Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/CzgWRo2OrtBEMKgJ83rtq5Y3g98.roa
File: CzgWRo2OrtBEMKgJ83rtq5Y3g98.roa (raw, json)
Hash identifier: 2xTrIXSTjNXzltKj7q0eYjRCvrpmaN3vPbRoQNYjpK8=
Subject key identifier: 0B:38:16:46:8D:8E:AE:D0:44:30:A8:09:F3:7A:ED:AB:96:37:83:DF
Certificate issuer: /CN=e12cfc7da8fa74a16dd38c17c20a0192cbb2d3fe
Certificate serial: 019425FCA7B7A82536847E65041461E31423
Authority key identifier: E1:2C:FC:7D:A8:FA:74:A1:6D:D3:8C:17:C2:0A:01:92:CB:B2:D3:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Sz8faj6dKFt04wXwgoBksuy0_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/CzgWRo2OrtBEMKgJ83rtq5Y3g98.roa
Signing time: Thu 02 Jan 2025 07:48:22 +0000
ROA not before: Thu 02 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56750
IP address blocks: 91.227.90.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:a7:b7:a8:25:36:84:7e:65:04:14:61:e3:14:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e12cfc7da8fa74a16dd38c17c20a0192cbb2d3fe
Validity
Not Before: Jan 2 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b3816468d8eaed04430a809f37aedab963783df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:43:9e:34:82:61:6c:d1:5e:a7:cf:8e:43:8a:
09:9b:4b:10:d5:e8:bd:78:04:db:32:93:c5:dd:db:
97:40:c4:4e:ee:90:0f:dd:db:07:a9:0b:00:0f:c9:
b7:78:eb:12:c7:54:ff:72:bf:f7:b9:ae:50:7a:68:
82:af:42:ad:77:d4:d6:5c:00:cf:70:74:14:aa:e2:
39:f1:dd:06:b9:de:fb:0c:44:b8:fb:81:1b:49:2f:
f4:ff:ee:6c:4a:9e:42:82:6f:2a:bf:04:8d:f7:45:
57:e3:44:93:fb:1c:4b:9a:55:e1:c5:47:bd:8d:82:
72:fa:26:4b:65:9e:51:10:7c:5e:3d:37:54:85:73:
52:b1:c1:f9:d9:4b:c8:43:a8:88:d8:42:c4:a9:a0:
9b:03:9d:8d:86:48:82:19:47:56:fe:b9:87:41:6e:
32:ce:0c:da:34:6d:e9:e4:88:c7:7f:fe:a6:43:2a:
60:71:74:8d:f0:4f:0b:b7:f9:cd:b1:3f:55:53:68:
40:d6:fd:c7:19:98:42:b9:b4:c4:3a:45:ce:a2:98:
64:ad:de:44:d1:c2:e3:35:3f:a6:a4:3b:6c:79:3d:
95:4f:ce:be:8b:7a:0e:a4:6f:1e:7d:1e:0f:e6:46:
d3:7f:c0:ad:2a:2e:92:d1:60:c9:9f:d2:8d:07:28:
9e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:38:16:46:8D:8E:AE:D0:44:30:A8:09:F3:7A:ED:AB:96:37:83:DF
X509v3 Authority Key Identifier:
keyid:E1:2C:FC:7D:A8:FA:74:A1:6D:D3:8C:17:C2:0A:01:92:CB:B2:D3:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Sz8faj6dKFt04wXwgoBksuy0_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/CzgWRo2OrtBEMKgJ83rtq5Y3g98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a6aeff-9b9a-4c18-9474-2272b4dbaa62/1/4Sz8faj6dKFt04wXwgoBksuy0_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.90.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:ef:ee:b7:70:33:3d:26:3e:3b:f0:ca:34:2b:25:77:de:a5:
