Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/ziX8_hpTF8ziYiuxKjrOFhfqeQo.roa
File: ziX8_hpTF8ziYiuxKjrOFhfqeQo.roa (raw, json)
Hash identifier: HyWFcNCrTB5jYAeqdAfWDrR8oFNvkYOvB8sslFQIfBQ=
Subject key identifier: CE:25:FC:FE:1A:53:17:CC:E2:62:2B:B1:2A:3A:CE:16:17:EA:79:0A
Certificate issuer: /CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Certificate serial: 01941F8C128C6F3EC285D8F0CC43F2562029
Authority key identifier: 0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/ziX8_hpTF8ziYiuxKjrOFhfqeQo.roa
Signing time: Wed 01 Jan 2025 01:47:41 +0000
ROA not before: Wed 01 Jan 2025 01:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213281
IP address blocks: 45.155.140.0/22 maxlen: 24
151.252.216.0/21 maxlen: 24
217.195.148.0/22 maxlen: 24
2a0f:ff00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:12:8c:6f:3e:c2:85:d8:f0:cc:43:f2:56:20:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c17dae04476db1016caa43e3ed9bc6bd69f3975
Validity
Not Before: Jan 1 01:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce25fcfe1a5317cce2622bb12a3ace1617ea790a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:21:5b:6d:b1:45:fe:52:74:ac:66:dd:f6:9b:
82:16:4c:85:af:f0:3c:bf:53:67:66:d3:d6:ea:d2:
81:ac:00:8d:e8:53:00:e1:f1:28:06:6f:61:e6:01:
ed:77:22:69:f0:bc:90:d7:80:85:fa:7a:4c:2d:9e:
f4:72:33:8c:2d:dc:bd:8e:2f:43:4e:4c:13:8b:1b:
f5:8c:50:20:4c:31:a8:72:fd:20:23:9e:f8:7e:6c:
00:49:5d:4a:fe:55:d0:7c:40:ae:31:ba:fe:61:ce:
3e:58:b6:d1:89:b5:1f:f1:e8:8d:7d:71:eb:b5:ca:
b8:82:37:ea:72:92:7c:1c:f2:74:cb:04:51:6c:32:
0f:ce:be:25:67:b8:14:bd:56:2a:72:7d:0f:d5:27:
68:77:4f:0f:36:27:67:5e:b0:bd:28:3e:4d:c2:52:
23:0e:fd:94:c3:35:91:a2:39:5a:f1:ec:00:68:c7:
6b:dc:5c:9a:bc:1e:88:90:0b:1c:c9:3a:ad:ed:63:
66:8b:b8:bb:51:1c:19:3e:e0:fb:f1:bd:11:f3:a9:
0c:8f:b4:da:49:41:11:75:bd:e1:23:eb:21:14:be:
ff:6b:53:f7:95:f5:c0:2a:31:4d:4b:af:32:0f:a8:
dc:19:22:50:7e:a3:3d:27:3f:96:b7:f9:c1:21:a5:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:25:FC:FE:1A:53:17:CC:E2:62:2B:B1:2A:3A:CE:16:17:EA:79:0A
X509v3 Authority Key Identifier:
keyid:0C:17:DA:E0:44:76:DB:10:16:CA:A4:3E:3E:D9:BC:6B:D6:9F:39:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBfa4ER22xAWyqQ-Ptm8a9afOXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/ziX8_hpTF8ziYiuxKjrOFhfqeQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/81d94d-2e40-4546-8b89-804f17ec245e/1/DBfa4ER22xAWyqQ-Ptm8a9afOXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.140.0/22
