Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/9428c6-b576-41c3-985d-234e0d176325/1/CzKe7bcDbHPl7S7VFX1GJ1fjZ-U.roa
File: CzKe7bcDbHPl7S7VFX1GJ1fjZ-U.roa (raw, json)
Hash identifier: YjWNT62+NZ4QheBAVnVeuwY8eccUxnidCuMqn96YN2M=
Subject key identifier: 0B:32:9E:ED:B7:03:6C:73:E5:ED:2E:D5:15:7D:46:27:57:E3:67:E5
Certificate issuer: /CN=67cf3ba3002ed7e23a4bd2e978b3abac327fd0d8
Certificate serial: 01942825267783BDC6BF826C09ED16D1E69F
Authority key identifier: 67:CF:3B:A3:00:2E:D7:E2:3A:4B:D2:E9:78:B3:AB:AC:32:7F:D0:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z887owAu1-I6S9LpeLOrrDJ_0Ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/9428c6-b576-41c3-985d-234e0d176325/1/CzKe7bcDbHPl7S7VFX1GJ1fjZ-U.roa
Signing time: Thu 02 Jan 2025 17:51:50 +0000
ROA not before: Thu 02 Jan 2025 17:51:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39704
IP address blocks: 194.69.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:26:77:83:bd:c6:bf:82:6c:09:ed:16:d1:e6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cf3ba3002ed7e23a4bd2e978b3abac327fd0d8
Validity
Not Before: Jan 2 17:51:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b329eedb7036c73e5ed2ed5157d462757e367e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:51:4c:aa:2f:a1:22:dd:50:66:a6:7b:2d:
87:70:88:84:02:d0:92:ed:e7:77:0e:ad:1a:06:fe:
e1:62:cc:05:8c:a1:f5:1f:b6:f8:91:a8:8f:a2:88:
51:e2:6a:8c:55:12:32:f3:fb:61:6c:be:ac:82:1c:
57:e2:df:39:7c:61:c1:96:fa:10:85:69:e0:eb:2a:
e3:04:c8:52:0f:d1:bd:55:f5:a7:ad:56:4e:4e:95:
a8:61:82:25:59:e7:b9:2e:69:5f:1a:91:da:38:19:
37:a6:d0:e5:6a:73:c0:c3:94:05:b7:bc:52:47:1b:
5b:24:3c:b8:e7:f7:27:76:d6:46:fc:db:c5:33:29:
22:27:aa:44:9a:13:65:3a:ca:1a:a2:8e:ce:c1:70:
4d:a9:0e:c7:63:ea:be:59:6d:97:43:68:45:80:d5:
bc:9a:e8:80:4f:ff:0d:f5:67:84:2c:a3:25:8c:00:
69:14:d2:5e:8a:1f:2d:9f:30:58:cf:06:16:9c:53:
f6:fd:5b:62:11:ed:d1:4f:65:ce:e7:ad:ea:10:e4:
80:1e:0c:97:3e:b1:d4:8a:c2:76:f8:91:a2:8a:e5:
cd:cd:5d:65:b0:43:3e:40:32:f8:33:8b:ca:c1:ca:
0d:b1:60:8c:cc:69:11:f7:a2:0c:4a:df:d4:37:cf:
a4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:32:9E:ED:B7:03:6C:73:E5:ED:2E:D5:15:7D:46:27:57:E3:67:E5
X509v3 Authority Key Identifier:
keyid:67:CF:3B:A3:00:2E:D7:E2:3A:4B:D2:E9:78:B3:AB:AC:32:7F:D0:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z887owAu1-I6S9LpeLOrrDJ_0Ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/9428c6-b576-41c3-985d-234e0d176325/1/CzKe7bcDbHPl7S7VFX1GJ1fjZ-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/9428c6-b576-41c3-985d-234e0d176325/1/Z887owAu1-I6S9LpeLOrrDJ_0Ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.204.0/24
