Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/rKZbB3iW2mhQrV3B7dzkdgnj7Hg.roa
File: rKZbB3iW2mhQrV3B7dzkdgnj7Hg.roa (raw, json)
Hash identifier: bzWIX1UDDDSaemHwck5e4pimDCRd9S56ZPwPBB+GA2A=
Subject key identifier: AC:A6:5B:07:78:96:DA:68:50:AD:5D:C1:ED:DC:E4:76:09:E3:EC:78
Certificate issuer: /CN=4afacad2798856f0f065a265a109706941aca8ea
Certificate serial: 01942748840645961A6D3BE4E83F7A767818
Authority key identifier: 4A:FA:CA:D2:79:88:56:F0:F0:65:A2:65:A1:09:70:69:41:AC:A8:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SvrK0nmIVvDwZaJloQlwaUGsqOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/rKZbB3iW2mhQrV3B7dzkdgnj7Hg.roa
Signing time: Thu 02 Jan 2025 13:50:51 +0000
ROA not before: Thu 02 Jan 2025 13:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47176
IP address blocks: 91.222.84.0/22 maxlen: 22
185.94.100.0/22 maxlen: 22
2a04:aa40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:84:06:45:96:1a:6d:3b:e4:e8:3f:7a:76:78:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4afacad2798856f0f065a265a109706941aca8ea
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aca65b077896da6850ad5dc1eddce47609e3ec78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:27:59:c2:7e:be:b7:c4:76:70:ca:41:73:5f:
b4:5b:90:37:95:de:c6:6e:bc:c7:06:db:98:61:fa:
b5:f8:57:35:f3:db:38:81:a5:63:0a:06:9d:ac:9f:
af:f7:77:14:41:74:e1:e3:de:b6:dd:a8:78:13:e1:
47:2f:58:32:c9:0a:1c:34:7b:21:6e:96:8c:ea:61:
47:c2:d7:49:9c:b4:6c:d5:e7:4d:1f:de:66:18:ff:
df:a5:5d:19:3b:c4:63:20:e8:55:e0:bf:12:ad:78:
8b:0c:f2:85:63:00:02:fd:7f:a7:55:8f:39:34:c5:
50:07:4a:22:88:4b:83:2d:cf:46:66:d5:98:be:40:
5f:01:08:a7:3d:f1:8e:0c:15:a5:13:3a:1f:e6:23:
42:c1:02:a5:d3:04:8b:4f:03:e8:f7:25:36:bb:67:
8d:fd:9c:fb:e8:13:78:90:eb:97:c4:38:4a:4a:4e:
fa:48:82:17:30:58:95:01:5e:ae:a1:db:28:10:23:
af:f6:56:c2:2a:1a:09:4b:c3:1e:ab:75:60:5e:da:
b3:fd:ec:5f:0a:8c:e8:17:3c:b2:3d:58:79:3a:b7:
d0:07:65:75:b9:69:2d:80:48:62:0f:07:fb:cd:1e:
e5:6d:63:96:5f:af:dc:ca:21:f4:d6:30:33:04:e7:
d2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A6:5B:07:78:96:DA:68:50:AD:5D:C1:ED:DC:E4:76:09:E3:EC:78
X509v3 Authority Key Identifier:
keyid:4A:FA:CA:D2:79:88:56:F0:F0:65:A2:65:A1:09:70:69:41:AC:A8:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SvrK0nmIVvDwZaJloQlwaUGsqOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/rKZbB3iW2mhQrV3B7dzkdgnj7Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/SvrK0nmIVvDwZaJloQlwaUGsqOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.84.0/22
185.94.100.0/22
IPv6:
