Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/ZIl-tGPYsmILe8aUvhHfFRisBTg.roa
File: ZIl-tGPYsmILe8aUvhHfFRisBTg.roa (raw, json)
Hash identifier: ELX+nfW5VdhOFYsiqhpPo4rEHXv1DoXfvUrKNYNv+iU=
Subject key identifier: 64:89:7E:B4:63:D8:B2:62:0B:7B:C6:94:BE:11:DF:15:18:AC:05:38
Certificate issuer: /CN=ce741e7de657e4a10f93ca92c517a81b2c0b251e
Certificate serial: 0194221FDC12FA5BF634F7B50A10DB085FEA
Authority key identifier: CE:74:1E:7D:E6:57:E4:A1:0F:93:CA:92:C5:17:A8:1B:2C:0B:25:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znQefeZX5KEPk8qSxReoGywLJR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/ZIl-tGPYsmILe8aUvhHfFRisBTg.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30848
IP address blocks: 185.9.53.0/24 maxlen: 24
185.203.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:dc:12:fa:5b:f6:34:f7:b5:0a:10:db:08:5f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce741e7de657e4a10f93ca92c517a81b2c0b251e
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64897eb463d8b2620b7bc694be11df1518ac0538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f6:70:4b:a7:62:4f:09:2c:61:e1:69:bc:db:
36:f3:90:f8:67:d7:9b:4f:22:4b:23:6e:1d:e5:29:
ce:83:75:a7:08:fa:11:41:09:9e:c8:21:8f:2b:99:
08:c2:cd:35:65:97:96:07:9f:f2:90:66:3d:14:4a:
7f:77:69:f5:36:0e:f2:76:6a:39:6f:0b:44:20:d2:
39:0c:05:25:6a:5f:3e:42:3c:27:5b:b1:11:0d:4a:
7e:13:01:86:b8:62:d5:97:d1:cf:f9:fe:62:9c:10:
01:22:a5:7d:22:1b:bd:d4:ac:59:c2:18:d7:0a:81:
a7:4e:40:e8:c7:2f:bc:95:0c:d2:7a:75:2d:b1:18:
20:bb:4f:2b:be:39:00:b9:9c:67:30:b2:bb:79:bf:
22:62:de:85:8e:aa:c1:7e:4f:4d:76:5b:e9:28:72:
fa:68:ff:02:41:6b:b1:74:c6:0a:38:2e:0f:8e:dc:
7b:31:55:4c:52:bd:c8:99:5e:d8:86:7b:f1:ab:bd:
b8:34:63:12:f0:91:99:63:09:13:65:54:db:62:e7:
4a:9a:3e:ae:e1:9c:ec:9c:f3:55:24:da:23:cb:81:
b3:61:5b:f2:d9:ec:0f:d7:bf:09:ff:d5:b8:6d:a5:
14:a1:2f:b0:13:47:db:58:37:3a:d1:26:c2:cd:a9:
d4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:89:7E:B4:63:D8:B2:62:0B:7B:C6:94:BE:11:DF:15:18:AC:05:38
X509v3 Authority Key Identifier:
keyid:CE:74:1E:7D:E6:57:E4:A1:0F:93:CA:92:C5:17:A8:1B:2C:0B:25:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znQefeZX5KEPk8qSxReoGywLJR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/ZIl-tGPYsmILe8aUvhHfFRisBTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c9a9d1-b13c-403d-bd1c-d12a372f5173/1/znQefeZX5KEPk8qSxReoGywLJR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.53.0/24
185.203.88.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:20:c5:30:a3:50:ae:1d:09:bf:3f:7a:8f:37:f2:d6:f1:d1:
