Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/ZU5mIuhec-w4R0nc_UEougNeTzM.roa
File: ZU5mIuhec-w4R0nc_UEougNeTzM.roa (raw, json)
Hash identifier: Ryu8faEPK4CmfRJ6AZyYHPiiRBpNAisMzS6dIeA5uz4=
Subject key identifier: 65:4E:66:22:E8:5E:73:EC:38:47:49:DC:FD:41:28:BA:03:5E:4F:33
Certificate issuer: /CN=e50c44ae981e7492d3ba21e28472080180398d64
Certificate serial: 019422FC2B04A24090D0015EADFCF67F012D
Authority key identifier: E5:0C:44:AE:98:1E:74:92:D3:BA:21:E2:84:72:08:01:80:39:8D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QxErpgedJLTuiHihHIIAYA5jWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/ZU5mIuhec-w4R0nc_UEougNeTzM.roa
Signing time: Wed 01 Jan 2025 17:48:58 +0000
ROA not before: Wed 01 Jan 2025 17:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20932
IP address blocks: 185.68.204.0/22 maxlen: 22
194.11.221.0/24 maxlen: 24
217.169.128.0/20 maxlen: 20
217.169.144.0/20 maxlen: 20
2001:41e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2b:04:a2:40:90:d0:01:5e:ad:fc:f6:7f:01:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e50c44ae981e7492d3ba21e28472080180398d64
Validity
Not Before: Jan 1 17:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=654e6622e85e73ec384749dcfd4128ba035e4f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c5:4a:22:5d:78:34:a6:73:93:87:8a:13:e9:
8d:6c:a6:18:55:7d:f2:a3:9b:36:50:70:4e:b4:c7:
5a:2b:2d:41:1a:6e:fa:73:34:45:73:64:85:ee:35:
e0:25:7e:f4:c3:90:7b:f5:6b:e5:b3:49:3f:34:2f:
1a:10:17:f1:7a:b6:34:b4:d2:45:4a:de:83:bf:c9:
2f:67:bf:c5:83:34:87:ec:e5:eb:a4:c1:9d:c5:1c:
35:0b:50:13:5b:3b:70:5b:90:24:68:14:f7:6c:44:
e5:c1:4e:c6:35:cd:de:51:b6:77:a7:fe:e1:c3:af:
05:64:6e:c5:82:30:ca:23:b4:6f:41:ef:97:33:d7:
04:dc:b0:00:09:31:98:93:fa:bc:81:67:63:bc:10:
e2:f2:d5:74:35:77:17:92:54:20:66:c1:20:a4:8e:
f1:3c:f5:81:df:26:1b:ae:04:23:ab:73:cc:19:87:
e5:e4:28:43:9b:ae:b2:66:8f:36:3e:c2:e4:46:ea:
17:00:ef:ef:ac:91:83:33:ea:9c:a7:01:ce:3f:a6:
66:4b:88:05:50:13:d5:84:7c:69:48:33:61:89:75:
b1:ac:c3:dc:87:35:22:aa:2d:56:f3:dc:b6:ba:53:
22:8d:2e:84:0b:54:77:74:cb:03:52:d7:b2:4c:9d:
64:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4E:66:22:E8:5E:73:EC:38:47:49:DC:FD:41:28:BA:03:5E:4F:33
X509v3 Authority Key Identifier:
keyid:E5:0C:44:AE:98:1E:74:92:D3:BA:21:E2:84:72:08:01:80:39:8D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QxErpgedJLTuiHihHIIAYA5jWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/ZU5mIuhec-w4R0nc_UEougNeTzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/5QxErpgedJLTuiHihHIIAYA5jWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.204.0/22
194.11.221.0/24
217.169.128.0/19
