Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/uG74c7I0myUDPmZfaSmD4tc9rV4.roa
File: uG74c7I0myUDPmZfaSmD4tc9rV4.roa (raw, json)
Hash identifier: gFdqnU7r/rSwGKvKSrZSTL5gnMsfd1TYUTvAqWItcO8=
Subject key identifier: B8:6E:F8:73:B2:34:9B:25:03:3E:66:5F:69:29:83:E2:D7:3D:AD:5E
Certificate issuer: /CN=93c244be6b3affb6d4e547f2e1e3c5eac1b26ab2
Certificate serial: 019423698BB2DF8D35C826AEF76BFF87F832
Authority key identifier: 93:C2:44:BE:6B:3A:FF:B6:D4:E5:47:F2:E1:E3:C5:EA:C1:B2:6A:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k8JEvms6_7bU5Ufy4ePF6sGyarI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/uG74c7I0myUDPmZfaSmD4tc9rV4.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24585
IP address blocks: 80.255.96.0/20 maxlen: 20
80.255.96.0/22 maxlen: 22
2a0a:d000::/29 maxlen: 29
2a0a:d000::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8b:b2:df:8d:35:c8:26:ae:f7:6b:ff:87:f8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93c244be6b3affb6d4e547f2e1e3c5eac1b26ab2
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b86ef873b2349b25033e665f692983e2d73dad5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a9:15:5c:56:16:ed:88:16:ba:5d:47:62:c8:
a1:c7:33:15:e3:c8:d4:d3:29:70:2a:05:3d:06:0e:
2d:44:4f:7a:ed:91:41:41:13:a7:60:b2:dd:9c:59:
30:5e:7a:7b:7a:1a:59:49:30:ed:b1:f0:45:33:49:
94:3b:f7:d6:bc:37:74:75:bb:63:f6:fb:2e:b2:6a:
14:62:b4:ac:4e:a9:32:f0:b6:93:0e:7c:94:70:59:
aa:bd:42:b4:91:f9:e7:0d:8f:af:3e:c8:16:7c:89:
4b:00:01:15:3b:23:b7:a6:dc:4e:83:bb:9c:99:b1:
67:f8:c0:00:79:b8:05:6b:a8:a6:1f:15:86:7b:c8:
6e:83:14:c0:31:26:fd:53:42:b9:86:ae:f9:4c:25:
4d:66:b0:64:bb:7c:08:4b:e1:af:fa:9d:6e:a8:bf:
74:93:1e:c3:64:98:80:24:5d:98:0f:38:66:59:fd:
9c:4e:04:38:08:f0:3f:b8:0c:b1:68:15:17:67:c7:
92:2d:61:36:ed:df:d5:88:2f:cd:65:48:50:e9:9e:
a9:84:92:f5:99:c2:15:29:04:ad:bd:09:e7:8c:7f:
67:b4:5d:37:09:11:fd:7a:87:76:88:7d:46:b2:21:
16:e1:8b:da:f2:d4:cd:18:4d:94:3f:fe:2e:1f:31:
e2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6E:F8:73:B2:34:9B:25:03:3E:66:5F:69:29:83:E2:D7:3D:AD:5E
X509v3 Authority Key Identifier:
keyid:93:C2:44:BE:6B:3A:FF:B6:D4:E5:47:F2:E1:E3:C5:EA:C1:B2:6A:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k8JEvms6_7bU5Ufy4ePF6sGyarI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/uG74c7I0myUDPmZfaSmD4tc9rV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/501e8f-c7e1-4aa4-8583-66d74e73f254/1/k8JEvms6_7bU5Ufy4ePF6sGyarI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.255.96.0/20
IPv6:
2a0a:d000::/29
