Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/36d4d3-d080-437c-b7d4-1ceb5e22a0a9/1/KN5kvZCJ9RvCMSrOR5tNDK8n0A8.roa
File: KN5kvZCJ9RvCMSrOR5tNDK8n0A8.roa (raw, json)
Hash identifier: GoGYKlcbe4zDtsnV8ejWKPMtjsHMp06xqn6xaYstB10=
Subject key identifier: 28:DE:64:BD:90:89:F5:1B:C2:31:2A:CE:47:9B:4D:0C:AF:27:D0:0F
Certificate issuer: /CN=5b2e6a6544448d26073916ca88c4375e4ba79d2e
Certificate serial: 01856E2FBB9C91FA6077ADE7422E57FD0C49
Authority key identifier: 5B:2E:6A:65:44:44:8D:26:07:39:16:CA:88:C4:37:5E:4B:A7:9D:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy5qZUREjSYHORbKiMQ3XkunnS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/36d4d3-d080-437c-b7d4-1ceb5e22a0a9/1/KN5kvZCJ9RvCMSrOR5tNDK8n0A8.roa
Signing time: Sun 01 Jan 2023 16:34:59 +0000
ROA not before: Sun 01 Jan 2023 16:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197648
IP address blocks: 91.223.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:bb:9c:91:fa:60:77:ad:e7:42:2e:57:fd:0c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2e6a6544448d26073916ca88c4375e4ba79d2e
Validity
Not Before: Jan 1 16:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28de64bd9089f51bc2312ace479b4d0caf27d00f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1a:45:82:8c:28:20:ad:9c:01:cc:be:41:6a:
5e:17:d3:3c:90:43:67:85:4c:76:42:af:59:d3:a0:
7c:fe:ef:a8:dc:19:de:8f:fe:95:49:7f:67:4e:bc:
35:b0:6c:c7:8e:cb:93:1e:9b:7b:b9:03:80:24:56:
cb:c4:c2:62:35:14:ea:17:51:a5:3b:71:7c:6f:bf:
e7:68:11:15:ad:b2:56:73:d6:7f:40:1b:b4:bb:8e:
9b:3b:e9:b1:53:d3:3b:92:57:9f:de:fe:b4:c5:9f:
38:03:00:8a:81:52:ad:91:b6:d2:ee:1e:34:e2:4d:
13:be:04:2f:1d:0f:5a:a1:a7:65:ea:fd:9c:2b:1d:
92:56:c3:39:0f:69:89:41:22:a8:96:42:3f:ac:3b:
a6:9a:10:65:24:1b:4e:a8:30:7d:b1:d7:40:1e:74:
55:f1:88:c1:8f:28:03:ff:06:ff:77:c4:4a:93:9f:
5a:bb:5e:d1:6d:82:ca:46:9d:7f:b1:98:91:3e:19:
9b:21:3f:a9:8d:3c:48:75:73:9a:c9:91:18:f1:78:
57:25:4c:83:b2:af:e9:ab:97:d5:ef:01:36:4d:a6:
33:78:a4:6d:6b:5b:02:53:b5:11:d6:d0:40:30:7d:
92:04:7d:00:55:29:5a:29:ee:b5:31:28:a9:3a:0b:
30:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DE:64:BD:90:89:F5:1B:C2:31:2A:CE:47:9B:4D:0C:AF:27:D0:0F
X509v3 Authority Key Identifier:
keyid:5B:2E:6A:65:44:44:8D:26:07:39:16:CA:88:C4:37:5E:4B:A7:9D:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy5qZUREjSYHORbKiMQ3XkunnS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/36d4d3-d080-437c-b7d4-1ceb5e22a0a9/1/KN5kvZCJ9RvCMSrOR5tNDK8n0A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/36d4d3-d080-437c-b7d4-1ceb5e22a0a9/1/Wy5qZUREjSYHORbKiMQ3XkunnS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.208.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:f7:c3:4a:5c:5d:e7:4d:af:14:87:3f:98:80:26:4d:6b:b6:
