Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/yz5Oj1IRN47m7-hfoNRLKR-QsFQ.roa
File: yz5Oj1IRN47m7-hfoNRLKR-QsFQ.roa (raw, json)
Hash identifier: AJUnhFM68923GYadc3urgh5yRRol8KdV+S2IVDVlxow=
Subject key identifier: CB:3E:4E:8F:52:11:37:8E:E6:EF:E8:5F:A0:D4:4B:29:1F:90:B0:54
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01942444D40570087EF950FCEBE9E1345A63
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/yz5Oj1IRN47m7-hfoNRLKR-QsFQ.roa
Signing time: Wed 01 Jan 2025 23:47:58 +0000
ROA not before: Wed 01 Jan 2025 23:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35011
IP address blocks: 88.80.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d4:05:70:08:7e:f9:50:fc:eb:e9:e1:34:5a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 1 23:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb3e4e8f5211378ee6efe85fa0d44b291f90b054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:70:d1:dd:b0:5f:31:70:21:27:50:17:57:
d9:bf:2a:a2:96:90:cc:50:8e:47:d1:8e:32:d3:20:
4f:d8:e4:c8:a1:b3:3a:39:2c:47:3c:ab:54:e5:b0:
c6:bf:38:20:8f:ae:d8:7b:47:83:08:8b:42:8b:72:
8c:39:b3:dd:73:3c:b6:64:07:d6:f6:b2:54:e3:0d:
0d:61:37:d5:ef:68:e0:65:d4:e0:e9:e1:58:94:f2:
c2:27:57:ec:0b:47:44:38:95:96:7e:e7:24:15:b9:
d6:a2:54:c5:0c:8c:59:1d:f9:de:a9:56:91:ab:1b:
c7:7a:fc:67:82:19:b5:e6:86:69:3b:bd:af:20:ce:
ed:3b:b4:30:79:e8:ce:d0:f8:bb:e6:83:94:58:7b:
4e:26:3e:f4:5d:59:1c:d1:64:14:e8:f8:e2:f4:a6:
d8:90:3c:01:d8:c0:d3:6e:5d:d3:2f:74:37:fd:d5:
f4:fd:df:6f:6c:91:dc:0c:b3:bf:7e:b1:ad:97:7e:
25:e0:44:87:1c:6e:42:cf:0c:99:fd:43:a2:d5:82:
63:65:bb:41:30:c7:d0:ff:91:37:8f:ef:f0:80:fa:
14:fb:21:a8:52:8f:c5:b9:e3:61:8a:f5:bd:e2:77:
a8:24:7a:01:96:48:06:02:1c:20:ec:9a:24:b7:b8:
1b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3E:4E:8F:52:11:37:8E:E6:EF:E8:5F:A0:D4:4B:29:1F:90:B0:54
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/yz5Oj1IRN47m7-hfoNRLKR-QsFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.129.0/24
Signature Algorithm: sha256WithRSAEncryption
62:e8:86:40:f0:c6:87:0f:3b:fd:6d:eb:ac:ae:6f:53:ed:16:
24:21:c4:56:e9:c2:68:24:05:3a:86:d1:28:8a:e1:4a:ab:6e:
3e:00:5d:45:1d:83:4f:ba:cc:0d:22:a0:23:0d:6e:54:57:f6:
94:8d:c9:ce:b1:64:13:48:1c:ad:63:15:c8:a7:70:49:bb:df:
1f:e8:b7:50:db:4b:cc:59:1d:53:e9:f3:4e:6f:c3:79:b7:96:
0c:89:3b:90:fb:3d:77:b7:81:ce:5d:ef:cd:cd:04:d8:7a:fe:
ba:35:9c:cf:95:57:15:ff:34:2c:61:2c:65:6f:d8:9f:4c:5a:
62:ba:11:57:95:03:ed:7a:1c:5f:b2:be:3d:df:25:f7:42:cf:
b7:6f:34:6f:bb:67:f9:cd:12:e7:55:70:17:de:8e:13:58:29:
38:dc:6a:30:7f:40:25:21:a4:62:f3:35:2e:2d:a9:02:84:4e:
6f:49:2b:f1:ad:61:fd:4c:49:1b:f4:89:38:73:b7:2c:3d:e8:
0b:ef:c1:a7:79:aa:ab:a2:28:8b:a5:e5:6b:fe:ac:6f:1d:42:
57:eb:9d:34:49:fd:0c:7d:b5:4d:05:75:97:5e:54:db:b3:6a:
0b:8c:25:1f:6a:12:9b:70:93:01:13:33:f3:4f:3e:b4:f0:f5:
75:5b:ab:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNQFcAh++VD86+nhNFpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTAxMjM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNlNGU4ZjUyMTEzNzhlZTZlZmU4NWZhMGQ0NGIyOTFmOTBiMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmypw0d2wXzFwISdQF1fZvyqilpDM
UI5H0Y4y0yBP2OTIobM6OSxHPKtU5bDGvzggj67Ye0eDCItCi3KMObPdczy2ZAfW
9rJU4w0NYTfV72jgZdTg6eFYlPLCJ1fsC0dEOJWWfuckFbnWolTFDIxZHfneqVaR
qxvHevxnghm15oZpO72vIM7tO7QweejO0Pi75oOUWHtOJj70XVkc0WQU6Pji9KbY
kDwB2MDTbl3TL3Q3/dX0/d9vbJHcDLO/frGtl34l4ESHHG5CzwyZ/UOi1YJjZbtB
MMfQ/5E3j+/wgPoU+yGoUo/FueNhivW94neoJHoBlkgGAhwg7Jokt7gbEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMs+To9SETeO5u/oX6DUSykfkLBUMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEveXo1T2oxSVJONDdtNy1oZm9OUkxLUi1Rc0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCBMA0G
CSqGSIb3DQEBCwUAA4IBAQBi6IZA8MaHDzv9beusrm9T7RYkIcRW6cJoJAU6htEo
iuFKq24+AF1FHYNPuswNIqAjDW5UV/aUjcnOsWQTSBytYxXIp3BJu98f6LdQ20vM
WR1T6fNOb8N5t5YMiTuQ+z13t4HOXe/NzQTYev66NZzPlVcV/zQsYSxlb9ifTFpi
uhFXlQPtehxfsr493yX3Qs+3bzRvu2f5zRLnVXAX3o4TWCk43Gowf0AlIaRi8zUu
LakChE5vSSvxrWH9TEkb9Ik4c7csPegL78GneaqroiiLpeVr/qxvHUJX6500Sf0M
fbVNBXWXXlTbs2oLjCUfahKbcJMBEzPzTz608PV1W6vT
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:26:48 2025 by rpki-client