Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/wzHTUEDPSJ9fu6Go3MzUkAR9gVE.roa
File: wzHTUEDPSJ9fu6Go3MzUkAR9gVE.roa (raw, json)
Hash identifier: HH9rFvWwfqcHjpbJnsKsdwBfEEqoBLNu0bOt5Pi9+gU=
Subject key identifier: C3:31:D3:50:40:CF:48:9F:5F:BB:A1:A8:DC:CC:D4:90:04:7D:81:51
Certificate issuer: /CN=521aa024758d8d104e1179c55039816636afe298
Certificate serial: 01942521E5B776F745CFA2397806F1F4B6C4
Authority key identifier: 52:1A:A0:24:75:8D:8D:10:4E:11:79:C5:50:39:81:66:36:AF:E2:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UhqgJHWNjRBOEXnFUDmBZjav4pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/wzHTUEDPSJ9fu6Go3MzUkAR9gVE.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20626
IP address blocks: 62.168.128.0/19 maxlen: 19
83.216.96.0/19 maxlen: 19
185.75.40.0/22 maxlen: 22
2001:b58::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e5:b7:76:f7:45:cf:a2:39:78:06:f1:f4:b6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521aa024758d8d104e1179c55039816636afe298
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c331d35040cf489f5fbba1a8dcccd490047d8151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:04:64:16:bf:ec:0f:f4:69:d3:22:52:d2:82:
7c:7f:1e:c6:41:fb:60:56:17:2c:e7:51:80:00:1b:
ca:aa:0b:47:10:73:d3:47:c7:ad:8c:d4:b4:e7:63:
bd:71:e0:ce:1d:78:0d:55:c0:4b:a5:98:c8:23:1e:
1a:ba:05:da:a6:1a:c9:f1:61:37:55:c1:73:9b:45:
d6:4d:c1:72:35:66:69:b4:07:10:65:c1:b3:48:7b:
f8:da:86:58:b4:66:f4:fe:e3:54:d7:78:9f:92:35:
05:2e:9b:61:a4:b2:20:9c:59:ca:61:9d:8f:ef:ae:
4a:25:0c:95:52:a2:70:8b:8a:67:d7:95:ad:25:bf:
fb:8e:76:a9:fc:54:55:9e:c0:7e:8c:db:d0:13:fe:
36:ce:0a:ed:80:a7:81:b6:b4:69:97:48:a2:30:68:
ec:4f:04:4b:f5:a7:0e:0b:af:c3:c7:c1:e7:f5:58:
4e:a3:1e:74:98:17:68:ee:69:21:1c:8f:da:c0:59:
03:eb:54:d9:23:03:d0:48:fc:7d:95:08:4c:f7:ae:
49:39:0e:31:9b:e0:1b:7e:21:f0:f5:03:48:ad:12:
3e:63:45:e0:99:3b:34:5e:4c:aa:ac:7d:c5:d9:0b:
16:fe:94:24:9a:13:2b:40:7d:4b:8b:f4:94:e6:62:
3b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:31:D3:50:40:CF:48:9F:5F:BB:A1:A8:DC:CC:D4:90:04:7D:81:51
X509v3 Authority Key Identifier:
keyid:52:1A:A0:24:75:8D:8D:10:4E:11:79:C5:50:39:81:66:36:AF:E2:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UhqgJHWNjRBOEXnFUDmBZjav4pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/wzHTUEDPSJ9fu6Go3MzUkAR9gVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/UhqgJHWNjRBOEXnFUDmBZjav4pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.168.128.0/19
83.216.96.0/19
185.75.40.0/22
IPv6:
2001:b58::/29
