Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/949NJzEdExJn5XO-wPE1DtJv8g4.roa
File: 949NJzEdExJn5XO-wPE1DtJv8g4.roa (raw, json)
Hash identifier: msLuXe7ObxuPncz+MW/EtdRT5Yp9BkwdtqMj7DLIE3w=
Subject key identifier: F7:8F:4D:27:31:1D:13:12:67:E5:73:BE:C0:F1:35:0E:D2:6F:F2:0E
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 019423D741D7E4B11E93D4E1B2F6A4D6292D
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/949NJzEdExJn5XO-wPE1DtJv8g4.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49826
IP address blocks: 80.247.240.0/20 maxlen: 20
82.116.224.0/19 maxlen: 19
87.236.224.0/21 maxlen: 21
185.136.36.0/22 maxlen: 22
2a00:14b8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:41:d7:e4:b1:1e:93:d4:e1:b2:f6:a4:d6:29:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f78f4d27311d131267e573bec0f1350ed26ff20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:cf:fa:6f:ab:cc:ab:c8:e1:1e:bb:9e:d4:
c7:a6:ed:e4:15:2f:80:89:01:36:21:4b:6b:57:c5:
7e:07:75:6e:24:eb:e4:1c:a4:a3:44:79:1b:89:65:
f4:bd:f7:f6:4c:6f:4a:ac:49:78:fb:93:60:21:67:
b2:52:30:48:c8:ce:ba:15:b2:25:e8:aa:9c:19:9b:
30:f6:8e:85:3e:16:3f:24:7a:45:86:bd:01:d2:b6:
0e:32:95:d6:9e:22:e7:38:b5:b3:5c:c1:1d:b7:f4:
44:b8:3a:29:dc:eb:82:9b:70:56:19:bc:49:ba:a0:
08:01:bc:91:da:e4:47:aa:2e:36:b6:50:ab:3d:57:
e5:15:1e:4f:17:32:3c:5e:06:f6:f9:05:64:48:d4:
f7:7d:b2:04:01:4c:86:5b:d1:fc:e2:ed:3d:a7:4d:
7d:ea:40:72:ed:dc:1b:4f:a5:07:3b:9e:ed:ad:7a:
37:36:98:d2:79:46:be:1e:8c:5f:9c:a6:b6:b2:b2:
10:92:db:1e:3f:d6:f0:d4:1a:07:18:55:f8:24:1b:
0f:93:4e:54:80:bb:35:b4:3b:2a:0f:1a:0a:13:f1:
7d:96:0c:9c:3e:a9:b9:3d:71:6c:f5:3d:21:ed:c1:
49:5e:f7:f8:13:a4:ba:4b:73:d3:40:bc:1a:85:a2:
de:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8F:4D:27:31:1D:13:12:67:E5:73:BE:C0:F1:35:0E:D2:6F:F2:0E
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/949NJzEdExJn5XO-wPE1DtJv8g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.240.0/20
82.116.224.0/19
87.236.224.0/21
185.136.36.0/22
IPv6:
2a00:14b8::/32
Signature Algorithm: sha256WithRSAEncryption
57:e7:2b:63:7e:2b:28:76:15:f5:3c:d0:f8:d5:67:85:82:f0:
a7:fb:a1:0d:14:81:5e:77:79:c0:9d:70:c7:50:49:0a:88:1d:
e1:25:d3:05:ec:8d:73:65:24:69:72:b5:14:e1:f7:4d:0b:a4:
55:b7:58:b7:e0:97:37:56:4e:f8:86:8f:8f:c0:19:64:bf:07:
71:27:4a:8c:d2:34:fe:c5:d7:d8:43:61:c0:3e:6f:3c:6b:95:
99:11:09:4d:0b:53:41:2b:63:89:f9:9b:3a:8c:b8:1a:06:6c:
3a:59:b7:d6:31:ea:4b:8a:22:1c:37:8c:8a:c0:4b:1b:0a:e9:
cf:66:82:76:6d:6a:0c:a6:d1:65:3c:36:f1:b0:26:66:f2:bd:
0f:91:af:2f:40:45:43:c3:6a:4c:3c:a9:4e:b9:44:e0:92:8a:
c9:d6:75:e5:2f:f0:8b:23:7f:50:1f:9a:93:36:66:0c:1a:f2:
d8:59:03:7e:c9:53:cc:cc:9f:3d:f8:a5:fa:9a:8d:01:47:ef:
f8:86:16:22:a4:49:27:26:1f:a8:bf:6a:d4:5a:4f:e5:d9:91:
be:93:51:12:ae:ad:09:ec:db:c3:28:3c:e7:f3:ba:fa:16:a3:
d7:bb:5b:09:f6:cb:e5:41:09:d4:b9:1b:90:84:2c:20:07:ed:
ec:77:79:e5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQj10HX5LEek9Thsvak1iktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzhmNGQyNzMxMWQxMzEyNjdlNTczYmVjMGYxMzUwZWQyNmZmMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF3P+m+rzKvI4R67ntTHpu3kFS+A
iQE2IUtrV8V+B3VuJOvkHKSjRHkbiWX0vff2TG9KrEl4+5NgIWeyUjBIyM66FbIl
6KqcGZsw9o6FPhY/JHpFhr0B0rYOMpXWniLnOLWzXMEdt/REuDop3OuCm3BWGbxJ
uqAIAbyR2uRHqi42tlCrPVflFR5PFzI8Xgb2+QVkSNT3fbIEAUyGW9H84u09p019
6kBy7dwbT6UHO57trXo3NpjSeUa+HoxfnKa2srIQktseP9bw1BoHGFX4JBsPk05U
gLs1tDsqDxoKE/F9lgycPqm5PXFs9T0h7cFJXvf4E6S6S3PTQLwahaLeGwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPePTScxHRMSZ+VzvsDxNQ7Sb/IOMB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEvOTQ5Tkp6RWRFeEpuNVhPLXdQRTFEdEp2OGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPfwAwQF
UnTgAwQDV+zgAwQCuYgkMA0EAgACMAcDBQAqABS4MA0GCSqGSIb3DQEBCwUAA4IB
AQBX5ytjfisodhX1PND41WeFgvCn+6ENFIFed3nAnXDHUEkKiB3hJdMF7I1zZSRp
crUU4fdNC6RVt1i34Jc3Vk74ho+PwBlkvwdxJ0qM0jT+xdfYQ2HAPm88a5WZEQlN
C1NBK2OJ+Zs6jLgaBmw6WbfWMepLiiIcN4yKwEsbCunPZoJ2bWoMptFlPDbxsCZm
8r0Pka8vQEVDw2pMPKlOuUTgkorJ1nXlL/CLI39QH5qTNmYMGvLYWQN+yVPMzJ89
+KX6mo0BR+/4hhYipEknJh+ov2rUWk/l2ZG+k1ESrq0J7NvDKDzn87r6FqPXu1sJ
9svlQQnUuRuQhCwgB+3sd3nl
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:15 2025 by rpki-client