Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/f-0Z2G_j0_N5qqDchYy-Ctd1T14.roa
File: f-0Z2G_j0_N5qqDchYy-Ctd1T14.roa (raw, json)
Hash identifier: wT8/mWClKuGMaXqNRw35HSU124nzDnRiBouhw/60uk4=
Subject key identifier: 7F:ED:19:D8:6F:E3:D3:F3:79:AA:A0:DC:85:8C:BE:0A:D7:75:4F:5E
Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6
Certificate serial: 019421444A1749CDEB5283A3935E1722F05E
Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/f-0Z2G_j0_N5qqDchYy-Ctd1T14.roa
Signing time: Wed 01 Jan 2025 09:48:31 +0000
ROA not before: Wed 01 Jan 2025 09:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20764
IP address blocks: 79.141.208.0/20 maxlen: 20
80.64.96.0/20 maxlen: 20
80.64.97.0/24 maxlen: 24
80.64.98.28/32 maxlen: 32
80.64.99.0/24 maxlen: 24
80.64.102.0/24 maxlen: 24
80.64.103.0/24 maxlen: 24
80.64.104.0/24 maxlen: 24
80.64.105.0/24 maxlen: 24
80.64.108.0/24 maxlen: 24
80.64.109.0/24 maxlen: 24
81.27.240.0/20 maxlen: 20
81.27.241.0/24 maxlen: 24
81.27.248.0/24 maxlen: 24
81.27.252.0/24 maxlen: 24
81.27.253.0/24 maxlen: 24
185.5.160.0/22 maxlen: 22
2a00:1c28::/29 maxlen: 29
2a00:1c28::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:4a:17:49:cd:eb:52:83:a3:93:5e:17:22:f0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6
Validity
Not Before: Jan 1 09:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fed19d86fe3d3f379aaa0dc858cbe0ad7754f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:42:2f:3a:31:c6:59:ca:7a:9f:18:7d:29:77:
b0:55:eb:ce:bb:78:f4:cb:b1:f4:33:05:1e:ec:b0:
0d:95:a2:69:5e:3c:76:b8:d7:cd:6c:ba:a1:30:fb:
26:aa:a9:01:b8:69:b3:5d:8d:7e:97:8f:1a:31:a3:
a8:a3:c0:12:fe:37:ce:cd:00:40:95:c8:2d:8e:53:
72:ba:1c:03:72:b5:35:39:d4:f9:33:be:45:7a:2b:
cf:bb:1d:98:d6:ed:7b:19:92:1f:20:43:2f:9d:20:
79:27:bc:dc:44:9d:bb:dd:6e:e1:13:8e:a3:41:40:
7b:b5:81:eb:38:d8:47:35:c7:98:69:aa:da:9e:60:
b2:b6:fd:50:85:47:c8:3f:49:d9:62:76:0a:5d:01:
4e:55:39:49:a9:47:93:c2:4a:02:b1:6f:3e:38:36:
27:30:d0:9f:68:dc:3e:73:86:52:48:fa:90:5a:29:
70:7e:cc:41:93:bb:b7:e5:c8:26:3d:00:c0:51:ff:
63:60:c9:1b:02:65:12:7b:7d:ed:88:32:9d:44:b5:
ac:48:80:d7:0a:3b:b7:24:12:eb:3d:da:21:fd:8f:
82:45:06:15:7e:42:d8:5a:c3:15:8f:85:a2:5a:6d:
c5:68:b4:37:ad:ee:8c:7f:bb:ff:22:7b:c0:f3:3b:
ac:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:ED:19:D8:6F:E3:D3:F3:79:AA:A0:DC:85:8C:BE:0A:D7:75:4F:5E
X509v3 Authority Key Identifier:
keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/f-0Z2G_j0_N5qqDchYy-Ctd1T14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.208.0/20