92:47:89:37:c7:1b:79:4a:ed:1e:42:e6:ce:e5:c3:c0:34:d6:
47:0e:14:84:e9:98:08:d6:7d:81:e0:a7:a0:31:b0:2d:f2:e8:
73:7f:74:50:9f:84:d7:da:b3:df:bb:f6:59:f6:24:20:85:dd:
1e:4c:15:62:bc:a7:22:cc:23:bf:43:30:04:16:08:69:a6:22:
cd:09:72:56:67:76:72:36:97:a1:c6:44:0c:ef:25:91:f6:7d:
4b:f6:c1:fc:11:b1:b6:87:ae:6c:69:95:74:2f:be:14:06:01:
69:c8:33:83:f4:c2:4d:01:20:b1:29:2d:36:72:60:7e:5b:24:
d7:c0:b1:f6:df:0a:0d:49:4c:4c:a6:a9:a1:85:6f:c0:0d:59:
8c:a7:fb:f3:64:3c:e7:f4:f9:ad:49:0a:20:b2:30:9d:12:7d:
1d:a6:33:c1:9b:08:f8:79:ab:57:64:a1:a1:c7:96:8f:8c:30:
ca:57:d8:e9:aa:b8:cb:9d:4c:cd:98:92:5f:b6:79:39:88:82:
ad:d5:63:b6:77:d9:3d:88:8a:2c:19:2c:4e:17:9e:fc:65:b4:
01:95:57:58:67:3d:bb:fb:b3:80:ec:a7:3b:1b:fe:14:d9:4e:
08:9c:3b:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL7uckfpgd63nQi5X/QxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmU2YTY1NDQ0NDhkMjYwNzM5MTZjYTg4YzQzNzVlNGJh
NzlkMmUwHhcNMjMwMTAxMTYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRlNjRiZDkwODlmNTFiYzIzMTJhY2U0NzliNGQwY2FmMjdkMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xpFgowoIK2cAcy+QWpeF9M8kENn
hUx2Qq9Z06B8/u+o3Bnej/6VSX9nTrw1sGzHjsuTHpt7uQOAJFbLxMJiNRTqF1Gl
O3F8b7/naBEVrbJWc9Z/QBu0u46bO+mxU9M7klef3v60xZ84AwCKgVKtkbbS7h40
4k0TvgQvHQ9aoadl6v2cKx2SVsM5D2mJQSKolkI/rDummhBlJBtOqDB9sddAHnRV
8YjBjygD/wb/d8RKk59au17RbYLKRp1/sZiRPhmbIT+pjTxIdXOayZEY8XhXJUyD
sq/pq5fV7wE2TaYzeKRta1sCU7UR1tBAMH2SBH0AVSlaKe61MSipOgswQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjeZL2QifUbwjEqzkebTQyvJ9APMB8GA1UdIwQY
MBaAFFsuamVERI0mBzkWyojEN15Lp50uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3k1cVpVUkVqU1lIT1JiS2lNUTNYa3VublM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zNmQ0ZDMtZDA4MC00MzdjLWI3ZDQt
MWNlYjVlMjJhMGE5LzEvS041a3ZaQ0o5UnZDTVNyT1I1dE5ESzhuMEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zNmQ0ZDMtZDA4MC00MzdjLWI3ZDQtMWNlYjVlMjJhMGE5
LzEvV3k1cVpVUkVqU1lIT1JiS2lNUTNYa3VublM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/QMA0G
CSqGSIb3DQEBCwUAA4IBAQCu98NKXF3nTa8Uhz+YgCZNa7aSR4k3xxt5Su0eQubO
5cPANNZHDhSE6ZgI1n2B4KegMbAt8uhzf3RQn4TX2rPfu/ZZ9iQghd0eTBVivKci
zCO/QzAEFghppiLNCXJWZ3ZyNpehxkQM7yWR9n1L9sH8EbG2h65saZV0L74UBgFp
yDOD9MJNASCxKS02cmB+WyTXwLH23woNSUxMpqmhhW/ADVmMp/vzZDzn9PmtSQog
sjCdEn0dpjPBmwj4eatXZKGhx5aPjDDKV9jpqrjLnUzNmJJftnk5iIKt1WO2d9k9
iIosGSxOF578ZbQBlVdYZz27+7OA7Kc7G/4U2U4InDtQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:50 2025 by rpki-client