Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/zlPIwjDPqeKD3uFdmxv9hznl_LA.roa
File: zlPIwjDPqeKD3uFdmxv9hznl_LA.roa (raw, json)
Hash identifier: sBzI0OQdYuCXwCE1xwy5akb2HUt9JvXsMA0Ia8KRcEk=
Subject key identifier: CE:53:C8:C2:30:CF:A9:E2:83:DE:E1:5D:9B:1B:FD:87:39:E5:FC:B0
Certificate issuer: /CN=582ac3589fc539ab852690f85d9f3f7f234ec39b
Certificate serial: 0194228D45C677271F56C72E8671DBF8439B
Authority key identifier: 58:2A:C3:58:9F:C5:39:AB:85:26:90:F8:5D:9F:3F:7F:23:4E:C3:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WCrDWJ_FOauFJpD4XZ8_fyNOw5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/zlPIwjDPqeKD3uFdmxv9hznl_LA.roa
Signing time: Wed 01 Jan 2025 15:47:51 +0000
ROA not before: Wed 01 Jan 2025 15:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28952
IP address blocks: 91.191.69.0/24 maxlen: 24
91.191.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:45:c6:77:27:1f:56:c7:2e:86:71:db:f8:43:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582ac3589fc539ab852690f85d9f3f7f234ec39b
Validity
Not Before: Jan 1 15:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce53c8c230cfa9e283dee15d9b1bfd8739e5fcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:99:95:f2:02:17:12:56:f4:44:72:0f:8b:b2:
6f:da:39:87:3c:ab:9f:3f:5f:7e:d2:16:9f:28:a6:
4a:81:ce:e1:de:db:86:7e:1b:b1:28:3d:e7:fb:c0:
6f:22:ba:a8:ed:3f:75:14:18:d7:50:9e:dc:6f:a7:
8e:75:16:31:1b:83:0d:ca:c2:4d:58:1a:d7:40:33:
4c:b1:69:02:54:0a:b3:d1:23:e4:a8:cf:03:46:ed:
a8:33:63:df:43:fa:31:c8:68:39:c8:ed:66:0c:2f:
39:7e:27:38:56:cc:8c:5a:e2:d7:f6:68:22:b8:b4:
2b:f0:8c:61:5f:3f:cd:8a:b7:25:d2:a8:d0:ed:b3:
5a:a0:3f:29:6e:e7:8c:47:af:3b:d1:38:d1:8e:d2:
31:53:c2:ce:63:9b:45:5c:18:64:d3:ff:e2:59:00:
ce:9e:e8:36:b0:48:85:37:f4:05:63:72:a3:a0:7a:
94:0a:82:03:4a:ec:64:66:29:11:27:73:a2:cf:89:
18:89:a5:db:9c:23:82:f9:ef:84:fb:d9:03:d9:7b:
e3:fb:5c:90:1b:e3:a1:75:3b:93:ae:e2:9f:97:25:
aa:f8:e2:0d:96:a9:c8:79:2b:47:31:62:da:98:e6:
bd:9d:c6:7e:53:c6:63:13:dd:e3:2c:de:b0:72:62:
45:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:53:C8:C2:30:CF:A9:E2:83:DE:E1:5D:9B:1B:FD:87:39:E5:FC:B0
X509v3 Authority Key Identifier:
keyid:58:2A:C3:58:9F:C5:39:AB:85:26:90:F8:5D:9F:3F:7F:23:4E:C3:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WCrDWJ_FOauFJpD4XZ8_fyNOw5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/zlPIwjDPqeKD3uFdmxv9hznl_LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/WCrDWJ_FOauFJpD4XZ8_fyNOw5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.191.69.0/24
