c8:f3:72:dd:93:a9:0e:93:b9:5b:35:
d7:7a:50:95:1b:e0:db:d1:35:44:6f:8a:a9:e8:4f:55:f4:ef:
d8:73:3d:d4:18:13:a0:63:f7:0f:03:49:fc:e9:49:7e:d3:f8:
b1:a3:d4:5a:81:53:24:a2:b9:bf:c9:50:18:cf:84:28:f8:88:
26:0c:c1:56:8b:ce:33:65:c2:ae:19:64:9f:b5:6b:c1:51:d9:
5b:36:a2:a2:a2:e2:5e:8e:f0:f9:31:51:8a:9d:3e:98:8b:a4:
6e:26:86:c3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYzDtpW12i4m9lTBTTw6B8GAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZjRiMTQ3YWIwZWZlYmYzZTQ2ZTZkZWE5ODVkNzUxODc3
Y2JiNGUwHhcNMjQwMTAxMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFkNzRkNmVlZjQ2NmE0MjU1NDQxYjEwODJiNzRkOWFlMjYxOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod+aAl0dMN7Veg/RPXHIYe6Ba52Z
9pa6ljTFsMQtroMAUMVooJkRO+1en22w35kxrxpPrpd0tAEzUmKHZF/PJSNV4kKw
uqmcuSNpaQgdGyp1qej82iP3xuaEzRuZ5615OLPHspWUEWIPhPhFSH7OUV4zBKx5
1ZA1f0TRZQykLYyzjmWOIT9U8lHeijq+0+98Kl90bLhY70fFpYh2DYSThIP0av/3
1M5Ozdu6/LxBGLeZRrNK64MIBZ3noSKmlzWJ/8SU9HDmuol1LOIbvqrdmoBb5Ffl
cXl0j0Ld1fdW/61UYfHpTQqKKo8SH3ND97e9+CRYiR/C7puM5Q1BCMqpQQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFM8ddNbu9GakJVRBsQgrdNmuJhkdMB8GA1UdIwQY
MBaAFGL0sUerDv6/Pkbm3qmF11GHfLtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXZTeFI2c09fcjgtUnViZXFZWFhVWWQ4dTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84ZTZlNWEtYWVjMC00MGFkLWE2Mjgt
ZGFiM2E5ZjAzMGRjLzEvengxMDF1NzBacVFsVkVHeENDdDAyYTRtR1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84ZTZlNWEtYWVjMC00MGFkLWE2MjgtZGFiM2E5ZjAzMGRj
LzEvWXZTeFI2c09fcjgtUnViZXFZWFhVWWQ4dTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjASBAIAATAMAwQCucKsAwQC
wpzsMEgEAgACMEIwEAMFBioKhsADBwEqCobAAAgDBwAqCobAABAwEQMGBCoKhsAQ
AwcBKgqGwBAIMBIDBwQqCobAEBADBwEqCobAEBQwDQYJKoZIhvcNAQELBQADggEB
AH+5KksoP8IbT64CRgjNcBrJ8A+O02W8YrJ9xI8Ycrq8A73y21epHHONXwa350sQ
MX26Ac0pxM/AJ8nwQ9yxrySUcYMKdPM60gsGv+Ca2+f6TGdSHONU57AqZbvWUoKp
vzfMH2DKwAuz1lvli+lJR8jV80A35x1Vfl3GZ+ipJiFCQYnlxVAi/gXfE4ckzii6
YXfT7Z4fcnfI83Ldk6kOk7lbNdd6UJUb4NvRNURviqnoT1X079hzPdQYE6Bj9w8D
SfzpSX7T+LGj1FqBUySiub/JUBjPhCj4iCYMwVaLzjNlwq4ZZJ+1a8FR2Vs2oqKi
4l6O8PkxUYqdPpiLpG4mhsM=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:11 2024 by rpki-client on console.sobornost.net