Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/z9Zyukoi2uOHQdEe-vCyq46DaFo.roa
File: z9Zyukoi2uOHQdEe-vCyq46DaFo.roa (raw, json)
Hash identifier: aTR5i5ZEuCcMlVNNZ8y9Ak4ulLNXmEOMB0JCISwIQQM=
Subject key identifier: CF:D6:72:BA:4A:22:DA:E3:87:41:D1:1E:FA:F0:B2:AB:8E:83:68:5A
Certificate issuer: /CN=9e5d484eb6b4b5689a544cf0b13b7ef932457ef1
Certificate serial: 01942067EE660D1AB0C598E77E80B6C9CCDA
Authority key identifier: 9E:5D:48:4E:B6:B4:B5:68:9A:54:4C:F0:B1:3B:7E:F9:32:45:7E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nl1ITra0tWiaVEzwsTt--TJFfvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/z9Zyukoi2uOHQdEe-vCyq46DaFo.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35236
IP address blocks: 185.205.136.0/22 maxlen: 24
185.205.137.0/24 maxlen: 24
2a0b:640::/30 maxlen: 30
2a0b:640:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ee:66:0d:1a:b0:c5:98:e7:7e:80:b6:c9:cc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e5d484eb6b4b5689a544cf0b13b7ef932457ef1
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfd672ba4a22dae38741d11efaf0b2ab8e83685a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c3:97:91:26:33:41:af:b2:39:a3:a3:34:5a:
b5:0e:92:9a:00:34:1e:cd:47:23:ca:11:5c:24:f4:
3f:9c:89:a1:5b:e1:a9:84:60:1b:55:85:de:3a:dd:
0e:77:99:47:ce:2d:da:c4:ac:0e:73:36:83:3e:24:
8c:95:fa:75:af:59:de:e2:4c:57:12:a6:8b:fc:87:
36:55:fd:35:5f:50:95:ac:4c:98:42:7e:a9:c4:d7:
b7:6c:6e:dd:78:0d:b8:e4:2d:4b:85:c6:a0:9e:fe:
a4:4c:5e:c5:1a:ac:6a:da:69:c3:86:fc:d1:db:c3:
a1:44:f9:cf:21:de:15:ad:83:76:f5:14:0c:c0:d3:
c6:cb:61:e3:80:e5:a6:b6:a8:d4:ca:98:bc:b0:51:
4b:18:88:a4:a0:4c:72:87:d8:dd:5f:7c:ac:08:7d:
c5:00:c0:aa:c1:e4:67:49:4d:5f:14:57:67:56:07:
ad:0b:41:90:13:ae:1c:e9:bc:1a:f1:e5:14:e8:f0:
1f:58:24:18:4a:88:b0:f4:85:72:a2:5c:c2:72:00:
ed:d8:39:84:8c:77:1f:ba:f4:55:2e:39:f8:a4:f1:
29:1f:04:13:7d:ee:10:43:85:ee:03:11:d7:56:f8:
00:e5:67:19:25:b0:3f:dd:ff:ee:f1:02:a0:28:a5:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D6:72:BA:4A:22:DA:E3:87:41:D1:1E:FA:F0:B2:AB:8E:83:68:5A
X509v3 Authority Key Identifier:
keyid:9E:5D:48:4E:B6:B4:B5:68:9A:54:4C:F0:B1:3B:7E:F9:32:45:7E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nl1ITra0tWiaVEzwsTt--TJFfvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/z9Zyukoi2uOHQdEe-vCyq46DaFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b674bb-0447-4d72-b302-6ec40a381819/1/nl1ITra0tWiaVEzwsTt--TJFfvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.136.0/22
IPv6:
2a0b:640::/30
Signature Algorithm: sha256WithRSAEncryption