Signature Algorithm: sha256WithRSAEncryption
8c:cc:27:94:c5:d1:02:5e:12:6b:a4:41:91:18:e3:b4:0f:c1:
a2:3f:22:5e:60:df:d4:c5:1f:e0:0a:7b:e3:0d:96:ab:75:c3:
bc:68:91:1f:75:f4:32:55:44:3c:51:e9:82:a1:72:21:82:67:
26:09:9a:a9:ad:24:af:34:32:78:14:71:95:7d:d8:e0:bc:55:
79:ff:c6:34:0b:69:c5:c2:58:0b:c1:12:22:d4:b5:2c:05:ff:
47:2d:fd:54:ab:cf:47:2f:0a:d9:5f:84:33:0a:e9:9e:df:6c:
95:be:49:3e:dc:fa:cf:6f:18:15:9b:bf:0d:38:81:6c:2f:2a:
46:c0:30:c2:f0:e8:60:16:d0:f6:3e:b5:ed:0c:5d:b8:6a:74:
61:f2:cd:11:d4:6f:29:13:0a:bc:18:c2:2e:21:41:cb:8f:85:
5c:75:73:02:7b:bb:1d:f9:7b:7a:0d:0f:30:a2:be:07:41:39:
ae:49:93:f7:66:fd:88:57:49:07:c7:07:9c:4c:37:51:e0:5d:
6a:ba:e1:ee:41:3c:fd:ee:83:75:58:b5:3b:89:85:cf:94:9d:
e9:4c:cd:f9:96:0b:2a:77:21:54:4b:d7:af:70:47:62:4c:80:
b2:55:81:70:3d:4a:49:8f:2d:9d:e5:d5:45:e0:ac:2c:fb:f6:
90:f7:04:69
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlIeW3dvdFz6I5eAbx9LbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWFhMDI0NzU4ZDhkMTA0ZTExNzljNTUwMzk4MTY2MzZh
ZmUyOTgwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzMxZDM1MDQwY2Y0ODlmNWZiYmExYThkY2NjZDQ5MDA0N2Q4MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgRkFr/sD/Rp0yJS0oJ8fx7GQftg
Vhcs51GAABvKqgtHEHPTR8etjNS052O9ceDOHXgNVcBLpZjIIx4augXaphrJ8WE3
VcFzm0XWTcFyNWZptAcQZcGzSHv42oZYtGb0/uNU13ifkjUFLpthpLIgnFnKYZ2P
765KJQyVUqJwi4pn15WtJb/7jnap/FRVnsB+jNvQE/42zgrtgKeBtrRpl0iiMGjs
TwRL9acOC6/Dx8Hn9VhOox50mBdo7mkhHI/awFkD61TZIwPQSPx9lQhM965JOQ4x
m+AbfiHw9QNIrRI+Y0XgmTs0XkyqrH3F2QsW/pQkmhMrQH1Li/SU5mI7xQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMMx01BAz0ifX7uhqNzM1JAEfYFRMB8GA1UdIwQY
MBaAFFIaoCR1jY0QThF5xVA5gWY2r+KYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWhxZ0pIV05qUkJPRVhuRlVEbUJaamF2NHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wM2Y5ZWUtNTNlMy00ZjY5LWI4YjAt
YzEzOGU1YzI3YzJiLzEvd3pIVFVFRFBTSjlmdTZHbzNNelVrQVI5Z1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wM2Y5ZWUtNTNlMy00ZjY5LWI4YjAtYzEzOGU1YzI3YzJi
LzEvVWhxZ0pIV05qUkJPRVhuRlVEbUJaamF2NHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPqiAAwQF
U9hgAwQCuUsoMA0EAgACMAcDBQMgAQtYMA0GCSqGSIb3DQEBCwUAA4IBAQCMzCeU
xdECXhJrpEGRGOO0D8GiPyJeYN/UxR/gCnvjDZardcO8aJEfdfQyVUQ8UemCoXIh
gmcmCZqprSSvNDJ4FHGVfdjgvFV5/8Y0C2nFwlgLwRIi1LUsBf9HLf1Uq89HLwrZ
X4QzCume32yVvkk+3PrPbxgVm78NOIFsLypGwDDC8OhgFtD2PrXtDF24anRh8s0R
1G8pEwq8GMIuIUHLj4VcdXMCe7sd+Xt6DQ8wor4HQTmuSZP3Zv2IV0kHxwecTDdR
4F1quuHuQTz97oN1WLU7iYXPlJ3pTM35lgsqdyFUS9evcEdiTICyVYFwPUpJjy2d
5dVF4Kws+/aQ9wRp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net