Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/z7EntH2_RgrImndWaf9CHwQF-tM.roa
File: z7EntH2_RgrImndWaf9CHwQF-tM.roa (raw, json)
Hash identifier: At0xjBHWEf4xXBr9D4SeVUGhACOqx602brOEncq8KCM=
Subject key identifier: CF:B1:27:B4:7D:BF:46:0A:C8:9A:77:56:69:FF:42:1F:04:05:FA:D3
Certificate issuer: /CN=661691ca9c58d0859b6b870230b0f581be66a58a
Certificate serial: 019427B3FCC13F2778689C8FB2A99B4A1E08
Authority key identifier: 66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/z7EntH2_RgrImndWaf9CHwQF-tM.roa
Signing time: Thu 02 Jan 2025 15:48:14 +0000
ROA not before: Thu 02 Jan 2025 15:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199364
IP address blocks: 45.84.192.0/24 maxlen: 24
185.31.120.0/22 maxlen: 22
2a00:af60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:fc:c1:3f:27:78:68:9c:8f:b2:a9:9b:4a:1e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661691ca9c58d0859b6b870230b0f581be66a58a
Validity
Not Before: Jan 2 15:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfb127b47dbf460ac89a775669ff421f0405fad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7c:30:14:cf:c9:16:50:03:4a:bf:b1:97:08:
f7:26:9f:1c:35:99:db:fb:e9:68:51:af:23:68:53:
9b:7f:7c:78:65:a3:9d:f9:26:a0:f7:3b:ac:5a:5d:
c2:2d:f7:ed:50:9c:15:bd:93:c4:32:0a:0c:f6:ae:
ed:b4:b2:d0:e0:cb:c1:c7:8d:4b:17:48:4c:37:14:
20:d3:e3:b9:c2:fb:b7:49:22:73:e5:5e:5b:84:6a:
54:5d:59:4c:f9:45:f4:24:60:d6:f3:ad:19:22:46:
d7:59:61:49:8a:3c:5a:6d:35:4d:08:13:1f:f1:a7:
43:0f:a2:08:a0:98:9f:cc:df:2f:3b:0b:f1:f6:f7:
06:c0:cb:f1:bd:a0:42:22:53:cf:1b:f1:35:95:85:
20:28:fe:b0:18:1a:42:57:6b:3e:e3:fb:20:65:77:
ae:57:0a:3e:cf:8d:91:af:90:eb:31:5a:23:55:77:
90:62:b1:3e:92:bc:b4:3e:33:8e:5d:5c:cb:81:70:
ff:44:94:36:c0:79:bf:7c:66:59:02:c7:07:a9:d1:
7b:36:b7:c1:fd:bb:e1:76:fd:d5:0c:cb:a8:2c:91:
22:14:7a:66:37:89:e8:f3:c3:44:59:cd:2a:14:28:
bb:10:a2:eb:17:6e:3c:81:90:6e:06:0b:32:39:98:
37:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B1:27:B4:7D:BF:46:0A:C8:9A:77:56:69:FF:42:1F:04:05:FA:D3
X509v3 Authority Key Identifier:
keyid:66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/z7EntH2_RgrImndWaf9CHwQF-tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.192.0/24
185.31.120.0/22
IPv6:
2a00:af60::/32
Signature Algorithm: sha256WithRSAEncryption
38:94:72:66:29:34:81:f7:72:fc:48:23:97:27:23:25:2f:cd:
06:f8:aa:5f:5e:f7:31:78:a7:7c:ea:08:19:52:c3:8e:be:9d:
9c:f2:6c:5d:03:4d:eb:97:f0:aa:27:bb:d9:23:4c:f6:09:fd:
a4:39:2f:63:0a:3f:d3:7e:89:8c:db:e7:df:33:c1:6f:a5:ce:
cd:28:17:c8:e0:07:2a:d7:6a:75:27:18:7e:e7:58:39:78:60:
c8:3a:fe:df:d2:67:0c:f6:f0:0e:dd:3f:0c:65:f6:00:d9:56:
27:26:0c:14:e0:2d:4b:78:72:ab:3e:8a:b5:fa:82:5d:5c:02:
06:24:86:a8:b6:0b:d9:af:0c:6a:17:48:08:38:36:60:d9:1c:
c9:7b:bc:98:11:78:14:4d:2f:f2:b9:0f:b5:8d:ca:eb:6c:f8:
ca:c1:ec:ed:74:a7:59:61:9d:fc:fa:a8:fa:65:35:f0:04:de:
9d:d8:8a:8d:09:73:d5:78:1f:88:cf:17:c2:45:cb:50:98:12:
3e:e6:59:eb:fc:37:f3:d9:27:15:68:45:23:c3:0a:ac:4a:93:
f5:fa:1d:4a:7d:34:cb:d0:12:4e:25:1a:d6:57:e8:ee:96:ba:
b4:0b:b7:17:95:57:7f:88:f6:63:ee:f4:82:21:ae:d3:5d:0f:
8e:ac:49:d2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQns/zBPyd4aJyPsqmbSh4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTY5MWNhOWM1OGQwODU5YjZiODcwMjMwYjBmNTgxYmU2
NmE1OGEwHhcNMjUwMTAyMTU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmIxMjdiNDdkYmY0NjBhYzg5YTc3NTY2OWZmNDIxZjA0MDVmYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HwwFM/JFlADSr+xlwj3Jp8cNZnb
++loUa8jaFObf3x4ZaOd+Sag9zusWl3CLfftUJwVvZPEMgoM9q7ttLLQ4MvBx41L
F0hMNxQg0+O5wvu3SSJz5V5bhGpUXVlM+UX0JGDW860ZIkbXWWFJijxabTVNCBMf
8adDD6IIoJifzN8vOwvx9vcGwMvxvaBCIlPPG/E1lYUgKP6wGBpCV2s+4/sgZXeu
Vwo+z42Rr5DrMVojVXeQYrE+kry0PjOOXVzLgXD/RJQ2wHm/fGZZAscHqdF7NrfB
/bvhdv3VDMuoLJEiFHpmN4no88NEWc0qFCi7EKLrF248gZBuBgsyOZg3swIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM+xJ7R9v0YKyJp3Vmn/Qh8EBfrTMB8GA1UdIwQY
MBaAFGYWkcqcWNCFm2uHAjCw9YG+ZqWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQt
MWE4MGRhZmZkNzk2LzEvejdFbnRIMl9SZ3JJbW5kV2FmOUNId1FGLXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQtMWE4MGRhZmZkNzk2
LzEvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVTAAwQC
uR94MA0EAgACMAcDBQAqAK9gMA0GCSqGSIb3DQEBCwUAA4IBAQA4lHJmKTSB93L8
SCOXJyMlL80G+KpfXvcxeKd86ggZUsOOvp2c8mxdA03rl/CqJ7vZI0z2Cf2kOS9j
Cj/TfomM2+ffM8Fvpc7NKBfI4Acq12p1Jxh+51g5eGDIOv7f0mcM9vAO3T8MZfYA
2VYnJgwU4C1LeHKrPoq1+oJdXAIGJIaotgvZrwxqF0gIODZg2RzJe7yYEXgUTS/y
uQ+1jcrrbPjKweztdKdZYZ38+qj6ZTXwBN6d2IqNCXPVeB+IzxfCRctQmBI+5lnr
/Dfz2ScVaEUjwwqsSpP1+h1KfTTL0BJOJRrWV+julrq0C7cXlVd/iPZj7vSCIa7T
XQ+OrEnS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:45 2025 by rpki-client on console.sobornost.net