91.191.80.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:ec:5f:ae:89:82:67:64:e0:96:ad:d3:7d:3d:c3:f4:c1:f4:
05:cb:9f:50:71:c9:47:91:b4:4e:68:b7:1f:98:f3:d0:fd:44:
c8:d2:3b:8e:c1:49:5b:ae:e5:42:48:d6:15:0b:0c:60:c9:f0:
1b:f1:95:86:8f:db:83:b6:ce:13:42:6f:77:d0:7e:02:85:8a:
e3:e4:f1:8b:69:83:48:1b:87:fe:ed:e8:90:d3:7f:c1:bb:f5:
61:88:e0:d9:5e:bd:42:b9:0c:78:2f:c8:f5:dd:1a:06:fc:6e:
61:be:c9:3a:fc:7c:c5:37:7c:96:e5:6e:18:cc:8e:d0:a3:81:
e9:de:72:1a:03:6e:a9:a1:3b:22:fb:28:74:57:88:85:49:98:
e7:20:4b:52:ef:c9:46:80:c1:b9:a7:a6:a4:b4:2a:48:2e:5c:
6b:a1:37:87:cc:5c:bb:48:64:e0:9a:f2:3d:be:74:f1:6c:f7:
54:e3:ac:06:b1:be:f5:b9:fe:cc:2e:75:2c:9f:f2:e0:c2:59:
8c:db:23:7f:c5:3e:63:7a:8c:a6:02:a9:dd:54:7c:72:d9:44:
12:fc:cb:6c:29:dc:76:7d:d7:c3:d2:0d:fe:80:55:88:cc:7a:
a1:9f:2a:3a:b4:4a:05:54:bf:6b:45:ce:2b:da:3b:c5:67:02:
9c:b2:a8:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijUXGdycfVscuhnHb+EObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmFjMzU4OWZjNTM5YWI4NTI2OTBmODVkOWYzZjdmMjM0
ZWMzOWIwHhcNMjUwMTAxMTU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTUzYzhjMjMwY2ZhOWUyODNkZWUxNWQ5YjFiZmQ4NzM5ZTVmY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pmV8gIXElb0RHIPi7Jv2jmHPKuf
P19+0hafKKZKgc7h3tuGfhuxKD3n+8BvIrqo7T91FBjXUJ7cb6eOdRYxG4MNysJN
WBrXQDNMsWkCVAqz0SPkqM8DRu2oM2PfQ/oxyGg5yO1mDC85fic4VsyMWuLX9mgi
uLQr8IxhXz/Nircl0qjQ7bNaoD8pbueMR6870TjRjtIxU8LOY5tFXBhk0//iWQDO
nug2sEiFN/QFY3KjoHqUCoIDSuxkZikRJ3Oiz4kYiaXbnCOC+e+E+9kD2Xvj+1yQ
G+OhdTuTruKflyWq+OINlqnIeStHMWLamOa9ncZ+U8ZjE93jLN6wcmJFPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5TyMIwz6nig97hXZsb/Yc55fywMB8GA1UdIwQY
MBaAFFgqw1ifxTmrhSaQ+F2fP38jTsObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0NyRFdKX0ZPYXVGSnBENFhaOF9meU5PdzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wMDE1ZDMtMWIyMS00ZTU1LTg1MGIt
Njc0MzI4ZDUyYmQ3LzEvemxQSXdqRFBxZUtEM3VGZG14djloem5sX0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wMDE1ZDMtMWIyMS00ZTU1LTg1MGItNjc0MzI4ZDUyYmQ3
LzEvV0NyRFdKX0ZPYXVGSnBENFhaOF9meU5PdzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW79FAwQC
W79QMA0GCSqGSIb3DQEBCwUAA4IBAQAM7F+uiYJnZOCWrdN9PcP0wfQFy59QcclH
kbROaLcfmPPQ/UTI0juOwUlbruVCSNYVCwxgyfAb8ZWGj9uDts4TQm930H4ChYrj
5PGLaYNIG4f+7eiQ03/Bu/VhiODZXr1CuQx4L8j13RoG/G5hvsk6/HzFN3yW5W4Y
zI7Qo4Hp3nIaA26poTsi+yh0V4iFSZjnIEtS78lGgMG5p6aktCpILlxroTeHzFy7
SGTgmvI9vnTxbPdU46wGsb71uf7MLnUsn/LgwlmM2yN/xT5jeoymAqndVHxy2UQS
/MtsKdx2fdfD0g3+gFWIzHqhnyo6tEoFVL9rRc4r2jvFZwKcsqjX
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:30:43 2025 by rpki-client