Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/m1fv2wuNZrr8jBjk4GOP29n9uGg.roa
File: m1fv2wuNZrr8jBjk4GOP29n9uGg.roa (raw, json)
Hash identifier: kteVPpKzQdVFACZScgeUlas5Q589BNk8kwEszbWHglI=
Subject key identifier: 9B:57:EF:DB:0B:8D:66:BA:FC:8C:18:E4:E0:63:8F:DB:D9:FD:B8:68
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 01942825ACAF8BE1A5607BEC0C5B6B3FA6F2
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/m1fv2wuNZrr8jBjk4GOP29n9uGg.roa
Signing time: Thu 02 Jan 2025 17:52:25 +0000
ROA not before: Thu 02 Jan 2025 17:52:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210542
IP address blocks: 80.83.88.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:ac:af:8b:e1:a5:60:7b:ec:0c:5b:6b:3f:a6:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 2 17:52:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b57efdb0b8d66bafc8c18e4e0638fdbd9fdb868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:c1:25:a5:85:54:4b:31:96:e3:8e:49:04:
27:ce:02:fb:3c:19:f9:2f:a6:96:cd:16:17:63:7b:
d6:fd:49:2d:6b:0d:15:4c:40:13:7b:4a:b3:38:54:
59:18:7c:14:45:36:da:2f:a3:f6:a6:18:13:ff:5b:
d1:a1:61:73:33:28:10:4d:fe:55:bb:60:ed:e9:2e:
55:89:25:89:07:6a:94:43:c7:65:28:79:c0:44:4a:
48:29:39:e5:d6:4c:18:b0:eb:2a:51:9d:3e:1d:85:
f9:7d:58:9b:dc:d3:f6:0e:ca:cf:12:fa:a0:c8:20:
13:b6:6a:59:23:3b:10:88:d3:66:9c:c1:9d:ac:55:
99:68:4f:0e:e1:25:c3:ba:2f:21:d9:a7:08:1a:32:
a8:3a:b9:30:c6:77:b2:7c:9b:ab:27:2c:b5:ec:dc:
35:86:e8:16:34:ce:4b:7c:8f:59:c3:54:46:83:8a:
30:13:9a:7a:2b:0c:09:7d:b8:9c:db:61:50:de:f0:
c7:30:18:4f:06:64:28:25:6d:29:94:f8:91:83:2c:
28:c4:7b:f5:04:ac:e7:86:f9:22:9b:ae:91:6b:31:
c3:df:83:a0:9f:df:60:cd:78:83:82:76:9c:52:95:
18:c8:8c:f7:7f:a7:bc:0e:25:62:bf:c3:51:b2:e9:
91:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:57:EF:DB:0B:8D:66:BA:FC:8C:18:E4:E0:63:8F:DB:D9:FD:B8:68
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/m1fv2wuNZrr8jBjk4GOP29n9uGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.88.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:be:9c:6d:cc:be:00:34:01:c7:42:53:da:d8:e3:9f:4c:3f:
da:33:a3:c1:0e:19:a8:4b:ad:c0:2e:fb:a4:b4:bd:ca:b3:d4:
60:6f:14:e5:59:62:8f:29:4a:e4:06:05:c0:04:9a:13:fb:a9:
cd:65:1f:f6:32:ca:c5:56:57:cc:3e:cc:68:d0:37:c5:ea:2a:
ff:a6:e3:b6:26:be:3a:14:17:0b:2f:83:2b:53:a2:32:99:b0:
61:b1:be:05:cb:4f:41:d3:fd:29:a0:05:f2:76:7e:29:fd:b0:
6a:3a:8d:b3:90:6e:ed:9e:43:56:fd:b1:10:b3:da:56:a8:01:
94:b0:38:c9:95:90:8b:93:92:68:5b:64:d4:98:5d:b2:61:f8:
e0:9a:f0:a9:59:01:ca:0f:20:91:92:fb:04:5d:f5:b8:46:67:
0f:db:78:2a:87:e5:ce:04:5b:e0:1e:5b:7e:af:9f:05:83:35:
df:ef:ed:85:4b:10:ff:e8:9b:d7:e8:72:fd:45:07:04:3c:b6:
52:77:38:55:03:dd:d1:46:68:1b:65:8d:b6:a2:64:3d:6a:03:
08:ef:74:63:e2:dd:31:b7:a7:51:30:49:7a:77:34:82:d1:32:
5c:43:a8:a0:6f:0f:6d:24:ab:a8:90:dd:15:15:9e:73:ec:c4:
3f:66:74:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJayvi+GlYHvsDFtrP6byMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjUwMTAyMTc1MjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjU3ZWZkYjBiOGQ2NmJhZmM4YzE4ZTRlMDYzOGZkYmQ5ZmRiODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRnBJaWFVEsxluOOSQQnzgL7PBn5
L6aWzRYXY3vW/Uktaw0VTEATe0qzOFRZGHwURTbaL6P2phgT/1vRoWFzMygQTf5V
u2Dt6S5ViSWJB2qUQ8dlKHnAREpIKTnl1kwYsOsqUZ0+HYX5fVib3NP2DsrPEvqg
yCATtmpZIzsQiNNmnMGdrFWZaE8O4SXDui8h2acIGjKoOrkwxneyfJurJyy17Nw1
hugWNM5LfI9Zw1RGg4owE5p6KwwJfbic22FQ3vDHMBhPBmQoJW0plPiRgywoxHv1
BKznhvkim66RazHD34Ogn99gzXiDgnacUpUYyIz3f6e8DiViv8NRsumRnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJtX79sLjWa6/IwY5OBjj9vZ/bhoMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvbTFmdjJ3dU5acnI4akJqazRHT1AyOW45dUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUFNYMA0G
CSqGSIb3DQEBCwUAA4IBAQB/vpxtzL4ANAHHQlPa2OOfTD/aM6PBDhmoS63ALvuk
tL3Ks9RgbxTlWWKPKUrkBgXABJoT+6nNZR/2MsrFVlfMPsxo0DfF6ir/puO2Jr46
FBcLL4MrU6IymbBhsb4Fy09B0/0poAXydn4p/bBqOo2zkG7tnkNW/bEQs9pWqAGU
sDjJlZCLk5JoW2TUmF2yYfjgmvCpWQHKDyCRkvsEXfW4RmcP23gqh+XOBFvgHlt+
r58FgzXf7+2FSxD/6JvX6HL9RQcEPLZSdzhVA93RRmgbZY22omQ9agMI73Rj4t0x
t6dRMEl6dzSC0TJcQ6igbw9tJKuokN0VFZ5z7MQ/ZnST
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:56:58 2025 by rpki-client