Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/ZFvHbKMASPTw38lOs9oWeuw1U-4.roa
File: ZFvHbKMASPTw38lOs9oWeuw1U-4.roa (raw, json)
Hash identifier: HZhplikQvG33rAVAtLNyD/3IfM/BXxh9qsmuRDaoo/w=
Subject key identifier: 64:5B:C7:6C:A3:00:48:F4:F0:DF:C9:4E:B3:DA:16:7A:EC:35:53:EE
Certificate issuer: /CN=1dd9a94679ec9ab33e65e069c9aa440db273e14e
Certificate serial: 019425FDDAE612B95509D0BFCA11B6EB8270
Authority key identifier: 1D:D9:A9:46:79:EC:9A:B3:3E:65:E0:69:C9:AA:44:0D:B2:73:E1:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdmpRnnsmrM-ZeBpyapEDbJz4U4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/ZFvHbKMASPTw38lOs9oWeuw1U-4.roa
Signing time: Thu 02 Jan 2025 07:49:41 +0000
ROA not before: Thu 02 Jan 2025 07:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209803
IP address blocks: 193.32.156.0/22 maxlen: 22
2a09:880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:da:e6:12:b9:55:09:d0:bf:ca:11:b6:eb:82:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dd9a94679ec9ab33e65e069c9aa440db273e14e
Validity
Not Before: Jan 2 07:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=645bc76ca30048f4f0dfc94eb3da167aec3553ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:70:eb:6b:27:f0:44:fb:d7:16:91:af:72:bf:
ca:8f:5e:51:55:cb:5d:4e:e1:a9:8a:35:3a:9e:b6:
ee:50:51:fc:8f:19:d2:a7:d2:1e:32:3a:4c:ea:00:
b0:03:1e:54:7c:8e:c1:2e:16:0f:35:05:5d:0d:8c:
e0:b1:f7:49:51:e5:c4:91:a0:a4:66:08:02:71:b2:
b1:ba:c4:31:7e:62:13:de:47:e5:c1:b2:7a:76:c9:
27:79:c0:cf:31:7b:e7:61:00:c0:8a:d9:ca:05:9e:
51:88:06:80:49:7c:ed:92:bc:08:36:03:9d:a1:c8:
68:4f:fa:1e:ba:a2:b1:4b:10:b5:0e:71:eb:55:24:
cc:2d:56:20:a8:0f:1c:21:6a:ca:05:dc:45:93:a7:
a3:28:92:c3:b5:6d:11:5c:5b:ff:81:ca:e0:9c:e9:
87:14:dd:97:f2:d2:fe:23:07:93:68:64:94:f2:e8:
17:6d:7d:6b:9b:21:df:11:2d:ab:a8:ec:a3:69:3e:
70:48:56:ec:46:92:e6:09:a3:77:5d:78:9f:0c:3b:
06:d4:04:c0:a0:30:f0:ab:68:a8:42:60:63:1d:3a:
1b:24:9e:be:35:af:9a:40:ad:08:1d:74:f9:c4:68:
e6:90:71:72:d0:21:cf:e9:f2:06:9a:94:29:bb:0c:
55:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5B:C7:6C:A3:00:48:F4:F0:DF:C9:4E:B3:DA:16:7A:EC:35:53:EE
X509v3 Authority Key Identifier:
keyid:1D:D9:A9:46:79:EC:9A:B3:3E:65:E0:69:C9:AA:44:0D:B2:73:E1:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdmpRnnsmrM-ZeBpyapEDbJz4U4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/ZFvHbKMASPTw38lOs9oWeuw1U-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a3b9b9-217c-41c9-9476-27dd0ad2adf3/1/HdmpRnnsmrM-ZeBpyapEDbJz4U4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.156.0/22
