Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/kZ5SxzPk62D1fY2Q82sdXeo7DTg.roa
File: kZ5SxzPk62D1fY2Q82sdXeo7DTg.roa (raw, json)
Hash identifier: tmfAKfSn6gZl1nGDsng9EICuFTAFCcur/RNktc+sNu0=
Subject key identifier: 91:9E:52:C7:33:E4:EB:60:F5:7D:8D:90:F3:6B:1D:5D:EA:3B:0D:38
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0194D13607D69E68561AF53618E864856F78
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/kZ5SxzPk62D1fY2Q82sdXeo7DTg.roa
Signing time: Tue 04 Feb 2025 13:46:06 +0000
ROA not before: Tue 04 Feb 2025 13:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 92.62.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d1:36:07:d6:9e:68:56:1a:f5:36:18:e8:64:85:6f:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Feb 4 13:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=919e52c733e4eb60f57d8d90f36b1d5dea3b0d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:f9:d0:4f:6f:db:26:78:6a:35:d6:e5:2c:
5e:e5:43:3f:23:2a:18:ef:0d:0a:20:58:fd:05:7f:
fd:82:d3:78:d4:1c:d6:1c:6e:32:46:07:6b:d4:1a:
aa:b2:67:eb:f9:a3:68:9b:18:10:8c:db:f3:47:a5:
eb:07:83:3e:3e:e1:7f:13:fd:75:0c:fd:ea:18:a4:
e6:a0:ea:6a:d6:95:2d:08:ee:91:47:a7:d2:fc:a3:
ad:77:e8:a3:f0:ad:d6:3a:bb:87:34:ab:18:86:8c:
12:04:cd:4e:87:c8:a0:29:e4:c5:73:92:e6:1c:f5:
89:9e:d6:fb:a8:b0:a6:5e:c2:d3:e9:01:59:03:f4:
8b:57:fc:44:d3:e4:95:17:b8:75:e2:79:8f:ef:5e:
a9:57:24:fb:3f:68:8c:15:fa:02:6d:b3:a6:41:49:
d2:09:74:de:c8:d1:81:8f:5b:93:9d:8e:b6:f6:f1:
00:d4:8a:ff:4c:fa:84:b3:66:23:a6:03:61:f3:3a:
c1:1c:f3:51:ad:1b:a1:4e:b4:92:f2:93:da:1c:01:
d9:8b:55:f7:3d:29:cc:48:22:12:64:66:18:72:f7:
30:da:4a:5d:70:b5:5e:7d:6d:8d:22:3e:3f:7c:c9:
12:3b:b6:24:e6:5c:ba:cd:83:a9:ea:c1:ae:75:73:
0d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9E:52:C7:33:E4:EB:60:F5:7D:8D:90:F3:6B:1D:5D:EA:3B:0D:38
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/kZ5SxzPk62D1fY2Q82sdXeo7DTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.255.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:32:ea:b9:17:2b:b0:df:72:1f:9c:60:2c:8b:c5:a1:61:d8:
2c:05:63:84:6c:5d:72:fd:95:ae:15:a7:ae:0b:17:7b:15:3f:
da:66:0d:73:08:b5:b7:d1:c1:07:f1:86:a7:ba:17:9b:d9:72:
4d:a1:cb:c1:29:8f:ec:2a:e2:eb:3d:04:3d:42:66:fd:8e:fa:
bd:c8:96:89:3c:c6:47:c7:7c:e1:18:a0:ac:d7:85:6d:e0:b1:
98:9e:b3:fb:00:bc:c0:e7:a5:2a:35:71:a8:7b:a0:d2:2b:00:
5d:aa:08:0b:9d:f4:f9:f3:7d:aa:4e:be:5d:21:80:3b:c6:ed:
80:1f:41:31:0c:aa:34:e2:a1:b7:f9:41:d6:30:60:e2:a4:13:
d2:e7:85:26:b6:98:d0:00:12:c9:6c:cc:b3:e8:7c:ba:5d:0d:
1d:bb:a6:7a:54:43:c1:ab:fc:e3:70:cd:e2:15:43:3a:e3:bb:
40:e0:d8:21:f7:eb:e9:88:61:d9:5e:20:56:ee:e1:96:ab:d5:
3d:e8:bb:63:4f:f4:0f:f8:d3:5d:04:ff:31:6c:03:9c:54:66:
38:e1:55:05:b4:5c:32:38:62:eb:f9:88:53:e7:b7:1a:86:70:
d9:23:dd:d0:2a:30:b0:3c:2c:d3:7b:3b:4e:9d:b6:b7:38:34:
f9:89:03:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTRNgfWnmhWGvU2GOhkhW94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMjA0MTM0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTllNTJjNzMzZTRlYjYwZjU3ZDhkOTBmMzZiMWQ1ZGVhM2IwZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnL50E9v2yZ4ajXW5Sxe5UM/IyoY
7w0KIFj9BX/9gtN41BzWHG4yRgdr1Bqqsmfr+aNomxgQjNvzR6XrB4M+PuF/E/11
DP3qGKTmoOpq1pUtCO6RR6fS/KOtd+ij8K3WOruHNKsYhowSBM1Oh8igKeTFc5Lm
HPWJntb7qLCmXsLT6QFZA/SLV/xE0+SVF7h14nmP716pVyT7P2iMFfoCbbOmQUnS
CXTeyNGBj1uTnY629vEA1Ir/TPqEs2YjpgNh8zrBHPNRrRuhTrSS8pPaHAHZi1X3
PSnMSCISZGYYcvcw2kpdcLVefW2NIj4/fMkSO7Yk5ly6zYOp6sGudXMNHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGeUscz5Otg9X2NkPNrHV3qOw04MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEva1o1U3h6UGs2MkQxZlkyUTgyc2RYZW83RFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXD7/MA0G
CSqGSIb3DQEBCwUAA4IBAQC4Muq5Fyuw33IfnGAsi8WhYdgsBWOEbF1y/ZWuFaeu
Cxd7FT/aZg1zCLW30cEH8Yanuheb2XJNocvBKY/sKuLrPQQ9Qmb9jvq9yJaJPMZH
x3zhGKCs14Vt4LGYnrP7ALzA56UqNXGoe6DSKwBdqggLnfT5832qTr5dIYA7xu2A
H0ExDKo04qG3+UHWMGDipBPS54UmtpjQABLJbMyz6Hy6XQ0du6Z6VEPBq/zjcM3i
FUM647tA4Ngh9+vpiGHZXiBW7uGWq9U96LtjT/QP+NNdBP8xbAOcVGY44VUFtFwy
OGLr+YhT57cahnDZI93QKjCwPCzTeztOnba3ODT5iQNJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:34 2025 by rpki-client