Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SctNzyhU169wmkK7Xtfs0sGNJP8.roa
File: SctNzyhU169wmkK7Xtfs0sGNJP8.roa (raw, json)
Hash identifier: NPxKypUk8s0b35zYRbm3Bc9hG9SBK1WYqLKdNIlF9qU=
Subject key identifier: 49:CB:4D:CF:28:54:D7:AF:70:9A:42:BB:5E:D7:EC:D2:C1:8D:24:FF
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0195CDAF42209C0263A9104E52B327C4B9F9
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SctNzyhU169wmkK7Xtfs0sGNJP8.roa
Signing time: Tue 25 Mar 2025 14:22:49 +0000
ROA not before: Tue 25 Mar 2025 14:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 80.71.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:af:42:20:9c:02:63:a9:10:4e:52:b3:27:c4:b9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Mar 25 14:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49cb4dcf2854d7af709a42bb5ed7ecd2c18d24ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0a:01:46:6e:17:ec:b6:31:f6:f0:76:cb:24:
a7:e6:ab:0e:55:03:e2:d4:bb:ec:fc:09:09:e9:c8:
5d:ed:86:68:fa:5e:4e:32:61:9f:e5:ab:52:7d:ca:
f2:0e:93:db:19:4c:d8:49:a5:66:3f:53:6f:c4:30:
0e:b0:93:b1:61:4a:a0:0c:b1:05:a0:90:b8:9f:d7:
de:73:b8:0c:bf:d0:47:2d:cd:7b:fd:72:81:bc:dc:
73:4e:57:ad:01:11:0d:4e:49:9e:f7:5e:7b:70:d2:
6d:8e:21:fd:e2:86:1e:76:8c:c9:39:fb:52:34:2a:
f5:d1:9c:59:53:c3:6c:f8:ab:da:e8:34:cd:13:1d:
da:3a:09:6e:81:96:b6:a8:43:d9:d7:4e:91:c2:2f:
69:40:3d:b9:b7:e5:df:5e:5c:71:a9:da:d6:66:5a:
55:d2:3c:61:95:0e:f9:07:ae:dc:76:01:e0:45:59:
88:b3:2f:c5:b0:00:08:c9:98:7a:7f:61:34:5a:21:
85:a9:53:b0:99:3e:04:e9:35:d1:d2:76:8a:ff:69:
42:1c:e4:1e:09:80:43:28:9d:ab:40:c0:74:68:cd:
df:1f:e6:cf:f7:b1:af:95:0b:7c:a2:e9:75:c4:ba:
44:13:87:b5:b7:34:63:f2:5b:2b:e6:ed:be:4d:d3:
59:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CB:4D:CF:28:54:D7:AF:70:9A:42:BB:5E:D7:EC:D2:C1:8D:24:FF
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SctNzyhU169wmkK7Xtfs0sGNJP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.233.0/24
Signature Algorithm: sha256WithRSAEncryption
49:06:9f:3b:15:f2:cc:e6:c5:c0:97:f9:22:e8:63:a2:40:43:
2b:98:2b:f2:bd:a0:c5:2b:a6:c5:71:d6:15:29:a6:d0:0e:c9:
0b:b7:44:67:4c:12:2e:2c:01:9c:06:c5:39:87:c6:ed:b5:3a:
ea:db:f5:2c:bf:90:b4:62:bd:34:7b:ef:ff:07:e4:77:af:e2:
9a:a7:7c:bc:4a:c9:72:2b:ef:26:0a:2a:3e:6b:94:fa:22:85:
0f:12:9b:8e:06:80:83:39:43:d8:63:3f:57:47:15:22:e6:98:
20:9c:0e:c8:ff:3b:fa:55:22:a6:ed:49:64:d0:f0:32:70:d1:
76:e5:23:74:53:29:87:4b:42:5b:b8:fb:3c:9a:f5:9d:03:35:
2f:d6:92:6c:fe:ca:22:4a:f6:6c:ee:83:72:20:24:0c:1a:b3:
5a:6d:4d:38:40:34:ea:e7:98:ac:f1:a1:6c:1d:cb:e2:66:d1:
8e:d7:91:84:a6:9d:77:17:c5:c0:e9:56:39:16:ee:a8:02:c9:
a6:37:1e:60:f8:b1:dd:db:d6:71:47:22:f8:4a:b3:f9:9e:4c:
48:be:b3:ab:c4:a9:26:7e:9c:1f:21:d9:4a:70:4c:24:a8:ce:
10:36:6d:0a:a1:d3:fb:4a:23:13:29:c8:66:fa:f4:95:42:02:
e4:14:51:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXNr0IgnAJjqRBOUrMnxLn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwMzI1MTQyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWNiNGRjZjI4NTRkN2FmNzA5YTQyYmI1ZWQ3ZWNkMmMxOGQyNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AoBRm4X7LYx9vB2yySn5qsOVQPi
1Lvs/AkJ6chd7YZo+l5OMmGf5atSfcryDpPbGUzYSaVmP1NvxDAOsJOxYUqgDLEF
oJC4n9fec7gMv9BHLc17/XKBvNxzTletARENTkme9157cNJtjiH94oYedozJOftS
NCr10ZxZU8Ns+Kva6DTNEx3aOglugZa2qEPZ106Rwi9pQD25t+XfXlxxqdrWZlpV
0jxhlQ75B67cdgHgRVmIsy/FsAAIyZh6f2E0WiGFqVOwmT4E6TXR0naK/2lCHOQe
CYBDKJ2rQMB0aM3fH+bP97GvlQt8oul1xLpEE4e1tzRj8lsr5u2+TdNZLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnLTc8oVNevcJpCu17X7NLBjST/MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvU2N0Tnp5aFUxNjl3bWtLN1h0ZnMwc0dOSlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEfpMA0G
CSqGSIb3DQEBCwUAA4IBAQBJBp87FfLM5sXAl/ki6GOiQEMrmCvyvaDFK6bFcdYV
KabQDskLt0RnTBIuLAGcBsU5h8bttTrq2/Usv5C0Yr00e+//B+R3r+Kap3y8Ssly
K+8mCio+a5T6IoUPEpuOBoCDOUPYYz9XRxUi5pggnA7I/zv6VSKm7Ulk0PAycNF2
5SN0UymHS0JbuPs8mvWdAzUv1pJs/soiSvZs7oNyICQMGrNabU04QDTq55is8aFs
HcviZtGO15GEpp13F8XA6VY5Fu6oAsmmNx5g+LHd29ZxRyL4SrP5nkxIvrOrxKkm
fpwfIdlKcEwkqM4QNm0KodP7SiMTKchm+vSVQgLkFFHm
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:13:25 2025 by rpki-client