Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/LZnMbOvKNCeS9warD4gVCngTQgc.roa
File: LZnMbOvKNCeS9warD4gVCngTQgc.roa (raw, json)
Hash identifier: 6Cg/OSuVm718gl/BiJrXMhTNmjh+ffJ7x+FKxzJQO0A=
Subject key identifier: 2D:99:CC:6C:EB:CA:34:27:92:F7:06:AB:0F:88:15:0A:78:13:42:07
Certificate issuer: /CN=8edf6c2ad7acecad066e1f77fe05922f01691536
Certificate serial: 019421B220BA30ECCD8FDEC5994E9E8634C3
Authority key identifier: 8E:DF:6C:2A:D7:AC:EC:AD:06:6E:1F:77:FE:05:92:2F:01:69:15:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jt9sKtes7K0Gbh93_gWSLwFpFTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/LZnMbOvKNCeS9warD4gVCngTQgc.roa
Signing time: Wed 01 Jan 2025 11:48:29 +0000
ROA not before: Wed 01 Jan 2025 11:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207349
IP address blocks: 91.223.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:20:ba:30:ec:cd:8f:de:c5:99:4e:9e:86:34:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8edf6c2ad7acecad066e1f77fe05922f01691536
Validity
Not Before: Jan 1 11:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d99cc6cebca342792f706ab0f88150a78134207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4b:8b:14:6c:d1:3c:5d:0a:41:0b:04:27:0d:
96:95:c0:78:2f:bf:61:04:7a:6e:b9:d4:ba:13:83:
4c:c5:a8:0d:f9:b2:6c:42:9d:28:88:8f:63:9c:64:
c7:ee:53:aa:1b:6c:0f:12:bf:48:1f:22:b3:e2:29:
5d:d3:92:6a:5e:5a:c8:cf:4f:eb:97:32:b1:31:5c:
fe:fd:a7:17:bd:db:9a:5d:2a:53:f1:30:0e:c6:9e:
43:29:24:11:f8:12:fa:c9:ab:ec:f8:62:9d:99:84:
cb:14:d3:80:10:56:a2:25:83:a7:e8:18:3f:5c:17:
a3:00:6f:e5:10:11:05:f5:81:76:23:00:5b:05:5f:
7e:38:cb:92:39:5c:00:25:9e:ac:c6:1e:d3:07:68:
e6:db:b2:44:89:b6:7e:20:51:dd:4f:27:c2:05:4a:
74:90:72:b8:ec:20:45:31:3c:35:d1:d4:58:ca:b0:
38:71:c7:c3:86:31:5f:dd:8b:8d:e5:8d:85:09:0d:
19:45:c0:22:b4:d9:a0:5a:10:70:7c:5b:1b:0c:28:
04:8e:f5:a6:5d:b9:77:b3:e1:d9:77:7e:ce:a8:7f:
e0:89:b0:13:06:1e:66:2e:70:e0:19:b2:7b:d4:12:
80:5b:cb:4f:d2:30:69:6c:36:68:5d:80:e2:bf:77:
63:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:99:CC:6C:EB:CA:34:27:92:F7:06:AB:0F:88:15:0A:78:13:42:07
X509v3 Authority Key Identifier:
keyid:8E:DF:6C:2A:D7:AC:EC:AD:06:6E:1F:77:FE:05:92:2F:01:69:15:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jt9sKtes7K0Gbh93_gWSLwFpFTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/LZnMbOvKNCeS9warD4gVCngTQgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/0e7ef7-1831-42f6-a2cc-ae290d55bdb7/1/jt9sKtes7K0Gbh93_gWSLwFpFTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.222.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:66:b7:40:fb:25:e5:fa:30:34:2b:e8:8d:10:f1:61:a9:7f:
