Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/G71A0KnC09evxucNClMqoIzm0gk.roa
File: G71A0KnC09evxucNClMqoIzm0gk.roa (raw, json)
Hash identifier: xmVP8Or773i49cOPEZFSShv2rrcCsXJL/4gK3rngMPc=
Subject key identifier: 1B:BD:40:D0:A9:C2:D3:D7:AF:C6:E7:0D:0A:53:2A:A0:8C:E6:D2:09
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01942444DCD7B24854CDA6115A3250B693D0
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/G71A0KnC09evxucNClMqoIzm0gk.roa
Signing time: Wed 01 Jan 2025 23:48:00 +0000
ROA not before: Wed 01 Jan 2025 23:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216047
IP address blocks: 88.80.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:dc:d7:b2:48:54:cd:a6:11:5a:32:50:b6:93:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 1 23:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bbd40d0a9c2d3d7afc6e70d0a532aa08ce6d209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4b:8a:7e:12:5a:cb:1f:84:9a:84:22:63:4b:
9a:ec:b5:f2:9c:09:b2:94:80:4d:a5:14:47:a5:28:
76:71:0c:a7:f2:63:87:eb:de:a6:0c:51:02:21:8f:
2b:82:4c:56:bc:e5:76:55:af:76:47:ae:b5:57:65:
38:63:97:6f:c8:cc:98:2b:cf:91:e4:05:a5:59:8a:
f8:9f:14:58:b0:6e:09:ef:46:1c:a5:d1:4d:9f:99:
a0:c1:61:20:8c:c0:d3:9c:0d:17:79:0f:6a:8e:e3:
97:08:92:b4:8d:00:70:9b:00:f1:85:76:28:5f:0a:
05:7d:f0:1e:b6:ee:dd:d3:32:49:3c:c8:b1:a2:71:
d5:8b:f5:84:ba:1d:f0:97:39:62:44:1f:94:d8:45:
1b:f2:a8:30:55:51:0d:f8:04:8c:62:15:4c:1c:d3:
32:2c:4c:56:2c:29:67:29:d5:8e:43:03:b7:58:8d:
da:ac:cd:b1:d6:85:d9:d6:ea:b9:a6:4c:0a:40:6c:
20:43:c1:9f:66:78:c3:19:38:3e:13:e5:a2:a3:b4:
80:80:a7:f9:2e:97:f6:5d:dc:be:80:3d:1c:33:48:
2a:a7:18:71:0f:f6:d3:2b:30:46:36:47:8f:a3:19:
90:0b:2d:7a:3a:ef:76:51:25:81:a2:3e:49:ff:38:
84:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BD:40:D0:A9:C2:D3:D7:AF:C6:E7:0D:0A:53:2A:A0:8C:E6:D2:09
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/G71A0KnC09evxucNClMqoIzm0gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.137.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:72:dd:35:ee:22:3e:d0:2d:f7:71:4c:5c:b5:0f:4f:56:d0:
4a:22:a6:0a:46:ef:aa:b4:9f:85:36:fe:0c:d3:2d:7d:85:df:
3a:09:d0:1a:8c:ad:c6:6c:3d:7d:06:21:18:f5:37:c4:dd:81:
56:34:5b:2e:1a:0c:35:62:80:30:29:e2:1b:66:d7:67:36:46:
08:8e:c4:a0:83:95:fc:a0:e9:9e:80:7a:38:67:13:73:2a:43:
e7:7b:25:f5:fa:83:38:80:07:91:f5:73:6c:1f:e7:f1:e8:eb:
d4:50:64:af:10:37:4d:8d:9c:c4:94:4e:c6:8b:6e:58:22:f5:
0e:25:c9:7b:3f:ce:f7:51:d0:3d:74:1c:46:ac:f6:90:29:3b:
6e:42:98:b4:a7:bf:02:68:eb:b9:62:63:8f:92:67:1d:a5:36:
60:d1:8e:42:d6:15:a8:cc:27:43:a4:be:6d:14:ec:b1:e1:07:
5a:2e:b7:fe:db:be:6f:cf:22:c4:5d:23:f5:f4:39:5c:11:fa:
7d:7c:bd:08:33:1b:57:9b:30:5f:8b:af:01:5f:16:39:81:8a:
f0:bc:19:4f:22:26:40:11:3c:1a:1d:b6:97:f0:9f:02:91:7f:
68:60:5d:b0:bb:68:ac:3b:1b:4a:9c:57:53:ee:d6:bc:8a:19:
a6:4b:42:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNzXskhUzaYRWjJQtpPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTAxMjM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJkNDBkMGE5YzJkM2Q3YWZjNmU3MGQwYTUzMmFhMDhjZTZkMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EuKfhJayx+EmoQiY0ua7LXynAmy
lIBNpRRHpSh2cQyn8mOH696mDFECIY8rgkxWvOV2Va92R661V2U4Y5dvyMyYK8+R
5AWlWYr4nxRYsG4J70YcpdFNn5mgwWEgjMDTnA0XeQ9qjuOXCJK0jQBwmwDxhXYo
XwoFffAetu7d0zJJPMixonHVi/WEuh3wlzliRB+U2EUb8qgwVVEN+ASMYhVMHNMy
LExWLClnKdWOQwO3WI3arM2x1oXZ1uq5pkwKQGwgQ8GfZnjDGTg+E+Wio7SAgKf5
Lpf2Xdy+gD0cM0gqpxhxD/bTKzBGNkePoxmQCy16Ou92USWBoj5J/ziETwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBu9QNCpwtPXr8bnDQpTKqCM5tIJMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvRzcxQTBLbkMwOWV2eHVjTkNsTXFvSXptMGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCJMA0G
CSqGSIb3DQEBCwUAA4IBAQCdct017iI+0C33cUxctQ9PVtBKIqYKRu+qtJ+FNv4M
0y19hd86CdAajK3GbD19BiEY9TfE3YFWNFsuGgw1YoAwKeIbZtdnNkYIjsSgg5X8
oOmegHo4ZxNzKkPneyX1+oM4gAeR9XNsH+fx6OvUUGSvEDdNjZzElE7Gi25YIvUO
Jcl7P873UdA9dBxGrPaQKTtuQpi0p78CaOu5YmOPkmcdpTZg0Y5C1hWozCdDpL5t
FOyx4QdaLrf+275vzyLEXSP19DlcEfp9fL0IMxtXmzBfi68BXxY5gYrwvBlPIiZA
ETwaHbaX8J8CkX9oYF2wu2isOxtKnFdT7ta8ihmmS0I0
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:06:51 2025 by rpki-client