Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/3g3144t54HGRa28h02Xw83J7Clc.roa
File: 3g3144t54HGRa28h02Xw83J7Clc.roa (raw, json)
Hash identifier: XX+LOOOsUzF/wHBB2Iscv3ZSGgGpMaFj5N2D9xm/JPo=
Subject key identifier: DE:0D:F5:E3:8B:79:E0:71:91:6B:6F:21:D3:65:F0:F3:72:7B:0A:57
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0194244520F03D6E51FB8AE9B2D8452A9CAD
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/3g3144t54HGRa28h02Xw83J7Clc.roa
Signing time: Wed 01 Jan 2025 23:48:17 +0000
ROA not before: Wed 01 Jan 2025 23:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8711
IP address blocks: 80.66.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:20:f0:3d:6e:51:fb:8a:e9:b2:d8:45:2a:9c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 23:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de0df5e38b79e071916b6f21d365f0f3727b0a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a8:59:d9:b6:02:58:93:7e:95:be:18:3d:b4:
ec:8b:c8:b3:67:d5:31:6f:5b:77:a9:ee:86:8e:74:
5a:62:af:18:d2:7a:36:12:2b:57:6e:ab:a6:02:39:
e6:3f:26:ed:9e:f2:50:b5:9d:b1:be:d6:c1:74:28:
db:9f:2d:9f:0a:6a:1a:42:5e:88:09:90:53:1b:bb:
1b:f9:4c:03:3f:2a:f8:9e:74:0d:41:ad:fc:07:47:
40:02:b0:ed:ba:5e:ed:e7:91:4f:38:73:b0:ab:bc:
0f:1e:ea:f5:66:17:bc:84:d1:cd:e2:f4:02:45:5e:
87:a4:4e:fa:1b:62:6e:30:92:3d:8a:34:25:30:66:
9c:a7:81:ad:bd:ca:e8:51:99:21:be:4f:7f:f0:ca:
cc:33:51:aa:04:ba:b1:1a:ab:d6:bb:72:33:47:2b:
b9:ef:8e:c8:48:ce:1a:8b:52:66:6e:1e:ae:c0:29:
f3:60:a6:10:a5:b0:47:78:79:6c:16:50:ea:ca:d6:
e6:8d:b8:e6:d8:a6:1e:bb:cb:35:94:23:bc:e0:b7:
ab:6e:e3:4e:de:49:fc:f0:3e:2a:f9:8e:e1:f6:e4:
fe:09:fa:a4:39:a2:b2:a3:9d:6a:1f:60:33:83:48:
e3:b6:6a:84:2c:c2:e2:e1:d5:0a:08:bc:d5:13:74:
04:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0D:F5:E3:8B:79:E0:71:91:6B:6F:21:D3:65:F0:F3:72:7B:0A:57
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/3g3144t54HGRa28h02Xw83J7Clc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.67.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ea:3c:03:bf:0e:b0:88:39:c9:5d:f7:8d:6d:ce:34:95:f8:
a8:5f:2d:93:b1:f4:b7:1e:83:c5:67:0b:98:ec:0b:73:38:bc:
3b:23:69:2a:1f:e7:a8:72:12:1c:86:51:90:13:ce:4b:81:2b:
d7:67:81:eb:e7:9f:34:54:15:3a:75:0a:f4:54:30:54:7f:07:
b0:22:c7:b3:ba:a5:e3:1d:b6:53:5d:d9:79:a8:21:0a:5e:64:
40:54:e2:c0:a9:ec:18:3a:d3:3f:a1:43:1c:61:84:d0:82:65:
8b:d2:b8:04:6d:1e:99:e0:a4:cd:50:41:5f:b2:ae:2d:54:67:
2c:78:1f:86:92:e2:6d:57:f0:84:b8:ef:56:1c:3d:38:ec:cc:
42:85:21:7e:e1:71:f5:6b:1f:2d:0d:d2:47:ee:29:3c:a2:64:
4e:dc:83:e1:cc:54:5e:ff:53:85:2a:60:a5:c6:9c:04:87:78:
2b:ba:10:06:cb:1f:07:4a:e2:81:ff:99:3a:49:cf:bf:2d:13:
50:70:85:48:c6:a5:35:59:4a:82:e4:f3:cb:57:db:02:1e:b8:
2d:79:37:2a:83:71:18:a1:a1:53:2e:52:d6:98:aa:cb:fe:16:
ca:37:f1:52:42:43:b4:b8:74:fe:14:54:1b:6a:6e:f7:89:21:
e9:39:46:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRSDwPW5R+4rpsthFKpytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjUwMTAxMjM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTBkZjVlMzhiNzllMDcxOTE2YjZmMjFkMzY1ZjBmMzcyN2IwYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqhZ2bYCWJN+lb4YPbTsi8izZ9Ux
b1t3qe6GjnRaYq8Y0no2EitXbqumAjnmPybtnvJQtZ2xvtbBdCjbny2fCmoaQl6I
CZBTG7sb+UwDPyr4nnQNQa38B0dAArDtul7t55FPOHOwq7wPHur1Zhe8hNHN4vQC
RV6HpE76G2JuMJI9ijQlMGacp4GtvcroUZkhvk9/8MrMM1GqBLqxGqvWu3IzRyu5
747ISM4ai1Jmbh6uwCnzYKYQpbBHeHlsFlDqytbmjbjm2KYeu8s1lCO84LerbuNO
3kn88D4q+Y7h9uT+CfqkOaKyo51qH2Azg0jjtmqELMLi4dUKCLzVE3QE7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4N9eOLeeBxkWtvIdNl8PNyewpXMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvM2czMTQ0dDU0SEdSYTI4aDAyWHc4M0o3Q2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEJDMA0G
CSqGSIb3DQEBCwUAA4IBAQAH6jwDvw6wiDnJXfeNbc40lfioXy2TsfS3HoPFZwuY
7AtzOLw7I2kqH+eochIchlGQE85LgSvXZ4Hr5580VBU6dQr0VDBUfwewIsezuqXj
HbZTXdl5qCEKXmRAVOLAqewYOtM/oUMcYYTQgmWL0rgEbR6Z4KTNUEFfsq4tVGcs
eB+GkuJtV/CEuO9WHD047MxChSF+4XH1ax8tDdJH7ik8omRO3IPhzFRe/1OFKmCl
xpwEh3gruhAGyx8HSuKB/5k6Sc+/LRNQcIVIxqU1WUqC5PPLV9sCHrgteTcqg3EY
oaFTLlLWmKrL/hbKN/FSQkO0uHT+FFQbam73iSHpOUZI
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:08:41 2025 by rpki-client