Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/7e76fc-14a6-4269-8245-f0781a63e440/1/ZCxXOfPObH4boT7reY7sJ5pWUzU.roa
File: ZCxXOfPObH4boT7reY7sJ5pWUzU.roa (raw, json)
Hash identifier: Tbh3eBRkhC/IgUecypI3j1+I4M5Pu1MDDQCmicyE7ec=
Subject key identifier: 64:2C:57:39:F3:CE:6C:7E:1B:A1:3E:EB:79:8E:EC:27:9A:56:53:35
Certificate issuer: /CN=db9d7c57714ef40fdb0165dc1984580ce1d5906b
Certificate serial: 019425FC28BFDE03D0635CA437B03EE0F8E1
Authority key identifier: DB:9D:7C:57:71:4E:F4:0F:DB:01:65:DC:19:84:58:0C:E1:D5:90:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2518V3FO9A_bAWXcGYRYDOHVkGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/7e76fc-14a6-4269-8245-f0781a63e440/1/ZCxXOfPObH4boT7reY7sJ5pWUzU.roa
Signing time: Thu 02 Jan 2025 07:47:49 +0000
ROA not before: Thu 02 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49379
IP address blocks: 91.212.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:28:bf:de:03:d0:63:5c:a4:37:b0:3e:e0:f8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d7c57714ef40fdb0165dc1984580ce1d5906b
Validity
Not Before: Jan 2 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=642c5739f3ce6c7e1ba13eeb798eec279a565335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2f:42:fb:1c:4e:40:15:6f:34:9b:b1:02:6b:
40:f5:35:93:1f:25:b6:91:90:2a:de:d0:9f:fd:a1:
0d:fb:97:a1:80:4b:8f:05:a0:e9:fa:7b:7d:8e:17:
4d:31:ea:bc:06:29:28:62:b9:d3:92:85:92:26:c7:
3a:e9:c8:90:c8:88:1b:11:b3:e9:a3:4c:f0:bd:61:
e4:e2:01:ce:1f:4d:22:93:19:cc:0c:42:c0:46:71:
a1:73:38:64:14:12:88:28:63:fd:28:f6:39:75:79:
c4:f0:8d:a8:7e:eb:92:40:40:a9:45:a4:1b:bd:bb:
3b:bb:fa:50:88:d4:09:c3:fa:b7:c5:2c:3a:01:47:
7e:65:f1:3e:6f:75:8e:1d:b7:89:91:86:f0:c9:58:
05:37:ed:3b:ed:bc:17:6a:b2:00:9f:41:6b:4b:5b:
de:05:d2:5a:1d:1e:e9:d7:bc:54:a7:33:ed:20:c4:
6e:3f:5b:81:6c:5d:a1:e7:0a:a7:a6:bc:a9:c1:cf:
43:04:ef:dd:02:24:0e:23:cc:fd:e4:b2:88:f4:0d:
1d:4b:e1:49:6f:5a:11:c0:56:24:17:1e:9c:41:26:
8e:c0:84:c9:a3:a2:d5:6f:5c:7e:10:f4:c4:28:e4:
b3:37:6e:2d:c1:f7:5a:ae:42:30:5c:99:bb:8b:68:
83:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2C:57:39:F3:CE:6C:7E:1B:A1:3E:EB:79:8E:EC:27:9A:56:53:35
X509v3 Authority Key Identifier:
keyid:DB:9D:7C:57:71:4E:F4:0F:DB:01:65:DC:19:84:58:0C:E1:D5:90:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2518V3FO9A_bAWXcGYRYDOHVkGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/7e76fc-14a6-4269-8245-f0781a63e440/1/ZCxXOfPObH4boT7reY7sJ5pWUzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/7e76fc-14a6-4269-8245-f0781a63e440/1/2518V3FO9A_bAWXcGYRYDOHVkGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.227.0/24
