Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/icOqkD3iZ1uQhUc1od-t1KdaP8Q.roa
File: icOqkD3iZ1uQhUc1od-t1KdaP8Q.roa (raw, json)
Hash identifier: R662CVA1MQV0WqGE3hZcMqQgQJpHzJMBr1PqZkwqav0=
Subject key identifier: 89:C3:AA:90:3D:E2:67:5B:90:85:47:35:A1:DF:AD:D4:A7:5A:3F:C4
Certificate issuer: /CN=7247ba43e270c98bdc642a9e3c218ca524eb0f53
Certificate serial: 0194266AF8C5CDE1D1685BDE7F336AE11DC2
Authority key identifier: 72:47:BA:43:E2:70:C9:8B:DC:64:2A:9E:3C:21:8C:A5:24:EB:0F:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cke6Q-JwyYvcZCqePCGMpSTrD1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/icOqkD3iZ1uQhUc1od-t1KdaP8Q.roa
Signing time: Thu 02 Jan 2025 09:48:52 +0000
ROA not before: Thu 02 Jan 2025 09:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 80.70.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:f8:c5:cd:e1:d1:68:5b:de:7f:33:6a:e1:1d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7247ba43e270c98bdc642a9e3c218ca524eb0f53
Validity
Not Before: Jan 2 09:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89c3aa903de2675b90854735a1dfadd4a75a3fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b8:6f:cf:e6:d6:0c:5c:f9:9f:72:a6:e7:21:
1b:61:9c:cc:25:8c:10:34:0f:4f:cd:75:d7:03:1f:
56:25:2d:16:ba:67:35:dd:32:27:3f:80:12:d9:6f:
1b:ec:aa:e8:b5:c2:8d:2b:12:a8:06:2a:3b:c3:74:
73:9a:34:8d:2d:96:ca:c6:5e:14:f2:83:ff:ca:86:
3d:f0:97:52:60:91:fe:c6:79:ee:1e:a4:0a:ce:6f:
31:c0:d4:de:f8:3b:19:fa:7b:0e:af:e6:24:1b:a8:
a4:ea:14:da:ea:24:1e:c1:93:e8:41:14:28:e9:a4:
f1:b5:fc:61:48:f2:1c:0a:e4:a2:f7:49:43:ed:55:
18:cb:d5:c9:75:f9:33:47:50:13:e1:be:01:4b:36:
59:ff:0b:f2:4d:7a:49:73:03:be:5c:94:e1:48:c5:
3b:d7:d9:49:f2:1f:40:c5:70:76:7a:42:89:2c:d2:
11:a1:a5:71:1a:d2:83:dc:10:a9:14:eb:72:25:fa:
b7:45:70:a3:46:e7:9a:5c:d6:4d:fc:99:9e:08:78:
95:c6:98:41:3d:35:08:c7:b8:91:fc:71:32:0c:18:
31:3a:1a:24:57:60:63:69:62:cd:3b:1f:3a:17:33:
ed:1b:5e:2d:43:b3:03:7b:83:0f:35:11:1e:d4:b4:
4a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C3:AA:90:3D:E2:67:5B:90:85:47:35:A1:DF:AD:D4:A7:5A:3F:C4
X509v3 Authority Key Identifier:
keyid:72:47:BA:43:E2:70:C9:8B:DC:64:2A:9E:3C:21:8C:A5:24:EB:0F:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cke6Q-JwyYvcZCqePCGMpSTrD1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/icOqkD3iZ1uQhUc1od-t1KdaP8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/341068-28f6-4f81-993f-279203b1d92c/1/cke6Q-JwyYvcZCqePCGMpSTrD1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:df:fb:7f:b5:03:87:58:67:b7:18:b9:9f:ae:79:b5:f8:0d:
