Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/rCglPn4knwgWeE7oLxm6sX7WFlI.roa
File: rCglPn4knwgWeE7oLxm6sX7WFlI.roa (raw, json)
Hash identifier: wKFZrWQvHUIDP0fnVkeuzqCpYiJl4+aOfjYBOGOYUoQ=
Subject key identifier: AC:28:25:3E:7E:24:9F:08:16:78:4E:E8:2F:19:BA:B1:7E:D6:16:52
Certificate issuer: /CN=798d7013a7fdbb5663fd384a4fed12303145e3ce
Certificate serial: 019421B1CB91479AEA188E0E949F750B064C
Authority key identifier: 79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/rCglPn4knwgWeE7oLxm6sX7WFlI.roa
Signing time: Wed 01 Jan 2025 11:48:07 +0000
ROA not before: Wed 01 Jan 2025 11:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59717
IP address blocks: 45.80.124.0/22 maxlen: 22
91.239.72.0/24 maxlen: 24
2a0e:4280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:cb:91:47:9a:ea:18:8e:0e:94:9f:75:0b:06:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798d7013a7fdbb5663fd384a4fed12303145e3ce
Validity
Not Before: Jan 1 11:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac28253e7e249f0816784ee82f19bab17ed61652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1a:c2:ac:25:19:f9:10:01:ea:9c:27:4e:4a:
58:9b:bd:81:52:ca:1c:7a:c8:3c:30:65:de:89:3a:
d6:3a:73:cc:8e:6f:ef:4e:3d:6d:fd:e9:31:18:63:
7a:9a:67:91:2a:31:4d:fe:e2:35:5c:fe:ed:67:2a:
63:1d:89:77:9e:02:62:6c:5b:17:91:42:7c:6b:56:
7b:59:eb:90:75:7d:92:fb:ca:28:7d:5e:fc:2c:c9:
60:58:43:6d:dc:f0:b9:ea:19:f5:33:46:51:f7:d1:
69:22:0e:c3:2f:f1:c2:fe:35:d8:75:0f:dc:c9:6b:
00:a3:c8:28:45:40:83:5a:18:0c:f1:98:91:ab:86:
eb:c9:16:13:2e:fe:eb:ea:55:52:74:b0:f3:0b:cc:
77:77:f2:d4:45:97:41:1d:3d:64:96:6b:d6:11:00:
9b:00:d9:8a:0a:da:d4:24:fd:34:6f:89:fb:c0:1d:
04:65:58:f1:c0:5e:d0:31:9b:2a:42:34:95:e6:7b:
39:25:1c:39:16:62:cd:00:6b:eb:12:8a:c0:cb:73:
08:42:a6:81:36:34:28:d9:5c:5e:34:a8:26:d5:3e:
99:02:ad:e8:b5:7d:7e:a2:f1:79:d9:01:f2:7a:09:
d2:45:be:c8:a9:81:61:a0:e5:5f:82:94:49:f6:e8:
04:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:28:25:3E:7E:24:9F:08:16:78:4E:E8:2F:19:BA:B1:7E:D6:16:52
X509v3 Authority Key Identifier:
keyid:79:8D:70:13:A7:FD:BB:56:63:FD:38:4A:4F:ED:12:30:31:45:E3:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY1wE6f9u1Zj_ThKT-0SMDFF484.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/rCglPn4knwgWeE7oLxm6sX7WFlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/67a4ce-b8ba-4562-9a37-24d818ba7f29/1/eY1wE6f9u1Zj_ThKT-0SMDFF484.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.124.0/22
91.239.72.0/24
IPv6:
2a0e:4280::/29
Signature Algorithm: sha256WithRSAEncryption
