Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/MAosgxzDutpxyuBzyiWQsAPRm1U.roa
File: MAosgxzDutpxyuBzyiWQsAPRm1U.roa (raw, json)
Hash identifier: SgQZBmKXmGTotEmMgcw8FPIqeqxirfIbPogTHib4Nn8=
Subject key identifier: 30:0A:2C:83:1C:C3:BA:DA:71:CA:E0:73:CA:25:90:B0:03:D1:9B:55
Certificate issuer: /CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Certificate serial: 0185F8231A8636981CBD4C060FD52949687A
Authority key identifier: 53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/MAosgxzDutpxyuBzyiWQsAPRm1U.roa
Signing time: Sat 28 Jan 2023 11:28:48 +0000
ROA not before: Sat 28 Jan 2023 11:28:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8282
IP address blocks: 80.252.112.0/22 maxlen: 24
80.252.112.0/20 maxlen: 20
80.252.116.0/22 maxlen: 24
194.70.36.0/24 maxlen: 24
80.252.120.0/22 maxlen: 24
80.252.124.0/22 maxlen: 24
84.246.192.0/21 maxlen: 21
93.188.176.0/21 maxlen: 21
2a01:2c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f8:23:1a:86:36:98:1c:bd:4c:06:0f:d5:29:49:68:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Validity
Not Before: Jan 28 11:28:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300a2c831cc3bada71cae073ca2590b003d19b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4c:a0:8d:54:c3:68:42:3a:09:85:49:07:94:
8f:c2:1a:c7:09:bb:d4:fa:ec:9e:37:d2:8c:79:b3:
9c:b8:03:87:03:3e:c0:7c:ca:4f:fb:88:52:cf:48:
cf:c6:91:05:73:8b:b4:e6:8f:11:a5:60:d0:b5:6c:
19:dd:81:1d:f5:f1:c4:e9:1e:26:b1:d3:ec:54:f2:
15:4d:df:61:0a:eb:3e:30:05:d9:7a:89:f8:89:ce:
48:a6:83:a4:75:a8:96:1f:d8:58:c5:db:15:35:2a:
cc:4f:01:cf:ed:89:fd:98:7e:9c:ec:51:8a:2c:69:
89:ec:f3:57:26:11:c9:95:e8:f2:39:75:d5:61:34:
f1:09:24:dc:7e:11:05:32:3a:3b:08:57:53:7d:a8:
6b:0f:91:59:a8:2d:84:b0:35:02:93:ac:7a:de:32:
7a:37:8f:e5:8e:60:b4:19:bb:90:bd:7b:d7:dc:60:
29:75:dd:3d:a9:ce:8e:ed:a8:5d:75:46:45:aa:da:
2f:23:41:e0:ae:e7:57:a7:98:4d:05:3e:25:b2:a4:
32:02:0a:c3:d8:ea:28:a3:44:44:d7:09:b7:16:4d:
8a:d2:3f:ba:8b:7c:bb:7c:3b:b8:a3:18:af:a8:d2:
44:64:fc:e5:07:da:47:c2:f3:01:3f:3c:cf:ac:b1:
ef:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0A:2C:83:1C:C3:BA:DA:71:CA:E0:73:CA:25:90:B0:03:D1:9B:55
X509v3 Authority Key Identifier:
keyid:53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/MAosgxzDutpxyuBzyiWQsAPRm1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.112.0/20
84.246.192.0/21
93.188.176.0/21
194.70.36.0/24
IPv6:
2a01:2c0::/32
