Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/zKInD_uJ0MzVuNFZ1nxujfzo5eE.roa
File: zKInD_uJ0MzVuNFZ1nxujfzo5eE.roa (raw, json)
Hash identifier: ywKe3EUqcRYUSRMVsCEquUk7tolOVlQ1ahf+CyiEesM=
Subject key identifier: CC:A2:27:0F:FB:89:D0:CC:D5:B8:D1:59:D6:7C:6E:8D:FC:E8:E5:E1
Certificate issuer: /CN=5847f1f4f6bcb2a4758ac8a997bc108000e418d1
Certificate serial: 019421B1A0BB20D1A9890FA735858717B760
Authority key identifier: 58:47:F1:F4:F6:BC:B2:A4:75:8A:C8:A9:97:BC:10:80:00:E4:18:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WEfx9Pa8sqR1isipl7wQgADkGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/zKInD_uJ0MzVuNFZ1nxujfzo5eE.roa
Signing time: Wed 01 Jan 2025 11:47:56 +0000
ROA not before: Wed 01 Jan 2025 11:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198346
IP address blocks: 91.222.52.0/24 maxlen: 24
91.222.53.0/24 maxlen: 24
91.222.54.0/24 maxlen: 24
91.222.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a0:bb:20:d1:a9:89:0f:a7:35:85:87:17:b7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5847f1f4f6bcb2a4758ac8a997bc108000e418d1
Validity
Not Before: Jan 1 11:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cca2270ffb89d0ccd5b8d159d67c6e8dfce8e5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d2:fb:0d:f2:27:c8:89:42:76:22:34:70:0c:
5c:f2:10:4a:65:ee:c7:57:4a:a6:46:f3:43:fb:ca:
6f:12:b0:6a:4f:0e:9e:11:06:75:c8:87:9f:30:52:
ad:83:86:d0:2b:55:21:fe:36:0d:31:55:df:30:57:
fe:a4:1c:20:30:70:bf:57:64:8b:85:a0:bc:bf:43:
a0:9a:fe:2e:04:93:d8:52:ae:49:8d:1e:47:b0:23:
b8:4e:2d:34:72:c0:eb:3c:15:61:40:47:4a:e4:29:
cd:64:7b:bd:ba:7a:0f:18:f6:67:48:e4:c7:03:60:
0f:6b:25:8d:b7:f7:99:d4:44:3d:65:4e:6e:89:b4:
4d:f3:4b:ea:72:9e:39:c4:a9:85:3d:95:06:ab:20:
4f:db:10:73:35:8e:e5:e9:66:72:d1:e0:32:60:bb:
5c:d6:9f:c5:64:f8:68:57:4e:53:1b:b3:e6:a6:f1:
18:68:c8:49:01:ac:e3:13:57:05:d5:19:fe:28:5e:
a1:0a:1a:3b:a9:a5:e8:15:a1:41:43:24:28:cc:71:
d3:6a:5d:ba:d5:8f:02:55:3b:d9:07:38:50:f3:a5:
35:17:a7:1f:6a:1d:8b:2b:e9:09:5d:17:92:ae:4e:
61:83:d8:d8:b5:b0:57:8c:48:eb:79:52:a0:f9:c1:
b7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A2:27:0F:FB:89:D0:CC:D5:B8:D1:59:D6:7C:6E:8D:FC:E8:E5:E1
X509v3 Authority Key Identifier:
keyid:58:47:F1:F4:F6:BC:B2:A4:75:8A:C8:A9:97:BC:10:80:00:E4:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WEfx9Pa8sqR1isipl7wQgADkGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/zKInD_uJ0MzVuNFZ1nxujfzo5eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/WEfx9Pa8sqR1isipl7wQgADkGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.52.0/22
