Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/92c0a7-2c00-4a0d-b0f9-bce3eb5775eb/1/ZAHBHHaAw7FsCrpLUbPA7Y_af1E.roa
File: ZAHBHHaAw7FsCrpLUbPA7Y_af1E.roa (raw, json)
Hash identifier: BHI7TthhK/CKdv2M5Vzp/LT9A37tVvweSFfs+BtDAtU=
Subject key identifier: 64:01:C1:1C:76:80:C3:B1:6C:0A:BA:4B:51:B3:C0:ED:8F:DA:7F:51
Certificate issuer: /CN=01d288e54730b1093af4999380342f85d8198d0a
Certificate serial: 0194D1886E2109CE4EE04A8C9B6B9A8C183B
Authority key identifier: 01:D2:88:E5:47:30:B1:09:3A:F4:99:93:80:34:2F:85:D8:19:8D:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdKI5UcwsQk69JmTgDQvhdgZjQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/92c0a7-2c00-4a0d-b0f9-bce3eb5775eb/1/ZAHBHHaAw7FsCrpLUbPA7Y_af1E.roa
Signing time: Tue 04 Feb 2025 15:16:06 +0000
ROA not before: Tue 04 Feb 2025 15:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198497
IP address blocks: 188.241.122.0/24 maxlen: 24
188.241.123.0/24 maxlen: 24
195.62.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d1:88:6e:21:09:ce:4e:e0:4a:8c:9b:6b:9a:8c:18:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d288e54730b1093af4999380342f85d8198d0a
Validity
Not Before: Feb 4 15:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6401c11c7680c3b16c0aba4b51b3c0ed8fda7f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3d:b1:c5:26:99:66:9c:e5:c1:f0:05:33:46:
6c:23:71:3e:8d:b4:c9:4e:20:39:a9:3a:87:0e:8f:
ab:25:23:b8:f0:7c:04:a6:6a:4b:d1:40:66:e3:6e:
27:b3:4f:7f:15:c1:b0:6d:ce:bb:34:db:8e:c7:34:
80:b6:80:6c:20:62:e5:d7:75:7d:f0:db:da:15:2f:
90:81:ab:e5:c3:50:52:7b:47:27:ac:7e:98:db:52:
0a:99:4a:98:61:0e:ea:14:0e:73:94:81:65:f9:9e:
7c:c2:d9:c8:25:b7:bf:68:34:66:82:2d:dd:99:35:
7e:5c:bf:4a:5b:34:8b:36:c4:70:e2:73:fb:7e:98:
07:1a:fc:f6:61:d5:47:db:19:93:4f:8b:e1:c7:ab:
6e:8f:03:98:3d:f0:69:9d:0c:be:30:32:03:c7:2f:
23:8c:2a:21:0a:2d:c8:4b:fd:f4:19:85:31:2f:95:
1a:2d:3e:27:52:84:d9:68:b7:e0:50:6b:51:76:29:
86:be:b3:a8:16:31:80:fa:99:82:82:cd:09:44:cb:
67:ed:92:49:87:8f:8e:27:fd:78:c5:62:4d:e8:50:
44:a9:e8:10:c2:71:58:fe:a4:99:e6:b4:6c:e5:48:
e3:e3:59:75:5e:5b:36:79:ca:4a:e8:5d:24:15:28:
d4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:01:C1:1C:76:80:C3:B1:6C:0A:BA:4B:51:B3:C0:ED:8F:DA:7F:51
X509v3 Authority Key Identifier:
keyid:01:D2:88:E5:47:30:B1:09:3A:F4:99:93:80:34:2F:85:D8:19:8D:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdKI5UcwsQk69JmTgDQvhdgZjQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/92c0a7-2c00-4a0d-b0f9-bce3eb5775eb/1/ZAHBHHaAw7FsCrpLUbPA7Y_af1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/92c0a7-2c00-4a0d-b0f9-bce3eb5775eb/1/AdKI5UcwsQk69JmTgDQvhdgZjQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.122.0/23
