Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/ZMvF8N06VsuZ5tNxMMczzsSTe5w.roa
File: ZMvF8N06VsuZ5tNxMMczzsSTe5w.roa (raw, json)
Hash identifier: D7vN+YdR9s6oznh1bq9p5ngAxVIRYXDWMiWld/VomNA=
Subject key identifier: 64:CB:C5:F0:DD:3A:56:CB:99:E6:D3:71:30:C7:33:CE:C4:93:7B:9C
Certificate issuer: /CN=70cf5e697c6094adb6bc97156b35e005fd4cf2e2
Certificate serial: 019428277C26261445BC266846A8B181B3B3
Authority key identifier: 70:CF:5E:69:7C:60:94:AD:B6:BC:97:15:6B:35:E0:05:FD:4C:F2:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cM9eaXxglK22vJcVazXgBf1M8uI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/ZMvF8N06VsuZ5tNxMMczzsSTe5w.roa
Signing time: Thu 02 Jan 2025 17:54:23 +0000
ROA not before: Thu 02 Jan 2025 17:54:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51915
IP address blocks: 91.220.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:7c:26:26:14:45:bc:26:68:46:a8:b1:81:b3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cf5e697c6094adb6bc97156b35e005fd4cf2e2
Validity
Not Before: Jan 2 17:54:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64cbc5f0dd3a56cb99e6d37130c733cec4937b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6d:4d:e7:6d:0c:9d:87:03:80:f3:44:1b:a6:
16:34:16:0a:79:13:b8:27:23:3e:af:fd:f8:e1:2e:
4f:02:de:22:2c:d7:20:7c:d4:cd:59:57:1b:20:7b:
8d:58:ac:24:15:f4:fd:bf:27:d6:3a:4e:bf:48:42:
4c:bb:2a:ce:44:46:6f:7c:f3:1b:7f:c7:d8:dc:4d:
77:53:e9:98:3d:c4:ff:65:bd:da:e0:74:c2:e6:6d:
19:6f:6a:ce:35:0c:f5:ad:54:2e:f5:8f:5c:92:1d:
2d:d8:4f:6b:52:3e:b7:c5:d4:a0:31:bf:7e:99:8c:
5e:d0:3a:ad:e4:19:23:c5:2d:5a:64:4a:89:4d:dc:
7b:f1:ce:0f:13:b3:f7:ad:18:2e:05:f0:db:53:68:
da:bf:7e:1e:58:c9:85:78:f4:c3:ca:af:0a:ef:68:
02:51:1a:4b:e4:ce:1e:92:06:93:75:c4:57:ac:32:
4c:ee:28:be:a9:c4:fa:01:63:50:38:1c:dc:57:ce:
54:91:2b:98:75:b8:08:83:41:af:52:f6:7e:72:1a:
f5:a6:7d:36:6c:60:3c:85:68:bd:6d:ca:e5:4d:4b:
05:e5:90:2c:5f:24:e7:9d:13:6c:4f:1f:f6:53:3e:
da:fc:5e:3c:38:a7:23:19:22:c9:81:30:0c:be:ef:
45:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CB:C5:F0:DD:3A:56:CB:99:E6:D3:71:30:C7:33:CE:C4:93:7B:9C
X509v3 Authority Key Identifier:
keyid:70:CF:5E:69:7C:60:94:AD:B6:BC:97:15:6B:35:E0:05:FD:4C:F2:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cM9eaXxglK22vJcVazXgBf1M8uI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/ZMvF8N06VsuZ5tNxMMczzsSTe5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/4d5295-f8f2-4e05-add0-519795a22502/1/cM9eaXxglK22vJcVazXgBf1M8uI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.182.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:54:9b:e2:9e:3b:88:20:db:00:6e:bf:86:c5:97:63:53:3c:
