Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/aKxP-LQXs1sg-9C_d_AHsIbLXAM.roa
File: aKxP-LQXs1sg-9C_d_AHsIbLXAM.roa (raw, json)
Hash identifier: tX+S3uYnaP0B+07ZCt3Svjzgo03yyqPiVx80MjcEN4w=
Subject key identifier: 68:AC:4F:F8:B4:17:B3:5B:20:FB:D0:BF:77:F0:07:B0:86:CB:5C:03
Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6
Certificate serial: 0184E6F3FD02E9D9D52CBC7DD16DBF215F6E
Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/aKxP-LQXs1sg-9C_d_AHsIbLXAM.roa
Signing time: Tue 06 Dec 2022 10:21:00 +0000
ROA not before: Tue 06 Dec 2022 10:21:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20764
IP address blocks: 79.141.208.0/20 maxlen: 20
80.64.96.0/20 maxlen: 20
80.64.98.28/32 maxlen: 32
185.5.160.0/22 maxlen: 22
81.27.240.0/20 maxlen: 20
2a00:1c28::/29 maxlen: 29
2a00:1c28::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:f3:fd:02:e9:d9:d5:2c:bc:7d:d1:6d:bf:21:5f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6
Validity
Not Before: Dec 6 10:21:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68ac4ff8b417b35b20fbd0bf77f007b086cb5c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ec:a2:2d:9f:ab:e5:3f:44:5b:2b:ca:a3:f6:
2e:36:86:cf:92:a3:a7:51:e7:b6:c5:32:6a:fd:eb:
bb:18:5b:5d:fc:f4:90:e3:f3:db:1d:3f:aa:e5:89:
26:60:d7:31:28:d7:2d:92:89:dc:c7:c0:a6:d7:b2:
b6:a5:21:f3:52:4b:cb:b9:39:02:79:5c:54:a6:d6:
3b:a6:48:ff:40:08:0c:34:fc:92:a7:f7:03:e2:d5:
5a:c3:e5:35:f5:ac:cd:97:84:1c:41:21:c4:2c:2d:
81:fc:3f:e5:ae:3f:e7:d5:6b:6e:a2:f7:9b:ce:e2:
2f:fd:d7:16:6e:04:67:0d:f9:c3:5c:56:f7:54:b2:
fa:ce:d8:97:95:56:83:f9:8b:47:3a:52:48:63:5f:
7b:94:0c:1b:ec:48:0a:83:7b:6a:9a:8c:78:32:4e:
41:0e:06:49:42:5f:4d:d9:28:fa:c9:2f:79:69:91:
8a:ac:3b:c7:1b:ce:1d:f1:c8:34:52:87:6b:cd:45:
af:c0:3d:e5:9e:08:fe:63:76:6a:9f:db:5e:31:55:
65:ad:2b:9c:a5:f9:79:ca:5e:19:6c:07:0b:06:72:
4b:f1:a8:0d:65:f6:f6:d5:a9:ad:bc:db:47:b2:14:
fe:1e:c6:e9:5e:ed:cb:db:3d:d2:63:3e:5b:63:05:
4d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AC:4F:F8:B4:17:B3:5B:20:FB:D0:BF:77:F0:07:B0:86:CB:5C:03
X509v3 Authority Key Identifier:
keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/aKxP-LQXs1sg-9C_d_AHsIbLXAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.208.0/20
80.64.96.0/20
81.27.240.0/20
185.5.160.0/22
IPv6:
2a00:1c28::/29
Signature Algorithm: sha256WithRSAEncryption