Signature Algorithm: sha256WithRSAEncryption
42:9b:de:61:64:b6:48:4d:bc:ba:a2:3d:cf:4a:e2:f1:8f:c1:
86:e5:75:26:5b:58:3a:05:17:89:ba:a1:a2:d2:ca:0e:aa:50:
a2:6c:72:89:74:c9:63:86:e7:13:fa:01:5e:de:4f:01:87:29:
5d:14:e3:13:3a:48:6a:2b:b6:b2:3b:38:65:23:90:6f:34:67:
d6:24:45:d0:de:ce:d9:f3:0c:9d:db:b5:fc:1a:97:f0:11:59:
86:c8:9f:7d:67:ea:35:0f:82:53:08:47:c0:3c:86:55:60:b9:
eb:05:5f:41:5e:24:44:d5:b5:a8:74:0e:14:68:20:fb:c1:28:
bf:13:4e:72:e6:0d:b8:00:8a:dc:1e:9c:ed:ec:78:79:ea:a0:
5c:54:50:b2:8c:e6:12:b0:91:81:65:ea:1f:b8:91:68:cc:82:
4d:ea:a1:f0:9e:95:95:95:ab:c5:37:ae:b9:7a:dd:42:7f:b7:
df:65:58:1c:24:dd:ac:97:fe:72:3c:06:5d:01:81:79:a0:4b:
75:0f:17:e0:78:2e:29:8d:56:a6:1d:89:54:e4:ba:3a:7c:9c:
37:57:31:34:82:86:b0:a8:e1:ef:f4:59:f3:1d:3b:1c:55:ad:
32:da:18:c2:4f:96:84:90:d8:a0:d3:01:79:eb:64:16:ec:3c:
68:8a:ab:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/Ci/3gPQY1ykN7A+4PjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQ3YzU3NzE0ZWY0MGZkYjAxNjVkYzE5ODQ1ODBjZTFk
NTkwNmIwHhcNMjUwMTAyMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJjNTczOWYzY2U2YzdlMWJhMTNlZWI3OThlZWMyNzlhNTY1MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC9C+xxOQBVvNJuxAmtA9TWTHyW2
kZAq3tCf/aEN+5ehgEuPBaDp+nt9jhdNMeq8BikoYrnTkoWSJsc66ciQyIgbEbPp
o0zwvWHk4gHOH00ikxnMDELARnGhczhkFBKIKGP9KPY5dXnE8I2ofuuSQECpRaQb
vbs7u/pQiNQJw/q3xSw6AUd+ZfE+b3WOHbeJkYbwyVgFN+077bwXarIAn0FrS1ve
BdJaHR7p17xUpzPtIMRuP1uBbF2h5wqnprypwc9DBO/dAiQOI8z95LKI9A0dS+FJ
b1oRwFYkFx6cQSaOwITJo6LVb1x+EPTEKOSzN24twfdarkIwXJm7i2iDFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQsVznzzmx+G6E+63mO7CeaVlM1MB8GA1UdIwQY
MBaAFNudfFdxTvQP2wFl3BmEWAzh1ZBrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUxOFYzRk85QV9iQVdYY0dZUllET0hWa0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83ZTc2ZmMtMTRhNi00MjY5LTgyNDUt
ZjA3ODFhNjNlNDQwLzEvWkN4WE9mUE9iSDRib1Q3cmVZN3NKNXBXVXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83ZTc2ZmMtMTRhNi00MjY5LTgyNDUtZjA3ODFhNjNlNDQw
LzEvMjUxOFYzRk85QV9iQVdYY0dZUllET0hWa0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9TjMA0G
CSqGSIb3DQEBCwUAA4IBAQBCm95hZLZITby6oj3PSuLxj8GG5XUmW1g6BReJuqGi
0soOqlCibHKJdMljhucT+gFe3k8BhyldFOMTOkhqK7ayOzhlI5BvNGfWJEXQ3s7Z
8wyd27X8GpfwEVmGyJ99Z+o1D4JTCEfAPIZVYLnrBV9BXiRE1bWodA4UaCD7wSi/
E05y5g24AIrcHpzt7Hh56qBcVFCyjOYSsJGBZeofuJFozIJN6qHwnpWVlavFN665
et1Cf7ffZVgcJN2sl/5yPAZdAYF5oEt1DxfgeC4pjVamHYlU5Lo6fJw3VzE0goaw
qOHv9FnzHTscVa0y2hjCT5aEkNig0wF562QW7Dxoiqvl
-----END CERTIFICATE-----
Generated at Thu Apr 24 23:27:09 2025 by rpki-client