Signature Algorithm: sha256WithRSAEncryption
12:ef:5b:da:27:24:8a:ff:dd:d0:60:1e:8f:38:8b:3e:a5:08:
5c:ff:46:0d:ee:68:db:59:55:a3:ec:1a:c6:6d:55:99:f8:b4:
1a:97:c7:5f:51:ed:81:a3:04:e8:3e:f0:51:20:64:ee:d7:71:
8d:bd:0d:2b:b7:da:6a:d2:02:05:71:ad:3a:85:c3:f8:1f:e6:
8f:3b:2f:f1:e1:af:53:b6:ba:5f:80:19:2b:ad:47:30:79:ea:
c4:76:1f:6f:a7:8c:88:3d:8d:55:52:b7:e0:8d:e5:d9:f2:f9:
fd:14:ef:ba:a3:63:f5:f0:dc:c5:69:ed:d1:9f:dc:09:8d:35:
a5:a9:c4:b1:f2:31:89:01:95:08:76:4c:8e:35:5f:4a:65:da:
55:d1:44:75:22:3c:23:de:43:f5:d9:29:68:8d:32:a5:5f:18:
6d:a5:ee:e3:1b:a9:87:3f:c5:5e:92:fc:20:0e:bb:cc:b9:ad:
cc:8b:c3:8f:00:9a:aa:93:15:a2:5a:83:9f:74:76:fb:36:ba:
6d:f2:28:0e:84:fd:c0:74:dc:0d:5e:0d:93:5d:d7:e4:96:f9:
a3:84:ea:21:a2:34:33:e9:99:09:4c:48:cb:fc:f7:32:dc:42:
d3:d3:b7:15:eb:97:34:a1:b5:bf:13:5d:3c:91:73:3c:91:f0:
63:d8:79:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaYuy3401yCau92v/h/gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYzI0NGJlNmIzYWZmYjZkNGU1NDdmMmUxZTNjNWVhYzFi
MjZhYjIwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZlZjg3M2IyMzQ5YjI1MDMzZTY2NWY2OTI5ODNlMmQ3M2RhZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKkVXFYW7YgWul1HYsihxzMV48jU
0ylwKgU9Bg4tRE967ZFBQROnYLLdnFkwXnp7ehpZSTDtsfBFM0mUO/fWvDd0dbtj
9vsusmoUYrSsTqky8LaTDnyUcFmqvUK0kfnnDY+vPsgWfIlLAAEVOyO3ptxOg7uc
mbFn+MAAebgFa6imHxWGe8hugxTAMSb9U0K5hq75TCVNZrBku3wIS+Gv+p1uqL90
kx7DZJiAJF2YDzhmWf2cTgQ4CPA/uAyxaBUXZ8eSLWE27d/ViC/NZUhQ6Z6phJL1
mcIVKQStvQnnjH9ntF03CRH9eod2iH1GsiEW4Yva8tTNGE2UP/4uHzHi8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLhu+HOyNJslAz5mX2kpg+LXPa1eMB8GA1UdIwQY
MBaAFJPCRL5rOv+21OVH8uHjxerBsmqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazhKRXZtczZfN2JVNVVmeTRlUEY2c0d5YXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81MDFlOGYtYzdlMS00YWE0LTg1ODMt
NjZkNzRlNzNmMjU0LzEvdUc3NGM3STBteVVEUG1aZmFTbUQ0dGM5clY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81MDFlOGYtYzdlMS00YWE0LTg1ODMtNjZkNzRlNzNmMjU0
LzEvazhKRXZtczZfN2JVNVVmeTRlUEY2c0d5YXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUP9gMA0E
AgACMAcDBQMqCtAAMA0GCSqGSIb3DQEBCwUAA4IBAQAS71vaJySK/93QYB6POIs+
pQhc/0YN7mjbWVWj7BrGbVWZ+LQal8dfUe2BowToPvBRIGTu13GNvQ0rt9pq0gIF
ca06hcP4H+aPOy/x4a9TtrpfgBkrrUcweerEdh9vp4yIPY1VUrfgjeXZ8vn9FO+6
o2P18NzFae3Rn9wJjTWlqcSx8jGJAZUIdkyONV9KZdpV0UR1Ijwj3kP12SlojTKl
Xxhtpe7jG6mHP8VekvwgDrvMua3Mi8OPAJqqkxWiWoOfdHb7Nrpt8igOhP3AdNwN
Xg2TXdfklvmjhOohojQz6ZkJTEjL/Pcy3ELT07cV65c0obW/E108kXM8kfBj2HnG
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:28:27 2025 by rpki-client