21:5d:b6:0c:fe:61:b9:7e:1d:09:94:d3:cb:1b:be:cf:45:05:
c6:97:2b:24:7f:b1:63:4a:a8:09:61:33:54:b1:44:b2:5d:c1:
74:3a:8a:ce:62:91:7e:f7:ee:6c:5f:b6:bb:64:27:88:76:c2:
43:b7:2e:ef:36:7e:0e:0a:7e:a9:e5:38:09:17:aa:28:b1:5b:
b2:62:78:13:b6:87:a7:87:46:92:72:40:d8:87:1c:ee:87:e8:
0d:22:29:f5:5a:f0:c1:d0:2a:0a:08:33:e5:19:7c:a5:f2:2e:
d6:6b:48:17:0e:55:df:7a:6f:d8:9a:7d:15:78:72:f1:10:92:
59:c5:a4:33:d8:0a:fa:6d:e2:14:34:08:bc:73:00:e6:2f:99:
e8:4a:fd:11:80:9c:07:b4:36:32:ae:64:c5:8a:fb:82:88:bf:
43:56:7a:d6:53:2c:d2:64:35:75:9a:59:aa:89:8a:16:68:ed:
72:0c:d1:79:f9:b8:91:79:a3:ed:8d:33:f9:81:38:4e:cc:04:
0b:d2:a1:d6:65:1b:f2:79:52:30:62:1e:c1:82:4d:45:f2:16:
46:28:cf:24:31:4d:ee:49:26:53:74:3c:15:5e:ae:2c:d4:25:
49:c2:10:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH9wS+lv2NPe1ChDbCF/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNzQxZTdkZTY1N2U0YTEwZjkzY2E5MmM1MTdhODFiMmMw
YjI1MWUwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg5N2ViNDYzZDhiMjYyMGI3YmM2OTRiZTExZGYxNTE4YWMwNTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfZwS6diTwksYeFpvNs285D4Z9eb
TyJLI24d5SnOg3WnCPoRQQmeyCGPK5kIws01ZZeWB5/ykGY9FEp/d2n1Ng7ydmo5
bwtEINI5DAUlal8+QjwnW7ERDUp+EwGGuGLVl9HP+f5inBABIqV9Ihu91KxZwhjX
CoGnTkDoxy+8lQzSenUtsRggu08rvjkAuZxnMLK7eb8iYt6FjqrBfk9NdlvpKHL6
aP8CQWuxdMYKOC4Pjtx7MVVMUr3ImV7Yhnvxq724NGMS8JGZYwkTZVTbYudKmj6u
4ZzsnPNVJNojy4GzYVvy2ewP178J/9W4baUUoS+wE0fbWDc60SbCzanUvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGSJfrRj2LJiC3vGlL4R3xUYrAU4MB8GA1UdIwQY
MBaAFM50Hn3mV+ShD5PKksUXqBssCyUeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem5RZWZlWlg1S0VQazhxU3hSZW9HeXdMSlI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jOWE5ZDEtYjEzYy00MDNkLWJkMWMt
ZDEyYTM3MmY1MTczLzEvWklsLXRHUFlzbUlMZThhVXZoSGZGUmlzQlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jOWE5ZDEtYjEzYy00MDNkLWJkMWMtZDEyYTM3MmY1MTcz
LzEvem5RZWZlWlg1S0VQazhxU3hSZW9HeXdMSlI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQk1AwQA
uctYMA0GCSqGSIb3DQEBCwUAA4IBAQCtIMUwo1CuHQm/P3qPN/LW8dEhXbYM/mG5
fh0JlNPLG77PRQXGlyskf7FjSqgJYTNUsUSyXcF0OorOYpF+9+5sX7a7ZCeIdsJD
ty7vNn4OCn6p5TgJF6oosVuyYngTtoenh0aSckDYhxzuh+gNIin1WvDB0CoKCDPl
GXyl8i7Wa0gXDlXfem/Ymn0VeHLxEJJZxaQz2Ar6beIUNAi8cwDmL5noSv0RgJwH
tDYyrmTFivuCiL9DVnrWUyzSZDV1mlmqiYoWaO1yDNF5+biReaPtjTP5gThOzAQL
0qHWZRvyeVIwYh7Bgk1F8hZGKM8kMU3uSSZTdDwVXq4s1CVJwhCS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:09 2025 by rpki-client on console.sobornost.net