63:51:5e:1d:18:86:99:4b:8e:30:6b:e6:17:78:9b:98:7f:2d:
4e:5d:c6:42:32:61:32:f8:4d:cc:0f:9e:cd:61:0d:6b:7a:a1:
c0:68:9f:84:e0:82:76:c6:77:e9:50:44:2c:f3:2f:1b:8a:4b:
d3:48:c5:e8:aa:1f:d4:98:1d:4a:63:1f:ee:6f:9e:06:83:f9:
f2:48:2a:58:10:11:eb:97:6c:6c:7c:c7:62:45:2c:7c:e0:ce:
27:27:18:74:a3:14:6e:ef:25:c0:93:33:fe:fa:68:a8:11:bc:
29:0b:91:ba:54:e4:3f:a5:dc:e5:f6:b9:42:bf:42:74:72:67:
c4:1c:fe:dd:93:97:17:4c:9e:40:29:97:b0:bf:dc:a2:88:94:
8c:32:d8:82:f4:3f:11:16:44:f8:47:88:b6:62:5e:75:65:7e:
52:e3:1f:7a:3b:df:79:b5:6c:84:07:b2:56:32:b0:8f:18:45:
c2:3d:82:bf:ef:5f:b4:d9:6f:1e:cd:05:4d:21:23:ee:d2:90:
13:76:42:21:a8:9f:08:24:f6:58:df:91:55:e2:8d:70:ad:91:
d1:c3:fe:02:45:13:77:6e:d7:2e:94:f5:0e:93:48:65:90:b0:
2a:c5:00:6e:ed:6d:21:d8:8e:54:9b:9e:ce:09:6b:68:b6:da:
4a:57:f3:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgZ+5mDRqwxZjnfoC2yczaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNWQ0ODRlYjZiNGI1Njg5YTU0NGNmMGIxM2I3ZWY5MzI0
NTdlZjEwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQ2NzJiYTRhMjJkYWUzODc0MWQxMWVmYWYwYjJhYjhlODM2ODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMOXkSYzQa+yOaOjNFq1DpKaADQe
zUcjyhFcJPQ/nImhW+GphGAbVYXeOt0Od5lHzi3axKwOczaDPiSMlfp1r1ne4kxX
EqaL/Ic2Vf01X1CVrEyYQn6pxNe3bG7deA245C1Lhcagnv6kTF7FGqxq2mnDhvzR
28OhRPnPId4VrYN29RQMwNPGy2HjgOWmtqjUypi8sFFLGIikoExyh9jdX3ysCH3F
AMCqweRnSU1fFFdnVgetC0GQE64c6bwa8eUU6PAfWCQYSoiw9IVyolzCcgDt2DmE
jHcfuvRVLjn4pPEpHwQTfe4QQ4XuAxHXVvgA5WcZJbA/3f/u8QKgKKWdHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM/WcrpKItrjh0HRHvrwsquOg2haMB8GA1UdIwQY
MBaAFJ5dSE62tLVomlRM8LE7fvkyRX7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmwxSVRyYTB0V2lhVkV6d3NUdC0tVEpGZnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNjc0YmItMDQ0Ny00ZDcyLWIzMDIt
NmVjNDBhMzgxODE5LzEvejlaeXVrb2kydU9IUWRFZS12Q3lxNDZEYUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNjc0YmItMDQ0Ny00ZDcyLWIzMDItNmVjNDBhMzgxODE5
LzEvbmwxSVRyYTB0V2lhVkV6d3NUdC0tVEpGZnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc2IMA0E
AgACMAcDBQIqCwZAMA0GCSqGSIb3DQEBCwUAA4IBAQBjUV4dGIaZS44wa+YXeJuY
fy1OXcZCMmEy+E3MD57NYQ1reqHAaJ+E4IJ2xnfpUEQs8y8bikvTSMXoqh/UmB1K
Yx/ub54Gg/nySCpYEBHrl2xsfMdiRSx84M4nJxh0oxRu7yXAkzP++mioEbwpC5G6
VOQ/pdzl9rlCv0J0cmfEHP7dk5cXTJ5AKZewv9yiiJSMMtiC9D8RFkT4R4i2Yl51
ZX5S4x96O995tWyEB7JWMrCPGEXCPYK/71+02W8ezQVNISPu0pATdkIhqJ8IJPZY
35FV4o1wrZHRw/4CRRN3btculPUOk0hlkLAqxQBu7W0h2I5Um57OCWtottpKV/OT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:31 2025 by rpki-client on console.sobornost.net