Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/r-odid58QA2RkcPzKe2YyysHgPE.roa
File: r-odid58QA2RkcPzKe2YyysHgPE.roa (raw, json)
Hash identifier: al0V+ep2s8ttuM5Hbddl7O9x0lPen35y5806FJSQtBE=
Subject key identifier: AF:EA:1D:89:DE:7C:40:0D:91:91:C3:F3:29:ED:98:CB:2B:07:80:F1
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5AEAE9E7E8ABB395663AE2170205F
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/r-odid58QA2RkcPzKe2YyysHgPE.roa
Signing time: Wed 01 Jan 2025 07:47:42 +0000
ROA not before: Wed 01 Jan 2025 07:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36925
IP address blocks: 80.15.243.0/24 maxlen: 32
2a01:c9c0:c012::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ae:ae:9e:7e:8a:bb:39:56:63:ae:21:70:20:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afea1d89de7c400d9191c3f329ed98cb2b0780f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7b:94:6b:1b:6a:e2:ab:72:ac:76:a0:7c:3f:
61:92:39:f4:38:f6:0e:3c:53:38:00:71:5e:24:c4:
9a:c4:8a:46:70:7b:29:a6:f1:0d:60:df:ff:c2:ac:
16:2d:82:22:64:51:48:69:cf:0e:ae:54:0b:ca:80:
c4:5c:0f:3e:00:74:01:33:b8:a3:c7:33:73:77:82:
a6:78:3b:9a:ca:7d:f6:a2:fa:75:9a:09:c3:37:eb:
35:3c:72:97:95:4a:b9:36:73:9f:f5:db:c8:7d:54:
4e:31:23:c9:fc:8d:cf:26:cf:8f:40:a3:0f:ba:38:
6a:3a:fa:05:9f:c6:52:b4:9c:79:97:a0:fd:de:b9:
a1:cb:0e:8e:a7:18:21:66:6e:d6:5f:21:c3:25:c6:
40:0b:d5:d2:58:63:38:3e:87:f7:d5:92:6c:28:8b:
48:bc:99:cf:ec:dd:79:c7:85:fa:71:16:04:26:5a:
8f:e7:54:ab:df:47:8c:9c:1d:d6:92:ef:8e:6d:93:
b4:cd:43:0c:40:91:7a:9d:0f:1a:d2:d1:86:97:b7:
b2:b7:d7:bd:64:c0:1d:ae:dd:2c:91:f4:ec:be:d7:
a5:a1:9b:a0:6a:74:d3:24:17:4a:88:09:3a:e4:96:
d4:53:2e:b7:5e:63:46:02:75:8d:38:1e:28:03:3e:
34:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EA:1D:89:DE:7C:40:0D:91:91:C3:F3:29:ED:98:CB:2B:07:80:F1
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/r-odid58QA2RkcPzKe2YyysHgPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.243.0/24
IPv6:
2a01:c9c0:c012::/48
Signature Algorithm: sha256WithRSAEncryption
4d:79:29:0c:8d:c2:22:fc:d6:1b:c4:1f:c1:09:9f:21:be:35:
df:45:b6:ce:11:40:f4:35:d8:ff:db:95:f3:b2:de:c3:af:f1:
96:f3:50:8d:42:bc:ff:1d:5f:42:21:47:3b:82:f1:4a:c6:54:
39:d1:09:2a:32:09:cf:49:4d:5f:f1:94:80:72:dd:4f:39:43:
cb:69:c8:d4:d6:ca:90:98:e9:e5:c1:b9:1a:73:28:e8:ab:cc:
1f:7a:92:d0:71:85:2e:2d:8e:c5:3b:2c:3d:95:5f:0b:8b:39:
46:c1:96:33:61:c4:0d:90:48:55:a7:16:d7:a7:06:9f:3e:36:
e5:c4:74:11:b9:47:21:ff:2b:31:5f:77:ef:c8:66:dd:e4:dc:
b8:4d:4d:f2:82:a9:3b:25:e1:c8:25:00:90:88:62:dc:06:d4:
4c:fa:a5:01:34:6e:a5:a2:f6:ec:03:63:59:e1:31:25:a0:87:
d3:fa:c2:71:da:eb:eb:f6:6d:82:79:b3:6d:b2:ea:f1:e3:34:
26:b6:fc:8a:db:28:b7:a3:ba:88:53:8b:d4:7a:5c:54:a0:d1:
d9:ad:b1:c0:1f:e9:9e:21:5a:f5:b4:73:37:f0:59:56:0a:d1:
9b:8c:5f:a7:b8:53:af:92:bf:fc:c3:6d:b4:c4:b0:fb:c6:a7:
5a:f4:e0:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1a6unn6KuzlWY64hcCBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVhMWQ4OWRlN2M0MDBkOTE5MWMzZjMyOWVkOThjYjJiMDc4MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHuUaxtq4qtyrHagfD9hkjn0OPYO
PFM4AHFeJMSaxIpGcHsppvENYN//wqwWLYIiZFFIac8OrlQLyoDEXA8+AHQBM7ij
xzNzd4KmeDuayn32ovp1mgnDN+s1PHKXlUq5NnOf9dvIfVROMSPJ/I3PJs+PQKMP
ujhqOvoFn8ZStJx5l6D93rmhyw6OpxghZm7WXyHDJcZAC9XSWGM4Pof31ZJsKItI
vJnP7N15x4X6cRYEJlqP51Sr30eMnB3Wku+ObZO0zUMMQJF6nQ8a0tGGl7eyt9e9
ZMAdrt0skfTsvteloZuganTTJBdKiAk65JbUUy63XmNGAnWNOB4oAz40vwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK/qHYnefEANkZHD8yntmMsrB4DxMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvci1vZGlkNThRQTJSa2NQektlMll5eXNIZ1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUA/zMA8E
AgACMAkDBwAqAcnAwBIwDQYJKoZIhvcNAQELBQADggEBAE15KQyNwiL81hvEH8EJ
nyG+Nd9Fts4RQPQ12P/blfOy3sOv8ZbzUI1CvP8dX0IhRzuC8UrGVDnRCSoyCc9J
TV/xlIBy3U85Q8tpyNTWypCY6eXBuRpzKOirzB96ktBxhS4tjsU7LD2VXwuLOUbB
ljNhxA2QSFWnFtenBp8+NuXEdBG5RyH/KzFfd+/IZt3k3LhNTfKCqTsl4cglAJCI
YtwG1Ez6pQE0bqWi9uwDY1nhMSWgh9P6wnHa6+v2bYJ5s22y6vHjNCa2/IrbKLej
uohTi9R6XFSg0dmtscAf6Z4hWvW0czfwWVYK0ZuMX6e4U6+Sv/zDbbTEsPvGp1r0
4Es=
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:59:41 2025 by rpki-client