Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/iKZxL2ITs2UEzwBih25U8l0JZY4.roa
File: iKZxL2ITs2UEzwBih25U8l0JZY4.roa (raw, json)
Hash identifier: vWT6oURLAcf2YPbSqMzxuY7JjVV7uzKdKfyzAxVTuCQ=
Subject key identifier: 88:A6:71:2F:62:13:B3:65:04:CF:00:62:87:6E:54:F2:5D:09:65:8E
Certificate issuer: /CN=2acd8d1682e6622c1c09237bc41aa516669672b7
Certificate serial: 01956C1E4C9FD66724DDE84C649D5EB60D62
Authority key identifier: 2A:CD:8D:16:82:E6:62:2C:1C:09:23:7B:C4:1A:A5:16:66:96:72:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/iKZxL2ITs2UEzwBih25U8l0JZY4.roa
Signing time: Thu 06 Mar 2025 15:41:19 +0000
ROA not before: Thu 06 Mar 2025 15:41:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40627
IP address blocks: 80.81.128.0/20 maxlen: 32
185.23.248.0/22 maxlen: 32
2a04:28c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:1e:4c:9f:d6:67:24:dd:e8:4c:64:9d:5e:b6:0d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2acd8d1682e6622c1c09237bc41aa516669672b7
Validity
Not Before: Mar 6 15:41:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88a6712f6213b36504cf0062876e54f25d09658e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:cb:d2:ac:d1:42:e0:f2:d8:b0:7e:23:33:0e:
56:02:40:54:01:71:69:e7:1b:a9:b1:bd:98:02:be:
d0:3e:1a:7a:b8:a8:12:16:46:72:03:40:49:ea:e8:
0a:df:86:80:48:0e:8b:1f:8a:36:08:36:7f:60:a7:
23:dc:f9:ad:1d:b5:8c:f5:0a:92:9d:ad:3d:32:f1:
a1:15:6b:4b:df:70:7b:11:98:75:dc:df:c6:4a:f9:
41:63:77:da:9c:9d:41:10:3a:61:46:2f:51:0f:ed:
02:cc:73:4b:85:a1:7c:0c:e1:8c:83:b3:31:9f:2e:
77:fa:4b:88:4d:ef:90:b5:32:0d:e0:3f:25:61:a8:
19:f0:6e:b3:23:a6:7a:d5:61:4c:c2:31:ac:09:46:
05:cb:32:18:72:6e:3b:67:89:04:57:77:7e:3a:27:
d8:a7:52:e5:73:eb:da:13:50:e3:f0:e0:94:d0:f7:
e4:30:ac:b4:c6:18:9a:c4:8b:19:01:b6:37:58:c8:
65:a4:72:c8:ff:6e:62:5d:d6:31:44:f5:38:1f:81:
bf:7b:47:a1:ab:86:3f:4c:2f:7b:31:ed:32:b4:27:
df:16:00:fa:69:50:cc:9b:3b:c3:52:48:77:31:54:
65:77:4c:1d:3e:ed:11:2e:78:8d:a4:a3:ae:4e:7f:
3d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A6:71:2F:62:13:B3:65:04:CF:00:62:87:6E:54:F2:5D:09:65:8E
X509v3 Authority Key Identifier:
keyid:2A:CD:8D:16:82:E6:62:2C:1C:09:23:7B:C4:1A:A5:16:66:96:72:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/iKZxL2ITs2UEzwBih25U8l0JZY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.128.0/20
185.23.248.0/22
IPv6:
2a04:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:45:f7:83:f3:3a:83:69:df:4e:9c:bd:58:aa:3a:96:67:a1:
