Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/1-DmgZ4SOp-NyMxLpBYaEtj39Pdc.roa
File: 1-DmgZ4SOp-NyMxLpBYaEtj39Pdc.roa (raw, json)
Hash identifier: moNVW0pEVWJfvkZEJ959J7HVzxYxrRxeZe7wePoILkM=
Subject key identifier: F8:39:A0:67:84:8E:A7:E3:72:33:12:E9:05:86:84:B6:3D:FD:3D:D7
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 019425FC118B8652CCF274908778C07B45EC
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/1-DmgZ4SOp-NyMxLpBYaEtj39Pdc.roa
Signing time: Thu 02 Jan 2025 07:47:44 +0000
ROA not before: Thu 02 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 80.76.36.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:11:8b:86:52:cc:f2:74:90:87:78:c0:7b:45:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 2 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f839a067848ea7e3723312e9058684b63dfd3dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4c:11:f3:06:ca:12:ba:31:e0:08:e1:65:39:
89:f7:e4:a8:91:ed:4a:2d:96:23:71:38:95:78:67:
da:eb:c8:13:5b:60:59:fe:53:7a:f2:96:07:5d:2d:
a5:80:a6:09:1d:cc:51:06:6f:d7:f3:90:92:75:b9:
b5:b8:00:e6:2e:b2:f5:2e:6f:a6:a5:3b:79:a1:b6:
6f:68:72:03:ee:3f:f4:36:ee:19:d7:91:46:36:8e:
80:1a:82:08:38:ed:41:3e:0d:95:fd:97:86:0e:48:
41:c5:a4:1a:50:e7:eb:d1:e4:1c:3a:23:5b:00:a9:
de:23:2a:58:60:71:78:30:ef:4e:20:ff:01:b0:ab:
ac:50:74:17:32:a5:c8:a9:66:c5:5e:d0:0f:7f:3a:
34:01:1c:bd:f3:1c:fa:4e:5c:5b:02:d4:98:82:e1:
03:5d:40:2f:9b:fe:2a:f9:3f:2a:3a:f4:fd:38:3e:
2d:8a:a2:4c:39:5f:e2:47:99:08:60:0b:c7:d6:f7:
1e:f9:b3:03:a6:c1:0c:52:15:8a:03:60:a2:42:ab:
3e:9d:f3:85:2a:eb:73:b8:f4:a8:95:d5:1b:26:f4:
42:bd:07:60:40:4e:d7:5b:23:c3:13:96:32:36:ca:
eb:c2:12:60:04:1c:4d:f8:af:7c:93:f8:48:72:bb:
e9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:39:A0:67:84:8E:A7:E3:72:33:12:E9:05:86:84:B6:3D:FD:3D:D7
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/1-DmgZ4SOp-NyMxLpBYaEtj39Pdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.36.0/22
Signature Algorithm: sha256WithRSAEncryption
92:41:73:19:a0:a9:74:45:9b:06:b0:fc:b5:6a:3b:21:be:6a:
97:08:26:1c:20:26:b6:60:13:fc:3e:d3:80:d5:49:9f:aa:81:
6f:83:81:12:6a:15:34:71:87:04:3b:e6:43:c0:d7:43:aa:12:
e4:ac:a1:85:50:05:c4:74:1d:54:8c:50:a6:07:d8:27:bf:63:
82:34:9a:6a:52:5c:01:c4:6b:ac:bd:07:4c:2a:c8:82:61:9a:
b4:3a:6d:a8:41:f9:33:50:82:e1:a2:26:60:ff:28:56:df:2b:
d4:3d:7f:9a:03:15:3e:d1:dc:b6:e0:32:54:c0:f2:bc:9c:f9:
90:5a:94:52:ed:2c:f5:a7:51:54:26:99:2e:d5:c0:ef:ed:c1:
54:75:58:6c:00:1c:87:c1:eb:48:fc:ac:11:64:d1:b8:bf:dc:
86:74:07:40:a0:25:b7:32:11:8d:3e:cb:ed:84:95:42:c9:51:
d9:22:6e:15:89:7e:8f:ca:63:8f:80:00:2b:c3:6f:4d:31:40:
30:70:e9:21:26:bd:d4:69:4b:d6:d3:a4:30:56:b0:4e:4f:66:
7a:4a:11:b3:09:a5:ea:75:3b:1a:55:94:dd:26:59:b5:7e:7f:
21:39:7a:a9:4e:83:28:b8:39:e6:69:9a:d2:aa:73:be:b3:81:
c3:ff:ec:e8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/BGLhlLM8nSQh3jAe0XsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjUwMTAyMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODM5YTA2Nzg0OGVhN2UzNzIzMzEyZTkwNTg2ODRiNjNkZmQzZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEwR8wbKErox4AjhZTmJ9+Soke1K
LZYjcTiVeGfa68gTW2BZ/lN68pYHXS2lgKYJHcxRBm/X85CSdbm1uADmLrL1Lm+m
pTt5obZvaHID7j/0Nu4Z15FGNo6AGoIIOO1BPg2V/ZeGDkhBxaQaUOfr0eQcOiNb
AKneIypYYHF4MO9OIP8BsKusUHQXMqXIqWbFXtAPfzo0ARy98xz6TlxbAtSYguED
XUAvm/4q+T8qOvT9OD4tiqJMOV/iR5kIYAvH1vce+bMDpsEMUhWKA2CiQqs+nfOF
KutzuPSoldUbJvRCvQdgQE7XWyPDE5YyNsrrwhJgBBxN+K98k/hIcrvpGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPg5oGeEjqfjcjMS6QWGhLY9/T3XMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvMS1EbWdaNFNPcC1OeU14THBCWWFFdGozOVBkYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWMvZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJi
OS8xL0kwUnRwNmNMem5jLXdyd1dWYXJqRER3WVFTdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlBMJDAN
BgkqhkiG9w0BAQsFAAOCAQEAkkFzGaCpdEWbBrD8tWo7Ib5qlwgmHCAmtmAT/D7T
gNVJn6qBb4OBEmoVNHGHBDvmQ8DXQ6oS5KyhhVAFxHQdVIxQpgfYJ79jgjSaalJc
AcRrrL0HTCrIgmGatDptqEH5M1CC4aImYP8oVt8r1D1/mgMVPtHctuAyVMDyvJz5
kFqUUu0s9adRVCaZLtXA7+3BVHVYbAAch8HrSPysEWTRuL/chnQHQKAltzIRjT7L
7YSVQslR2SJuFYl+j8pjj4AAK8NvTTFAMHDpISa91GlL1tOkMFawTk9mekoRswml
6nU7GlWU3SZZtX5/ITl6qU6DKLg55mma0qpzvrOBw//s6A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:44:04 2025 by rpki-client