151.252.216.0/21
217.195.148.0/22
IPv6:
2a0f:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
07:5e:bd:ab:33:f4:08:b2:bf:da:a4:f6:c3:3b:64:93:36:17:
a7:fd:d5:c9:a3:ba:51:bd:fb:3b:a3:f4:08:53:80:04:c0:91:
9a:b2:c3:7f:8e:64:f2:7f:e7:06:92:ca:76:3c:c8:90:52:ff:
7f:b9:92:e1:6d:39:39:5a:33:5b:1a:79:49:c4:12:9a:40:74:
22:69:aa:95:8e:75:4f:cd:d1:4d:fb:b2:5d:84:e8:f3:df:c3:
b6:b7:c1:b7:b2:81:ed:4b:8c:01:c7:18:0c:7d:d1:e9:82:64:
57:54:08:1c:3d:da:b8:29:99:d3:26:d8:3a:8b:fa:eb:4c:92:
e3:37:55:d1:7f:c3:2d:7a:19:ca:af:80:95:cf:b5:fe:da:a2:
cf:74:e8:d5:fc:37:dd:61:e2:18:82:51:45:63:e6:fb:8b:59:
cd:ec:c8:34:2a:5a:a2:7e:4b:d5:52:22:3b:a0:6e:65:bb:22:
92:6b:4c:c8:dc:d6:82:ef:87:c0:90:19:74:6d:a9:49:d0:50:
c3:ce:a6:01:26:f8:02:c6:44:39:99:b2:48:c1:bf:30:72:6b:
40:2b:39:62:c0:34:0a:99:4e:cc:f3:21:78:51:1b:a0:af:cd:
86:ca:6c:5f:83:33:d7:ad:93:2e:5d:cd:de:46:ca:8b:2c:f1:
b8:37:56:df
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjBKMbz7ChdjwzEPyViApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTdkYWUwNDQ3NmRiMTAxNmNhYTQzZTNlZDliYzZiZDY5
ZjM5NzUwHhcNMjUwMTAxMDE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTI1ZmNmZTFhNTMxN2NjZTI2MjJiYjEyYTNhY2UxNjE3ZWE3OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviFbbbFF/lJ0rGbd9puCFkyFr/A8
v1NnZtPW6tKBrACN6FMA4fEoBm9h5gHtdyJp8LyQ14CF+npMLZ70cjOMLdy9ji9D
TkwTixv1jFAgTDGocv0gI574fmwASV1K/lXQfECuMbr+Yc4+WLbRibUf8eiNfXHr
tcq4gjfqcpJ8HPJ0ywRRbDIPzr4lZ7gUvVYqcn0P1Sdod08PNidnXrC9KD5NwlIj
Dv2UwzWRojla8ewAaMdr3FyavB6IkAscyTqt7WNmi7i7URwZPuD78b0R86kMj7Ta
SUERdb3hI+shFL7/a1P3lfXAKjFNS68yD6jcGSJQfqM9Jz+Wt/nBIaUOJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM4l/P4aUxfM4mIrsSo6zhYX6nkKMB8GA1UdIwQY
MBaAFAwX2uBEdtsQFsqkPj7ZvGvWnzl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODkt
ODA0ZjE3ZWMyNDVlLzEvemlYOF9ocFRGOHppWWl1eEtqck9GaGZxZVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi84MWQ5NGQtMmU0MC00NTQ2LThiODktODA0ZjE3ZWMyNDVl
LzEvREJmYTRFUjIyeEFXeXFRLVB0bThhOWFmT1hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZuMAwQD
l/zYAwQC2cOUMA0EAgACMAcDBQMqD/8AMA0GCSqGSIb3DQEBCwUAA4IBAQAHXr2r
M/QIsr/apPbDO2STNhen/dXJo7pRvfs7o/QIU4AEwJGassN/jmTyf+cGksp2PMiQ
Uv9/uZLhbTk5WjNbGnlJxBKaQHQiaaqVjnVPzdFN+7JdhOjz38O2t8G3soHtS4wB
xxgMfdHpgmRXVAgcPdq4KZnTJtg6i/rrTJLjN1XRf8MtehnKr4CVz7X+2qLPdOjV
/DfdYeIYglFFY+b7i1nN7Mg0KlqifkvVUiI7oG5luyKSa0zI3NaC74fAkBl0balJ
0FDDzqYBJvgCxkQ5mbJIwb8wcmtAKzliwDQKmU7M8yF4URugr82GymxfgzPXrZMu
Xc3eRsqLLPG4N1bf
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net