Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/pZ6QLhb3L-zU8HaIuMWziHfarGQ.roa
File: pZ6QLhb3L-zU8HaIuMWziHfarGQ.roa (raw, json)
Hash identifier: bAsLcg/vcZKidF7bKnaCdDmEHtuPe3QKZhFTHIqySAA=
Subject key identifier: A5:9E:90:2E:16:F7:2F:EC:D4:F0:76:88:B8:C5:B3:88:77:DA:AC:64
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 01942747309DD63624B3809A60021DCE10A4
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/pZ6QLhb3L-zU8HaIuMWziHfarGQ.roa
Signing time: Thu 02 Jan 2025 13:49:24 +0000
ROA not before: Thu 02 Jan 2025 13:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211025
IP address blocks: 212.14.48.0/24 maxlen: 24
212.14.54.0/24 maxlen: 24
212.14.59.0/24 maxlen: 24
213.155.169.0/24 maxlen: 24
213.155.170.0/23 maxlen: 23
213.155.172.0/24 maxlen: 24
213.155.177.0/24 maxlen: 24
213.155.181.0/24 maxlen: 24
213.155.186.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:30:9d:d6:36:24:b3:80:9a:60:02:1d:ce:10:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 2 13:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a59e902e16f72fecd4f07688b8c5b38877daac64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:db:b3:56:95:2f:b0:ed:d1:cf:d0:c3:64:5d:
34:4e:99:5e:f4:6b:0b:14:01:2b:c5:5b:7c:a7:02:
d0:9c:94:20:33:16:4c:05:d4:f7:d4:32:2d:e7:cd:
62:be:a0:f5:12:6d:42:af:dc:7d:fe:9f:99:68:12:
d7:8a:40:dc:cc:7a:fd:e8:d7:60:94:91:e1:8b:f7:
2c:e1:44:62:b7:f5:fd:22:90:d9:80:69:90:51:75:
d8:4b:c6:08:fc:a7:74:e0:ce:f0:93:e0:b4:95:a3:
12:95:2e:59:df:59:b8:45:e2:7c:b1:67:00:d3:1f:
8b:45:50:4c:a0:5a:5a:62:a9:0b:ef:46:6e:c1:b6:
57:75:3d:18:f5:ff:f9:94:47:f5:30:6a:bf:7c:fe:
8a:32:3a:6a:77:d8:a8:01:89:ad:e2:c8:bc:34:67:
78:f0:ad:b9:87:8f:ca:5b:7a:cc:d5:f5:e7:6b:e1:
8a:6c:e2:ec:0a:dc:73:3e:c3:fd:0d:25:49:aa:e4:
ec:31:4d:94:19:61:8b:ae:b2:ab:26:78:4d:a9:35:
79:c1:53:e6:cd:f6:f3:4b:08:7e:22:35:27:22:49:
39:89:0e:7a:32:2b:06:e5:6a:56:28:ff:db:91:53:
8e:17:a3:47:63:08:ab:bd:62:35:9c:a6:2c:7e:db:
30:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9E:90:2E:16:F7:2F:EC:D4:F0:76:88:B8:C5:B3:88:77:DA:AC:64
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/pZ6QLhb3L-zU8HaIuMWziHfarGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.14.48.0/24
212.14.54.0/24
212.14.59.0/24
213.155.169.0-213.155.172.255
213.155.177.0/24
213.155.181.0/24
213.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
21:11:ed:07:56:b0:e8:75:ce:e9:d6:02:cc:33:0f:dd:2e:df:
2f:69:e7:bd:8a:25:f9:8b:76:49:3b:88:6f:36:87:df:30:63:
d2:5e:b7:cf:d5:3e:1c:ee:58:8a:df:30:3c:fe:ea:85:b7:42:
83:aa:9e:e1:c6:4d:9c:ab:3a:4e:81:82:f7:ac:d4:a5:68:1c:
31:e4:e5:5f:0f:69:11:36:c8:92:49:27:c9:5a:86:fc:b3:68:
9b:36:4a:ae:3f:a0:89:01:42:bf:94:1b:14:2d:a5:51:01:2f:
30:9a:b0:d2:07:f3:0d:c6:7b:ec:14:eb:ac:29:2e:5d:eb:a8:
09:bf:81:8a:17:71:97:5d:ab:ce:d0:ea:0c:28:1f:06:08:44:
fa:cb:7b:6b:76:df:33:6b:f2:6c:9d:cd:ee:9e:74:93:74:2b:
67:a2:7d:f0:39:2c:04:46:38:b5:3d:df:a8:11:a4:a7:fb:57:
63:ce:0b:06:4c:3c:89:7f:52:3a:fb:84:0c:ac:23:00:c2:4d:
da:9e:88:ea:81:83:50:17:4a:5f:c9:41:7f:bc:dd:f8:e7:8e:
6c:28:cd:d2:dd:c5:26:2b:0a:1d:d9:09:d2:ff:72:17:ab:ca:
40:55:fa:ec:e5:ef:43:24:40:b8:3a:07:4b:08:48:6f:48:9a:
1a:5d:bf:c1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQnRzCd1jYks4CaYAIdzhCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjUwMTAyMTM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTllOTAyZTE2ZjcyZmVjZDRmMDc2ODhiOGM1YjM4ODc3ZGFhYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotuzVpUvsO3Rz9DDZF00Tple9GsL
FAErxVt8pwLQnJQgMxZMBdT31DIt581ivqD1Em1Cr9x9/p+ZaBLXikDczHr96Ndg
lJHhi/cs4URit/X9IpDZgGmQUXXYS8YI/Kd04M7wk+C0laMSlS5Z31m4ReJ8sWcA
0x+LRVBMoFpaYqkL70ZuwbZXdT0Y9f/5lEf1MGq/fP6KMjpqd9ioAYmt4si8NGd4
8K25h4/KW3rM1fXna+GKbOLsCtxzPsP9DSVJquTsMU2UGWGLrrKrJnhNqTV5wVPm
zfbzSwh+IjUnIkk5iQ56MisG5WpWKP/bkVOOF6NHYwirvWI1nKYsftswfQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKWekC4W9y/s1PB2iLjFs4h32qxkMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvcFo2UUxoYjNMLXpVOEhhSXVNV3ppSGZhckdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQA1A4wAwQA
1A42AwQA1A47MAwDBADVm6kDBADVm6wDBADVm7EDBADVm7UDBAHVm7owDQYJKoZI
hvcNAQELBQADggEBACER7QdWsOh1zunWAswzD90u3y9p572KJfmLdkk7iG82h98w
Y9Jet8/VPhzuWIrfMDz+6oW3QoOqnuHGTZyrOk6Bgves1KVoHDHk5V8PaRE2yJJJ
J8lahvyzaJs2Sq4/oIkBQr+UGxQtpVEBLzCasNIH8w3Ge+wU66wpLl3rqAm/gYoX
cZddq87Q6gwoHwYIRPrLe2t23zNr8mydze6edJN0K2eiffA5LARGOLU936gRpKf7
V2POCwZMPIl/Ujr7hAysIwDCTdqeiOqBg1AXSl/JQX+83fjnjmwozdLdxSYrCh3Z
CdL/cherykBV+uzl70MkQLg6B0sISG9Imhpdv8E=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:39 2025 by rpki-client on console.sobornost.net