80.64.96.0/20
81.27.240.0/20
185.5.160.0/22
IPv6:
2a00:1c28::/29
Signature Algorithm: sha256WithRSAEncryption
6f:17:d1:b1:bb:2c:91:b1:0c:c7:c7:b6:57:ad:7c:b8:5b:42:
8e:2b:9e:d5:94:6f:39:4d:48:cc:e7:f3:cf:cb:95:37:69:56:
23:59:80:11:8d:db:36:e5:f5:87:7a:35:f9:6c:4b:1f:c9:d8:
8c:ee:0d:fd:af:6e:d8:31:39:68:c7:54:ed:ff:1c:77:96:10:
de:d7:81:6f:d9:d8:f7:19:04:63:cb:95:33:c4:06:50:fe:d3:
18:5e:b8:06:2d:ae:9d:e1:c5:06:67:08:53:6a:e3:2d:2b:18:
5b:14:7a:d6:ca:38:19:c9:98:60:ba:9f:07:9b:38:80:b9:f5:
93:52:6a:4d:8b:5f:21:7e:56:c7:d1:13:0e:02:c1:09:6e:f5:
e2:c3:4e:c8:7f:f8:b8:fc:cd:4b:d8:6b:c0:bb:12:dc:b5:17:
7d:bb:ee:99:97:20:7e:1e:f4:3c:5a:1d:bd:56:f3:a0:a3:c9:
d9:98:0a:e2:d4:15:ca:6c:16:fb:a3:08:d1:da:a8:35:24:a2:
89:e1:05:b9:3e:60:28:00:97:0f:19:28:20:ed:e7:a0:7c:61:
66:18:81:a6:10:f2:14:e6:22:84:ed:44:2d:b4:07:60:6a:e9:
03:f6:e4:fe:93:b3:b7:96:17:14:7e:3a:e1:5c:ca:4f:5e:aa:
73:f7:e7:28
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQhREoXSc3rUoOjk14XIvBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGFlODAzYjliYTM4ODU1NDAxODI3YjNlZWNlMTQ1MDVh
OWMwZjYwHhcNMjUwMTAxMDk0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmVkMTlkODZmZTNkM2YzNzlhYWEwZGM4NThjYmUwYWQ3NzU0ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kIvOjHGWcp6nxh9KXewVevOu3j0
y7H0MwUe7LANlaJpXjx2uNfNbLqhMPsmqqkBuGmzXY1+l48aMaOoo8AS/jfOzQBA
lcgtjlNyuhwDcrU1OdT5M75FeivPux2Y1u17GZIfIEMvnSB5J7zcRJ273W7hE46j
QUB7tYHrONhHNceYaaranmCytv1QhUfIP0nZYnYKXQFOVTlJqUeTwkoCsW8+ODYn
MNCfaNw+c4ZSSPqQWilwfsxBk7u35cgmPQDAUf9jYMkbAmUSe33tiDKdRLWsSIDX
Cju3JBLrPdoh/Y+CRQYVfkLYWsMVj4WiWm3FaLQ3re6Mf7v/InvA8zusxQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFH/tGdhv49Pzeaqg3IWMvgrXdU9eMB8GA1UdIwQY
MBaAFFaK6AO5ujiFVAGCez7s4UUFqcD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAt
OGVhZThiNzVlOWNhLzEvZi0wWjJHX2owX041cXFEY2hZeS1DdGQxVDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAtOGVhZThiNzVlOWNh
LzEvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQET43QAwQE
UEBgAwQEURvwAwQCuQWgMA0EAgACMAcDBQMqABwoMA0GCSqGSIb3DQEBCwUAA4IB
AQBvF9GxuyyRsQzHx7ZXrXy4W0KOK57VlG85TUjM5/PPy5U3aVYjWYARjds25fWH
ejX5bEsfydiM7g39r27YMTlox1Tt/xx3lhDe14Fv2dj3GQRjy5UzxAZQ/tMYXrgG
La6d4cUGZwhTauMtKxhbFHrWyjgZyZhgup8HmziAufWTUmpNi18hflbH0RMOAsEJ
bvXiw07If/i4/M1L2GvAuxLctRd9u+6ZlyB+HvQ8Wh29VvOgo8nZmAri1BXKbBb7
owjR2qg1JKKJ4QW5PmAoAJcPGSgg7eegfGFmGIGmEPIU5iKE7UQttAdgaukD9uT+
k7O3lhcUfjrhXMpPXqpz9+co
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:48:25 2025 by rpki-client