Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/zRIEfiHVhkzqHiYdm3McIGPDP2Q.roa
File: zRIEfiHVhkzqHiYdm3McIGPDP2Q.roa (raw, json)
Hash identifier: 32bioXyHcsiw84uow4i7c6KhRJSD3457u6OM44k/3vM=
Subject key identifier: CD:12:04:7E:21:D5:86:4C:EA:1E:26:1D:9B:73:1C:20:63:C3:3F:64
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0194221FDA482603FECFEB9006B425B1E42D
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/zRIEfiHVhkzqHiYdm3McIGPDP2Q.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.103.120.0/21 maxlen: 24
91.103.120.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:da:48:26:03:fe:cf:eb:90:06:b4:25:b1:e4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd12047e21d5864cea1e261d9b731c2063c33f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d6:34:2b:63:64:f0:46:7b:fa:e7:9d:fb:e1:
05:46:12:74:cd:30:e2:6e:d7:35:6d:b0:04:02:fb:
a0:91:f5:f5:47:df:23:ba:d8:5a:77:e4:96:e5:e5:
86:02:f4:9b:dc:8d:74:96:85:ad:ec:f7:05:85:c9:
bb:49:2a:c6:e2:4d:a4:c0:b8:eb:73:19:aa:95:e0:
fa:8a:08:64:3d:f8:ec:41:15:ea:78:ca:77:f4:b9:
9d:51:2d:37:8f:2a:26:e3:65:15:d8:06:5d:81:96:
85:7a:86:28:6c:5d:08:48:a5:6a:58:21:88:95:40:
a8:78:91:0e:b1:aa:3e:8c:6c:16:3f:d5:bc:90:b8:
19:38:6a:f2:16:32:7d:3c:44:8a:af:1e:07:de:da:
70:4d:da:38:9b:db:74:55:d3:a9:72:2d:81:6c:ea:
a8:0c:4d:a5:cf:be:ad:9b:f5:4e:fc:4c:fe:88:15:
94:a7:f1:32:7e:2c:f7:0b:79:4a:d0:0b:49:93:32:
de:a1:ff:6b:7a:68:15:97:cf:de:1e:19:fe:36:47:
40:a3:2f:bf:5b:88:49:c4:f2:24:16:6c:83:43:e1:
c3:b8:60:b3:6e:b0:5c:ea:bf:d8:52:df:a0:64:01:
8d:e7:2a:0f:72:b4:09:70:88:c3:8e:db:3f:ec:57:
91:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:12:04:7E:21:D5:86:4C:EA:1E:26:1D:9B:73:1C:20:63:C3:3F:64
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/zRIEfiHVhkzqHiYdm3McIGPDP2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
Signature Algorithm: sha256WithRSAEncryption
18:c3:57:d7:87:45:1f:f8:91:85:23:6a:76:5b:35:f6:49:a5:
32:1f:58:62:e7:20:33:10:a1:6a:1e:a3:94:06:cf:06:92:16:
ef:bf:c9:c2:e0:84:34:38:66:87:9a:5d:76:77:dc:06:64:9e:
64:39:c8:73:ad:47:9c:d7:81:87:11:ca:c6:f1:2e:b1:88:08:
5f:9e:c6:a6:68:d0:26:e4:4b:23:54:4a:e7:81:97:05:50:31:
f5:2d:a0:02:af:4f:b1:e9:67:e3:ae:43:d7:f3:e9:e8:9b:cd:
a4:b7:47:47:88:15:f2:06:b9:72:fc:7f:f7:16:15:ab:0d:0e:
00:72:8a:56:49:ef:5a:d4:49:9f:c4:1a:56:bc:de:89:4c:2c:
ec:ed:b1:41:52:f0:3a:41:c3:2b:5d:b8:38:30:0a:5c:51:69:
44:e9:ae:0d:31:cc:2a:bd:f6:f9:4b:25:a1:ce:37:53:74:d2:
be:cf:b4:a6:7b:e1:b2:f2:50:b7:1f:bb:f3:72:c6:a4:9a:62:
a3:79:26:36:60:dd:4c:24:3f:d5:d1:c3:48:a7:77:2c:9a:62:
0e:d4:ae:b0:07:71:66:02:9e:ed:a6:85:e2:70:75:01:2c:5d:
07:c7:04:6c:c5:fd:a6:fa:69:e8:1e:eb:fc:ea:12:e6:0a:6e:
3f:81:28:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH9pIJgP+z+uQBrQlseQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDEyMDQ3ZTIxZDU4NjRjZWExZTI2MWQ5YjczMWMyMDYzYzMzZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNY0K2Nk8EZ7+ued++EFRhJ0zTDi
btc1bbAEAvugkfX1R98juthad+SW5eWGAvSb3I10loWt7PcFhcm7SSrG4k2kwLjr
cxmqleD6ighkPfjsQRXqeMp39LmdUS03jyom42UV2AZdgZaFeoYobF0ISKVqWCGI
lUCoeJEOsao+jGwWP9W8kLgZOGryFjJ9PESKrx4H3tpwTdo4m9t0VdOpci2BbOqo
DE2lz76tm/VO/Ez+iBWUp/Eyfiz3C3lK0AtJkzLeof9remgVl8/eHhn+NkdAoy+/
W4hJxPIkFmyDQ+HDuGCzbrBc6r/YUt+gZAGN5yoPcrQJcIjDjts/7FeRuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0SBH4h1YZM6h4mHZtzHCBjwz9kMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvelJJRWZpSFZoa3pxSGlZZG0zTWNJR1BEUDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2d4MA0G
CSqGSIb3DQEBCwUAA4IBAQAYw1fXh0Uf+JGFI2p2WzX2SaUyH1hi5yAzEKFqHqOU
Bs8Gkhbvv8nC4IQ0OGaHml12d9wGZJ5kOchzrUec14GHEcrG8S6xiAhfnsamaNAm
5EsjVErngZcFUDH1LaACr0+x6WfjrkPX8+nom82kt0dHiBXyBrly/H/3FhWrDQ4A
copWSe9a1EmfxBpWvN6JTCzs7bFBUvA6QcMrXbg4MApcUWlE6a4NMcwqvfb5SyWh
zjdTdNK+z7Sme+Gy8lC3H7vzcsakmmKjeSY2YN1MJD/V0cNIp3csmmIO1K6wB3Fm
Ap7tpoXicHUBLF0HxwRsxf2m+mnoHuv86hLmCm4/gSgO
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:50 2025 by rpki-client