Signature Algorithm: sha256WithRSAEncryption
84:b3:10:7c:e0:ea:2f:09:aa:e1:62:9b:87:58:94:b2:db:fb:
b1:87:5b:1c:71:f8:37:c6:07:f6:d9:fd:ee:2c:0f:3f:33:e9:
d7:d2:66:4d:d7:78:9e:1c:db:4d:63:36:0c:49:41:29:21:ab:
8f:70:35:0d:2d:27:d9:94:89:3c:9a:52:53:18:a2:47:36:e2:
b5:16:66:08:fc:a0:62:dd:fc:56:36:b9:90:52:ff:60:9b:2b:
ab:fa:fb:eb:44:24:e0:65:33:c1:bb:e7:e4:e6:df:cb:b4:d3:
01:e4:df:6b:3b:b7:b2:be:0c:5a:4e:ed:3e:2f:25:5a:32:de:
9c:c1:78:73:30:8b:b3:5d:d6:d5:e1:19:e3:dc:8b:8e:6d:4d:
28:b9:e1:b3:ec:5c:40:98:d5:d0:ab:5f:88:f3:d0:fe:27:d6:
94:1d:ca:64:7e:2d:68:b8:2d:54:4a:f7:4f:07:cd:b8:41:73:
21:db:30:c9:4a:6a:dd:11:d3:05:4a:c5:54:ad:1e:a6:66:72:
db:f3:ab:41:27:58:4c:a2:bd:0d:d2:5e:35:1c:d8:8e:7d:eb:
c1:65:eb:ed:58:da:6f:12:1a:f5:cd:dd:8a:27:ef:e3:3e:b3:
76:be:56:13:8d:f8:65:d3:fa:56:17:fe:ed:2e:2e:23:0d:f8:
1d:2a:62:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsaC7INGpiQ+nNYWHF7dgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NDdmMWY0ZjZiY2IyYTQ3NThhYzhhOTk3YmMxMDgwMDBl
NDE4ZDEwHhcNMjUwMTAxMTE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2EyMjcwZmZiODlkMGNjZDViOGQxNTlkNjdjNmU4ZGZjZThlNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dL7DfInyIlCdiI0cAxc8hBKZe7H
V0qmRvND+8pvErBqTw6eEQZ1yIefMFKtg4bQK1Uh/jYNMVXfMFf+pBwgMHC/V2SL
haC8v0Ogmv4uBJPYUq5JjR5HsCO4Ti00csDrPBVhQEdK5CnNZHu9unoPGPZnSOTH
A2APayWNt/eZ1EQ9ZU5uibRN80vqcp45xKmFPZUGqyBP2xBzNY7l6WZy0eAyYLtc
1p/FZPhoV05TG7PmpvEYaMhJAazjE1cF1Rn+KF6hCho7qaXoFaFBQyQozHHTal26
1Y8CVTvZBzhQ86U1F6cfah2LK+kJXReSrk5hg9jYtbBXjEjreVKg+cG3UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMyiJw/7idDM1bjRWdZ8bo386OXhMB8GA1UdIwQY
MBaAFFhH8fT2vLKkdYrIqZe8EIAA5BjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0VmeDlQYThzcVIxaXNpcGw3d1FnQURrR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zODAwNmYtZmJmYy00OGFhLTg1ZWYt
MDY1YmMyOGMyYTUyLzEvektJbkRfdUowTXpWdU5GWjFueHVqZnpvNWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zODAwNmYtZmJmYy00OGFhLTg1ZWYtMDY1YmMyOGMyYTUy
LzEvV0VmeDlQYThzcVIxaXNpcGw3d1FnQURrR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW940MA0G
CSqGSIb3DQEBCwUAA4IBAQCEsxB84OovCarhYpuHWJSy2/uxh1sccfg3xgf22f3u
LA8/M+nX0mZN13ieHNtNYzYMSUEpIauPcDUNLSfZlIk8mlJTGKJHNuK1FmYI/KBi
3fxWNrmQUv9gmyur+vvrRCTgZTPBu+fk5t/LtNMB5N9rO7eyvgxaTu0+LyVaMt6c
wXhzMIuzXdbV4Rnj3IuObU0oueGz7FxAmNXQq1+I89D+J9aUHcpkfi1ouC1USvdP
B824QXMh2zDJSmrdEdMFSsVUrR6mZnLb86tBJ1hMor0N0l41HNiOfevBZevtWNpv
Ehr1zd2KJ+/jPrN2vlYTjfhl0/pWF/7tLi4jDfgdKmJd
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:19:24 2025 by rpki-client