Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/ZNc2R38IFzIz7kBedhBa4EVwaEk.roa
File: ZNc2R38IFzIz7kBedhBa4EVwaEk.roa (raw, json)
Hash identifier: EpA69Eq6Q+KV+gO/Q6uVQrzX/PppOsS4DI+GMDk1VRA=
Subject key identifier: 64:D7:36:47:7F:08:17:32:33:EE:40:5E:76:10:5A:E0:45:70:68:49
Certificate issuer: /CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Certificate serial: 0195275B32DF253AF92A93C2C16F9736A948
Authority key identifier: 6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/ZNc2R38IFzIz7kBedhBa4EVwaEk.roa
Signing time: Fri 21 Feb 2025 07:14:02 +0000
ROA not before: Fri 21 Feb 2025 07:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38917
IP address blocks: 87.255.224.0/19 maxlen: 24
87.255.224.0/20 maxlen: 24
87.255.240.0/20 maxlen: 24
87.255.248.0/22 maxlen: 24
87.255.252.0/24 maxlen: 24
109.111.64.0/19 maxlen: 24
109.111.64.0/24 maxlen: 24
109.111.70.0/24 maxlen: 24
149.255.16.0/22 maxlen: 22
176.110.192.0/21 maxlen: 21
176.110.200.0/22 maxlen: 22
176.110.206.0/23 maxlen: 23
176.110.208.0/21 maxlen: 24
185.24.112.0/22 maxlen: 24
185.86.112.0/20 maxlen: 24
188.0.192.0/20 maxlen: 20
188.0.208.0/20 maxlen: 20
194.32.156.0/22 maxlen: 22
217.175.32.0/20 maxlen: 24
2a04:2cc0::/32 maxlen: 32
2a04:2cc1::/32 maxlen: 32
2a04:2cc2::/32 maxlen: 32
2a04:2cc3::/32 maxlen: 32
2a04:2cc4::/32 maxlen: 32
2a04:2cc5::/32 maxlen: 32
2a04:2cc6::/32 maxlen: 32
2a04:2cc7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:5b:32:df:25:3a:f9:2a:93:c2:c1:6f:97:36:a9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Validity
Not Before: Feb 21 07:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64d736477f08173233ee405e76105ae045706849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:61:f4:82:2c:4e:df:cd:83:b0:95:9c:dc:4f:
f1:6b:9a:4e:2d:dd:8f:00:46:1f:b4:89:92:23:6b:
21:7c:95:cf:4b:3f:5d:4e:1e:36:70:1e:b1:7a:a5:
e0:ec:8e:ca:04:12:be:56:b7:0e:83:76:2b:db:eb:
b9:43:32:05:3a:fa:86:2d:88:85:fa:01:2b:68:fa:
2c:c5:41:74:18:4f:6e:47:7f:73:ea:2c:2f:98:cc:
1b:b8:b1:0b:2e:02:ae:8a:3a:55:0b:65:0a:a0:2e:
5f:ef:c5:e2:a2:f2:d9:53:b8:87:b7:b4:8a:23:98:
7d:41:7a:78:01:ac:f1:ab:0b:31:b5:9b:7d:81:74:
0b:73:65:42:50:f0:45:e0:35:64:20:31:de:e8:c9:
de:36:e2:4b:7b:19:d9:8f:d1:af:a8:eb:19:11:f9:
c0:20:e9:15:41:f0:cd:60:4c:0e:81:d2:fe:7a:14:
ec:9b:fc:d4:83:2a:6a:0b:0c:11:3a:04:b7:10:82:
ec:cc:9b:4c:fe:59:6e:62:63:10:34:ae:fc:16:b9:
6e:84:af:3f:2f:6d:9b:a3:90:99:6b:b7:be:41:1d:
91:00:fb:52:43:72:ec:5d:0f:b5:6e:39:7e:3a:30:
10:4e:8e:08:22:2f:69:24:a4:53:7e:0c:2a:61:66:
b1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D7:36:47:7F:08:17:32:33:EE:40:5E:76:10:5A:E0:45:70:68:49
X509v3 Authority Key Identifier:
keyid:6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/ZNc2R38IFzIz7kBedhBa4EVwaEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/b1xXEvu82DJBnUxYhK47w8Shbns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.255.224.0/19
