Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/4khQBxr0rkxiDcs-9krKTJyIMHY.roa
File: 4khQBxr0rkxiDcs-9krKTJyIMHY.roa (raw, json)
Hash identifier: 6mCK+/1+gw6JcaduuXUDtjThMDySh30vZqpYYzuLso0=
Subject key identifier: E2:48:50:07:1A:F4:AE:4C:62:0D:CB:3E:F6:4A:CA:4C:9C:88:30:76
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5ABBBAA93B4F244874015AE7BF2F6
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/4khQBxr0rkxiDcs-9krKTJyIMHY.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29571
IP address blocks: 80.15.244.0/24 maxlen: 32
2a01:c9c0:c014::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ab:bb:aa:93:b4:f2:44:87:40:15:ae:7b:f2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e24850071af4ae4c620dcb3ef64aca4c9c883076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:20:d5:5f:3a:f3:86:38:6d:7c:7b:22:0b:
89:ab:b7:87:1e:48:d0:34:8d:79:b4:2f:00:83:0d:
29:1b:47:cd:76:8b:2a:52:31:a9:31:05:4f:91:5e:
d1:97:95:d0:7f:3c:f3:81:ee:6f:8e:d3:b7:12:44:
bc:44:80:5f:02:00:0a:a4:e5:1c:0b:66:f7:3d:db:
1a:0a:d1:01:61:2b:47:a8:9a:17:2e:48:63:dc:50:
0b:7e:ca:24:78:4c:a4:f1:cc:e4:5c:16:47:5b:7a:
20:b7:06:d4:cc:a0:02:a5:7d:66:3e:ba:1a:31:ce:
a5:99:d1:92:ae:a4:c3:ad:1a:24:16:86:bc:02:f2:
aa:20:98:e9:9a:a9:0c:28:4c:d3:30:3f:d4:26:ff:
b0:f6:42:d6:74:6d:f4:fa:da:f7:4a:b8:9d:58:08:
19:cc:ba:88:27:0a:39:d3:dc:b7:3d:fe:29:f7:1a:
ed:5c:f6:df:60:fe:ce:3f:ae:d3:ab:89:f2:b2:0e:
0d:e4:7d:8c:06:2e:09:24:01:ec:4d:bb:a2:00:a1:
6a:c4:14:b5:29:21:94:8a:36:c9:f2:35:3e:b0:ee:
93:f5:b9:aa:39:ca:10:91:4d:c1:c4:93:22:a9:a0:
34:e0:4b:3a:d7:72:42:a8:18:85:16:f7:45:8a:c1:
2a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:48:50:07:1A:F4:AE:4C:62:0D:CB:3E:F6:4A:CA:4C:9C:88:30:76
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/4khQBxr0rkxiDcs-9krKTJyIMHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.244.0/24
IPv6:
2a01:c9c0:c014::/48
Signature Algorithm: sha256WithRSAEncryption
13:28:b6:f9:48:db:db:4d:c0:78:d9:41:45:a9:18:28:b1:e1:
6d:04:88:ba:83:e5:e0:72:be:75:b6:0b:29:dd:c6:dc:14:a4:
8e:70:38:31:79:f4:f1:26:51:f3:0c:43:23:de:54:a8:c7:1b:
2c:7e:62:9d:c7:00:14:70:5b:ca:15:8e:77:42:2d:f2:d4:55:
4d:77:90:85:14:14:4a:f1:fc:ea:92:54:a2:e4:b2:bd:f1:a2:
41:ca:32:dd:b5:d5:ee:92:e7:33:74:8d:75:2c:2c:7e:52:4e:
6e:62:4a:57:94:cf:49:be:94:13:06:a8:d9:08:27:96:95:1c:
97:1c:15:e8:95:af:fe:9b:fd:4c:83:7d:31:4c:c2:13:8d:f7:
a7:c9:43:b3:5f:18:19:d8:ef:5f:34:83:ae:63:b9:28:e5:65:
74:84:96:fa:50:c3:8b:4b:d6:bf:25:b2:d0:84:7e:3d:43:93:
47:10:ce:14:a4:33:fd:8c:18:3b:6c:7e:78:20:d6:a8:15:e1:
1e:3b:a7:53:2d:7c:96:7b:7c:69:80:68:19:df:de:a8:84:e9:
b1:a0:f3:65:02:f7:42:02:96:15:fa:25:37:c0:1b:47:83:0b:
cc:19:cf:f5:27:46:d7:23:cb:b3:7b:f1:c3:3d:c6:37:26:f4:
73:39:c8:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1au7qpO08kSHQBWue/L2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ4NTAwNzFhZjRhZTRjNjIwZGNiM2VmNjRhY2E0YzljODgzMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGYg1V8684Y4bXx7IguJq7eHHkjQ
NI15tC8Agw0pG0fNdosqUjGpMQVPkV7Rl5XQfzzzge5vjtO3EkS8RIBfAgAKpOUc
C2b3PdsaCtEBYStHqJoXLkhj3FALfsokeEyk8czkXBZHW3ogtwbUzKACpX1mProa
Mc6lmdGSrqTDrRokFoa8AvKqIJjpmqkMKEzTMD/UJv+w9kLWdG30+tr3SridWAgZ
zLqIJwo509y3Pf4p9xrtXPbfYP7OP67Tq4nysg4N5H2MBi4JJAHsTbuiAKFqxBS1
KSGUijbJ8jU+sO6T9bmqOcoQkU3BxJMiqaA04Es613JCqBiFFvdFisEqywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOJIUAca9K5MYg3LPvZKykyciDB2MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvNGtoUUJ4cjBya3hpRGNzLTlrcktUSnlJTUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUA/0MA8E
AgACMAkDBwAqAcnAwBQwDQYJKoZIhvcNAQELBQADggEBABMotvlI29tNwHjZQUWp
GCix4W0EiLqD5eByvnW2CyndxtwUpI5wODF59PEmUfMMQyPeVKjHGyx+Yp3HABRw
W8oVjndCLfLUVU13kIUUFErx/OqSVKLksr3xokHKMt211e6S5zN0jXUsLH5STm5i
SleUz0m+lBMGqNkIJ5aVHJccFeiVr/6b/UyDfTFMwhON96fJQ7NfGBnY7180g65j
uSjlZXSElvpQw4tL1r8lstCEfj1Dk0cQzhSkM/2MGDtsfngg1qgV4R47p1MtfJZ7
fGmAaBnf3qiE6bGg82UC90IClhX6JTfAG0eDC8wZz/UnRtcjy7N78cM9xjcm9HM5
yBI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:15:22 2025 by rpki-client