Signature Algorithm: sha256WithRSAEncryption
63:0e:79:8b:0f:37:ff:6c:d9:19:0c:32:32:01:6b:36:af:e6:
2a:8a:94:c5:18:fb:23:82:09:e4:5b:92:cc:71:04:f8:5b:38:
cc:13:2e:6c:07:e3:3f:7b:f5:19:e4:11:ca:fe:89:2d:92:04:
78:05:49:75:a6:9a:92:8d:c1:41:aa:cb:cf:63:cb:25:9e:e1:
97:af:7e:59:57:dd:9f:4b:a2:81:3e:62:80:e9:3a:1a:88:3f:
60:7e:14:22:ee:c1:4a:c0:b4:19:27:dd:90:d5:be:7d:67:c3:
2c:b3:d8:ee:27:e5:18:d7:50:e3:16:5c:e6:43:10:78:92:35:
d7:c2:ca:ab:ea:81:8e:f1:32:78:ea:23:14:4c:82:2f:14:2f:
2f:0e:28:e7:27:ab:e6:6a:ef:2e:ea:82:ed:1b:7d:b3:21:88:
9f:1e:57:b1:41:05:fc:28:e8:20:e6:e7:8e:b9:f8:eb:df:b3:
36:a8:16:9f:85:d0:3c:db:b5:50:c9:29:0b:a6:50:fe:50:f0:
19:4a:11:35:63:d9:10:ec:7a:9e:7c:1f:14:53:05:5f:db:ec:
5f:44:f1:58:b4:32:78:84:ee:d8:76:72:f2:da:c9:b2:10:4c:
5d:ce:42:b9:2f:56:b6:60:81:a8:8a:53:43:ca:23:52:ab:7a:
76:32:22:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJSZ3g73Gv4JsCe0W0eafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2YzYmEzMDAyZWQ3ZTIzYTRiZDJlOTc4YjNhYmFjMzI3
ZmQwZDgwHhcNMjUwMTAyMTc1MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjMyOWVlZGI3MDM2YzczZTVlZDJlZDUxNTdkNDYyNzU3ZTM2N2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYFRTKovoSLdUGamey2HcIiEAtCS
7ed3Dq0aBv7hYswFjKH1H7b4kaiPoohR4mqMVRIy8/thbL6sghxX4t85fGHBlvoQ
hWng6yrjBMhSD9G9VfWnrVZOTpWoYYIlWee5LmlfGpHaOBk3ptDlanPAw5QFt7xS
RxtbJDy45/cndtZG/NvFMykiJ6pEmhNlOsoaoo7OwXBNqQ7HY+q+WW2XQ2hFgNW8
muiAT/8N9WeELKMljABpFNJeih8tnzBYzwYWnFP2/VtiEe3RT2XO563qEOSAHgyX
PrHUisJ2+JGiiuXNzV1lsEM+QDL4M4vKwcoNsWCMzGkR96IMSt/UN8+ktwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsynu23A2xz5e0u1RV9RidX42flMB8GA1UdIwQY
MBaAFGfPO6MALtfiOkvS6Xizq6wyf9DYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjg4N293QXUxLUk2UzlMcGVMT3JyREpfME5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy85NDI4YzYtYjU3Ni00MWMzLTk4NWQt
MjM0ZTBkMTc2MzI1LzEvQ3pLZTdiY0RiSFBsN1M3VkZYMUdKMWZqWi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy85NDI4YzYtYjU3Ni00MWMzLTk4NWQtMjM0ZTBkMTc2MzI1
LzEvWjg4N293QXUxLUk2UzlMcGVMT3JyREpfME5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkXMMA0G
CSqGSIb3DQEBCwUAA4IBAQBjDnmLDzf/bNkZDDIyAWs2r+YqipTFGPsjggnkW5LM
cQT4WzjMEy5sB+M/e/UZ5BHK/oktkgR4BUl1ppqSjcFBqsvPY8slnuGXr35ZV92f
S6KBPmKA6ToaiD9gfhQi7sFKwLQZJ92Q1b59Z8Mss9juJ+UY11DjFlzmQxB4kjXX
wsqr6oGO8TJ46iMUTIIvFC8vDijnJ6vmau8u6oLtG32zIYifHlexQQX8KOgg5ueO
ufjr37M2qBafhdA827VQySkLplD+UPAZShE1Y9kQ7HqefB8UUwVf2+xfRPFYtDJ4
hO7YdnLy2smyEExdzkK5L1a2YIGoilNDyiNSq3p2MiJ6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:48 2025 by rpki-client on console.sobornost.net