Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/ZyBaJPQxm3-XH0gFju5MJYC4JWg.roa
File: ZyBaJPQxm3-XH0gFju5MJYC4JWg.roa (raw, json)
Hash identifier: ySj8+X0dnc9ap4EhtEfAJ9xZUfiKRhH4fcuhqGb+r4k=
Subject key identifier: 67:20:5A:24:F4:31:9B:7F:97:1F:48:05:8E:EE:4C:25:80:B8:25:68
Certificate issuer: /CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Certificate serial: 019425218AB5824D61778E30D8A5B96C23CF
Authority key identifier: F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/ZyBaJPQxm3-XH0gFju5MJYC4JWg.roa
Signing time: Thu 02 Jan 2025 03:49:02 +0000
ROA not before: Thu 02 Jan 2025 03:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21263
IP address blocks: 185.159.244.0/24 maxlen: 24
2a13:780::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8a:b5:82:4d:61:77:8e:30:d8:a5:b9:6c:23:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Validity
Not Before: Jan 2 03:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67205a24f4319b7f971f48058eee4c2580b82568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a1:06:5b:56:95:a5:42:b7:54:b6:46:07:f0:
09:ed:60:d4:f9:34:05:24:3c:82:f1:03:fc:ba:86:
27:e6:01:73:52:ec:2d:82:24:3c:1b:67:06:dd:16:
5d:dd:bb:30:8f:4e:e4:9b:e9:b4:6c:83:25:c0:6d:
df:4f:4e:86:9b:b4:27:6e:1d:3a:2d:64:19:07:70:
7b:03:04:95:b6:ca:67:d1:de:d7:61:cc:76:b9:e8:
79:c7:65:69:7d:86:46:45:57:99:ad:1b:db:5f:3e:
cc:bf:83:2b:16:47:a2:72:77:71:59:16:97:e8:e6:
d2:a3:cc:65:ac:01:9e:33:1c:55:7b:7b:6d:bc:48:
25:d9:c6:b9:30:4a:99:b1:63:f4:99:47:7d:f6:ba:
69:27:5d:5e:58:f5:59:4a:4c:a1:20:55:bf:a1:e6:
a8:1b:fb:98:50:b5:37:17:73:b5:c3:6e:c1:26:43:
01:bf:5c:a0:22:96:3f:89:8a:c6:ce:64:3f:30:46:
93:28:be:6e:fe:80:c9:d6:71:a7:50:8c:c0:8a:a3:
77:d1:62:b8:68:a3:09:db:20:f4:8c:7f:5d:7a:24:
2b:1e:0b:a7:1f:14:2f:2e:96:ae:f7:d1:f2:54:5a:
36:10:6b:03:33:49:d1:62:85:d5:85:95:2a:51:ec:
54:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:20:5A:24:F4:31:9B:7F:97:1F:48:05:8E:EE:4C:25:80:B8:25:68
X509v3 Authority Key Identifier:
keyid:F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/ZyBaJPQxm3-XH0gFju5MJYC4JWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/80fO2aDtf5RLn078OFd7OObRxnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.244.0/24
IPv6:
2a13:780::/29
Signature Algorithm: sha256WithRSAEncryption
5f:d7:cc:6e:19:a7:2d:2d:f4:18:a7:5c:2b:f5:59:a9:b8:cd:
32:b1:4b:b7:e3:62:c1:f0:bb:06:47:61:04:41:4b:9e:e4:1d:
e5:99:b4:d5:a9:7e:83:9c:bd:c0:c2:fc:59:9f:2c:b8:aa:74:
2c:54:ba:97:34:50:ac:0b:21:ec:01:86:04:e6:05:33:17:ec:
43:78:a3:9d:8e:ec:75:54:22:8f:ba:ec:07:90:53:e9:4c:4b:
c3:3a:d1:69:cb:fc:c6:0b:9b:e4:18:5a:57:b2:c8:77:d7:30:
49:77:e6:e1:8f:d4:76:f2:1b:54:28:8c:2d:84:f0:cc:32:fc:
7c:50:2c:02:65:f7:76:f9:62:09:97:30:8f:48:b3:fc:c8:3a:
c8:df:2a:67:ac:6e:27:33:1e:e4:b0:fa:fc:1c:84:f9:b7:c9:
85:68:1a:59:48:71:39:d0:a7:3b:b5:57:71:26:53:31:eb:2f:
a8:15:a4:48:f5:cf:e2:bf:17:db:2c:49:13:90:0f:50:0a:d9:
d9:da:87:54:6e:d3:d4:ed:c7:ce:74:21:5a:09:22:00:f3:d7:
e9:f7:8e:75:4c:ed:3f:7e:95:a4:f5:58:00:9c:5f:81:c9:8a:
d3:b4:bd:28:bf:07:5d:08:b0:57:33:56:5f:b2:f4:9a:09:77:
ae:5c:c8:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIYq1gk1hd44w2KW5bCPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDdjZWQ5YTBlZDdmOTQ0YjlmNGVmYzM4NTc3YjM4ZTZk
MWM2NzMwHhcNMjUwMTAyMDM0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzIwNWEyNGY0MzE5YjdmOTcxZjQ4MDU4ZWVlNGMyNTgwYjgyNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KEGW1aVpUK3VLZGB/AJ7WDU+TQF
JDyC8QP8uoYn5gFzUuwtgiQ8G2cG3RZd3bswj07km+m0bIMlwG3fT06Gm7Qnbh06
LWQZB3B7AwSVtspn0d7XYcx2ueh5x2VpfYZGRVeZrRvbXz7Mv4MrFkeicndxWRaX
6ObSo8xlrAGeMxxVe3ttvEgl2ca5MEqZsWP0mUd99rppJ11eWPVZSkyhIFW/oeao
G/uYULU3F3O1w27BJkMBv1ygIpY/iYrGzmQ/MEaTKL5u/oDJ1nGnUIzAiqN30WK4
aKMJ2yD0jH9deiQrHgunHxQvLpau99HyVFo2EGsDM0nRYoXVhZUqUexUFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGcgWiT0MZt/lx9IBY7uTCWAuCVoMB8GA1UdIwQY
MBaAFPNHztmg7X+US59O/DhXezjm0cZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjIt
MjMyYjRiNDY1N2U5LzEvWnlCYUpQUXhtMy1YSDBnRmp1NU1KWUM0SldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjItMjMyYjRiNDY1N2U5
LzEvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZ/0MA0E
AgACMAcDBQMqEweAMA0GCSqGSIb3DQEBCwUAA4IBAQBf18xuGactLfQYp1wr9Vmp
uM0ysUu342LB8LsGR2EEQUue5B3lmbTVqX6DnL3AwvxZnyy4qnQsVLqXNFCsCyHs
AYYE5gUzF+xDeKOdjux1VCKPuuwHkFPpTEvDOtFpy/zGC5vkGFpXssh31zBJd+bh
j9R28htUKIwthPDMMvx8UCwCZfd2+WIJlzCPSLP8yDrI3ypnrG4nMx7ksPr8HIT5
t8mFaBpZSHE50Kc7tVdxJlMx6y+oFaRI9c/ivxfbLEkTkA9QCtnZ2odUbtPU7cfO
dCFaCSIA89fp9451TO0/fpWk9VgAnF+ByYrTtL0ovwddCLBXM1ZfsvSaCXeuXMjC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net