Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/zq76-jDiE-ZG2EtnYVmzSBFOjSo.roa
File: zq76-jDiE-ZG2EtnYVmzSBFOjSo.roa (raw, json)
Hash identifier: xegq5G43Ci0O/aA61ppWkoULJLCaEPPQ+B8sdCfksh0=
Subject key identifier: CE:AE:FA:FA:30:E2:13:E6:46:D8:4B:67:61:59:B3:48:11:4E:8D:2A
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 01931D9035F102D3868047EF34B9ADF558B2
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/zq76-jDiE-ZG2EtnYVmzSBFOjSo.roa
Signing time: Mon 11 Nov 2024 23:30:10 +0000
ROA not before: Mon 11 Nov 2024 23:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49788
IP address blocks: 45.153.104.0/22 maxlen: 22
79.141.96.0/20 maxlen: 20
91.90.104.0/21 maxlen: 21
91.189.120.0/21 maxlen: 21
91.193.0.0/22 maxlen: 24
91.209.212.0/24 maxlen: 24
91.218.184.0/22 maxlen: 22
91.221.130.0/23 maxlen: 23
91.223.100.0/24 maxlen: 24
91.225.60.0/22 maxlen: 22
93.184.112.0/21 maxlen: 21
151.252.8.0/21 maxlen: 24
176.111.206.0/23 maxlen: 23
185.7.192.0/22 maxlen: 22
185.55.104.0/22 maxlen: 22
185.80.180.0/22 maxlen: 24
185.168.72.0/22 maxlen: 22
193.202.115.0/24 maxlen: 24
2001:67c:230::/48 maxlen: 48
2001:67c:206c::/48 maxlen: 48
2a02:d140::/29 maxlen: 29
2a04:d340::/29 maxlen: 29
2a0b:f200::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1d:90:35:f1:02:d3:86:80:47:ef:34:b9:ad:f5:58:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Nov 11 23:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceaefafa30e213e646d84b676159b348114e8d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9a:9e:98:30:c4:d2:0e:77:fc:d5:9a:a9:d4:
cd:b2:dc:2f:69:05:b1:1c:be:b7:b8:e6:da:13:87:
e6:ea:9f:53:71:3f:dd:39:39:b0:b4:14:f9:67:b6:
da:fd:22:5f:32:8d:e6:62:d3:7f:bc:36:f7:51:b4:
e8:a8:56:86:4f:a2:a7:79:2a:db:54:d5:b3:b5:01:
75:70:ff:31:44:c8:31:74:e3:41:d4:b4:84:62:ee:
4a:23:28:e5:4e:f3:a5:4e:bd:e7:b1:14:43:f7:04:
07:73:5e:96:75:31:f5:6b:fe:fd:2f:04:6a:c7:58:
51:7f:8f:3f:3a:77:37:37:02:de:47:5f:70:80:c0:
e7:2b:e0:b5:f9:6c:14:ab:9a:41:ef:15:2f:a0:c4:
b8:f7:64:06:e0:87:ad:dd:a7:65:fb:db:2c:03:41:
35:05:4f:7e:dd:95:fd:0d:16:af:07:8c:38:57:4c:
6d:17:1c:95:df:5a:43:41:da:00:99:5d:56:8e:73:
9d:76:c3:48:1e:1d:57:d4:1f:66:85:12:ed:2c:27:
c1:89:da:15:03:fd:11:93:0c:9d:86:58:36:ad:17:
28:6b:b1:1d:a5:31:4f:20:3f:b8:2f:d9:af:ac:79:
fd:18:b4:de:2c:42:fd:36:7c:8d:a1:fc:2c:e4:d2:
a7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AE:FA:FA:30:E2:13:E6:46:D8:4B:67:61:59:B3:48:11:4E:8D:2A
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/zq76-jDiE-ZG2EtnYVmzSBFOjSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
79.141.96.0/20
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
