Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/zqwsjKFXUouaQheAO3p_LY4ztD8.roa
File: zqwsjKFXUouaQheAO3p_LY4ztD8.roa (raw, json)
Hash identifier: xKjJRo3DcCi4+JXnhvM44UobpPMewl1ICeZGXESJdjE=
Subject key identifier: CE:AC:2C:8C:A1:57:52:8B:9A:42:17:80:3B:7A:7F:2D:8E:33:B4:3F
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195E3C0117EDBEBA0A7C38E591BFD61EAA2
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/zqwsjKFXUouaQheAO3p_LY4ztD8.roa
Signing time: Sat 29 Mar 2025 21:12:50 +0000
ROA not before: Sat 29 Mar 2025 21:12:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.10.212.0/24 maxlen: 24
5.10.213.0/24 maxlen: 24
5.10.218.0/23 maxlen: 23
5.10.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e3:c0:11:7e:db:eb:a0:a7:c3:8e:59:1b:fd:61:ea:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 29 21:12:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ceac2c8ca157528b9a4217803b7a7f2d8e33b43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0f:b7:d0:43:cb:e2:a8:3a:07:0a:23:0c:69:
61:e5:b2:f8:1b:c6:91:bb:ab:1e:bb:1c:76:9b:7b:
32:41:ff:6e:1f:2d:f8:d8:e2:ca:10:10:bc:96:b0:
28:db:01:31:df:3a:ba:15:be:8d:10:c3:15:11:f1:
25:ea:15:08:44:eb:36:b3:2c:bf:81:64:d9:f9:14:
48:87:3d:9b:50:27:53:7c:be:28:b5:54:8b:d4:0d:
97:21:1f:09:52:d6:02:b0:2b:a8:83:07:97:cd:29:
2c:4e:32:ca:e8:5f:ac:c9:ce:61:61:da:a8:09:4c:
5c:87:27:97:1b:1d:81:1b:a5:fb:ae:f5:69:e9:2c:
b9:c7:cd:f9:07:65:0e:42:fb:3e:6a:34:3f:dc:2e:
39:0e:96:02:b6:ff:f4:5a:ea:95:e2:9d:d5:30:eb:
f3:3c:3c:cd:db:ad:3c:86:fa:de:4c:b0:11:d9:c2:
91:88:f0:cf:2f:b5:5c:9e:b7:ac:17:c2:c0:b4:88:
f2:59:c6:4b:a4:13:b0:2f:d4:8e:76:ce:cf:ff:14:
e6:59:83:c2:e6:94:37:cf:5c:eb:85:90:ca:9e:8d:
d5:b9:0d:22:3a:4e:a0:34:f7:4d:91:f2:31:a9:e5:
81:25:85:1b:d8:44:0f:b6:7d:fd:14:f3:fa:41:76:
17:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AC:2C:8C:A1:57:52:8B:9A:42:17:80:3B:7A:7F:2D:8E:33:B4:3F
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/zqwsjKFXUouaQheAO3p_LY4ztD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.212.0/23
5.10.218.0/23
5.10.223.0/24
Signature Algorithm: sha256WithRSAEncryption
33:98:56:48:a9:c5:80:82:d5:8c:af:ef:7c:b6:96:10:03:2e:
f5:fe:ee:12:f0:cd:32:0f:1b:49:9a:5a:b7:fa:04:dc:1e:74:
d7:ef:5f:1c:ca:02:9f:f4:2e:c2:12:87:26:30:6e:17:5c:ce:
6b:bf:76:5f:79:5c:f9:0f:5a:b3:ed:f1:76:dc:a3:88:f9:1b:
a6:e1:8c:24:17:76:99:16:b0:0c:93:a9:56:4c:46:4b:22:f8:
63:92:68:93:a0:a1:ae:b7:6b:1d:cf:46:04:dd:0e:11:1e:83:
c5:b4:26:43:44:8e:c3:1c:0d:e2:73:a8:ba:98:ec:68:5d:08:
e8:20:ec:ff:e7:ff:ae:bc:69:af:51:6e:25:fe:0a:41:6a:db:
ac:94:f2:b6:bb:ab:c6:8f:c1:78:24:b8:f7:ff:6c:41:aa:e1:
5e:2f:a7:fa:06:37:6b:00:4c:30:8f:7d:b0:4a:55:64:26:ac:
72:88:3e:1f:fa:60:6d:e8:c7:60:6b:8c:53:c8:2d:50:f7:53:
49:17:b5:f5:ac:0b:ab:af:7e:cc:44:a3:79:09:f5:d2:e7:1f:
b5:a8:b1:20:ff:42:5f:d4:e8:5b:21:de:ce:65:ae:1d:2d:13:
37:73:64:95:82:12:a2:7d:b0:7c:57:2c:85:2b:cb:40:d9:6b:
59:ad:4e:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZXjwBF+2+ugp8OOWRv9YeqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzI5MjExMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFjMmM4Y2ExNTc1MjhiOWE0MjE3ODAzYjdhN2YyZDhlMzNiNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg+30EPL4qg6BwojDGlh5bL4G8aR
u6seuxx2m3syQf9uHy342OLKEBC8lrAo2wEx3zq6Fb6NEMMVEfEl6hUIROs2syy/
gWTZ+RRIhz2bUCdTfL4otVSL1A2XIR8JUtYCsCuogweXzSksTjLK6F+syc5hYdqo
CUxchyeXGx2BG6X7rvVp6Sy5x835B2UOQvs+ajQ/3C45DpYCtv/0WuqV4p3VMOvz
PDzN2608hvreTLAR2cKRiPDPL7VcnresF8LAtIjyWcZLpBOwL9SOds7P/xTmWYPC
5pQ3z1zrhZDKno3VuQ0iOk6gNPdNkfIxqeWBJYUb2EQPtn39FPP6QXYXjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM6sLIyhV1KLmkIXgDt6fy2OM7Q/MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvenF3c2pLRlhVb3VhUWhlQU8zcF9MWTR6dEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQrUAwQB
BQraAwQABQrfMA0GCSqGSIb3DQEBCwUAA4IBAQAzmFZIqcWAgtWMr+98tpYQAy71
/u4S8M0yDxtJmlq3+gTcHnTX718cygKf9C7CEocmMG4XXM5rv3ZfeVz5D1qz7fF2
3KOI+Rum4YwkF3aZFrAMk6lWTEZLIvhjkmiToKGut2sdz0YE3Q4RHoPFtCZDRI7D
HA3ic6i6mOxoXQjoIOz/5/+uvGmvUW4l/gpBatuslPK2u6vGj8F4JLj3/2xBquFe
L6f6BjdrAEwwj32wSlVkJqxyiD4f+mBt6Mdga4xTyC1Q91NJF7X1rAurr37MRKN5
CfXS5x+1qLEg/0Jf1OhbId7OZa4dLRM3c2SVghKifbB8VyyFK8tA2WtZrU5t
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:54:43 2025 by rpki-client on console.sobornost.net