Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/zCxP8ZVkWLcmxZhJZtWIxvZSe6w.roa
File: zCxP8ZVkWLcmxZhJZtWIxvZSe6w.roa (raw, json)
Hash identifier: DfGpVycShIM8dTI5tNGDuNowzD011BPKKYeWki1A+OE=
Subject key identifier: CC:2C:4F:F1:95:64:58:B7:26:C5:98:49:66:D5:88:C6:F6:52:7B:AC
Certificate issuer: /CN=0babfb67a0975384efb8b7b7ca807f714f75f84a
Certificate serial: 01954887E29546DFF3F85579C044307005B9
Authority key identifier: 0B:AB:FB:67:A0:97:53:84:EF:B8:B7:B7:CA:80:7F:71:4F:75:F8:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6v7Z6CXU4TvuLe3yoB_cU91-Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/zCxP8ZVkWLcmxZhJZtWIxvZSe6w.roa
Signing time: Thu 27 Feb 2025 17:50:19 +0000
ROA not before: Thu 27 Feb 2025 17:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57575
IP address blocks: 89.207.156.0/24 maxlen: 24
109.205.197.0/24 maxlen: 24
185.153.54.0/24 maxlen: 24
2a13:9a40::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:48:87:e2:95:46:df:f3:f8:55:79:c0:44:30:70:05:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0babfb67a0975384efb8b7b7ca807f714f75f84a
Validity
Not Before: Feb 27 17:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc2c4ff1956458b726c5984966d588c6f6527bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bf:11:7d:d6:d6:f1:d0:02:df:20:3e:0f:9d:
78:b7:b8:cf:c0:14:68:0c:b4:fe:c9:57:a3:d4:d9:
22:04:ee:5a:87:7b:38:4f:39:86:84:69:e0:d7:68:
4b:00:80:18:ed:e5:1e:6c:fb:35:63:d3:46:73:c2:
e0:04:f6:3e:40:26:20:ab:24:bc:fd:6a:d6:c9:de:
88:6a:48:3f:80:82:11:23:7a:ad:f5:ea:db:f7:48:
4d:d8:72:33:f3:4f:97:63:c7:d4:da:26:c4:e3:99:
17:d4:3b:95:b7:73:25:f1:c5:cb:66:32:62:c7:ee:
dd:18:09:ae:18:71:5e:0e:24:bf:03:3e:a0:29:9e:
d8:20:fa:63:64:83:44:7c:8d:16:51:f9:34:f7:8e:
6e:6a:58:35:27:fb:89:f5:98:4d:f1:a7:99:de:24:
7a:a6:c6:df:36:1e:dd:25:24:72:75:97:07:a1:c4:
14:eb:5a:86:8a:51:4f:74:91:1d:59:a7:4f:7c:9a:
1a:80:d2:bc:c4:99:74:81:53:27:17:ff:56:db:4f:
e0:bb:89:06:e1:f5:e0:90:8d:63:fb:9f:fd:41:95:
92:8a:90:80:cd:48:ed:0f:de:1e:aa:16:cb:e2:6a:
2c:e8:c4:1a:ec:b4:1d:4c:4d:e4:d8:df:4b:8b:8c:
db:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:2C:4F:F1:95:64:58:B7:26:C5:98:49:66:D5:88:C6:F6:52:7B:AC
X509v3 Authority Key Identifier:
keyid:0B:AB:FB:67:A0:97:53:84:EF:B8:B7:B7:CA:80:7F:71:4F:75:F8:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6v7Z6CXU4TvuLe3yoB_cU91-Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/zCxP8ZVkWLcmxZhJZtWIxvZSe6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1ee7af-7f61-4dc9-bc3e-b4e5cad0dc52/1/C6v7Z6CXU4TvuLe3yoB_cU91-Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.156.0/24
109.205.197.0/24
