Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa
File: ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa (raw, json)
Hash identifier: YFHfAWvmuV1pyKRAlUfEUWxi+ZLKrTZD/d9TC0Av1JQ=
Subject key identifier: 64:AF:60:53:81:41:37:C2:94:41:33:C7:1A:18:06:69:73:C8:5A:39
Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial: 019426D970CB095DE3C7CCA88E61376A2BD0
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa
Signing time: Thu 02 Jan 2025 11:49:31 +0000
ROA not before: Thu 02 Jan 2025 11:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210744
IP address blocks: 185.22.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:70:cb:09:5d:e3:c7:cc:a8:8e:61:37:6a:2b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Validity
Not Before: Jan 2 11:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64af6053814137c2944133c71a18066973c85a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:02:4c:d2:df:f8:d7:04:f3:3c:96:d0:02:a6:
cc:83:be:67:9f:2a:56:f8:43:60:36:37:7f:b7:64:
30:80:4c:25:0b:76:7d:ac:90:0b:9a:30:86:16:da:
1c:1b:43:33:b0:a6:7a:31:33:32:37:a9:f3:b1:37:
14:0a:d1:c9:02:1b:01:29:49:e3:06:cd:c5:6a:66:
57:21:ce:32:3c:8c:db:bc:40:4e:58:7e:4a:62:91:
da:41:8a:dc:36:f5:f0:99:e9:d4:e8:91:d6:22:70:
b0:e5:d3:b7:5c:e8:43:42:21:0d:e5:a8:75:30:50:
e5:94:1d:ac:74:ca:f6:a0:ac:55:27:98:35:1d:6c:
88:bc:58:44:57:a0:86:5d:4a:10:9a:62:c8:a9:cf:
4c:14:54:40:15:42:16:79:7e:e1:e9:11:e6:4e:7d:
f4:aa:c2:5f:8e:f0:c6:bc:67:0b:02:fe:02:6f:51:
68:61:6f:60:07:82:aa:99:5e:e3:41:9e:d7:8c:e0:
1a:a0:c9:fb:59:3f:ec:44:57:02:3d:d3:e6:b0:de:
21:10:49:72:56:a1:17:d8:ef:69:2f:df:c9:d3:82:
45:5e:fc:4f:90:35:84:0c:6c:c3:b5:c0:92:e7:ad:
8d:c2:9e:34:4f:ec:bb:3e:24:8a:b8:03:eb:a3:53:
b7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AF:60:53:81:41:37:C2:94:41:33:C7:1A:18:06:69:73:C8:5A:39
X509v3 Authority Key Identifier:
keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.228.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:1b:3a:69:84:53:6d:31:2b:1c:b4:1b:fd:7a:cb:fd:cb:e3:
b8:e4:ca:a7:38:bb:8f:90:4d:92:bd:bc:ff:1f:7f:16:85:16:
66:f3:20:7a:2e:cb:50:dd:08:a5:cf:d3:11:83:9e:a1:b0:3b:
2d:cc:ed:8f:38:80:43:02:24:e9:d7:df:fd:a0:26:cc:05:4a:
65:3e:bc:d2:a4:a9:66:9b:e2:ce:36:42:c0:04:3f:01:d1:f5:
76:2b:00:f1:1c:f3:8e:94:f5:d0:84:c6:33:b1:39:ec:a4:d5:
e5:39:65:16:03:27:6c:f9:cc:7a:90:9a:50:53:f5:f0:a2:4c:
c1:68:74:47:38:91:b3:e3:91:74:6b:c6:98:e9:93:d1:4e:0d:
c3:76:59:4e:ef:4c:12:f1:3e:0e:15:35:d7:ac:88:aa:ee:48:
ad:2f:ec:b3:b0:6a:9e:98:e9:9a:72:fe:1f:9d:54:55:c7:0e:
e7:0c:3c:f0:d5:c9:24:62:05:67:7e:96:43:3a:77:88:80:b4:
5f:35:ff:a2:d2:47:4e:1e:0a:73:90:8d:a0:a3:59:06:9b:a6:
52:f6:35:aa:35:de:ec:27:62:45:e2:ef:3e:39:c0:a2:0c:6c:
80:bf:87:75:1e:3b:f7:40:e7:1d:a0:3d:62:96:fe:d0:73:7b:
f7:f6:d3:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2XDLCV3jx8yojmE3aivQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw
MDJhMmEwHhcNMjUwMTAyMTE0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGFmNjA1MzgxNDEzN2MyOTQ0MTMzYzcxYTE4MDY2OTczYzg1YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gJM0t/41wTzPJbQAqbMg75nnypW
+ENgNjd/t2QwgEwlC3Z9rJALmjCGFtocG0MzsKZ6MTMyN6nzsTcUCtHJAhsBKUnj
Bs3FamZXIc4yPIzbvEBOWH5KYpHaQYrcNvXwmenU6JHWInCw5dO3XOhDQiEN5ah1
MFDllB2sdMr2oKxVJ5g1HWyIvFhEV6CGXUoQmmLIqc9MFFRAFUIWeX7h6RHmTn30
qsJfjvDGvGcLAv4Cb1FoYW9gB4KqmV7jQZ7XjOAaoMn7WT/sRFcCPdPmsN4hEEly
VqEX2O9pL9/J04JFXvxPkDWEDGzDtcCS562Nwp40T+y7PiSKuAPro1O3HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSvYFOBQTfClEEzxxoYBmlzyFo5MB8GA1UdIwQY
MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt
ZjAxMTI5Mzk1M2Y1LzEvWks5Z1U0RkJOOEtVUVRQSEdoZ0dhWFBJV2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1
LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRbkMA0G
CSqGSIb3DQEBCwUAA4IBAQAKGzpphFNtMSsctBv9esv9y+O45MqnOLuPkE2Svbz/
H38WhRZm8yB6LstQ3Qilz9MRg56hsDstzO2POIBDAiTp19/9oCbMBUplPrzSpKlm
m+LONkLABD8B0fV2KwDxHPOOlPXQhMYzsTnspNXlOWUWAyds+cx6kJpQU/XwokzB
aHRHOJGz45F0a8aY6ZPRTg3DdllO70wS8T4OFTXXrIiq7kitL+yzsGqemOmacv4f
nVRVxw7nDDzw1ckkYgVnfpZDOneIgLRfNf+i0kdOHgpzkI2go1kGm6ZS9jWqNd7s
J2JF4u8+OcCiDGyAv4d1Hjv3QOcdoD1ilv7Qc3v39tM6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net