20:d1:b2:f4:3d:a9:ba:b8:d8:8d:f0:27:e9:ff:1b:58:b7:d4:
06:b3:4a:93:0b:71:13:30:c0:45:d6:e8:09:b2:38:41:38:89:
fd:3a:0c:53:bb:a9:80:94:af:2a:17:f7:7c:44:bd:fa:48:53:
e1:40:8a:07:fb:cb:01:4f:37:42:a7:13:5a:4b:4a:16:10:ab:
78:08:66:a0:b0:4c:e9:15:84:e5:4b:38:9f:bd:c0:3a:7e:55:
87:52:47:09:af:a6:28:30:ca:62:d7:4e:c8:e5:48:bc:61:44:
49:6c:ed:b0:9c:7e:85:38:83:2c:2a:cd:8e:a5:da:50:39:8b:
fb:b3:e4:c7:05:fe:31:11:95:87:72:0d:8c:c4:9c:b1:53:8d:
40:05:ba:51:7e:c5:eb:97:90:8f:23:97:d1:72:f8:f0:5c:1b:
d4:b7:2c:65:50:96:f2:3e:63:71:29:ea:fb:6f:f0:97:26:ca:
08:5a:5b:c4:af:ab:cb:95:28:84:ac:aa:b0:01:d5:de:f6:aa:
f5:5d:34:a8:41:9e:0d:21:40:88:8c:9d:84:bc:ae:ca:f8:8b:
d9:69:85:d2:be:bd:1c:07:50:f2:46:c2:f8:43:96:76:0b:ca:
45:7a:2e:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsiC6MOzNj97FmU6ehjTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZGY2YzJhZDdhY2VjYWQwNjZlMWY3N2ZlMDU5MjJmMDE2
OTE1MzYwHhcNMjUwMTAxMTE0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDk5Y2M2Y2ViY2EzNDI3OTJmNzA2YWIwZjg4MTUwYTc4MTM0MjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0uLFGzRPF0KQQsEJw2WlcB4L79h
BHpuudS6E4NMxagN+bJsQp0oiI9jnGTH7lOqG2wPEr9IHyKz4ild05JqXlrIz0/r
lzKxMVz+/acXvduaXSpT8TAOxp5DKSQR+BL6yavs+GKdmYTLFNOAEFaiJYOn6Bg/
XBejAG/lEBEF9YF2IwBbBV9+OMuSOVwAJZ6sxh7TB2jm27JEibZ+IFHdTyfCBUp0
kHK47CBFMTw10dRYyrA4ccfDhjFf3YuN5Y2FCQ0ZRcAitNmgWhBwfFsbDCgEjvWm
Xbl3s+HZd37OqH/gibATBh5mLnDgGbJ71BKAW8tP0jBpbDZoXYDiv3djxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2ZzGzryjQnkvcGqw+IFQp4E0IHMB8GA1UdIwQY
MBaAFI7fbCrXrOytBm4fd/4Fki8BaRU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanQ5c0t0ZXM3SzBHYmg5M19nV1NMd0ZwRlRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wZTdlZjctMTgzMS00MmY2LWEyY2Mt
YWUyOTBkNTViZGI3LzEvTFpuTWJPdktOQ2VTOXdhckQ0Z1ZDbmdUUWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8wZTdlZjctMTgzMS00MmY2LWEyY2MtYWUyOTBkNTViZGI3
LzEvanQ5c0t0ZXM3SzBHYmg5M19nV1NMd0ZwRlRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/eMA0G
CSqGSIb3DQEBCwUAA4IBAQBMZrdA+yXl+jA0K+iNEPFhqX8g0bL0Pam6uNiN8Cfp
/xtYt9QGs0qTC3ETMMBF1ugJsjhBOIn9OgxTu6mAlK8qF/d8RL36SFPhQIoH+8sB
TzdCpxNaS0oWEKt4CGagsEzpFYTlSzifvcA6flWHUkcJr6YoMMpi107I5Ui8YURJ
bO2wnH6FOIMsKs2OpdpQOYv7s+THBf4xEZWHcg2MxJyxU41ABbpRfsXrl5CPI5fR
cvjwXBvUtyxlUJbyPmNxKer7b/CXJsoIWlvEr6vLlSiErKqwAdXe9qr1XTSoQZ4N
IUCIjJ2EvK7K+IvZaYXSvr0cB1DyRsL4Q5Z2C8pFei4N
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:17 2025 by rpki-client