Signature Algorithm: sha256WithRSAEncryption
20:db:22:2e:11:d8:55:b9:62:aa:81:07:8e:02:35:2c:21:0f:
38:f3:b9:7f:4a:11:1d:79:7a:f7:60:fe:0a:3c:07:d9:04:73:
c1:c9:c4:b0:f3:ff:73:0c:c7:43:26:b4:d5:72:21:25:8e:51:
3b:8e:65:e0:14:9c:cc:4a:3b:22:6f:78:45:f6:a3:59:3b:0a:
ee:dc:71:f6:98:3d:24:0c:0a:d4:e0:e6:65:8b:55:6d:2e:60:
9a:2f:7c:a9:d2:fa:64:6e:e0:02:a6:85:b5:36:31:e7:c7:a7:
62:23:fb:c9:dd:d4:77:22:a3:d8:05:03:60:83:8a:ff:7c:82:
0d:5c:d5:ac:32:dd:ff:98:cd:98:8c:8c:ac:bd:5f:c8:38:98:
3c:7e:c7:23:0b:3e:49:5a:b4:fd:7a:cb:fd:bf:5f:1a:b5:13:
28:74:b8:81:4b:d9:4b:4f:ad:08:f0:aa:19:69:97:f3:15:26:
e6:6e:39:34:ef:05:9d:a7:6d:9d:5f:36:6f:a2:c2:fd:72:89:
1c:31:e0:38:db:35:cb:7c:0e:48:de:c6:e9:f2:fa:7e:08:1a:
58:0e:3f:05:b6:08:f6:0e:7a:c8:8a:c4:9c:28:d4:8f:08:7e:
c2:ed:27:04:69:10:c4:63:1e:24:8b:5c:2a:82:45:7d:17:55:
47:00:b2:55
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYX4IxqGNpgcvUwGD9UpSWh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzODlhYjliN2ZkNWZkZmQwNGY1MWFmODg3M2NkZjliMjRk
MDgzODAwHhcNMjMwMTI4MTEyODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBhMmM4MzFjYzNiYWRhNzFjYWUwNzNjYTI1OTBiMDAzZDE5YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEygjVTDaEI6CYVJB5SPwhrHCbvU
+uyeN9KMebOcuAOHAz7AfMpP+4hSz0jPxpEFc4u05o8RpWDQtWwZ3YEd9fHE6R4m
sdPsVPIVTd9hCus+MAXZeon4ic5IpoOkdaiWH9hYxdsVNSrMTwHP7Yn9mH6c7FGK
LGmJ7PNXJhHJlejyOXXVYTTxCSTcfhEFMjo7CFdTfahrD5FZqC2EsDUCk6x63jJ6
N4/ljmC0GbuQvXvX3GApdd09qc6O7ahddUZFqtovI0HgrudXp5hNBT4lsqQyAgrD
2Oooo0RE1wm3Fk2K0j+6i3y7fDu4oxivqNJEZPzlB9pHwvMBPzzPrLHvMwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDAKLIMcw7raccrgc8olkLAD0ZtVMB8GA1UdIwQY
MBaAFFOJq5t/1f39BPUa+Ic835sk0IOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEt
MzRmNzYxMDM1MzYwLzEvTUFvc2d4ekR1dHB4eXVCenlpV1FzQVBSbTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEtMzRmNzYxMDM1MzYw
LzEvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPxwAwQD
VPbAAwQDXbywAwQAwkYkMA0EAgACMAcDBQAqAQLAMA0GCSqGSIb3DQEBCwUAA4IB
AQAg2yIuEdhVuWKqgQeOAjUsIQ8487l/ShEdeXr3YP4KPAfZBHPBycSw8/9zDMdD
JrTVciEljlE7jmXgFJzMSjsib3hF9qNZOwru3HH2mD0kDArU4OZli1VtLmCaL3yp
0vpkbuACpoW1NjHnx6diI/vJ3dR3IqPYBQNgg4r/fIINXNWsMt3/mM2YjIysvV/I
OJg8fscjCz5JWrT9esv9v18atRModLiBS9lLT60I8KoZaZfzFSbmbjk07wWdp22d
XzZvosL9cokcMeA42zXLfA5I3sbp8vp+CBpYDj8Ftgj2DnrIisScKNSPCH7C7ScE
aRDEYx4ki1wqgkV9F1VHALJV
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:08:01 2025 by rpki-client