2a04:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
9a:2e:51:31:0f:df:48:4a:fe:fd:85:7c:f5:45:e3:08:b3:bb:
e6:1d:0f:60:1c:08:0f:e3:ba:fb:9c:fc:97:31:f4:b5:5e:c7:
b1:1a:1c:b9:1a:6c:ce:39:63:ac:34:50:1a:4b:05:54:c4:3d:
ec:3a:77:d7:bc:53:15:9e:8e:b0:15:89:63:a2:e0:d3:23:36:
de:02:38:81:18:c4:67:6b:4c:dd:78:ac:8b:e9:34:31:b2:7a:
46:b9:96:e3:16:72:ff:3b:41:46:6d:55:cf:93:be:2b:9b:4f:
7c:91:f4:90:5e:fd:ae:46:f9:98:37:01:2e:82:82:b1:59:64:
a1:50:66:35:05:62:07:be:c5:01:03:55:af:ec:9c:2c:8c:a7:
9e:b2:74:35:da:0b:51:19:db:07:bc:a8:37:12:b1:eb:38:11:
cd:33:2f:a6:d1:65:30:b5:dc:ac:33:c0:4c:4b:fa:9c:e2:cb:
ed:7a:eb:5e:b0:86:ab:8f:05:57:f0:8f:60:d0:61:24:95:04:
6b:0b:99:8f:c4:e7:a2:8d:8e:ab:87:fb:f1:95:be:6c:79:b4:
33:f1:cc:31:c4:13:2b:1d:b8:23:2c:0d:dc:5d:8e:e3:9e:32:
7d:a1:b4:02:c0:9d:f7:16:03:0b:31:3b:8b:f9:1e:08:1c:ca:
5d:8f:97:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSIQGRZYabTvk6D96dngYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZmFjYWQyNzk4ODU2ZjBmMDY1YTI2NWExMDk3MDY5NDFh
Y2E4ZWEwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2E2NWIwNzc4OTZkYTY4NTBhZDVkYzFlZGRjZTQ3NjA5ZTNlYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CdZwn6+t8R2cMpBc1+0W5A3ld7G
brzHBtuYYfq1+Fc189s4gaVjCgadrJ+v93cUQXTh49623ah4E+FHL1gyyQocNHsh
bpaM6mFHwtdJnLRs1edNH95mGP/fpV0ZO8RjIOhV4L8SrXiLDPKFYwAC/X+nVY85
NMVQB0oiiEuDLc9GZtWYvkBfAQinPfGODBWlEzof5iNCwQKl0wSLTwPo9yU2u2eN
/Zz76BN4kOuXxDhKSk76SIIXMFiVAV6uodsoECOv9lbCKhoJS8Meq3VgXtqz/exf
CozoFzyyPVh5OrfQB2V1uWktgEhiDwf7zR7lbWOWX6/cyiH01jAzBOfS8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKymWwd4ltpoUK1dwe3c5HYJ4+x4MB8GA1UdIwQY
MBaAFEr6ytJ5iFbw8GWiZaEJcGlBrKjqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3ZySzBubUlWdkR3WmFKbG9RbHdhVUdzcU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lODJkMmEtNDA0MS00ODExLTg3YTUt
NzgzNDY5MjY5YjM1LzEvcktaYkIzaVcybWhRclYzQjdkemtkZ25qN0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lODJkMmEtNDA0MS00ODExLTg3YTUtNzgzNDY5MjY5YjM1
LzEvU3ZySzBubUlWdkR3WmFKbG9RbHdhVUdzcU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW95UAwQC
uV5kMA0EAgACMAcDBQMqBKpAMA0GCSqGSIb3DQEBCwUAA4IBAQCaLlExD99ISv79
hXz1ReMIs7vmHQ9gHAgP47r7nPyXMfS1XsexGhy5GmzOOWOsNFAaSwVUxD3sOnfX
vFMVno6wFYljouDTIzbeAjiBGMRna0zdeKyL6TQxsnpGuZbjFnL/O0FGbVXPk74r
m098kfSQXv2uRvmYNwEugoKxWWShUGY1BWIHvsUBA1Wv7JwsjKeesnQ12gtRGdsH
vKg3ErHrOBHNMy+m0WUwtdysM8BMS/qc4svteutesIarjwVX8I9g0GEklQRrC5mP
xOeijY6rh/vxlb5sebQz8cwxxBMrHbgjLA3cXY7jnjJ9obQCwJ33FgMLMTuL+R4I
HMpdj5f7
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:31:02 2025 by rpki-client