Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f8b381-692a-4830-8d7d-21bf708f3cad/1/kWgx2Wjql2LYt0QNUa7UD3E-ZNs.roa
File: kWgx2Wjql2LYt0QNUa7UD3E-ZNs.roa (raw, json)
Hash identifier: NPB7ZX6Td6/rM0WpZJID5mJD7qpTT41mPi5DDVNwg5U=
Subject key identifier: 91:68:31:D9:68:EA:97:62:D8:B7:44:0D:51:AE:D4:0F:71:3E:64:DB
Certificate issuer: /CN=53296ee33153ef6e6938d57a2a132c1e526dc430
Certificate serial: 019424B3E7F90057939BE05C287BA49330AB
Authority key identifier: 53:29:6E:E3:31:53:EF:6E:69:38:D5:7A:2A:13:2C:1E:52:6D:C4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uylu4zFT725pONV6KhMsHlJtxDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f8b381-692a-4830-8d7d-21bf708f3cad/1/kWgx2Wjql2LYt0QNUa7UD3E-ZNs.roa
Signing time: Thu 02 Jan 2025 01:49:17 +0000
ROA not before: Thu 02 Jan 2025 01:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197202
IP address blocks: 91.223.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e7:f9:00:57:93:9b:e0:5c:28:7b:a4:93:30:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53296ee33153ef6e6938d57a2a132c1e526dc430
Validity
Not Before: Jan 2 01:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=916831d968ea9762d8b7440d51aed40f713e64db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:32:79:e2:8f:7a:c0:22:95:35:2a:10:08:
c7:d7:4e:33:b7:a8:57:ef:f2:68:7b:9f:bd:0a:58:
83:c7:89:c3:e0:dd:e5:bc:4e:3a:52:70:ab:4e:e0:
71:e4:25:03:84:54:f0:b8:0e:e7:d8:7d:1b:70:89:
aa:f5:80:a8:11:e1:1c:05:3f:25:13:8a:3d:4a:a2:
0a:75:e5:b3:6e:16:96:40:af:50:77:1c:37:ec:3c:
38:69:2d:b8:ea:4a:54:e8:c5:54:9a:f5:e2:64:25:
37:8f:3a:6b:1b:2e:af:aa:4c:1c:5f:fd:17:99:e6:
97:f6:07:dc:fb:0d:bb:d0:8f:8e:65:38:d6:56:4d:
56:b5:4e:f6:13:9e:2e:9f:b5:94:31:24:c9:61:6e:
e3:00:41:84:e9:02:39:ed:35:fc:b6:a5:cc:ad:ec:
e0:b7:c5:c1:85:60:f8:5a:10:2e:89:35:2a:f0:8f:
b6:a3:49:56:f8:05:20:f5:bf:e8:c1:b3:4e:62:fb:
13:53:1a:0a:d4:fa:a7:6d:b5:e3:2b:d9:7a:bb:90:
b7:42:e0:6d:f0:08:1e:dc:c3:1f:3f:d7:9b:1b:8d:
ea:00:f1:85:f8:93:be:2d:b7:93:b2:1c:ef:3e:29:
3c:e3:b6:45:28:43:3c:13:5f:21:92:4e:00:43:5b:
b8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:68:31:D9:68:EA:97:62:D8:B7:44:0D:51:AE:D4:0F:71:3E:64:DB
X509v3 Authority Key Identifier:
keyid:53:29:6E:E3:31:53:EF:6E:69:38:D5:7A:2A:13:2C:1E:52:6D:C4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uylu4zFT725pONV6KhMsHlJtxDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f8b381-692a-4830-8d7d-21bf708f3cad/1/kWgx2Wjql2LYt0QNUa7UD3E-ZNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f8b381-692a-4830-8d7d-21bf708f3cad/1/Uylu4zFT725pONV6KhMsHlJtxDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.79.0/24
