Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/ZkkDzXmdTsLG1oQnHCXCpjMrN0c.roa
File: ZkkDzXmdTsLG1oQnHCXCpjMrN0c.roa (raw, json)
Hash identifier: vhxQZdTakyknsbSaFbQwA3rjVR03VcM9s8jNMsMZ03E=
Subject key identifier: 66:49:03:CD:79:9D:4E:C2:C6:D6:84:27:1C:25:C2:A6:33:2B:37:47
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 0194266BF27C349A9767001A0C02405ADD42
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/ZkkDzXmdTsLG1oQnHCXCpjMrN0c.roa
Signing time: Thu 02 Jan 2025 09:49:56 +0000
ROA not before: Thu 02 Jan 2025 09:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29205
IP address blocks: 45.156.236.0/22 maxlen: 24
91.230.36.0/23 maxlen: 23
185.49.12.0/22 maxlen: 24
185.100.228.0/22 maxlen: 22
188.214.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f2:7c:34:9a:97:67:00:1a:0c:02:40:5a:dd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Jan 2 09:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=664903cd799d4ec2c6d684271c25c2a6332b3747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ec:a8:c7:36:5a:c2:df:f5:cb:59:8b:73:a5:
cd:e6:f8:0e:9a:96:bd:11:e4:9c:d3:1b:04:26:ac:
b0:06:c8:55:5c:1d:c7:2d:60:7f:a5:9c:73:c4:61:
00:13:16:48:17:c9:8a:f8:38:a1:29:20:cb:9c:92:
72:06:70:67:ca:ad:28:8d:6d:75:fe:7b:02:bb:63:
8d:00:8b:78:32:2b:00:12:e9:0d:c7:78:00:b5:cc:
46:d8:6d:7f:05:5f:68:13:6c:8b:6f:87:45:61:2e:
ac:74:53:b3:c4:9b:88:d0:de:44:fc:8e:52:56:0c:
5f:f9:bd:06:5f:94:54:14:cc:ec:eb:63:d6:0a:cc:
67:4c:0c:b9:6a:90:f2:a8:3a:51:41:42:35:f6:5b:
6a:43:9f:38:7d:9a:b6:55:f2:5e:39:85:5d:9c:56:
b0:41:f2:73:03:fb:52:68:73:d9:5d:c6:c8:66:6a:
3b:05:8c:9c:5d:97:56:b4:0f:b7:3d:63:e8:40:9b:
5a:c7:e9:52:7c:96:67:ac:51:ec:41:da:02:25:66:
f1:cd:04:be:27:4f:50:22:23:40:28:7f:4d:2e:90:
dc:b0:9b:a4:26:2d:00:79:53:7b:d5:9b:1c:0d:77:
5c:9a:82:f2:44:85:9f:8a:e3:cb:ac:b2:48:a4:f1:
15:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:49:03:CD:79:9D:4E:C2:C6:D6:84:27:1C:25:C2:A6:33:2B:37:47
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/ZkkDzXmdTsLG1oQnHCXCpjMrN0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.236.0/22
91.230.36.0/23
185.49.12.0/22
185.100.228.0/22
188.214.16.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:63:c7:21:7b:04:93:01:69:6d:cc:b8:b3:f4:02:7f:fb:9f:
2a:9b:81:86:51:9a:ea:18:d6:0c:ef:66:26:70:21:a7:a5:91:
45:20:85:c2:08:63:4d:f6:a8:78:04:3a:16:46:6b:1c:c4:e3:
9a:fa:88:62:3d:8f:f9:6d:8d:1e:93:ca:46:76:fb:94:ae:cc:
93:3c:5a:a9:8c:24:9f:21:76:46:82:98:0a:d4:47:7f:a8:17:
71:be:93:79:74:c3:e1:86:ec:eb:4d:8c:9a:bf:91:19:46:a3:
7e:3d:23:ce:5b:41:a8:1e:27:90:a1:74:a8:98:88:a1:a7:f8:
e8:87:2e:af:5b:e1:62:2a:62:f9:2a:fd:bc:aa:f2:10:0f:26:
8e:8e:59:d0:d7:4b:f8:92:bb:19:4a:ed:da:b2:65:9c:04:c4:
d7:d2:cb:c3:21:a1:21:b3:5b:2a:79:a1:e0:5a:4a:01:82:e5:
66:7b:2c:d1:2e:f8:05:a3:f6:3a:62:33:5a:3a:41:24:d5:af:
3a:2a:d1:41:cc:58:14:a8:21:af:6f:fb:e6:f9:4a:c7:d2:1f:
69:d6:2e:5d:d8:68:fc:51:97:73:2a:29:09:ef:e9:e1:bc:1c:
d5:15:4c:12:c7:a3:88:5e:97:e5:2c:81:cd:20:e4:3e:06:5b:
11:25:f2:61
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQma/J8NJqXZwAaDAJAWt1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjUwMTAyMDk0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjQ5MDNjZDc5OWQ0ZWMyYzZkNjg0MjcxYzI1YzJhNjMzMmIzNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuyoxzZawt/1y1mLc6XN5vgOmpa9
EeSc0xsEJqywBshVXB3HLWB/pZxzxGEAExZIF8mK+DihKSDLnJJyBnBnyq0ojW11
/nsCu2ONAIt4MisAEukNx3gAtcxG2G1/BV9oE2yLb4dFYS6sdFOzxJuI0N5E/I5S
Vgxf+b0GX5RUFMzs62PWCsxnTAy5apDyqDpRQUI19ltqQ584fZq2VfJeOYVdnFaw
QfJzA/tSaHPZXcbIZmo7BYycXZdWtA+3PWPoQJtax+lSfJZnrFHsQdoCJWbxzQS+
J09QIiNAKH9NLpDcsJukJi0AeVN71ZscDXdcmoLyRIWfiuPLrLJIpPEVwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGZJA815nU7CxtaEJxwlwqYzKzdHMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvWmtrRHpYbWRUc0xHMW9RbkhDWENwak1yTjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLZzsAwQB
W+YkAwQCuTEMAwQCuWTkAwQDvNYQMA0GCSqGSIb3DQEBCwUAA4IBAQCMY8chewST
AWltzLiz9AJ/+58qm4GGUZrqGNYM72YmcCGnpZFFIIXCCGNN9qh4BDoWRmscxOOa
+ohiPY/5bY0ek8pGdvuUrsyTPFqpjCSfIXZGgpgK1Ed/qBdxvpN5dMPhhuzrTYya
v5EZRqN+PSPOW0GoHieQoXSomIihp/johy6vW+FiKmL5Kv28qvIQDyaOjlnQ10v4
krsZSu3asmWcBMTX0svDIaEhs1sqeaHgWkoBguVmeyzRLvgFo/Y6YjNaOkEk1a86
KtFBzFgUqCGvb/vm+UrH0h9p1i5d2Gj8UZdzKikJ7+nhvBzVFUwSx6OIXpflLIHN
IOQ+BlsRJfJh
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:49 2025 by rpki-client on console.sobornost.net