01:37:5d:e7:c0:f2:5c:3e:9c:65:fe:95:30:70:c2:28:f2:40:
1b:b9:38:92:0c:aa:74:25:83:b2:36:bc:fa:01:0a:ce:dc:84:
86:ef:f4:8e:6b:2b:e8:81:dc:a8:de:7e:b8:08:7d:68:59:c2:
8d:ec:77:78:86:88:66:1f:69:29:2a:30:df:00:d2:5c:52:49:
25:8a:9c:4c:36:8f:7c:95:69:b9:02:89:cd:23:fc:8d:be:9b:
00:c3:39:d3:68:7d:c1:72:ff:ba:1a:73:dd:5a:60:3a:54:68:
49:c2:74:78:16:77:b9:9b:9c:33:72:62:aa:9c:15:68:82:64:
31:cb:aa:e7:88:51:1f:8e:ce:97:a6:3f:13:ac:22:8d:ae:40:
25:e5:a6:76:15:6d:93:ba:ac:09:dd:82:44:95:f5:b5:8b:c6:
23:66:0a:8c:03:ac:05:20:81:65:7d:7b:e9:e1:e0:74:f6:b5:
85:fd:9b:ce:ef:bf:39:a9:02:03:eb:45:68:fe:2e:50:57:ed:
92:35:0e:8f:b2:e7:11:75:ee:a7:29:5b:6f:5d:e1:2b:92:d9:
1f:79:43:27:ff:ad:62:81:28:05:fc:61:62:37:28:9b:2f:e4:
d6:ba:de:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/Ke3qCU2hH5lBBRh4xQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMmNmYzdkYThmYTc0YTE2ZGQzOGMxN2MyMGEwMTkyY2Ji
MmQzZmUwHhcNMjUwMTAyMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM4MTY0NjhkOGVhZWQwNDQzMGE4MDlmMzdhZWRhYjk2Mzc4M2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0OeNIJhbNFep8+OQ4oJm0sQ1ei9
eATbMpPF3duXQMRO7pAP3dsHqQsAD8m3eOsSx1T/cr/3ua5QemiCr0Ktd9TWXADP
cHQUquI58d0Gud77DES4+4EbSS/0/+5sSp5Cgm8qvwSN90VX40ST+xxLmlXhxUe9
jYJy+iZLZZ5REHxePTdUhXNSscH52UvIQ6iI2ELEqaCbA52NhkiCGUdW/rmHQW4y
zgzaNG3p5IjHf/6mQypgcXSN8E8Lt/nNsT9VU2hA1v3HGZhCubTEOkXOophkrd5E
0cLjNT+mpDtseT2VT86+i3oOpG8efR4P5kbTf8CtKi6S0WDJn9KNByiecwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAs4FkaNjq7QRDCoCfN67auWN4PfMB8GA1UdIwQY
MBaAFOEs/H2o+nShbdOMF8IKAZLLstP+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFN6OGZhajZkS0Z0MDR3WHdnb0Jrc3V5MF80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hNmFlZmYtOWI5YS00YzE4LTk0NzQt
MjI3MmI0ZGJhYTYyLzEvQ3pnV1JvMk9ydEJFTUtnSjgzcnRxNVkzZzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hNmFlZmYtOWI5YS00YzE4LTk0NzQtMjI3MmI0ZGJhYTYy
LzEvNFN6OGZhajZkS0Z0MDR3WHdnb0Jrc3V5MF80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+NaMA0G
CSqGSIb3DQEBCwUAA4IBAQBK7+63cDM9Jj478Mo0KyV33qUBN13nwPJcPpxl/pUw
cMIo8kAbuTiSDKp0JYOyNrz6AQrO3ISG7/SOayvogdyo3n64CH1oWcKN7Hd4hohm
H2kpKjDfANJcUkklipxMNo98lWm5AonNI/yNvpsAwznTaH3Bcv+6GnPdWmA6VGhJ
wnR4Fne5m5wzcmKqnBVogmQxy6rniFEfjs6Xpj8TrCKNrkAl5aZ2FW2TuqwJ3YJE
lfW1i8YjZgqMA6wFIIFlfXvp4eB09rWF/ZvO7785qQID60Vo/i5QV+2SNQ6PsucR
de6nKVtvXeErktkfeUMn/61igSgF/GFiNyibL+TWut6Z
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:01:27 2025 by rpki-client