Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZYHUvuA6eBDvKLI8l4NHS4rjSHQ.roa
File: ZYHUvuA6eBDvKLI8l4NHS4rjSHQ.roa (raw, json)
Hash identifier: tWzvfyg7YU/4s3lE4fLo1otFrzbgL/5RYx619Pe+eMw=
Subject key identifier: 65:81:D4:BE:E0:3A:78:10:EF:28:B2:3C:97:83:47:4B:8A:E3:48:74
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0195F6D466F2C2E9AC855BF4185FBEF9AAC8
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZYHUvuA6eBDvKLI8l4NHS4rjSHQ.roa
Signing time: Wed 02 Apr 2025 14:07:49 +0000
ROA not before: Wed 02 Apr 2025 14:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 213.182.198.0/24 maxlen: 24
213.182.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:d4:66:f2:c2:e9:ac:85:5b:f4:18:5f:be:f9:aa:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Apr 2 14:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6581d4bee03a7810ef28b23c9783474b8ae34874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d8:65:52:ef:80:7a:e7:ec:1c:55:40:4c:c5:
c0:47:5c:4c:25:20:86:7d:e4:8b:e4:b2:12:95:04:
64:87:7c:b9:ad:74:05:49:c5:57:c5:b8:23:32:d3:
13:bd:dc:e8:64:bd:72:e9:8c:96:77:48:e1:89:6d:
09:d0:25:ed:79:cc:a1:fb:59:bc:49:23:9d:43:5c:
4f:2a:35:29:bf:cc:5a:4a:c9:2c:ce:b6:5c:7e:b5:
b0:79:d0:42:75:d3:e2:12:3d:a8:85:74:8f:3b:31:
25:a9:5b:f0:8e:2b:11:a3:90:f0:5b:93:fc:0f:ba:
3a:a8:1b:6b:11:7d:54:63:6a:29:44:93:4f:a7:14:
a7:9f:f3:78:6a:8c:39:d9:3f:0f:86:69:dd:b1:57:
92:a8:1e:5a:0c:48:52:d5:d8:b7:55:d5:25:ce:f5:
3d:85:d0:b3:e2:96:dc:c9:35:70:42:aa:93:7c:3c:
bf:54:8b:e7:0c:c4:ad:ba:05:98:65:a0:1b:e8:29:
34:bb:c8:d5:2b:bd:6c:86:9a:0a:a3:37:18:93:67:
40:40:a1:21:45:0b:75:1f:23:6c:67:cd:28:58:3f:
2c:02:0d:93:c1:ee:eb:d9:4e:17:fc:a7:4c:ce:26:
06:25:b7:fe:ff:26:4f:62:f1:85:99:88:21:b9:c2:
96:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:81:D4:BE:E0:3A:78:10:EF:28:B2:3C:97:83:47:4B:8A:E3:48:74
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZYHUvuA6eBDvKLI8l4NHS4rjSHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.198.0/24
213.182.205.0/24
Signature Algorithm: sha256WithRSAEncryption
00:ad:2c:8e:35:70:57:84:d6:22:67:52:02:dc:d5:1e:e9:1c:
c5:5d:4a:1b:78:bf:07:fc:aa:9e:ee:36:0c:c9:ca:79:42:08:
28:34:de:04:44:76:d8:82:ae:ff:ad:a8:df:e1:02:02:d0:5a:
7f:29:95:ed:2e:17:5c:25:a0:15:36:d7:eb:31:57:58:31:f0:
65:72:d6:aa:75:f3:6a:29:30:5c:5c:0f:fc:1a:d6:08:95:7a:
88:1e:46:88:65:cf:e7:50:73:99:a6:61:47:b1:b4:2c:31:6c:
30:4a:1e:99:0c:e6:87:24:1f:e8:2b:37:01:37:97:51:a0:73:
26:a0:b1:a3:77:68:ee:4a:e5:99:b8:8e:cb:81:85:9f:0d:d1:
05:77:54:d8:89:7d:5a:11:6a:95:66:92:83:a0:ad:ae:6a:b1:
51:55:84:75:6c:82:d9:12:01:f1:ae:a2:4c:96:10:d6:db:4d:
1c:6a:fd:2f:36:35:ce:55:cc:1c:8b:e2:78:f6:7c:00:99:49:
58:e7:d3:58:c8:a3:95:16:f7:f9:96:f6:fd:09:bd:62:6b:15:
32:a1:2b:fd:04:bd:a5:8d:29:f9:9c:07:03:dd:9b:a0:e3:49:
dc:20:7c:7d:e2:09:df:d3:2c:25:87:ad:a6:56:78:96:b6:7e:
c5:62:86:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX21GbywumshVv0GF+++arIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwNDAyMTQwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTgxZDRiZWUwM2E3ODEwZWYyOGIyM2M5NzgzNDc0YjhhZTM0ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNhlUu+AeufsHFVATMXAR1xMJSCG
feSL5LISlQRkh3y5rXQFScVXxbgjMtMTvdzoZL1y6YyWd0jhiW0J0CXtecyh+1m8
SSOdQ1xPKjUpv8xaSskszrZcfrWwedBCddPiEj2ohXSPOzElqVvwjisRo5DwW5P8
D7o6qBtrEX1UY2opRJNPpxSnn/N4aow52T8PhmndsVeSqB5aDEhS1di3VdUlzvU9
hdCz4pbcyTVwQqqTfDy/VIvnDMStugWYZaAb6Ck0u8jVK71shpoKozcYk2dAQKEh
RQt1HyNsZ80oWD8sAg2Twe7r2U4X/KdMziYGJbf+/yZPYvGFmYghucKW7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGWB1L7gOngQ7yiyPJeDR0uK40h0MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvWllIVXZ1QTZlQkR2S0xJOGw0TkhTNHJqU0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1bbGAwQA
1bbNMA0GCSqGSIb3DQEBCwUAA4IBAQAArSyONXBXhNYiZ1IC3NUe6RzFXUobeL8H
/Kqe7jYMycp5QggoNN4ERHbYgq7/rajf4QIC0Fp/KZXtLhdcJaAVNtfrMVdYMfBl
ctaqdfNqKTBcXA/8GtYIlXqIHkaIZc/nUHOZpmFHsbQsMWwwSh6ZDOaHJB/oKzcB
N5dRoHMmoLGjd2juSuWZuI7LgYWfDdEFd1TYiX1aEWqVZpKDoK2uarFRVYR1bILZ
EgHxrqJMlhDW200cav0vNjXOVcwci+J49nwAmUlY59NYyKOVFvf5lvb9Cb1iaxUy
oSv9BL2ljSn5nAcD3Zug40ncIHx94gnf0ywlh62mVniWtn7FYoZR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:24 2025 by rpki-client on console.sobornost.net