Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/zNz1AfmuI-JaBpfPGHO9MkwOvfQ.roa
File: zNz1AfmuI-JaBpfPGHO9MkwOvfQ.roa (raw, json)
Hash identifier: 0HyNbToxG2DZkG8CfYdHWn+/CoqF7eSFEY87IgOUVwM=
Subject key identifier: CC:DC:F5:01:F9:AE:23:E2:5A:06:97:CF:18:73:BD:32:4C:0E:BD:F4
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 0195899888BDF96C2AB9EA30CBA8A7605285
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/zNz1AfmuI-JaBpfPGHO9MkwOvfQ.roa
Signing time: Wed 12 Mar 2025 09:03:49 +0000
ROA not before: Wed 12 Mar 2025 09:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15683
IP address blocks: 78.27.128.0/18 maxlen: 24
91.196.192.0/22 maxlen: 24
91.203.48.0/22 maxlen: 24
94.45.32.0/21 maxlen: 24
94.45.40.0/21 maxlen: 24
94.45.48.0/21 maxlen: 24
94.45.56.0/22 maxlen: 24
193.222.140.0/24 maxlen: 24
193.243.152.0/23 maxlen: 24
2a01:6d80:2000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:98:88:bd:f9:6c:2a:b9:ea:30:cb:a8:a7:60:52:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Mar 12 09:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccdcf501f9ae23e25a0697cf1873bd324c0ebdf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d1:ac:37:d0:d3:05:24:9e:25:88:fc:50:3c:
f9:fd:5a:ef:8c:5e:9a:24:f0:f3:2a:6c:26:dd:49:
9a:13:02:2b:8e:bc:20:ae:29:db:65:e7:5a:fd:6c:
f0:20:cb:47:d4:5e:6b:96:9e:5e:98:e7:b9:c1:2c:
91:06:f3:2b:c9:4c:df:4c:93:75:57:8e:4a:a5:07:
f4:ab:ef:96:67:1b:4a:11:34:22:dd:cb:41:a4:52:
5d:5e:0f:7c:ba:d3:78:2d:48:13:80:55:43:92:a2:
e3:7f:61:8c:17:36:31:7d:1c:45:2c:68:a9:58:14:
1d:e4:63:d6:76:88:c1:f0:22:5d:e8:cd:97:6e:f8:
83:f3:25:29:ac:4d:94:f8:20:8e:ab:2a:02:d0:c5:
93:c8:b1:38:97:09:6e:b1:f6:86:e1:8b:76:33:09:
d2:1b:34:ee:a7:96:4e:0b:0b:f1:03:cf:6c:39:0d:
78:ce:27:7c:46:46:e8:a6:be:96:fe:3e:d6:c8:74:
33:70:24:fb:da:20:19:b5:ed:44:04:6d:f0:e3:18:
92:e5:58:14:a5:1e:43:b6:84:b0:06:0e:79:a5:46:
33:4b:d1:95:99:e6:bf:a3:3d:e6:24:8f:95:29:50:
1f:ce:db:d6:69:78:05:3b:36:00:95:90:2e:26:01:
73:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DC:F5:01:F9:AE:23:E2:5A:06:97:CF:18:73:BD:32:4C:0E:BD:F4
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/zNz1AfmuI-JaBpfPGHO9MkwOvfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.27.128.0/18
91.196.192.0/22
91.203.48.0/22
94.45.32.0-94.45.59.255
193.222.140.0/24
193.243.152.0/23
IPv6:
2a01:6d80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
d6:74:05:f5:44:b1:60:b9:1d:ad:9e:5a:65:2f:24:3a:c9:36:
e8:26:d8:b9:0e:0f:45:89:c9:9f:d8:43:cd:0a:f7:18:d6:d6:
66:21:8e:d9:45:ea:c9:31:d9:bb:3a:b6:2f:7c:94:9a:20:5f:
60:96:09:7f:cc:61:86:8d:54:8d:12:e7:db:b9:54:b9:6d:7c:
36:5b:f5:c7:46:7b:ca:90:0d:38:2a:6f:e0:8c:66:4f:44:97:
40:7c:38:31:13:dd:c2:91:28:a8:6f:dd:e3:53:fa:d1:d2:37:
b9:f3:ef:50:31:ac:8a:3c:dc:c7:1e:7f:e8:f3:b4:68:8d:91:
5f:c7:93:ee:14:e5:9f:20:2b:c4:72:71:9d:8d:8d:4a:28:77:
03:cd:db:be:99:b8:c5:94:f0:db:fb:de:c2:85:6f:d5:17:28:
66:b5:47:4d:16:cd:42:c3:24:6d:2f:56:84:a6:f3:ae:6f:c1:
d3:1f:1e:bd:2e:08:fa:c1:a3:72:61:75:74:62:93:e5:e9:51:
4b:e5:1b:69:de:41:3c:5e:fc:19:a2:e9:25:ea:ed:6c:91:f0:
a4:4e:ae:22:78:eb:01:a5:ec:f9:47:b4:d6:55:7e:9c:a3:ea:
3d:76:dd:86:c4:e5:56:5b:13:a1:11:88:5b:5a:00:cd:67:44:
9d:5d:a3:85
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZWJmIi9+Wwqueowy6inYFKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwMzEyMDkwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2RjZjUwMWY5YWUyM2UyNWEwNjk3Y2YxODczYmQzMjRjMGViZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdGsN9DTBSSeJYj8UDz5/VrvjF6a
JPDzKmwm3UmaEwIrjrwgrinbZeda/WzwIMtH1F5rlp5emOe5wSyRBvMryUzfTJN1
V45KpQf0q++WZxtKETQi3ctBpFJdXg98utN4LUgTgFVDkqLjf2GMFzYxfRxFLGip
WBQd5GPWdojB8CJd6M2XbviD8yUprE2U+CCOqyoC0MWTyLE4lwlusfaG4Yt2MwnS
GzTup5ZOCwvxA89sOQ14zid8Rkbopr6W/j7WyHQzcCT72iAZte1EBG3w4xiS5VgU
pR5DtoSwBg55pUYzS9GVmea/oz3mJI+VKVAfztvWaXgFOzYAlZAuJgFzGwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMzc9QH5riPiWgaXzxhzvTJMDr30MB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvek56MUFmbXVJLUphQnBmUEdITzlNa3dPdmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAyBAIAATAsAwQGThuAAwQC
W8TAAwQCW8swMAwDBAVeLSADBAJeLTgDBADB3owDBAHB85gwDgQCAAIwCAMGBCoB
bYAgMA0GCSqGSIb3DQEBCwUAA4IBAQDWdAX1RLFguR2tnlplLyQ6yTboJti5Dg9F
icmf2EPNCvcY1tZmIY7ZRerJMdm7OrYvfJSaIF9glgl/zGGGjVSNEufbuVS5bXw2
W/XHRnvKkA04Km/gjGZPRJdAfDgxE93CkSiob93jU/rR0je58+9QMayKPNzHHn/o
87RojZFfx5PuFOWfICvEcnGdjY1KKHcDzdu+mbjFlPDb+97ChW/VFyhmtUdNFs1C
wyRtL1aEpvOub8HTHx69Lgj6waNyYXV0YpPl6VFL5Rtp3kE8XvwZoukl6u1skfCk
Tq4ieOsBpez5R7TWVX6co+o9dt2GxOVWWxOhEYhbWgDNZ0SdXaOF
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:13:53 2025 by rpki-client on console.sobornost.net