ac:b5:6b:e7:f6:3c:89:5e:c1:a6:bd:46:54:b6:79:cc:a4:5f:
63:d2:05:f3:8e:cb:63:c6:6d:62:05:5d:df:53:98:c4:21:18:
9c:ec:0a:70:b8:1d:45:46:16:84:7e:25:ff:92:17:f5:bd:cd:
c2:ff:7c:38:20:fd:c6:ad:c8:11:d7:b0:35:6b:b3:a6:88:f8:
cf:48:62:c0:0a:f4:28:ed:1f:c5:0c:dc:83:8c:69:c3:06:dd:
d3:4d:6a:e2:e4:75:67:ec:61:6f:0c:f9:6e:32:47:d9:da:79:
d1:d1:88:cc:70:57:a2:91:fc:8d:8d:6f:63:8c:eb:25:55:48:
a0:d5:6d:8e:91:fa:10:11:a2:68:42:0a:09:03:4e:71:c3:5c:
34:b6:29:6c:21:bd:55:c9:ee:71:0e:92:66:dd:83:fc:82:e5:
8b:35:3c:40:44:3d:be:b5:70:84:7a:f4:d2:6c:a3:fd:87:15:
25:8d:6a:34:c3:71:bd:94:30:10:4b:5f:52:76:ce:cd:a2:7e:
fd:5a:d7:31:13:21:24:81:fb:c1:5c:d1:4a:8c:2e:bf:ca:2b:
2a:ad:b2:d4:58:d0:16:79:ba:5f:22:d2:6c:ce:d9:69:06:19:
3c:e3:d2:1d:28:ab:36:59:eb:eb:83:3d:e4:25:1c:42:9b:a2:
b5:69:9f:7e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYTm8/0C6dnVLLx90W2/IV9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGFlODAzYjliYTM4ODU1NDAxODI3YjNlZWNlMTQ1MDVh
OWMwZjYwHhcNMjIxMjA2MTAyMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGFjNGZmOGI0MTdiMzViMjBmYmQwYmY3N2YwMDdiMDg2Y2I1YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+yiLZ+r5T9EWyvKo/YuNobPkqOn
Uee2xTJq/eu7GFtd/PSQ4/PbHT+q5YkmYNcxKNctkoncx8Cm17K2pSHzUkvLuTkC
eVxUptY7pkj/QAgMNPySp/cD4tVaw+U19azNl4QcQSHELC2B/D/lrj/n1Wtuoveb
zuIv/dcWbgRnDfnDXFb3VLL6ztiXlVaD+YtHOlJIY197lAwb7EgKg3tqmox4Mk5B
DgZJQl9N2Sj6yS95aZGKrDvHG84d8cg0UodrzUWvwD3lngj+Y3Zqn9teMVVlrSuc
pfl5yl4ZbAcLBnJL8agNZfb21amtvNtHshT+HsbpXu3L2z3SYz5bYwVNVwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGisT/i0F7NbIPvQv3fwB7CGy1wDMB8GA1UdIwQY
MBaAFFaK6AO5ujiFVAGCez7s4UUFqcD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAt
OGVhZThiNzVlOWNhLzEvYUt4UC1MUVhzMXNnLTlDX2RfQUhzSWJMWEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAtOGVhZThiNzVlOWNh
LzEvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQET43QAwQE
UEBgAwQEURvwAwQCuQWgMA0EAgACMAcDBQMqABwoMA0GCSqGSIb3DQEBCwUAA4IB
AQCstWvn9jyJXsGmvUZUtnnMpF9j0gXzjstjxm1iBV3fU5jEIRic7ApwuB1FRhaE
fiX/khf1vc3C/3w4IP3GrcgR17A1a7OmiPjPSGLACvQo7R/FDNyDjGnDBt3TTWri
5HVn7GFvDPluMkfZ2nnR0YjMcFeikfyNjW9jjOslVUig1W2OkfoQEaJoQgoJA05x
w1w0tilsIb1Vye5xDpJm3YP8guWLNTxARD2+tXCEevTSbKP9hxUljWo0w3G9lDAQ
S19Sds7Non79WtcxEyEkgfvBXNFKjC6/yisqrbLUWNAWebpfItJsztlpBhk849Id
KKs2Wevrgz3kJRxCm6K1aZ9+
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:57:23 2025 by rpki-client