8e:dc:65:6c:0c:43:0d:49:9f:0f:61:ba:bd:12:03:29:78:4b:
76:9a:db:e5:df:1c:45:3e:68:fb:84:a7:1f:bf:90:fc:0c:4f:
20:6c:d9:27:9d:46:5c:13:a0:5f:56:bc:74:3d:91:c4:c0:6f:
40:a3:a2:67:5f:87:a9:07:0a:f0:71:b0:d3:49:a8:93:e5:0c:
d3:3b:99:7b:98:8d:e6:07:72:0f:aa:0d:7e:e0:91:fa:48:c5:
f7:96:19:dd:18:42:35:21:12:3d:66:b6:98:45:03:b8:9a:5d:
bd:15:58:d8:5c:1e:f0:e4:9d:41:f6:2d:29:5c:27:dc:58:eb:
ba:b6:74:7d:bd:c8:a1:24:55:a4:1c:66:9b:4c:ae:3b:ab:8d:
94:9a:81:bc:ff:0d:ea:78:07:10:78:df:c0:b6:77:20:cf:31:
31:45:d9:18:90:6c:49:c9:cf:e8:10:0f:5b:d2:66:21:3c:72:
6e:d4:36:7b:5b:0a:ca:64:37:b0:67:1e:de:df:9b:a9:cd:b4:
95:e6:43:35:18:e4:e7:aa:4a:a8:16:92:29:60:90:4b:aa:d4:
33:3a:c9:21:64:0a:44:1c:c3:fa:55:ce:e6:63:ec:97:41:4e:
51:b5:3d:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ3wmJhRFvCZoRqixgbOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwY2Y1ZTY5N2M2MDk0YWRiNmJjOTcxNTZiMzVlMDA1ZmQ0
Y2YyZTIwHhcNMjUwMTAyMTc1NDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGNiYzVmMGRkM2E1NmNiOTllNmQzNzEzMGM3MzNjZWM0OTM3YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs21N520MnYcDgPNEG6YWNBYKeRO4
JyM+r/344S5PAt4iLNcgfNTNWVcbIHuNWKwkFfT9vyfWOk6/SEJMuyrOREZvfPMb
f8fY3E13U+mYPcT/Zb3a4HTC5m0Zb2rONQz1rVQu9Y9ckh0t2E9rUj63xdSgMb9+
mYxe0Dqt5BkjxS1aZEqJTdx78c4PE7P3rRguBfDbU2jav34eWMmFePTDyq8K72gC
URpL5M4ekgaTdcRXrDJM7ii+qcT6AWNQOBzcV85UkSuYdbgIg0GvUvZ+chr1pn02
bGA8hWi9bcrlTUsF5ZAsXyTnnRNsTx/2Uz7a/F48OKcjGSLJgTAMvu9FbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTLxfDdOlbLmebTcTDHM87Ek3ucMB8GA1UdIwQY
MBaAFHDPXml8YJSttryXFWs14AX9TPLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY005ZWFYeGdsSzIydkpjVmF6WGdCZjFNOHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy80ZDUyOTUtZjhmMi00ZTA1LWFkZDAt
NTE5Nzk1YTIyNTAyLzEvWk12RjhOMDZWc3VaNXROeE1NY3p6c1NUZTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy80ZDUyOTUtZjhmMi00ZTA1LWFkZDAtNTE5Nzk1YTIyNTAy
LzEvY005ZWFYeGdsSzIydkpjVmF6WGdCZjFNOHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9y2MA0G
CSqGSIb3DQEBCwUAA4IBAQCgVJvinjuIINsAbr+GxZdjUzyO3GVsDEMNSZ8PYbq9
EgMpeEt2mtvl3xxFPmj7hKcfv5D8DE8gbNknnUZcE6BfVrx0PZHEwG9Ao6JnX4ep
BwrwcbDTSaiT5QzTO5l7mI3mB3IPqg1+4JH6SMX3lhndGEI1IRI9ZraYRQO4ml29
FVjYXB7w5J1B9i0pXCfcWOu6tnR9vcihJFWkHGabTK47q42UmoG8/w3qeAcQeN/A
tncgzzExRdkYkGxJyc/oEA9b0mYhPHJu1DZ7WwrKZDewZx7e35upzbSV5kM1GOTn
qkqoFpIpYJBLqtQzOskhZApEHMP6Vc7mY+yXQU5RtT33
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:25:01 2025 by rpki-client