Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Z9m8Ki9co7htrvZ6HsYoT-8mdPE.roa
File: Z9m8Ki9co7htrvZ6HsYoT-8mdPE.roa (raw, json)
Hash identifier: jWuzd7FexB7yy02FyDpdELYBlo3C/fdVgcPDTWzG27I=
Subject key identifier: 67:D9:BC:2A:2F:5C:A3:B8:6D:AE:F6:7A:1E:C6:28:4F:EF:26:74:F1
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAD79B9B08D6B7D3C4F1BB87C6A767
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Z9m8Ki9co7htrvZ6HsYoT-8mdPE.roa
Signing time: Sun 01 Jan 2023 14:44:47 +0000
ROA not before: Sun 01 Jan 2023 14:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8331
IP address blocks: 86.62.64.0/18 maxlen: 18
195.54.192.0/19 maxlen: 19
80.90.240.0/20 maxlen: 20
195.91.128.0/17 maxlen: 17
2a00:14d0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:d7:9b:9b:08:d6:b7:d3:c4:f1:bb:87:c6:a7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67d9bc2a2f5ca3b86daef67a1ec6284fef2674f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ee:46:bf:57:da:67:48:79:4f:fb:af:41:27:
1b:c2:c3:74:55:7e:81:3f:76:a9:f3:f8:d3:b6:07:
d7:9f:67:23:aa:5b:67:67:e1:0b:a4:ed:4c:c9:44:
bd:16:75:6b:14:d7:ce:ae:6b:71:bb:c4:ac:30:f8:
d8:71:ca:cb:db:eb:d7:dd:72:de:84:ae:c2:1b:41:
57:41:12:e7:a2:d1:b9:2f:49:68:47:b1:0a:1a:2c:
34:42:53:32:ce:e2:5d:de:7f:94:d0:b0:b4:4b:38:
34:b8:f3:2f:d7:e7:81:ba:43:24:19:50:65:62:ef:
ca:ef:f3:78:84:d4:a4:aa:d5:64:98:a9:10:1e:1b:
2c:61:ff:30:43:d8:c1:21:70:d6:da:fa:53:24:7e:
52:53:a0:bf:69:3f:49:48:87:21:af:70:37:db:32:
44:cd:1b:7f:0e:a7:56:d7:c9:71:11:d2:89:1c:41:
bc:8a:34:e7:dd:eb:9b:48:82:1a:a4:42:01:e9:66:
66:d3:17:2a:f4:b0:15:42:93:40:33:0b:ed:6d:15:
f7:0f:3a:77:5d:11:66:e7:70:6f:f4:cd:ab:a3:b3:
95:77:58:8a:2a:00:e2:d3:ae:ad:69:f9:cf:30:f1:
89:3b:58:2d:0d:65:15:db:4f:80:2d:57:f5:e5:c7:
08:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D9:BC:2A:2F:5C:A3:B8:6D:AE:F6:7A:1E:C6:28:4F:EF:26:74:F1
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Z9m8Ki9co7htrvZ6HsYoT-8mdPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.240.0/20
86.62.64.0/18
195.54.192.0/19
195.91.128.0/17
IPv6:
2a00:14d0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:a9:18:a3:05:d8:ba:67:7a:66:22:98:b9:46:a3:cb:9d:58:
74:c0:fa:3d:72:f9:ae:c9:b5:5a:6d:9a:a0:3f:05:63:4d:77:
39:af:2f:56:28:a8:c6:bf:7c:b7:e9:18:67:44:6a:3c:1f:82:
6b:08:e2:b1:93:e7:ec:81:2e:da:6f:8d:8c:63:a1:f4:45:c0:
f4:dd:de:d3:7d:2b:79:c5:5d:bd:49:a0:c7:4a:4c:b2:17:8b:
4b:f8:6e:d9:73:18:38:93:24:4b:5f:49:1b:11:44:43:bd:42:
d2:37:95:ae:02:8a:ad:86:09:b7:07:6d:c5:c7:f9:ba:0a:bb:
92:82:0c:d3:a5:0e:20:27:4b:ba:fd:78:45:b2:fa:7f:63:2b:
f3:cc:a0:bb:7e:a4:d7:1e:1c:70:37:5c:bf:7f:c2:a7:01:60:
3c:4c:05:b9:c1:6c:5b:cb:1a:53:55:06:15:fc:3c:cf:17:3f:
ab:b0:bb:c0:89:13:6f:d8:78:8e:e3:61:d7:9c:e8:fc:54:a5:
84:9f:24:1d:7c:da:0e:96:c4:81:9a:de:42:bb:d1:a2:f6:3a:
e0:ab:c6:9f:45:96:88:00:8f:c6:14:46:19:56:68:0b:27:74:
0b:5b:4e:a0:e6:1e:48:3a:6b:0d:32:59:1a:79:91:d5:46:d0:
7c:b4:9f:ad
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtytebmwjWt9PE8buHxqdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q5YmMyYTJmNWNhM2I4NmRhZWY2N2ExZWM2Mjg0ZmVmMjY3NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO5Gv1faZ0h5T/uvQScbwsN0VX6B
P3ap8/jTtgfXn2cjqltnZ+ELpO1MyUS9FnVrFNfOrmtxu8SsMPjYccrL2+vX3XLe
hK7CG0FXQRLnotG5L0loR7EKGiw0QlMyzuJd3n+U0LC0Szg0uPMv1+eBukMkGVBl
Yu/K7/N4hNSkqtVkmKkQHhssYf8wQ9jBIXDW2vpTJH5SU6C/aT9JSIchr3A32zJE
zRt/DqdW18lxEdKJHEG8ijTn3eubSIIapEIB6WZm0xcq9LAVQpNAMwvtbRX3Dzp3
XRFm53Bv9M2ro7OVd1iKKgDi066tafnPMPGJO1gtDWUV20+ALVf15ccIWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGfZvCovXKO4ba72eh7GKE/vJnTxMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvWjltOEtpOWNvN2h0cnZaNkhzWW9ULThtZFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUFrwAwQG
Vj5AAwQFwzbAAwQHw1uAMA0EAgACMAcDBQAqABTQMA0GCSqGSIb3DQEBCwUAA4IB
AQAsqRijBdi6Z3pmIpi5RqPLnVh0wPo9cvmuybVabZqgPwVjTXc5ry9WKKjGv3y3
6RhnRGo8H4JrCOKxk+fsgS7ab42MY6H0RcD03d7TfSt5xV29SaDHSkyyF4tL+G7Z
cxg4kyRLX0kbEURDvULSN5WuAoqthgm3B23Fx/m6CruSggzTpQ4gJ0u6/XhFsvp/
YyvzzKC7fqTXHhxwN1y/f8KnAWA8TAW5wWxbyxpTVQYV/DzPFz+rsLvAiRNv2HiO
42HXnOj8VKWEnyQdfNoOlsSBmt5Cu9Gi9jrgq8afRZaIAI/GFEYZVmgLJ3QLW06g
5h5IOmsNMlkaeZHVRtB8tJ+t
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:46 2025 by rpki-client