83:ee:89:f2:11:81:f5:fd:e8:50:a5:c5:9f:ab:d1:c7:01:1b:
52:27:0b:25:97:3b:2d:04:7d:55:36:94:bc:1c:fd:fa:d6:b4:
32:c6:61:99:e4:31:53:e2:f8:ed:6e:33:7e:34:1e:77:ea:6b:
d3:95:1e:d1:0b:da:31:f1:b6:f1:02:07:c0:92:41:01:36:78:
2d:85:7e:bc:53:74:a2:41:92:88:9d:ab:b6:18:42:48:15:6d:
47:8a:9d:88:98:f4:73:9b:eb:43:32:6e:58:38:99:d7:e0:19:
80:37:fa:c3:6c:54:cb:8e:fa:78:0a:5a:18:cf:19:66:f9:ae:
2a:ad:6e:fc:fb:b1:42:c0:7b:d6:7b:e0:a8:bc:55:22:6f:15:
e8:fb:4d:e6:0d:0c:4d:e4:7a:3b:97:07:1a:45:74:30:34:c7:
64:b5:07:96:f6:fe:49:f8:a8:57:ff:57:0d:90:db:79:c0:11:
a3:a5:b6:a3:91:f9:9b:ce:20:a6:97:51:39:24:1b:6a:f0:8b:
c7:18:f7:9b:d9:59:7c:83:38:d4:82:0b:a6:79:f2:62:e9:25:
5c:22:2a:cb:4b:06:14:75:8f:41:b3:08:5a:9b:e6:e3:96:67:
7a:f3:97:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmavjFzeHRaFvefzNq4R3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDdiYTQzZTI3MGM5OGJkYzY0MmE5ZTNjMjE4Y2E1MjRl
YjBmNTMwHhcNMjUwMTAyMDk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWMzYWE5MDNkZTI2NzViOTA4NTQ3MzVhMWRmYWRkNGE3NWEzZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67hvz+bWDFz5n3Km5yEbYZzMJYwQ
NA9PzXXXAx9WJS0Wumc13TInP4AS2W8b7KrotcKNKxKoBio7w3RzmjSNLZbKxl4U
8oP/yoY98JdSYJH+xnnuHqQKzm8xwNTe+DsZ+nsOr+YkG6ik6hTa6iQewZPoQRQo
6aTxtfxhSPIcCuSi90lD7VUYy9XJdfkzR1AT4b4BSzZZ/wvyTXpJcwO+XJThSMU7
19lJ8h9AxXB2ekKJLNIRoaVxGtKD3BCpFOtyJfq3RXCjRueaXNZN/JmeCHiVxphB
PTUIx7iR/HEyDBgxOhokV2BjaWLNOx86FzPtG14tQ7MDe4MPNREe1LRKBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInDqpA94mdbkIVHNaHfrdSnWj/EMB8GA1UdIwQY
MBaAFHJHukPicMmL3GQqnjwhjKUk6w9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tlNlEtSnd5WXZjWkNxZVBDR01wU1RyRDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8zNDEwNjgtMjhmNi00ZjgxLTk5M2Yt
Mjc5MjAzYjFkOTJjLzEvaWNPcWtEM2laMXVRaFVjMW9kLXQxS2RhUDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8zNDEwNjgtMjhmNi00ZjgxLTk5M2YtMjc5MjAzYjFkOTJj
LzEvY2tlNlEtSnd5WXZjWkNxZVBDR01wU1RyRDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEbdMA0G
CSqGSIb3DQEBCwUAA4IBAQBM3/t/tQOHWGe3GLmfrnm1+A2D7onyEYH1/ehQpcWf
q9HHARtSJwsllzstBH1VNpS8HP361rQyxmGZ5DFT4vjtbjN+NB536mvTlR7RC9ox
8bbxAgfAkkEBNngthX68U3SiQZKInau2GEJIFW1Hip2ImPRzm+tDMm5YOJnX4BmA
N/rDbFTLjvp4CloYzxlm+a4qrW78+7FCwHvWe+CovFUibxXo+03mDQxN5Ho7lwca
RXQwNMdktQeW9v5J+KhX/1cNkNt5wBGjpbajkfmbziCml1E5JBtq8IvHGPeb2Vl8
gzjUggumefJi6SVcIirLSwYUdY9Bswham+bjlmd685ef
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:38:35 2025 by rpki-client