Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Zokk9-ke3e4g6tf_NzEP8-t6QmQ.roa
File: Zokk9-ke3e4g6tf_NzEP8-t6QmQ.roa (raw, json)
Hash identifier: LDa+p34hUBYWv+O47IPPq2d0lQ+F5fOMupLZzH7le48=
Subject key identifier: 66:89:24:F7:E9:1E:DD:EE:20:EA:D7:FF:37:31:0F:F3:EB:7A:42:64
Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial: 019420D5ACAC961312731981DFB2B3085F56
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Zokk9-ke3e4g6tf_NzEP8-t6QmQ.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60800
IP address blocks: 91.197.228.0/22 maxlen: 24
185.181.116.0/22 maxlen: 24
2a0a:cb80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ac:ac:96:13:12:73:19:81:df:b2:b3:08:5f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=668924f7e91eddee20ead7ff37310ff3eb7a4264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:58:35:ab:03:f5:95:a3:fd:53:2b:5d:7d:9a:
de:13:45:8d:87:66:c0:75:19:40:f2:c0:46:b5:f0:
b9:31:e1:d0:6a:07:6e:e1:01:74:fc:66:ec:ee:a6:
f6:6f:ba:e2:9c:54:be:77:0a:fe:8d:5f:5f:95:3e:
10:57:08:19:cd:c4:1d:80:b6:a4:cd:3b:50:3f:f8:
40:08:8c:43:fe:7c:4a:68:56:bf:cb:63:65:a1:a9:
7a:8b:59:fc:f0:25:13:b7:07:1b:f2:53:7f:dd:68:
9f:8b:a2:30:ec:cd:ad:b8:a0:9b:3e:2c:29:59:c2:
5b:b9:38:d5:2a:f6:78:57:f8:32:8d:4e:ae:b8:49:
d5:8b:36:ad:49:fc:a9:24:a8:48:8b:2d:ef:27:1d:
70:66:57:96:a8:33:58:6d:40:7b:a9:4f:b2:4d:48:
9f:fb:bc:3d:79:a8:dd:07:6f:71:23:b3:6e:04:de:
3a:1a:1f:ec:2c:03:46:f7:20:01:e5:a2:11:50:d8:
db:8f:34:2e:7f:14:16:5a:78:0f:10:50:80:5e:af:
64:cc:07:e6:ca:d0:af:8c:cd:dc:19:0f:5e:0d:b2:
44:1f:14:95:c9:e9:5f:8f:66:e6:67:5b:c1:9a:9f:
d7:a8:56:e5:e2:33:42:cd:f5:45:76:0e:ff:c1:6f:
0b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:89:24:F7:E9:1E:DD:EE:20:EA:D7:FF:37:31:0F:F3:EB:7A:42:64
X509v3 Authority Key Identifier:
keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Zokk9-ke3e4g6tf_NzEP8-t6QmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.228.0/22
185.181.116.0/22
IPv6:
2a0a:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
75:ce:0e:f4:4a:bb:e5:ae:71:71:93:19:cb:6e:ab:48:a6:bf:
b0:90:40:ec:90:ea:59:7e:1a:53:a7:23:82:62:f4:c4:b4:c3:
36:cf:7c:8a:83:34:20:2d:76:5d:da:5a:0d:56:56:68:31:c7:
a9:d0:f9:9a:11:65:ab:08:77:3a:2c:1b:60:28:36:0f:c6:2d:
a6:81:e9:4c:58:bb:68:79:b8:dd:5d:39:55:5b:be:20:1b:81:
39:33:ed:b8:b8:c7:05:8d:69:17:25:d6:27:5f:3b:8f:51:e7:
d1:bf:84:f4:11:67:d2:c7:f7:7e:ec:d6:ed:47:73:0c:a1:97:
0d:95:31:dd:cb:61:2b:7d:b0:f7:9d:aa:50:6b:0a:d2:fa:39:
ba:27:f2:2a:12:a4:57:7a:8b:4e:2b:e0:a1:99:f0:10:88:e5:
25:c1:3b:9c:4a:9f:15:d1:a2:2c:f6:a3:cb:d2:db:dc:3e:bd:
38:b5:a2:5f:72:95:86:52:2c:2c:0e:71:d5:14:37:e1:20:ef:
21:d9:25:28:42:d9:db:e0:65:46:66:31:0b:dd:77:73:e2:35:
76:79:5f:c5:4d:24:9a:f4:99:46:c7:f3:dc:e6:b1:59:0d:70:
f7:e8:4b:3a:dc:45:d1:a1:37:f9:89:bb:5f:de:bb:01:65:19:
39:06:ba:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1ayslhMScxmB37KzCF9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njg5MjRmN2U5MWVkZGVlMjBlYWQ3ZmYzNzMxMGZmM2ViN2E0MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFg1qwP1laP9UytdfZreE0WNh2bA
dRlA8sBGtfC5MeHQagdu4QF0/Gbs7qb2b7rinFS+dwr+jV9flT4QVwgZzcQdgLak
zTtQP/hACIxD/nxKaFa/y2Nloal6i1n88CUTtwcb8lN/3Wifi6Iw7M2tuKCbPiwp
WcJbuTjVKvZ4V/gyjU6uuEnVizatSfypJKhIiy3vJx1wZleWqDNYbUB7qU+yTUif
+7w9eajdB29xI7NuBN46Gh/sLANG9yAB5aIRUNjbjzQufxQWWngPEFCAXq9kzAfm
ytCvjM3cGQ9eDbJEHxSVyelfj2bmZ1vBmp/XqFbl4jNCzfVFdg7/wW8LkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGaJJPfpHt3uIOrX/zcxD/PrekJkMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvWm9razkta2UzZTRnNnRmX056RVA4LXQ2UW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQB1zg70SrvlrnFx
kxnLbqtIpr+wkEDskOpZfhpTpyOCYvTEtMM2z3yKgzQgLXZd2loNVlZoMcep0Pma
EWWrCHc6LBtgKDYPxi2mgelMWLtoebjdXTlVW74gG4E5M+24uMcFjWkXJdYnXzuP
UefRv4T0EWfSx/d+7NbtR3MMoZcNlTHdy2ErfbD3napQawrS+jm6J/IqEqRXeotO
K+ChmfAQiOUlwTucSp8V0aIs9qPL0tvcPr04taJfcpWGUiwsDnHVFDfhIO8h2SUo
Qtnb4GVGZjEL3Xdz4jV2eV/FTSSa9JlGx/Pc5rFZDXD36Es63EXRoTf5ibtf3rsB
ZRk5Brqo
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:54:36 2025 by rpki-client