b7:a6:93:a8:0a:be:fe:a5:81:71:93:50:7f:ed:ab:98:5d:d9:
e3:19:ca:0f:ba:ae:dd:ca:c6:bb:24:5f:f1:19:af:ff:38:aa:
c6:be:18:a4:21:e9:e9:86:66:c9:29:46:cb:3f:a4:bb:6c:ca:
f6:54:9f:f5:9b:49:fd:83:b4:6e:b9:93:8d:99:2f:09:6c:f5:
4f:a6:42:dc:8f:9b:3a:9c:26:6b:95:ee:b1:db:5c:40:bb:84:
9c:ec:a0:5b:69:cd:00:95:f0:0d:e5:ea:cd:c0:a7:de:e5:27:
30:3c:8c:be:a8:37:2f:b8:b6:51:49:a6:0b:3a:55:58:4b:f5:
ed:58:2e:c2:4c:86:ed:97:f1:40:8b:5b:b2:ca:91:aa:9f:6b:
b8:60:34:25:6a:f1:80:3a:fb:98:e1:84:92:5a:10:4e:d9:73:
22:9b:be:dc:a4:11:d8:a3:8f:fd:5e:70:ec:10:95:da:22:83:
2f:cc:14:47:ea:c3:d2:05:76:ff:d1:82:dd:ec:90:d1:01:11:
87:71:d9:6e:36:80:bb:b8:14:3f:14:10:e0:fc:0b:da:2a:66:
3b:75:e0:78:c6:bf:6f:90:a6:e5:07:71:00:15:68:c1:e4:2a:
06:e0:94:2c:e4:3b:c5:48:00:b1:4a:49:45:61:17:c1:f6:e9:
3f:1b:a5:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhscuRR5rqGI4OlJ91CwZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGQ3MDEzYTdmZGJiNTY2M2ZkMzg0YTRmZWQxMjMwMzE0
NWUzY2UwHhcNMjUwMTAxMTE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzI4MjUzZTdlMjQ5ZjA4MTY3ODRlZTgyZjE5YmFiMTdlZDYxNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxrCrCUZ+RAB6pwnTkpYm72BUsoc
esg8MGXeiTrWOnPMjm/vTj1t/ekxGGN6mmeRKjFN/uI1XP7tZypjHYl3ngJibFsX
kUJ8a1Z7WeuQdX2S+8oofV78LMlgWENt3PC56hn1M0ZR99FpIg7DL/HC/jXYdQ/c
yWsAo8goRUCDWhgM8ZiRq4bryRYTLv7r6lVSdLDzC8x3d/LURZdBHT1klmvWEQCb
ANmKCtrUJP00b4n7wB0EZVjxwF7QMZsqQjSV5ns5JRw5FmLNAGvrEorAy3MIQqaB
NjQo2VxeNKgm1T6ZAq3otX1+ovF52QHyegnSRb7IqYFhoOVfgpRJ9ugE7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKwoJT5+JJ8IFnhO6C8ZurF+1hZSMB8GA1UdIwQY
MBaAFHmNcBOn/btWY/04Sk/tEjAxRePOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVkxd0U2Zjl1MVpqX1RoS1QtMFNNREZGNDg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82N2E0Y2UtYjhiYS00NTYyLTlhMzct
MjRkODE4YmE3ZjI5LzEvckNnbFBuNGtud2dXZUU3b0x4bTZzWDdXRmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82N2E0Y2UtYjhiYS00NTYyLTlhMzctMjRkODE4YmE3ZjI5
LzEvZVkxd0U2Zjl1MVpqX1RoS1QtMFNNREZGNDg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVB8AwQA
W+9IMA0EAgACMAcDBQMqDkKAMA0GCSqGSIb3DQEBCwUAA4IBAQC3ppOoCr7+pYFx
k1B/7auYXdnjGcoPuq7dysa7JF/xGa//OKrGvhikIenphmbJKUbLP6S7bMr2VJ/1
m0n9g7RuuZONmS8JbPVPpkLcj5s6nCZrle6x21xAu4Sc7KBbac0AlfAN5erNwKfe
5ScwPIy+qDcvuLZRSaYLOlVYS/XtWC7CTIbtl/FAi1uyypGqn2u4YDQlavGAOvuY
4YSSWhBO2XMim77cpBHYo4/9XnDsEJXaIoMvzBRH6sPSBXb/0YLd7JDRARGHcdlu
NoC7uBQ/FBDg/AvaKmY7deB4xr9vkKblB3EAFWjB5CoG4JQs5DvFSACxSklFYRfB
9uk/G6V5
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:28:13 2025 by rpki-client