Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/kGaq4GlYS5dnoubynEZLVRb4_Gs.roa
File: kGaq4GlYS5dnoubynEZLVRb4_Gs.roa (raw, json)
Hash identifier: zyHQqCOGpixH4xmG0fcfaWg9C2t7K8x7Jzrx6e7i/NM=
Subject key identifier: 90:66:AA:E0:69:58:4B:97:67:A2:E6:F2:9C:46:4B:55:16:F8:FC:6B
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 0187DB6A8271FABCDA77F046B5BE272D4230
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/kGaq4GlYS5dnoubynEZLVRb4_Gs.roa
Signing time: Tue 02 May 2023 07:43:23 +0000
ROA not before: Tue 02 May 2023 07:43:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207816
IP address blocks: 80.67.166.0/24 maxlen: 24
2001:913:7000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:6a:82:71:fa:bc:da:77:f0:46:b5:be:27:2d:42:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: May 2 07:43:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9066aae069584b9767a2e6f29c464b5516f8fc6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:3c:4e:47:ad:e8:85:bf:9c:20:16:fc:0d:
b2:f9:81:4f:34:95:32:ef:ea:28:f8:f1:89:47:68:
44:1e:d5:63:b9:98:c5:f5:26:2d:1b:c8:89:8a:5e:
39:53:fe:08:46:d2:70:f6:02:2b:c5:54:69:1e:34:
6a:64:57:47:31:f1:e6:d3:5e:e9:e5:8c:16:74:53:
51:3b:c6:bd:c8:7e:00:32:e7:cd:8c:d1:e5:84:48:
d0:84:85:b5:e6:c1:85:53:ba:44:d0:a9:dd:e7:13:
a0:7c:01:53:f5:89:c0:54:41:37:28:40:98:9c:c1:
b6:66:08:f9:49:33:c1:17:65:41:4a:50:4b:1f:32:
06:4b:a7:74:6a:97:b7:58:63:d6:43:88:cd:28:0a:
5c:49:33:02:c9:e3:82:d0:70:31:7d:09:df:3e:72:
62:ad:e7:08:ad:2d:2b:b3:bf:40:53:bf:06:ae:1e:
d1:0a:9d:21:33:1a:c8:25:e1:3f:35:82:13:ff:93:
1a:7d:81:ce:ee:bf:1f:a2:69:0a:2c:51:83:15:66:
b8:89:d6:1f:b7:86:64:95:5f:77:cc:8e:0e:88:ec:
e6:b2:d3:77:bf:33:47:98:61:93:71:9a:f2:94:23:
39:19:81:39:a0:dd:0e:ad:3b:db:75:56:f0:96:77:
fa:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:66:AA:E0:69:58:4B:97:67:A2:E6:F2:9C:46:4B:55:16:F8:FC:6B
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/kGaq4GlYS5dnoubynEZLVRb4_Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.166.0/24
IPv6:
2001:913:7000::/36
Signature Algorithm: sha256WithRSAEncryption
2b:9a:99:08:78:94:14:90:44:17:ad:f4:a2:d4:88:bd:eb:bb:
ed:24:2c:da:ee:9a:cd:40:87:5b:e9:a5:18:fa:3a:56:82:91:
49:64:f2:73:a2:9a:ca:10:aa:fc:b9:04:3f:29:cd:1b:08:b6:
4b:8e:0c:03:87:96:29:37:35:01:05:ed:b5:34:38:b1:c2:07:
d8:8e:93:7b:ef:89:f0:ca:dd:8c:ee:4d:e5:a3:6a:4a:ce:4d:
c0:46:0b:c3:74:f0:f4:ad:b9:a0:68:28:79:5f:c5:43:d9:90:
e1:62:c2:1a:83:f2:9f:09:99:3e:1a:5d:61:53:d1:62:76:08:
6b:37:41:1d:d6:f4:e2:f8:43:7b:05:b7:81:aa:4e:23:50:73:
64:94:e4:55:3e:5d:32:51:ec:ee:0b:3d:49:c5:56:eb:fd:9b:
3b:a7:f8:e5:87:86:0f:a5:6a:b4:5f:e9:82:c2:98:18:b6:a7:
da:48:ff:ac:43:90:f5:e7:ca:11:31:cb:5e:20:76:05:38:b9:
29:24:6a:f6:99:4c:4c:c0:69:6f:23:9e:ec:cd:ae:a1:27:12:
45:d8:fd:a8:22:44:69:8e:c1:5d:c2:3a:c6:38:e6:a7:1a:5e:
ca:f3:aa:9d:fe:83:71:ff:49:22:c2:7e:65:00:5d:de:70:0d:
e8:d4:eb:9b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYfbaoJx+rzad/BGtb4nLUIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjMwNTAyMDc0MzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY2YWFlMDY5NTg0Yjk3NjdhMmU2ZjI5YzQ2NGI1NTE2ZjhmYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfQ8Tket6IW/nCAW/A2y+YFPNJUy
7+oo+PGJR2hEHtVjuZjF9SYtG8iJil45U/4IRtJw9gIrxVRpHjRqZFdHMfHm017p
5YwWdFNRO8a9yH4AMufNjNHlhEjQhIW15sGFU7pE0Knd5xOgfAFT9YnAVEE3KECY
nMG2Zgj5STPBF2VBSlBLHzIGS6d0ape3WGPWQ4jNKApcSTMCyeOC0HAxfQnfPnJi
recIrS0rs79AU78Grh7RCp0hMxrIJeE/NYIT/5MafYHO7r8fomkKLFGDFWa4idYf
t4ZklV93zI4OiOzmstN3vzNHmGGTcZrylCM5GYE5oN0OrTvbdVbwlnf6ywIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJBmquBpWEuXZ6Lm8pxGS1UW+PxrMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEva0dhcTRHbFlTNWRub3VieW5FWkxWUmI0X0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAUEOmMA4E
AgACMAgDBgQgAQkTcDANBgkqhkiG9w0BAQsFAAOCAQEAK5qZCHiUFJBEF630otSI
veu77SQs2u6azUCHW+mlGPo6VoKRSWTyc6KayhCq/LkEPynNGwi2S44MA4eWKTc1
AQXttTQ4scIH2I6Te++J8MrdjO5N5aNqSs5NwEYLw3Tw9K25oGgoeV/FQ9mQ4WLC
GoPynwmZPhpdYVPRYnYIazdBHdb04vhDewW3gapOI1BzZJTkVT5dMlHs7gs9ScVW
6/2bO6f45YeGD6VqtF/pgsKYGLan2kj/rEOQ9efKETHLXiB2BTi5KSRq9plMTMBp
byOe7M2uoScSRdj9qCJEaY7BXcI6xjjmpxpeyvOqnf6Dcf9JIsJ+ZQBd3nAN6NTr
mw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:53:37 2025 by rpki-client