93.184.112.0/21
151.252.8.0/21
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.80.180.0/22
185.168.72.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:206c::/48
2a02:d140::/29
2a04:d340::/29
2a0b:f200::/32
Signature Algorithm: sha256WithRSAEncryption
81:60:87:1c:c5:92:00:3d:e2:c3:74:3e:7f:2e:b4:8f:13:8a:
54:60:d3:f6:b0:03:1e:22:2e:fa:4f:a7:26:ac:f9:da:fa:c0:
92:c0:11:31:ad:be:e3:27:e9:b6:e1:af:19:85:6f:b3:3e:95:
06:f8:50:7e:20:63:22:cd:08:56:95:79:f4:ea:4a:08:92:ca:
1e:03:6a:81:8f:f4:0a:84:16:99:ac:d8:95:f4:88:0f:a1:8b:
2b:da:ce:fb:09:30:8e:70:51:02:8d:f6:c9:7a:af:c8:b9:6e:
0b:fd:d7:c2:66:70:d0:41:0b:c8:e5:ba:6e:ee:7b:c5:00:0e:
f6:7a:44:c0:7a:bc:19:84:9d:df:ee:06:45:85:4c:3b:ac:e1:
02:16:29:e1:89:7d:31:05:0f:48:d9:c3:92:b0:fa:c0:fb:8c:
03:91:25:1b:ee:d8:0d:a4:9f:22:00:05:a2:9d:04:33:1f:e8:
c8:b8:44:ec:69:67:68:ed:d7:db:b0:ef:35:04:5b:ae:13:22:
e6:cc:cb:a0:8b:aa:0d:ea:1e:7f:b7:c0:5b:ff:eb:2b:9f:cc:
22:68:25:93:3a:d8:37:b2:a7:73:36:7d:8a:6c:7b:f9:6a:d6:
7e:fa:aa:c3:62:34:90:31:f7:be:00:dd:ae:d3:8e:a3:b9:27:
16:99:56:29
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZMdkDXxAtOGgEfvNLmt9ViyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjQxMTExMjMzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFlZmFmYTMwZTIxM2U2NDZkODRiNjc2MTU5YjM0ODExNGU4ZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZqemDDE0g53/NWaqdTNstwvaQWx
HL63uObaE4fm6p9TcT/dOTmwtBT5Z7ba/SJfMo3mYtN/vDb3UbToqFaGT6KneSrb
VNWztQF1cP8xRMgxdONB1LSEYu5KIyjlTvOlTr3nsRRD9wQHc16WdTH1a/79LwRq
x1hRf48/Onc3NwLeR19wgMDnK+C1+WwUq5pB7xUvoMS492QG4Iet3adl+9ssA0E1
BU9+3ZX9DRavB4w4V0xtFxyV31pDQdoAmV1WjnOddsNIHh1X1B9mhRLtLCfBidoV
A/0Rkwydhlg2rRcoa7EdpTFPID+4L9mvrHn9GLTeLEL9NnyNofws5NKnpQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFM6u+vow4hPmRthLZ2FZs0gRTo0qMB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvenE3Ni1qRGlFLVpHMkV0bllWbXpTQkZPalNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozByBAIAATBsAwQCLZlo
AwQET41gAwQDW1poAwQDW714AwQCW8EAAwQAW9HUAwQCW9q4AwQBW92CAwQAW99k
AwQCW+E8AwQDXbhwAwQDl/wIAwQBsG/OAwQCuQfAAwQCuTdoAwQCuVC0AwQCuahI
AwQAwcpzMC0EAgACMCcDBwAgAQZ8AjADBwAgAQZ8IGwDBQMqAtFAAwUDKgTTQAMF
ACoL8gAwDQYJKoZIhvcNAQELBQADggEBAIFghxzFkgA94sN0Pn8utI8TilRg0/aw
Ax4iLvpPpyas+dr6wJLAETGtvuMn6bbhrxmFb7M+lQb4UH4gYyLNCFaVefTqSgiS
yh4DaoGP9AqEFpms2JX0iA+hiyvazvsJMI5wUQKN9sl6r8i5bgv918JmcNBBC8jl
um7ue8UADvZ6RMB6vBmEnd/uBkWFTDus4QIWKeGJfTEFD0jZw5Kw+sD7jAORJRvu
2A2knyIABaKdBDMf6Mi4ROxpZ2jt19uw7zUEW64TIubMy6CLqg3qHn+3wFv/6yuf
zCJoJZM62Deyp3M2fYpse/lq1n76qsNiNJAx974A3a7TjqO5JxaZVik=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:08 2024 by rpki-client on console.sobornost.net