IPv6:
2001:41e0::/32
Signature Algorithm: sha256WithRSAEncryption
01:6d:90:8f:fd:fe:fc:7e:13:bc:b1:88:48:df:7a:f2:a6:88:
fe:85:7e:86:ba:07:a0:25:85:e4:fa:e7:b5:14:01:ec:c6:3a:
44:fd:59:21:35:b2:c9:b6:d4:fe:cb:f1:12:a6:04:70:04:d3:
c5:13:a3:9e:13:34:82:4b:3e:8e:56:50:a3:b1:c2:0d:23:f1:
7e:c2:70:5c:1c:b5:b8:67:16:7a:54:28:5f:5a:2d:13:2c:4a:
66:15:39:8c:3b:de:ec:8f:4a:4e:1a:17:de:ff:22:c5:cb:6f:
24:bf:37:d7:68:d7:92:c6:f4:e3:fc:ea:f5:99:97:37:85:3b:
e9:26:da:e4:bd:b1:c8:ae:66:ff:df:e9:2f:ad:7d:b9:ec:33:
c3:b4:5a:08:d1:91:61:8b:e0:9d:a6:1a:53:94:12:63:c1:a7:
ff:55:e3:d0:39:e2:30:5b:21:c1:5d:d7:ba:2b:c9:30:33:f8:
e0:c6:9e:fc:17:ef:9a:eb:f5:c1:64:e7:b8:7a:54:3b:f5:66:
bb:50:0a:eb:ce:85:8b:55:45:4d:55:f3:f7:5f:ee:2e:d2:0e:
41:68:ab:33:41:74:43:fa:19:b9:4e:4c:9a:a9:39:09:49:c2:
f1:6b:5f:83:7b:be:e8:c4:3f:f7:dd:0e:75:4c:8b:b3:9e:d8:
a1:ca:21:42
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi/CsEokCQ0AFerfz2fwEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MGM0NGFlOTgxZTc0OTJkM2JhMjFlMjg0NzIwODAxODAz
OThkNjQwHhcNMjUwMTAxMTc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRlNjYyMmU4NWU3M2VjMzg0NzQ5ZGNmZDQxMjhiYTAzNWU0ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sVKIl14NKZzk4eKE+mNbKYYVX3y
o5s2UHBOtMdaKy1BGm76czRFc2SF7jXgJX70w5B79Wvls0k/NC8aEBfxerY0tNJF
St6Dv8kvZ7/FgzSH7OXrpMGdxRw1C1ATWztwW5AkaBT3bETlwU7GNc3eUbZ3p/7h
w68FZG7FgjDKI7RvQe+XM9cE3LAACTGYk/q8gWdjvBDi8tV0NXcXklQgZsEgpI7x
PPWB3yYbrgQjq3PMGYfl5ChDm66yZo82PsLkRuoXAO/vrJGDM+qcpwHOP6ZmS4gF
UBPVhHxpSDNhiXWxrMPchzUiqi1W89y2ulMijS6EC1R3dMsDUteyTJ1kRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGVOZiLoXnPsOEdJ3P1BKLoDXk8zMB8GA1UdIwQY
MBaAFOUMRK6YHnSS07oh4oRyCAGAOY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVF4RXJwZ2VkSkxUdWlIaWhISUlBWUE1aldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yMjYwMTgtMGUwNi00MzVlLWFiZmQt
ZjVmZmVlMTcyMGMxLzEvWlU1bUl1aGVjLXc0UjBuY19VRW91Z05lVHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yMjYwMTgtMGUwNi00MzVlLWFiZmQtZjVmZmVlMTcyMGMx
LzEvNVF4RXJwZ2VkSkxUdWlIaWhISUlBWUE1aldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUTMAwQA
wgvdAwQF2amAMA0EAgACMAcDBQAgAUHgMA0GCSqGSIb3DQEBCwUAA4IBAQABbZCP
/f78fhO8sYhI33rypoj+hX6GugegJYXk+ue1FAHsxjpE/VkhNbLJttT+y/ESpgRw
BNPFE6OeEzSCSz6OVlCjscINI/F+wnBcHLW4ZxZ6VChfWi0TLEpmFTmMO97sj0pO
Ghfe/yLFy28kvzfXaNeSxvTj/Or1mZc3hTvpJtrkvbHIrmb/3+kvrX257DPDtFoI
0ZFhi+CdphpTlBJjwaf/VePQOeIwWyHBXde6K8kwM/jgxp78F++a6/XBZOe4elQ7
9Wa7UArrzoWLVUVNVfP3X+4u0g5BaKszQXRD+hm5TkyaqTkJScLxa1+De77oxD/3
3Q51TIuzntihyiFC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:43 2025 by rpki-client on console.sobornost.net