Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/Zj9lVIh8knr06HL6M68exsdyR78.roa
File: Zj9lVIh8knr06HL6M68exsdyR78.roa (raw, json)
Hash identifier: DpNM17SY3ZBbdFnRbmny2u5MR4zgFSyDbmfcX50gqPI=
Subject key identifier: 66:3F:65:54:88:7C:92:7A:F4:E8:72:FA:33:AF:1E:C6:C7:72:47:BF
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 019628D2B4FA8B79B0552E7F9DB1B044C4FA
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/Zj9lVIh8knr06HL6M68exsdyR78.roa
Signing time: Sat 12 Apr 2025 07:06:59 +0000
ROA not before: Sat 12 Apr 2025 07:06:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212552
IP address blocks: 146.19.130.0/24 maxlen: 24
185.110.191.0/24 maxlen: 24
185.221.237.0/24 maxlen: 24
185.231.59.0/24 maxlen: 24
193.163.201.0/24 maxlen: 24
2a14:7981::/32 maxlen: 32
2a14:7981:467::/48 maxlen: 48
2a14:7981:470::/48 maxlen: 48
2a14:7981:471::/48 maxlen: 48
2a14:7981:472::/48 maxlen: 48
2a14:7981:2002::/48 maxlen: 48
2a14:7981:3008::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:28:d2:b4:fa:8b:79:b0:55:2e:7f:9d:b1:b0:44:c4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: Apr 12 07:06:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=663f6554887c927af4e872fa33af1ec6c77247bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:51:1c:ca:de:be:81:d9:21:66:1e:64:a2:61:
33:b2:35:55:c4:53:b8:15:c4:1b:fc:4b:3c:1c:91:
f7:58:80:9b:c8:7c:53:1d:97:d3:93:bc:1f:63:34:
3c:92:70:a1:2c:82:94:5b:56:6e:c6:fa:d4:96:f7:
9d:35:5d:83:9a:cd:40:1a:d1:a3:87:53:f7:2a:ce:
fa:f1:f8:36:d3:5d:3b:82:d7:cd:8e:ea:08:32:0e:
5c:e1:75:bc:47:4b:cd:56:8c:7a:36:5b:cf:0b:d0:
eb:a8:7b:93:cd:53:6b:3c:68:66:a0:91:7f:cf:dd:
63:2d:1e:44:86:7b:53:73:b8:28:9d:f9:63:cd:8c:
20:d4:c6:87:42:94:dd:81:a2:1a:64:82:47:f2:7e:
b2:37:a4:f1:0e:de:81:3b:ac:6b:29:37:e2:e3:87:
59:19:20:af:bc:6f:19:d4:ac:cd:22:ab:22:4a:ed:
d1:91:a2:0e:8f:b6:6c:8c:c8:1d:14:21:35:3f:a1:
67:8f:b1:ac:f1:49:ce:8c:2d:5a:69:73:52:1d:e8:
78:a5:5f:99:ed:a2:e4:9d:09:48:9b:2b:85:bb:7c:
38:35:0c:96:23:f0:50:49:61:53:92:79:c8:7f:72:
b0:d4:8c:a7:d6:d7:2e:c3:44:3e:f7:ce:4d:9b:49:
b9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3F:65:54:88:7C:92:7A:F4:E8:72:FA:33:AF:1E:C6:C7:72:47:BF
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/Zj9lVIh8knr06HL6M68exsdyR78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.130.0/24
185.110.191.0/24
185.221.237.0/24
185.231.59.0/24
193.163.201.0/24
IPv6:
2a14:7981::/32
Signature Algorithm: sha256WithRSAEncryption
62:42:62:9e:d0:63:27:d5:8d:2b:ac:1e:d6:37:04:ab:9e:40:
04:a1:a5:30:2b:1e:f9:c3:3a:70:ef:b8:d8:6e:0d:9f:db:35:
99:ac:40:4e:b3:81:59:5b:51:61:c8:c7:5d:e1:ad:21:3a:a9:
07:cf:d8:79:88:9a:9f:c0:19:8c:ca:19:12:81:18:0e:c6:03:
f7:cc:5b:33:ef:1f:3c:55:fa:59:08:56:60:55:23:41:7c:7c:
5d:79:1e:46:74:e5:ca:1b:b8:b7:09:4f:bb:36:64:72:97:55:
d5:fa:a3:73:ae:88:93:9d:b1:e5:1f:8c:5d:6c:ed:4c:9d:4e:
79:af:be:dc:0a:4f:f6:05:96:6d:4b:32:df:53:b8:3c:69:f0:
d6:70:18:50:60:e2:9b:a9:53:b0:57:58:19:1b:dd:36:48:1b:
73:50:d5:b6:23:52:ce:89:ff:77:cf:9b:20:68:d7:30:8d:ed:
25:90:aa:c2:17:db:42:3c:22:65:32:b3:f0:e6:f7:d9:db:1a:
40:94:94:17:57:7b:3c:a4:06:d3:de:ea:ea:e7:e8:65:2e:1c:
4f:bf:d8:03:bf:a2:c8:8d:f4:65:cb:d0:f8:4f:84:6a:23:07:
fc:44:7f:98:9c:8d:b8:af:9f:16:7b:82:f7:ed:43:e2:03:fd:
1c:33:69:5a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZYo0rT6i3mwVS5/nbGwRMT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjUwNDEyMDcwNjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjNmNjU1NDg4N2M5MjdhZjRlODcyZmEzM2FmMWVjNmM3NzI0N2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1Ecyt6+gdkhZh5komEzsjVVxFO4
FcQb/Es8HJH3WICbyHxTHZfTk7wfYzQ8knChLIKUW1ZuxvrUlvedNV2Dms1AGtGj
h1P3Ks768fg20107gtfNjuoIMg5c4XW8R0vNVox6NlvPC9DrqHuTzVNrPGhmoJF/
z91jLR5EhntTc7gonfljzYwg1MaHQpTdgaIaZIJH8n6yN6TxDt6BO6xrKTfi44dZ
GSCvvG8Z1KzNIqsiSu3RkaIOj7ZsjMgdFCE1P6Fnj7Gs8UnOjC1aaXNSHeh4pV+Z
7aLknQlImyuFu3w4NQyWI/BQSWFTknnIf3Kw1Iyn1tcuw0Q+985Nm0m5wwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGY/ZVSIfJJ69Ohy+jOvHsbHcke/MB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvWmo5bFZJaDhrbnIwNkhMNk02OGV4c2R5Ujc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi
LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAkhOCAwQA
uW6/AwQAud3tAwQAuec7AwQAwaPJMA0EAgACMAcDBQAqFHmBMA0GCSqGSIb3DQEB
CwUAA4IBAQBiQmKe0GMn1Y0rrB7WNwSrnkAEoaUwKx75wzpw77jYbg2f2zWZrEBO
s4FZW1FhyMdd4a0hOqkHz9h5iJqfwBmMyhkSgRgOxgP3zFsz7x88VfpZCFZgVSNB
fHxdeR5GdOXKG7i3CU+7NmRyl1XV+qNzroiTnbHlH4xdbO1MnU55r77cCk/2BZZt
SzLfU7g8afDWcBhQYOKbqVOwV1gZG902SBtzUNW2I1LOif93z5sgaNcwje0lkKrC
F9tCPCJlMrPw5vfZ2xpAlJQXV3s8pAbT3urq5+hlLhxPv9gDv6LIjfRly9D4T4Rq
Iwf8RH+YnI24r58We4L37UPiA/0cM2la
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:57 2025 by rpki-client on console.sobornost.net