Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/fKz1-9xo27dZ2S0IPacWOZTZsy4.roa
File: fKz1-9xo27dZ2S0IPacWOZTZsy4.roa (raw, json)
Hash identifier: Km7ntY5vzUDI+if2xFqUXvoglWfTB7cuYK1InFbKqaw=
Subject key identifier: 7C:AC:F5:FB:DC:68:DB:B7:59:D9:2D:08:3D:A7:16:39:94:D9:B3:2E
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA488EBE0903851C66B8ED51796ADF
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/fKz1-9xo27dZ2S0IPacWOZTZsy4.roa
Signing time: Wed 01 Jan 2025 03:48:03 +0000
ROA not before: Wed 01 Jan 2025 03:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24640
IP address blocks: 80.86.181.0/24 maxlen: 24
80.86.182.0/23 maxlen: 23
81.209.180.0/22 maxlen: 22
81.209.196.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:48:8e:be:09:03:85:1c:66:b8:ed:51:79:6a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cacf5fbdc68dbb759d92d083da7163994d9b32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:86:9e:3a:2b:f6:cd:fe:ef:22:44:21:f1:
d1:75:99:17:9f:f3:d0:60:75:61:6f:08:4e:5e:2b:
fb:48:81:cd:23:66:07:03:21:44:a6:a7:3b:6b:0d:
a8:1e:be:6f:9f:ab:7e:43:a4:80:37:89:4e:d9:3e:
e9:b4:0c:bf:f4:97:31:13:20:9c:37:91:e3:cb:1a:
61:1e:80:89:20:be:23:4f:81:06:1f:39:15:7e:01:
f8:eb:a7:fb:ed:48:88:47:9e:2e:5b:4c:02:93:3f:
3d:8c:49:77:82:fc:7f:9d:29:ae:4c:6f:a1:8d:2c:
c8:4a:2a:5f:d1:33:8d:65:68:f7:76:c2:9e:1e:36:
c6:30:5c:b1:0d:0a:51:44:04:7d:ed:2b:cc:cb:a7:
17:bb:d3:3d:b1:ef:08:db:57:e9:d3:3a:7e:f4:2e:
44:ca:80:6d:46:38:e9:1a:c6:9e:1b:41:af:e2:ab:
18:db:d7:cb:34:dc:35:29:cd:03:88:21:ab:4d:2d:
6b:cd:4d:15:db:4c:68:e5:37:49:28:41:2a:03:fe:
91:42:2a:9e:92:53:75:a5:b5:3a:89:df:03:7c:ee:
80:9c:ed:ee:79:a3:e9:93:26:18:1d:9c:83:b5:1c:
ab:d1:57:35:99:40:53:4b:be:0e:d9:d5:1b:99:84:
2d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:AC:F5:FB:DC:68:DB:B7:59:D9:2D:08:3D:A7:16:39:94:D9:B3:2E
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/fKz1-9xo27dZ2S0IPacWOZTZsy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.181.0-80.86.183.255
81.209.180.0/22
81.209.196.0/22
Signature Algorithm: sha256WithRSAEncryption
56:d1:bd:c9:54:38:d2:a9:08:cb:6c:7d:60:31:b0:5d:bb:71:
5b:e7:c4:48:ba:82:15:aa:a7:35:75:18:8f:39:bd:2a:42:35:
9f:f4:f2:ac:2c:b3:93:07:f8:47:54:28:99:b4:e0:13:aa:c4:
dd:9f:3d:f1:3a:ce:fc:a7:24:5c:e9:2a:66:9d:0f:ef:f7:e9:
b0:ce:cc:f8:f2:f1:74:2f:2a:6e:e1:75:1b:49:05:76:c1:e0:
cc:ca:a4:44:36:d9:bb:ca:c4:b0:81:09:b8:55:f6:40:a7:a7:
99:3a:92:a7:36:b6:96:17:23:a3:be:93:93:9b:77:92:60:20:
78:db:c8:95:44:8b:e2:e6:56:ad:b6:a3:6c:7e:77:29:bd:df:
76:d7:40:60:87:d4:ba:d0:a8:5f:d8:99:9f:14:4b:5c:28:8c:
53:1e:10:6d:ac:3b:9a:4d:fd:d1:bd:38:83:94:7e:54:94:d2:
de:2f:be:63:bc:80:b9:dc:b9:29:e4:5d:b0:7a:a1:8d:b0:4d:
70:5c:78:06:26:d2:0e:ec:49:1c:4c:30:ea:f6:f7:ad:11:fc:
81:93:52:4c:c1:ab:ee:68:76:53:5e:fa:18:96:af:62:16:32:
7c:0a:a4:b0:8f:77:dc:7c:35:a1:0a:11:80:d4:fa:50:9c:58:
b8:b3:81:8d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQf+kiOvgkDhRxmuO1ReWrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2FjZjVmYmRjNjhkYmI3NTlkOTJkMDgzZGE3MTYzOTk0ZDliMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsiGnjor9s3+7yJEIfHRdZkXn/PQ
YHVhbwhOXiv7SIHNI2YHAyFEpqc7aw2oHr5vn6t+Q6SAN4lO2T7ptAy/9JcxEyCc
N5HjyxphHoCJIL4jT4EGHzkVfgH466f77UiIR54uW0wCkz89jEl3gvx/nSmuTG+h
jSzISipf0TONZWj3dsKeHjbGMFyxDQpRRAR97SvMy6cXu9M9se8I21fp0zp+9C5E
yoBtRjjpGsaeG0Gv4qsY29fLNNw1Kc0DiCGrTS1rzU0V20xo5TdJKEEqA/6RQiqe
klN1pbU6id8DfO6AnO3ueaPpkyYYHZyDtRyr0Vc1mUBTS74O2dUbmYQtJwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHys9fvcaNu3WdktCD2nFjmU2bMuMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvZkt6MS05eG8yN2RaMlMwSVBhY1dPWlRac3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABQVrUD
BANQVrADBAJR0bQDBAJR0cQwDQYJKoZIhvcNAQELBQADggEBAFbRvclUONKpCMts
fWAxsF27cVvnxEi6ghWqpzV1GI85vSpCNZ/08qwss5MH+EdUKJm04BOqxN2fPfE6
zvynJFzpKmadD+/36bDOzPjy8XQvKm7hdRtJBXbB4MzKpEQ22bvKxLCBCbhV9kCn
p5k6kqc2tpYXI6O+k5Obd5JgIHjbyJVEi+LmVq22o2x+dym933bXQGCH1LrQqF/Y
mZ8US1wojFMeEG2sO5pN/dG9OIOUflSU0t4vvmO8gLncuSnkXbB6oY2wTXBceAYm
0g7sSRxMMOr2960R/IGTUkzBq+5odlNe+hiWr2IWMnwKpLCPd9x8NaEKEYDU+lCc
WLizgY0=
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:02:55 2025 by rpki-client