2d:87:fe:8d:63:fa:c2:f6:e7:5f:1e:1c:77:47:50:9f:bd:64:
c5:46:6f:52:d1:5e:ad:31:5d:f2:31:2b:91:29:bc:38:4f:3a:
87:4e:c5:64:df:c3:2f:46:56:b4:70:e5:8f:aa:49:c3:08:32:
b2:57:df:a8:fc:98:a7:f6:e1:1d:1e:7f:c1:eb:15:c1:ae:3e:
87:2e:1d:e7:c1:35:94:31:6f:5e:4a:22:1e:90:f3:ae:73:8f:
1d:6e:5b:8c:3c:62:8f:35:6e:b6:83:4f:89:58:f5:22:d0:76:
16:81:0c:44:07:31:eb:79:5c:a5:15:51:1e:ed:16:43:88:2d:
57:c0:0e:2b:b6:8a:c8:71:cb:80:54:74:51:e1:fa:e7:87:03:
96:10:e3:b4:9e:e1:ed:af:90:25:39:89:15:11:64:91:70:39:
3d:3f:59:4e:25:e7:83:11:8c:c3:c3:1b:d6:23:12:7e:d8:30:
2a:70:53:93:c2:91:7b:0c:07:65:bc:64:9c:39:d6:f6:b8:7a:
81:1c:c9:13:e9:5a:d0:fb:1d:44:8f:05:0b:62:70:c3:38:1c:
91:4d:44:41:7d:2a:d4:10:82:4a:16:0e:fe:2e:ec:d6:2f:87:
5a:32:91:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZVsHkyf1mck3ehMZJ1etg1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhY2Q4ZDE2ODJlNjYyMmMxYzA5MjM3YmM0MWFhNTE2NjY5
NjcyYjcwHhcNMjUwMzA2MTU0MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE2NzEyZjYyMTNiMzY1MDRjZjAwNjI4NzZlNTRmMjVkMDk2NThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48vSrNFC4PLYsH4jMw5WAkBUAXFp
5xupsb2YAr7QPhp6uKgSFkZyA0BJ6ugK34aASA6LH4o2CDZ/YKcj3PmtHbWM9QqS
na09MvGhFWtL33B7EZh13N/GSvlBY3fanJ1BEDphRi9RD+0CzHNLhaF8DOGMg7Mx
ny53+kuITe+QtTIN4D8lYagZ8G6zI6Z61WFMwjGsCUYFyzIYcm47Z4kEV3d+OifY
p1Llc+vaE1Dj8OCU0PfkMKy0xhiaxIsZAbY3WMhlpHLI/25iXdYxRPU4H4G/e0eh
q4Y/TC97Me0ytCffFgD6aVDMmzvDUkh3MVRld0wdPu0RLniNpKOuTn89nwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIimcS9iE7NlBM8AYoduVPJdCWWOMB8GA1UdIwQY
MBaAFCrNjRaC5mIsHAkje8QapRZmlnK3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3MyTkZvTG1ZaXdjQ1NON3hCcWxGbWFXY3JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85NWRiY2UtZDRlOS00MWYxLTgyZGMt
ZTg0Y2IxZGEyMWJkLzEvaUtaeEwySVRzMlVFendCaWgyNVU4bDBKWlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85NWRiY2UtZDRlOS00MWYxLTgyZGMtZTg0Y2IxZGEyMWJk
LzEvS3MyTkZvTG1ZaXdjQ1NON3hCcWxGbWFXY3JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUFGAAwQC
uRf4MA0EAgACMAcDBQMqBCjAMA0GCSqGSIb3DQEBCwUAA4IBAQBNRfeD8zqDad9O
nL1YqjqWZ6Eth/6NY/rC9udfHhx3R1CfvWTFRm9S0V6tMV3yMSuRKbw4TzqHTsVk
38MvRla0cOWPqknDCDKyV9+o/Jin9uEdHn/B6xXBrj6HLh3nwTWUMW9eSiIekPOu
c48dbluMPGKPNW62g0+JWPUi0HYWgQxEBzHreVylFVEe7RZDiC1XwA4rtorIccuA
VHRR4frnhwOWEOO0nuHtr5AlOYkVEWSRcDk9P1lOJeeDEYzDwxvWIxJ+2DAqcFOT
wpF7DAdlvGScOdb2uHqBHMkT6VrQ+x1EjwULYnDDOByRTURBfSrUEIJKFg7+LuzW
L4daMpFi
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:32:07 2025 by rpki-client