Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/T9JRBawWchbn8jON5Y0KsUANSlY.roa
File: T9JRBawWchbn8jON5Y0KsUANSlY.roa (raw, json)
Hash identifier: 7BHggFyR7wTe61E+5vWC0sJVPX1dUZpjUdh5hUQN4Q0=
Subject key identifier: 4F:D2:51:05:AC:16:72:16:E7:F2:33:8D:E5:8D:0A:B1:40:0D:4A:56
Certificate issuer: /CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Certificate serial: 019428259026A073AB8FBD6FF50D97DBA249
Authority key identifier: 80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/T9JRBawWchbn8jON5Y0KsUANSlY.roa
Signing time: Thu 02 Jan 2025 17:52:17 +0000
ROA not before: Thu 02 Jan 2025 17:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49725
IP address blocks: 95.143.144.0/20 maxlen: 20
2a00:1da8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:90:26:a0:73:ab:8f:bd:6f:f5:0d:97:db:a2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Validity
Not Before: Jan 2 17:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fd25105ac167216e7f2338de58d0ab1400d4a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:eb:ab:28:5a:37:65:03:8a:1d:d7:3a:bc:69:
ef:6a:2f:c3:62:19:18:62:b5:c0:54:65:14:c5:96:
d7:ea:03:86:e1:31:53:d1:46:a1:7e:7a:d0:a2:fe:
02:63:f9:09:fe:c9:3c:8f:ae:0c:24:45:0a:ae:de:
20:6a:ce:14:cf:17:c5:08:ac:a1:c8:65:83:43:e8:
12:6c:ce:3a:fe:65:e3:98:e8:7e:74:da:d8:8c:38:
61:cc:a8:9d:75:4d:1a:5b:c1:d8:71:e3:f0:eb:95:
51:5b:52:e4:28:8f:5e:f1:11:b9:49:82:12:80:83:
80:ce:0d:c0:58:70:86:cc:02:30:ce:73:dc:03:1f:
84:de:5f:c8:29:d8:b2:ce:5a:a6:ac:cb:f5:c0:b2:
87:9d:90:a2:39:8b:09:d9:58:03:20:a3:d7:d5:95:
69:fd:69:06:c2:d3:fe:e7:a6:dc:1d:b7:40:9b:f6:
96:74:be:fb:05:23:3a:e6:b5:84:5c:f3:4b:7f:fd:
4c:b8:72:83:1f:54:1f:a1:04:05:9d:f4:18:0f:3d:
63:74:45:d9:09:79:04:35:1f:08:08:bf:d9:c2:b3:
4b:08:8c:26:6e:77:5f:23:61:05:1e:54:83:7e:eb:
dd:01:37:50:b9:06:05:69:9e:fd:ee:ca:f3:f3:bb:
b8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D2:51:05:AC:16:72:16:E7:F2:33:8D:E5:8D:0A:B1:40:0D:4A:56
X509v3 Authority Key Identifier:
keyid:80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/T9JRBawWchbn8jON5Y0KsUANSlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/gPmiS9JsyCF1GKEfWY5jcgJeiuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.143.144.0/20
IPv6:
2a00:1da8::/32
Signature Algorithm: sha256WithRSAEncryption
70:ce:f5:01:c9:d8:b8:6f:f3:29:a9:95:30:99:a4:8b:01:55:
b2:85:2a:54:b7:a1:bd:97:d5:00:65:83:24:f0:b0:a1:7b:5f:
d8:d8:11:16:64:3e:5a:22:c9:2a:5f:68:5c:b3:e3:da:7a:6d:
6d:95:c6:33:70:3b:ac:57:6b:e7:e7:79:ac:4b:15:14:51:a0:
0f:f1:a9:31:bd:af:3d:06:52:2c:dc:25:1f:97:25:a1:56:e3:
02:25:4c:4b:92:cf:01:e6:27:be:db:91:db:56:87:47:ae:e8:
b9:bc:d1:1e:8b:fe:a5:94:86:e5:0c:0d:78:a8:5a:77:7c:c8:
ac:e4:22:8a:d0:4a:38:2c:94:8c:11:a8:ca:88:32:37:cc:22:
5a:ad:a2:58:1b:f2:cf:1f:86:f3:15:55:e8:3d:15:3e:4c:f2:
f0:47:b8:32:b3:ba:41:e1:7d:8b:26:98:97:ce:e3:ef:ca:4c:
e2:7c:17:77:cd:84:0f:ba:70:e8:fd:6a:93:fc:c1:e8:00:ae:
60:36:d7:a8:14:d3:88:6a:cd:71:3f:f4:dc:f1:6b:11:69:82:
fe:7b:18:3c:b5:6c:36:98:49:05:46:c0:75:c9:24:fe:27:3c:
27:d4:d2:71:86:14:d1:8f:bc:0d:4c:99:8e:b5:94:47:76:b3:
ff:84:c4:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJZAmoHOrj71v9Q2X26JJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjlhMjRiZDI2Y2M4MjE3NTE4YTExZjU5OGU2MzcyMDI1
ZThhZTkwHhcNMjUwMTAyMTc1MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQyNTEwNWFjMTY3MjE2ZTdmMjMzOGRlNThkMGFiMTQwMGQ0YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseurKFo3ZQOKHdc6vGnvai/DYhkY
YrXAVGUUxZbX6gOG4TFT0UahfnrQov4CY/kJ/sk8j64MJEUKrt4gas4UzxfFCKyh
yGWDQ+gSbM46/mXjmOh+dNrYjDhhzKiddU0aW8HYcePw65VRW1LkKI9e8RG5SYIS
gIOAzg3AWHCGzAIwznPcAx+E3l/IKdiyzlqmrMv1wLKHnZCiOYsJ2VgDIKPX1ZVp
/WkGwtP+56bcHbdAm/aWdL77BSM65rWEXPNLf/1MuHKDH1QfoQQFnfQYDz1jdEXZ
CXkENR8ICL/ZwrNLCIwmbndfI2EFHlSDfuvdATdQuQYFaZ797srz87u4CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE/SUQWsFnIW5/IzjeWNCrFADUpWMB8GA1UdIwQY
MBaAFID5okvSbMghdRihH1mOY3ICXorpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODkt
OTY1NTI5ZjIwZDExLzEvVDlKUkJhd1djaGJuOGpPTjVZMEtzVUFOU2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODktOTY1NTI5ZjIwZDEx
LzEvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEX4+QMA0E
AgACMAcDBQAqAB2oMA0GCSqGSIb3DQEBCwUAA4IBAQBwzvUBydi4b/MpqZUwmaSL
AVWyhSpUt6G9l9UAZYMk8LChe1/Y2BEWZD5aIskqX2hcs+Paem1tlcYzcDusV2vn
53msSxUUUaAP8akxva89BlIs3CUflyWhVuMCJUxLks8B5ie+25HbVodHrui5vNEe
i/6llIblDA14qFp3fMis5CKK0Eo4LJSMEajKiDI3zCJaraJYG/LPH4bzFVXoPRU+
TPLwR7gys7pB4X2LJpiXzuPvykzifBd3zYQPunDo/WqT/MHoAK5gNteoFNOIas1x
P/Tc8WsRaYL+exg8tWw2mEkFRsB1yST+Jzwn1NJxhhTRj7wNTJmOtZRHdrP/hMTK
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:54:15 2025 by rpki-client