Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/r5yudb6IfBBcmxoLgw9TyUiCefk.roa
File: r5yudb6IfBBcmxoLgw9TyUiCefk.roa (raw, json)
Hash identifier: y4WI0t0JKkTZj6POj5qAKQmnG1tODIla6Umb8E8Fyts=
Subject key identifier: AF:9C:AE:75:BE:88:7C:10:5C:9B:1A:0B:83:0F:53:C9:48:82:79:F9
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0194214419186B2A45DDA8042A754B40C4D7
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/r5yudb6IfBBcmxoLgw9TyUiCefk.roa
Signing time: Wed 01 Jan 2025 09:48:18 +0000
ROA not before: Wed 01 Jan 2025 09:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214535
IP address blocks: 80.242.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:19:18:6b:2a:45:dd:a8:04:2a:75:4b:40:c4:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af9cae75be887c105c9b1a0b830f53c9488279f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0c:6c:1c:33:64:67:ed:6b:38:db:de:e0:9d:
c0:a0:f1:49:c1:0b:57:b8:ac:52:d0:26:32:75:57:
27:dd:98:62:73:10:9b:f9:5b:67:59:9d:04:8f:d6:
40:90:1d:1a:1b:40:52:e8:01:6c:ec:ab:43:fd:4a:
5c:25:53:e8:f9:28:33:7d:ef:9b:6f:10:cb:e0:18:
b3:3e:51:ad:0b:49:5d:c9:df:31:11:a8:33:37:02:
90:84:3e:ae:f7:12:35:cd:a0:10:20:b2:eb:49:1c:
e7:ca:b9:5e:e6:54:d1:ce:b1:32:f8:5c:eb:77:b7:
cf:a2:97:eb:7b:6d:9b:70:09:fb:6c:bf:9b:bc:49:
aa:e0:14:cf:e1:26:e0:57:6c:f3:e1:4b:08:92:5c:
80:96:f6:dd:c5:6b:7e:7a:fa:1a:4f:dd:67:67:f7:
bf:e8:86:0b:af:63:50:93:eb:4c:d3:b4:b1:6b:d9:
ae:d7:8a:13:38:74:7c:21:2f:9c:c4:2e:9e:a2:5f:
92:e5:d8:98:66:92:b4:ff:de:d6:ba:7f:0e:49:7c:
8c:14:01:c7:e8:3d:df:52:09:4d:8b:b5:65:30:b8:
08:80:89:94:dd:db:6d:24:b8:6b:c9:30:46:c7:7a:
43:07:54:c7:46:e6:99:7c:5f:47:ec:70:30:d1:f4:
5e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:9C:AE:75:BE:88:7C:10:5C:9B:1A:0B:83:0F:53:C9:48:82:79:F9
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/r5yudb6IfBBcmxoLgw9TyUiCefk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.242.55.0/24
Signature Algorithm: sha256WithRSAEncryption
94:7b:d9:93:90:f6:c7:93:5e:29:41:c3:15:b2:18:56:eb:bd:
80:2c:98:ed:88:36:e5:4a:75:22:ed:fa:cf:a7:a4:62:d0:0b:
ff:30:a0:5c:cb:58:18:91:a2:8e:5a:0f:74:51:33:6a:fa:40:
80:ce:94:41:99:d2:da:c3:88:dc:2e:fa:44:d4:8c:de:61:a1:
bd:a7:71:24:fa:7e:fd:ae:b6:d9:f5:62:dd:bd:19:ef:60:13:
07:06:fa:b6:a1:c4:5c:53:89:9a:bc:ad:b0:06:cc:8c:60:0e:
ea:51:71:cd:95:10:cd:26:36:33:f8:3d:7b:12:b4:7d:78:54:
46:b2:5f:21:58:25:63:ef:21:e1:d1:94:eb:9c:c4:2e:46:3a:
c3:66:2d:03:5f:ef:f3:0f:90:f9:6c:75:38:cb:db:7e:76:04:
fe:d5:cc:92:44:14:d7:9a:03:8b:2a:d8:77:f2:37:51:46:58:
ba:13:9b:dd:c1:92:f4:ff:d6:00:1e:13:b7:e2:d6:c0:4a:b0:
26:31:6b:28:71:2d:ad:dd:af:fa:50:bb:2b:4e:08:67:76:c4:
97:5c:10:50:80:c6:72:63:9e:6a:9c:22:66:85:c8:b2:e1:25:
ec:72:fb:26:7f:f1:d1:bc:6d:67:75:64:01:bf:30:07:de:71:
7c:7d:e2:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBkYaypF3agEKnVLQMTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjljYWU3NWJlODg3YzEwNWM5YjFhMGI4MzBmNTNjOTQ4ODI3OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QxsHDNkZ+1rONve4J3AoPFJwQtX
uKxS0CYydVcn3ZhicxCb+VtnWZ0Ej9ZAkB0aG0BS6AFs7KtD/UpcJVPo+Sgzfe+b
bxDL4BizPlGtC0ldyd8xEagzNwKQhD6u9xI1zaAQILLrSRznyrle5lTRzrEy+Fzr
d7fPopfre22bcAn7bL+bvEmq4BTP4SbgV2zz4UsIklyAlvbdxWt+evoaT91nZ/e/
6IYLr2NQk+tM07Sxa9mu14oTOHR8IS+cxC6eol+S5diYZpK0/97Wun8OSXyMFAHH
6D3fUglNi7VlMLgIgImU3dttJLhryTBGx3pDB1THRuaZfF9H7HAw0fRevwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+crnW+iHwQXJsaC4MPU8lIgnn5MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvcjV5dWRiNklmQkJjbXhvTGd3OVR5VWlDZWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPI3MA0G
CSqGSIb3DQEBCwUAA4IBAQCUe9mTkPbHk14pQcMVshhW672ALJjtiDblSnUi7frP
p6Ri0Av/MKBcy1gYkaKOWg90UTNq+kCAzpRBmdLaw4jcLvpE1IzeYaG9p3Ek+n79
rrbZ9WLdvRnvYBMHBvq2ocRcU4mavK2wBsyMYA7qUXHNlRDNJjYz+D17ErR9eFRG
sl8hWCVj7yHh0ZTrnMQuRjrDZi0DX+/zD5D5bHU4y9t+dgT+1cySRBTXmgOLKth3
8jdRRli6E5vdwZL0/9YAHhO34tbASrAmMWsocS2t3a/6ULsrTghndsSXXBBQgMZy
Y55qnCJmhciy4SXscvsmf/HRvG1ndWQBvzAH3nF8feIu
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:05 2025 by rpki-client