Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/zaZapovTGaF9alzwHwbdxdednYo.roa
File: zaZapovTGaF9alzwHwbdxdednYo.roa (raw, json)
Hash identifier: HZ5qODN4P+SD3nJrNEx9yaYaCo/O8Qs+NfZMPkwo3JI=
Subject key identifier: CD:A6:5A:A6:8B:D3:19:A1:7D:6A:5C:F0:1F:06:DD:C5:D7:9D:9D:8A
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 0194252184F4F88050097EF6F1B2718DCE1E
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/zaZapovTGaF9alzwHwbdxdednYo.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50858
IP address blocks: 195.5.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:84:f4:f8:80:50:09:7e:f6:f1:b2:71:8d:ce:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cda65aa68bd319a17d6a5cf01f06ddc5d79d9d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:98:f2:32:19:cd:04:f8:4f:c9:7b:a9:ad:3b:
87:dc:ee:84:12:52:74:a5:f1:3b:4f:17:ae:d8:25:
3d:fd:b9:7f:9d:f4:6a:0e:fd:4e:32:d5:eb:63:37:
63:4d:f2:4c:11:7c:43:47:a0:c0:d4:17:e4:12:a4:
4e:08:15:39:b3:46:76:af:79:47:1e:b0:60:1b:dd:
0b:c7:9a:44:c9:f5:3c:5e:bc:3c:a1:35:b8:48:6d:
f2:bd:6e:53:8e:9c:90:6c:75:a8:4d:69:ca:04:46:
6e:9d:12:73:56:b0:df:48:d2:0b:86:3c:0f:20:95:
c7:37:52:cc:53:95:8e:f3:b0:b3:3c:d3:ff:d3:f2:
62:47:38:1a:c1:24:90:68:7d:11:13:f9:33:94:f0:
7f:ca:49:c5:39:a0:19:b7:e0:e6:72:b4:ba:8f:d2:
74:41:31:a7:b3:5d:10:f6:65:25:c8:61:14:1e:bb:
f5:1d:bf:fe:bf:a4:72:ee:e9:fd:e9:a6:87:91:f6:
c3:07:e4:3c:ab:fe:e3:07:84:61:b8:68:99:0c:3b:
e2:55:87:6c:63:ac:46:6e:74:f4:b7:d9:b6:7c:57:
97:5f:91:5b:39:e0:31:f8:bc:92:75:fc:51:cd:04:
00:6d:ae:ee:49:2f:81:7a:f7:eb:00:62:e7:85:36:
64:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A6:5A:A6:8B:D3:19:A1:7D:6A:5C:F0:1F:06:DD:C5:D7:9D:9D:8A
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/zaZapovTGaF9alzwHwbdxdednYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.234.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:a2:84:33:5c:8e:9d:17:40:01:fb:e0:f1:20:dc:ee:16:91:
2d:e6:74:e4:13:ef:e2:d1:30:06:05:7f:e0:6e:c1:d7:1e:f7:
1e:95:7f:22:80:68:9b:8e:c0:1b:25:a7:2e:92:d1:6d:af:8a:
b8:d5:b2:07:49:0d:b8:64:48:02:02:b9:87:2e:8f:e6:70:d9:
46:cf:f7:72:0f:bb:f6:1b:fd:6e:69:ba:89:19:7c:0e:3b:e7:
af:23:d1:86:9a:fa:af:07:96:90:4e:d8:6a:44:6f:e5:8d:2c:
1c:df:fe:f1:88:30:ea:b6:d3:ff:da:35:c3:f6:0b:62:97:be:
f1:7a:8c:04:06:67:ca:09:5f:6b:f1:27:41:1a:63:7d:ad:4a:
fc:4d:83:1f:c3:cc:36:b6:ac:73:18:c5:e5:40:05:fb:01:05:
28:fc:89:f0:2e:84:8e:e6:bc:c8:47:34:12:c9:43:83:86:48:
23:0a:ad:d4:6d:ea:4e:a6:3e:f1:18:88:3b:48:d0:72:94:c6:
df:14:a8:3b:48:14:b6:98:39:03:93:35:34:06:f4:a4:d5:a7:
68:3b:d9:13:8b:3f:8b:50:3a:66:18:dd:89:24:9b:c7:d0:b9:
c1:26:b2:cc:fa:52:f5:bc:2b:f3:7b:c8:5c:b1:3b:9c:03:ae:
60:9f:19:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYT0+IBQCX728bJxjc4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGE2NWFhNjhiZDMxOWExN2Q2YTVjZjAxZjA2ZGRjNWQ3OWQ5ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJjyMhnNBPhPyXuprTuH3O6EElJ0
pfE7Txeu2CU9/bl/nfRqDv1OMtXrYzdjTfJMEXxDR6DA1BfkEqROCBU5s0Z2r3lH
HrBgG90Lx5pEyfU8Xrw8oTW4SG3yvW5TjpyQbHWoTWnKBEZunRJzVrDfSNILhjwP
IJXHN1LMU5WO87CzPNP/0/JiRzgawSSQaH0RE/kzlPB/yknFOaAZt+DmcrS6j9J0
QTGns10Q9mUlyGEUHrv1Hb/+v6Ry7un96aaHkfbDB+Q8q/7jB4RhuGiZDDviVYds
Y6xGbnT0t9m2fFeXX5FbOeAx+LySdfxRzQQAba7uSS+BevfrAGLnhTZkbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2mWqaL0xmhfWpc8B8G3cXXnZ2KMB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvemFaYXBvdlRHYUY5YWx6d0h3YmR4ZGVkbllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwXqMA0G
CSqGSIb3DQEBCwUAA4IBAQArooQzXI6dF0AB++DxINzuFpEt5nTkE+/i0TAGBX/g
bsHXHvcelX8igGibjsAbJacuktFtr4q41bIHSQ24ZEgCArmHLo/mcNlGz/dyD7v2
G/1uabqJGXwOO+evI9GGmvqvB5aQTthqRG/ljSwc3/7xiDDqttP/2jXD9gtil77x
eowEBmfKCV9r8SdBGmN9rUr8TYMfw8w2tqxzGMXlQAX7AQUo/InwLoSO5rzIRzQS
yUODhkgjCq3UbepOpj7xGIg7SNBylMbfFKg7SBS2mDkDkzU0BvSk1adoO9kTiz+L
UDpmGN2JJJvH0LnBJrLM+lL1vCvze8hcsTucA65gnxkM
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:11:36 2025 by rpki-client