185.153.54.0/24
IPv6:
2a13:9a40::/32
Signature Algorithm: sha256WithRSAEncryption
4f:e2:ae:5f:a3:b4:cf:ac:64:23:31:71:c7:98:fe:89:f8:4d:
05:5e:46:a1:48:c4:ac:90:6f:13:16:e2:21:a7:0e:98:a3:95:
67:67:4e:a1:13:11:5a:0d:4d:65:b2:e2:fd:91:a0:3b:41:72:
97:35:d4:02:1b:80:ce:27:81:68:07:c4:58:60:cf:44:bf:69:
3e:6f:fd:6c:ef:9d:9d:13:50:76:52:d3:18:de:d2:4f:f9:cc:
39:70:3d:cc:17:0c:dc:6e:7c:6f:98:93:3f:ca:50:55:3d:56:
24:42:6d:bc:75:69:60:1b:47:76:9f:20:d6:d7:18:74:09:5f:
db:61:ff:48:6f:e8:6d:a0:34:12:85:4a:b7:07:29:23:0c:86:
81:a8:b8:d7:a6:70:81:e2:12:99:d7:fe:f8:3c:b9:af:d8:1d:
2b:f6:1c:99:f1:ef:fb:17:d6:24:c1:07:41:7d:8c:05:4d:9b:
85:0c:fa:08:f6:81:f2:98:b8:7f:a3:9f:dd:eb:d9:36:e6:a8:
63:6d:0c:a0:c7:43:50:4d:a3:f4:00:4c:50:90:d4:71:a5:a7:
56:7b:31:64:40:a6:c1:c8:12:cc:b8:64:68:16:d1:70:8e:85:
28:84:ec:fb:5b:60:d8:ca:23:d4:f1:75:d5:f5:99:c0:5c:0a:
77:02:68:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZVIh+KVRt/z+FV5wEQwcAW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWJmYjY3YTA5NzUzODRlZmI4YjdiN2NhODA3ZjcxNGY3
NWY4NGEwHhcNMjUwMjI3MTc1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzJjNGZmMTk1NjQ1OGI3MjZjNTk4NDk2NmQ1ODhjNmY2NTI3YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8RfdbW8dAC3yA+D514t7jPwBRo
DLT+yVej1NkiBO5ah3s4TzmGhGng12hLAIAY7eUebPs1Y9NGc8LgBPY+QCYgqyS8
/WrWyd6Iakg/gIIRI3qt9erb90hN2HIz80+XY8fU2ibE45kX1DuVt3Ml8cXLZjJi
x+7dGAmuGHFeDiS/Az6gKZ7YIPpjZINEfI0WUfk0945ualg1J/uJ9ZhN8aeZ3iR6
psbfNh7dJSRydZcHocQU61qGilFPdJEdWadPfJoagNK8xJl0gVMnF/9W20/gu4kG
4fXgkI1j+5/9QZWSipCAzUjtD94eqhbL4mos6MQa7LQdTE3k2N9Li4zbawIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMwsT/GVZFi3JsWYSWbViMb2UnusMB8GA1UdIwQY
MBaAFAur+2egl1OE77i3t8qAf3FPdfhKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ2N1o2Q1hVNFR2dUxlM3lvQl9jVTkxLUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xZWU3YWYtN2Y2MS00ZGM5LWJjM2Ut
YjRlNWNhZDBkYzUyLzEvekN4UDhaVmtXTGNteFpoSlp0V0l4dlpTZTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xZWU3YWYtN2Y2MS00ZGM5LWJjM2UtYjRlNWNhZDBkYzUy
LzEvQzZ2N1o2Q1hVNFR2dUxlM3lvQl9jVTkxLUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWc+cAwQA
bc3FAwQAuZk2MA0EAgACMAcDBQAqE5pAMA0GCSqGSIb3DQEBCwUAA4IBAQBP4q5f
o7TPrGQjMXHHmP6J+E0FXkahSMSskG8TFuIhpw6Yo5VnZ06hExFaDU1lsuL9kaA7
QXKXNdQCG4DOJ4FoB8RYYM9Ev2k+b/1s752dE1B2UtMY3tJP+cw5cD3MFwzcbnxv
mJM/ylBVPVYkQm28dWlgG0d2nyDW1xh0CV/bYf9Ib+htoDQShUq3BykjDIaBqLjX
pnCB4hKZ1/74PLmv2B0r9hyZ8e/7F9YkwQdBfYwFTZuFDPoI9oHymLh/o5/d69k2
5qhjbQygx0NQTaP0AExQkNRxpadWezFkQKbByBLMuGRoFtFwjoUohOz7W2DYyiPU
8XXV9ZnAXAp3AmhS
-----END CERTIFICATE-----
Generated at Tue Apr 1 17:26:55 2025 by rpki-client on console.sobornost.net