Signature Algorithm: sha256WithRSAEncryption
01:e4:76:e7:74:7d:33:1c:25:50:c3:11:b5:5e:87:d7:e9:2f:
90:eb:8d:c9:09:b4:b2:c9:1a:b1:05:11:5f:09:5e:46:bf:e7:
74:03:3e:8a:53:15:67:0f:ab:c3:e8:2c:c3:93:c6:69:ed:24:
0c:6d:cd:89:fe:39:b2:57:26:c0:5c:fa:59:25:ed:aa:a5:45:
1c:24:ca:00:ae:28:ba:d9:72:bb:00:cc:76:00:90:54:26:ac:
96:e5:35:23:ee:29:06:b6:78:cb:37:65:d9:c9:ee:f1:f5:39:
0f:04:91:84:68:f0:8b:7d:4e:7c:2f:e4:11:36:f8:7e:fb:6c:
06:b1:30:44:53:20:4d:f9:26:4c:93:15:e5:d9:bb:fa:80:3c:
45:bb:a2:63:d6:3e:11:8e:8c:dd:1a:62:25:b6:9a:41:40:72:
30:8f:02:d7:31:ae:7b:21:00:6f:ed:02:43:dd:f4:2b:60:ee:
37:a3:5e:3c:50:e0:52:d2:b3:55:3c:e1:c6:10:3f:6f:41:2d:
27:a0:49:63:d9:ea:03:7e:69:e9:a5:8f:53:9f:38:48:36:cc:
84:1f:46:57:97:0f:7a:ba:6c:60:ab:0b:98:53:02:a1:fb:29:
ae:34:35:78:c3:80:18:10:71:2d:9a:18:3a:72:93:0c:04:eb:
5a:27:93:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks+f5AFeTm+BcKHukkzCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjk2ZWUzMzE1M2VmNmU2OTM4ZDU3YTJhMTMyYzFlNTI2
ZGM0MzAwHhcNMjUwMTAyMDE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY4MzFkOTY4ZWE5NzYyZDhiNzQ0MGQ1MWFlZDQwZjcxM2U2NGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquYyeeKPesAilTUqEAjH104zt6hX
7/Joe5+9CliDx4nD4N3lvE46UnCrTuBx5CUDhFTwuA7n2H0bcImq9YCoEeEcBT8l
E4o9SqIKdeWzbhaWQK9Qdxw37Dw4aS246kpU6MVUmvXiZCU3jzprGy6vqkwcX/0X
meaX9gfc+w270I+OZTjWVk1WtU72E54un7WUMSTJYW7jAEGE6QI57TX8tqXMrezg
t8XBhWD4WhAuiTUq8I+2o0lW+AUg9b/owbNOYvsTUxoK1PqnbbXjK9l6u5C3QuBt
8Age3MMfP9ebG43qAPGF+JO+LbeTshzvPik847ZFKEM8E18hkk4AQ1u4rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFoMdlo6pdi2LdEDVGu1A9xPmTbMB8GA1UdIwQY
MBaAFFMpbuMxU+9uaTjVeioTLB5SbcQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlsdTR6RlQ3MjVwT05WNktoTXNIbEp0eERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mOGIzODEtNjkyYS00ODMwLThkN2Qt
MjFiZjcwOGYzY2FkLzEva1dneDJXanFsMkxZdDBRTlVhN1VEM0UtWk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mOGIzODEtNjkyYS00ODMwLThkN2QtMjFiZjcwOGYzY2Fk
LzEvVXlsdTR6RlQ3MjVwT05WNktoTXNIbEp0eERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW99PMA0G
CSqGSIb3DQEBCwUAA4IBAQAB5HbndH0zHCVQwxG1XofX6S+Q643JCbSyyRqxBRFf
CV5Gv+d0Az6KUxVnD6vD6CzDk8Zp7SQMbc2J/jmyVybAXPpZJe2qpUUcJMoArii6
2XK7AMx2AJBUJqyW5TUj7ikGtnjLN2XZye7x9TkPBJGEaPCLfU58L+QRNvh++2wG
sTBEUyBN+SZMkxXl2bv6gDxFu6Jj1j4RjozdGmIltppBQHIwjwLXMa57IQBv7QJD
3fQrYO43o148UOBS0rNVPOHGED9vQS0noElj2eoDfmnppY9TnzhINsyEH0ZXlw96
umxgqwuYUwKh+ymuNDV4w4AYEHEtmhg6cpMMBOtaJ5Or
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:45:41 2025 by rpki-client