109.111.64.0/19
149.255.16.0/22
176.110.192.0-176.110.203.255
176.110.206.0-176.110.215.255
185.24.112.0/22
185.86.112.0/20
188.0.192.0/19
194.32.156.0/22
217.175.32.0/20
IPv6:
2a04:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
23:dd:ae:47:fb:ad:be:48:88:0a:e9:eb:83:51:fc:86:80:12:
84:a6:2c:10:5b:c4:8e:a3:2f:ca:80:59:8c:49:36:15:83:d8:
27:2a:bd:42:e4:de:6e:8a:5f:4e:e5:d7:f1:37:ed:27:5d:10:
69:45:ae:17:cc:92:f6:a8:1d:1f:33:a8:1c:89:59:48:42:c7:
97:23:06:61:82:d8:50:3b:2b:77:7d:0f:76:bd:99:e1:73:0d:
e4:88:6a:e4:df:62:d6:57:2e:39:fd:9e:49:ee:70:67:6f:12:
23:88:b7:01:04:87:c5:ec:05:b8:1a:3c:2b:c9:1e:a8:99:30:
10:00:ae:c7:c8:d7:30:6e:ae:a9:f4:fc:7e:fc:95:70:59:11:
b0:e4:b6:4f:6c:81:1c:be:4b:6c:57:02:c1:df:06:49:52:f0:
66:de:d6:e5:99:ed:e9:89:87:ea:76:3c:46:05:2d:d8:db:a5:
a6:ec:cb:69:04:e6:15:6a:98:43:25:b4:ff:65:b1:43:97:c1:
78:72:5c:94:26:fe:25:7b:25:bd:60:5c:34:62:82:07:12:ea:
c7:aa:a4:e5:c5:8c:e7:35:36:c0:91:43:44:56:48:c3:ea:2c:
74:b1:69:a6:05:bd:06:e5:f2:44:88:98:dd:30:ff:78:ce:44:
01:94:a6:16
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZUnWzLfJTr5KpPCwW+XNqlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWM1NzEyZmJiY2Q4MzI0MTlkNGM1ODg0YWUzYmMzYzRh
MTZlN2IwHhcNMjUwMjIxMDcxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQ3MzY0NzdmMDgxNzMyMzNlZTQwNWU3NjEwNWFlMDQ1NzA2ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mH0gixO382DsJWc3E/xa5pOLd2P
AEYftImSI2shfJXPSz9dTh42cB6xeqXg7I7KBBK+VrcOg3Yr2+u5QzIFOvqGLYiF
+gEraPosxUF0GE9uR39z6iwvmMwbuLELLgKuijpVC2UKoC5f78XiovLZU7iHt7SK
I5h9QXp4AazxqwsxtZt9gXQLc2VCUPBF4DVkIDHe6MneNuJLexnZj9GvqOsZEfnA
IOkVQfDNYEwOgdL+ehTsm/zUgypqCwwROgS3EILszJtM/lluYmMQNK78FrluhK8/
L22bo5CZa7e+QR2RAPtSQ3LsXQ+1bjl+OjAQTo4IIi9pJKRTfgwqYWaxUQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFGTXNkd/CBcyM+5AXnYQWuBFcGhJMB8GA1UdIwQY
MBaAFG9cVxL7vNgyQZ1MWISuO8PEoW57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEt
NzU1MDUyOWQ4NDdhLzEvWk5jMlIzOElGekl6N2tCZWRoQmE0RVZ3YUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEtNzU1MDUyOWQ4NDdh
LzEvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQFV//gAwQF
bW9AAwQClf8QMAwDBAawbsADBAKwbsgwDAMEAbBuzgMEA7Bu0AMEArkYcAMEBLlW
cAMEBbwAwAMEAsIgnAMEBNmvIDANBAIAAjAHAwUDKgQswDANBgkqhkiG9w0BAQsF
AAOCAQEAI92uR/utvkiICunrg1H8hoAShKYsEFvEjqMvyoBZjEk2FYPYJyq9QuTe
bopfTuXX8TftJ10QaUWuF8yS9qgdHzOoHIlZSELHlyMGYYLYUDsrd30Pdr2Z4XMN
5Ihq5N9i1lcuOf2eSe5wZ28SI4i3AQSHxewFuBo8K8keqJkwEACux8jXMG6uqfT8
fvyVcFkRsOS2T2yBHL5LbFcCwd8GSVLwZt7W5Znt6YmH6nY8RgUt2NulpuzLaQTm
FWqYQyW0/2WxQ5fBeHJclCb+JXslvWBcNGKCBxLqx6qk5cWM5zU2wJFDRFZIw+os
dLFppgW9BuXyRIiY3TD/eM5EAZSmFg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:03 2025 by rpki-client on console.sobornost.net