195.62.5.0/24
Signature Algorithm: sha256WithRSAEncryption
60:65:d0:65:06:72:7b:de:c2:0b:1f:e1:01:19:13:9c:b4:35:
42:f5:7c:3c:e4:96:f3:f7:6d:5d:39:95:72:14:3d:30:aa:15:
02:4a:4b:5f:5e:a1:a6:4a:f4:bc:9d:2d:92:36:93:07:33:51:
c1:9a:72:a1:48:d6:c1:d6:ae:a2:c7:aa:42:d8:f6:4c:7b:87:
ca:c6:b0:8e:de:92:9a:65:62:58:6e:2c:9b:62:12:08:43:f4:
3e:cc:56:3c:be:dc:09:54:33:ea:24:83:27:49:52:04:a3:47:
c8:f8:8e:5b:f3:2e:3f:10:4e:79:62:b5:9d:42:ae:8c:7a:23:
50:20:a6:7f:c5:38:98:f6:9a:b7:bf:15:aa:b7:6b:38:af:06:
0f:05:37:eb:3d:6f:a2:63:16:22:34:13:1c:91:98:a4:29:73:
e1:81:cb:58:5d:73:3c:32:0b:8f:78:91:8a:1b:fa:94:90:4b:
e6:22:93:61:c0:6a:7b:97:35:53:49:85:e4:c2:e6:24:5d:24:
dc:6a:fd:85:cc:5f:de:fb:91:a2:40:60:a4:52:f5:27:2b:71:
51:3f:59:29:91:dc:c9:53:6a:4e:1e:3d:6a:78:81:6a:64:33:
58:fd:41:e1:02:5a:c5:a6:3d:9e:ec:42:62:d2:c8:86:b9:ff:
5c:ca:3e:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTRiG4hCc5O4EqMm2uajBg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDI4OGU1NDczMGIxMDkzYWY0OTk5MzgwMzQyZjg1ZDgx
OThkMGEwHhcNMjUwMjA0MTUxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDAxYzExYzc2ODBjM2IxNmMwYWJhNGI1MWIzYzBlZDhmZGE3ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT2xxSaZZpzlwfAFM0ZsI3E+jbTJ
TiA5qTqHDo+rJSO48HwEpmpL0UBm424ns09/FcGwbc67NNuOxzSAtoBsIGLl13V9
8NvaFS+Qgavlw1BSe0cnrH6Y21IKmUqYYQ7qFA5zlIFl+Z58wtnIJbe/aDRmgi3d
mTV+XL9KWzSLNsRw4nP7fpgHGvz2YdVH2xmTT4vhx6tujwOYPfBpnQy+MDIDxy8j
jCohCi3IS/30GYUxL5UaLT4nUoTZaLfgUGtRdimGvrOoFjGA+pmCgs0JRMtn7ZJJ
h4+OJ/14xWJN6FBEqegQwnFY/qSZ5rRs5Ujj41l1Xls2ecpK6F0kFSjUSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGQBwRx2gMOxbAq6S1GzwO2P2n9RMB8GA1UdIwQY
MBaAFAHSiOVHMLEJOvSZk4A0L4XYGY0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRLSTVVY3dzUWs2OUptVGdEUXZoZGdaalFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85MmMwYTctMmMwMC00YTBkLWIwZjkt
YmNlM2ViNTc3NWViLzEvWkFIQkhIYUF3N0ZzQ3JwTFViUEE3WV9hZjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85MmMwYTctMmMwMC00YTBkLWIwZjktYmNlM2ViNTc3NWVi
LzEvQWRLSTVVY3dzUWs2OUptVGdEUXZoZGdaalFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvPF6AwQA
wz4FMA0GCSqGSIb3DQEBCwUAA4IBAQBgZdBlBnJ73sILH+EBGROctDVC9Xw85Jbz
921dOZVyFD0wqhUCSktfXqGmSvS8nS2SNpMHM1HBmnKhSNbB1q6ix6pC2PZMe4fK
xrCO3pKaZWJYbiybYhIIQ/Q+zFY8vtwJVDPqJIMnSVIEo0fI+I5b8y4/EE55YrWd
Qq6MeiNQIKZ/xTiY9pq3vxWqt2s4rwYPBTfrPW+iYxYiNBMckZikKXPhgctYXXM8
MguPeJGKG/qUkEvmIpNhwGp7lzVTSYXkwuYkXSTcav2FzF/e+5GiQGCkUvUnK3FR
P1kpkdzJU2pOHj1qeIFqZDNY/UHhAlrFpj2e7EJi0siGuf9cyj6q
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net