Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/6QFd9IdVpCQmItNCPxRFCrp9nKQ.roa
File: 6QFd9IdVpCQmItNCPxRFCrp9nKQ.roa (raw, json)
Hash identifier: bGmgyU+MRUomnlmMA4u5BiNJcGHkzxHgj+I3pHeo+G0=
Subject key identifier: E9:01:5D:F4:87:55:A4:24:26:22:D3:42:3F:14:45:0A:BA:7D:9C:A4
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 019426D89E5E04605B0EA88B3F1966D93B12
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/6QFd9IdVpCQmItNCPxRFCrp9nKQ.roa
Signing time: Thu 02 Jan 2025 11:48:37 +0000
ROA not before: Thu 02 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2027
IP address blocks: 80.67.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:9e:5e:04:60:5b:0e:a8:8b:3f:19:66:d9:3b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9015df48755a4242622d3423f14450aba7d9ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0c:54:ea:50:6b:d5:14:28:08:d1:92:78:b2:
98:af:a3:9b:e3:52:ce:b4:72:cf:0c:36:91:02:e3:
72:75:0c:5e:a5:6e:5a:21:c9:4d:11:9d:63:21:ca:
50:58:fd:58:49:f0:79:41:87:7a:10:67:4e:2f:4b:
14:20:53:eb:d5:a5:b5:38:7f:d1:1c:d5:08:7b:80:
85:fa:fc:1f:ae:6e:ba:a4:80:06:0a:2f:7f:5a:54:
74:12:a8:0c:9d:6b:30:a6:11:b0:0a:4e:22:dc:5a:
12:51:89:a3:4b:d4:16:c2:0c:4f:85:4b:c4:3e:b6:
3d:93:c5:3c:c1:93:5d:8a:c7:08:4a:20:0c:af:cf:
50:bd:c3:a1:65:54:37:cd:05:82:cc:85:13:63:72:
e3:f0:f9:62:bc:22:e3:fa:d1:e4:93:d9:a5:67:51:
5e:96:6f:44:a1:6e:08:7c:97:a9:59:cf:8f:37:b7:
a5:5f:6a:ea:28:54:fb:02:eb:ca:bf:3a:48:20:25:
29:4b:f4:66:38:d8:b1:26:e6:39:d9:9e:da:63:6b:
58:a9:39:90:1e:c7:cd:5f:cf:ff:26:d4:f5:37:74:
23:76:3b:98:0e:e8:65:df:a4:ca:37:dc:f5:1b:be:
00:d9:6e:b3:ec:55:76:ab:59:f7:37:f8:08:78:86:
a5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:01:5D:F4:87:55:A4:24:26:22:D3:42:3F:14:45:0A:BA:7D:9C:A4
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/6QFd9IdVpCQmItNCPxRFCrp9nKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.167.0/24
Signature Algorithm: sha256WithRSAEncryption
45:63:00:60:12:a9:22:2f:a7:5f:56:c5:73:57:0c:f6:0e:43:
8b:5f:f6:5f:d1:3c:4c:ad:6c:5e:cb:d2:d2:68:9f:01:1c:ba:
42:e8:4b:d0:6b:8c:f1:db:c6:61:bf:4b:68:e8:af:46:1f:8c:
96:0f:44:ec:fd:ba:22:41:7f:c1:9d:40:8a:19:c6:74:3a:00:
61:09:4e:1d:7f:f3:7a:5f:dc:ea:d8:6c:03:50:81:33:a3:24:
b5:50:8c:5b:15:e4:8c:18:e4:bb:d9:eb:9f:1c:7b:60:b0:54:
9e:3e:dc:d0:06:cf:a7:e7:e7:51:c9:85:e8:e9:6c:05:d5:fe:
45:57:d2:dd:1d:08:4c:39:ce:c4:35:a8:30:3c:db:06:17:ff:
1f:be:39:06:ef:1d:b9:93:4a:fe:72:87:42:5b:09:50:3d:52:
d7:25:3d:c6:3d:4b:9c:59:02:dc:09:c1:ec:5a:9a:87:5a:49:
9b:a2:e5:1e:b4:c6:16:15:f9:05:bb:b7:e8:ee:b0:e3:94:08:
5e:36:d1:bb:43:5e:74:35:f4:f5:99:19:69:04:39:be:0a:99:
d2:79:38:5e:bb:5b:f4:c1:12:b5:7c:6c:7c:23:e3:47:2e:7d:
c3:5b:00:ca:de:91:b1:6c:d2:9d:0c:56:20:07:92:c3:11:89:
e4:3c:0c:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2J5eBGBbDqiLPxlm2TsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjUwMTAyMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTAxNWRmNDg3NTVhNDI0MjYyMmQzNDIzZjE0NDUwYWJhN2Q5Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gxU6lBr1RQoCNGSeLKYr6Ob41LO
tHLPDDaRAuNydQxepW5aIclNEZ1jIcpQWP1YSfB5QYd6EGdOL0sUIFPr1aW1OH/R
HNUIe4CF+vwfrm66pIAGCi9/WlR0EqgMnWswphGwCk4i3FoSUYmjS9QWwgxPhUvE
PrY9k8U8wZNdiscISiAMr89QvcOhZVQ3zQWCzIUTY3Lj8PlivCLj+tHkk9mlZ1Fe
lm9EoW4IfJepWc+PN7elX2rqKFT7AuvKvzpIICUpS/RmONixJuY52Z7aY2tYqTmQ
HsfNX8//JtT1N3QjdjuYDuhl36TKN9z1G74A2W6z7FV2q1n3N/gIeIalmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOkBXfSHVaQkJiLTQj8URQq6fZykMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvNlFGZDlJZFZwQ1FtSXROQ1B4UkZDcnA5bktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEOnMA0G
CSqGSIb3DQEBCwUAA4IBAQBFYwBgEqkiL6dfVsVzVwz2DkOLX/Zf0TxMrWxey9LS
aJ8BHLpC6EvQa4zx28Zhv0to6K9GH4yWD0Ts/boiQX/BnUCKGcZ0OgBhCU4df/N6
X9zq2GwDUIEzoyS1UIxbFeSMGOS72eufHHtgsFSePtzQBs+n5+dRyYXo6WwF1f5F
V9LdHQhMOc7ENagwPNsGF/8fvjkG7x25k0r+codCWwlQPVLXJT3GPUucWQLcCcHs
WpqHWkmbouUetMYWFfkFu7fo7rDjlAheNtG7Q150NfT1mRlpBDm+CpnSeTheu1v0
wRK1fGx8I+NHLn3DWwDK3pGxbNKdDFYgB5LDEYnkPAwU
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:38 2025 by rpki-client