IPv6:
2a09:880::/29
Signature Algorithm: sha256WithRSAEncryption
87:d6:a6:91:f1:5c:89:c3:e0:57:12:e7:0e:ad:a0:f0:f1:0b:
64:33:fe:33:2c:65:59:69:7e:93:66:e2:5a:9c:dd:24:81:2e:
e7:d2:23:96:79:f9:43:cc:6b:95:67:16:1b:ea:50:3a:ff:fe:
4a:87:dc:c6:88:63:d2:c9:b6:5b:4c:51:d7:ca:dd:37:58:eb:
b2:01:e3:d1:66:6d:e8:7f:ec:9d:6e:4b:77:06:64:14:7e:88:
45:f3:11:fc:85:a4:dd:76:d6:7e:12:a8:b3:bf:e7:f5:4c:82:
81:e3:d9:2c:16:68:7e:ff:c0:f0:0f:36:a7:e2:54:f5:08:d2:
bc:31:0d:54:c2:28:64:08:3e:e0:45:f2:75:1f:64:b6:78:f3:
e1:20:59:4c:8f:54:45:d8:ab:1d:1b:12:ae:f3:b6:60:63:ad:
f8:e8:e9:58:35:57:da:7a:b8:91:f3:e0:fd:84:a7:03:c6:b3:
93:07:61:ad:ba:91:88:4f:a2:06:b8:28:3d:3d:92:68:71:40:
6a:8f:98:55:13:f7:ee:2c:11:7d:4d:1d:28:73:e8:6b:21:67:
1e:48:a8:05:aa:99:eb:4f:1f:54:48:b4:50:c0:42:c1:93:0d:
b7:59:a1:a0:8b:96:f3:15:70:57:97:29:dc:79:14:7e:f7:bd:
06:ea:e5:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/drmErlVCdC/yhG264JwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDlhOTQ2NzllYzlhYjMzZTY1ZTA2OWM5YWE0NDBkYjI3
M2UxNGUwHhcNMjUwMTAyMDc0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDViYzc2Y2EzMDA0OGY0ZjBkZmM5NGViM2RhMTY3YWVjMzU1M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnDrayfwRPvXFpGvcr/Kj15RVctd
TuGpijU6nrbuUFH8jxnSp9IeMjpM6gCwAx5UfI7BLhYPNQVdDYzgsfdJUeXEkaCk
ZggCcbKxusQxfmIT3kflwbJ6dsknecDPMXvnYQDAitnKBZ5RiAaASXztkrwINgOd
ochoT/oeuqKxSxC1DnHrVSTMLVYgqA8cIWrKBdxFk6ejKJLDtW0RXFv/gcrgnOmH
FN2X8tL+IweTaGSU8ugXbX1rmyHfES2rqOyjaT5wSFbsRpLmCaN3XXifDDsG1ATA
oDDwq2ioQmBjHTobJJ6+Na+aQK0IHXT5xGjmkHFy0CHP6fIGmpQpuwxVjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGRbx2yjAEj08N/JTrPaFnrsNVPuMB8GA1UdIwQY
MBaAFB3ZqUZ57JqzPmXgacmqRA2yc+FOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRtcFJubnNtck0tWmVCcHlhcEVEYkp6NFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hM2I5YjktMjE3Yy00MWM5LTk0NzYt
MjdkZDBhZDJhZGYzLzEvWkZ2SGJLTUFTUFR3MzhsT3M5b1dldXcxVS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hM2I5YjktMjE3Yy00MWM5LTk0NzYtMjdkZDBhZDJhZGYz
LzEvSGRtcFJubnNtck0tWmVCcHlhcEVEYkp6NFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwSCcMA0E
AgACMAcDBQMqCQiAMA0GCSqGSIb3DQEBCwUAA4IBAQCH1qaR8VyJw+BXEucOraDw
8QtkM/4zLGVZaX6TZuJanN0kgS7n0iOWeflDzGuVZxYb6lA6//5Kh9zGiGPSybZb
TFHXyt03WOuyAePRZm3of+ydbkt3BmQUfohF8xH8haTddtZ+Eqizv+f1TIKB49ks
Fmh+/8DwDzan4lT1CNK8MQ1UwihkCD7gRfJ1H2S2ePPhIFlMj1RF2KsdGxKu87Zg
Y6346OlYNVfaeriR8+D9hKcDxrOTB2GtupGIT6IGuCg9PZJocUBqj5hVE/fuLBF9
TR0oc+hrIWceSKgFqpnrTx9USLRQwELBkw23WaGgi5bzFXBXlynceRR+970G6uWE
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net