Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/cO1AasGYHXhPsHKm3hi1TX9-Qos.roa
File: cO1AasGYHXhPsHKm3hi1TX9-Qos.roa (raw, json)
Hash identifier: CIc/4zinLVuL7fIWbIBFTK/p1pSlSm0f2NwdbryHRXY=
Subject key identifier: 70:ED:40:6A:C1:98:1D:78:4F:B0:72:A6:DE:18:B5:4D:7F:7E:42:8B
Certificate issuer: /CN=65f0120ee3b6f0f8db52d0db81c01e4447d8e4ba
Certificate serial: 019423D6E9ED3E66051E269D9943C7AFC077
Authority key identifier: 65:F0:12:0E:E3:B6:F0:F8:DB:52:D0:DB:81:C0:1E:44:47:D8:E4:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZfASDuO28PjbUtDbgcAeREfY5Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/cO1AasGYHXhPsHKm3hi1TX9-Qos.roa
Signing time: Wed 01 Jan 2025 21:47:54 +0000
ROA not before: Wed 01 Jan 2025 21:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34784
IP address blocks: 80.81.208.0/20 maxlen: 20
2a02:698::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e9:ed:3e:66:05:1e:26:9d:99:43:c7:af:c0:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65f0120ee3b6f0f8db52d0db81c01e4447d8e4ba
Validity
Not Before: Jan 1 21:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70ed406ac1981d784fb072a6de18b54d7f7e428b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4c:da:d2:bd:a3:ac:3b:12:0a:0c:16:e7:40:
8e:a9:39:23:5b:b3:e5:10:0e:e5:66:ca:46:25:d5:
20:a3:8a:80:41:f8:36:fe:3e:85:9e:2f:f6:a1:29:
94:89:24:57:07:5b:50:39:80:ea:68:8a:14:16:43:
dc:56:ca:8f:84:35:f3:87:9a:26:a5:37:e0:b2:84:
82:27:88:09:55:1b:34:3c:0e:7b:a8:85:51:a3:d6:
42:6b:b6:58:e0:5f:80:64:ad:ff:f7:2c:dd:06:ab:
2f:90:40:d0:93:33:7a:94:a1:52:4f:64:22:81:b5:
32:fc:14:39:df:47:e7:d8:eb:0d:30:86:4d:81:88:
a2:1c:2b:18:39:db:95:ef:b5:30:14:9d:fe:14:f2:
e2:79:39:fb:f6:80:a7:83:23:e3:fc:7b:b8:25:d9:
80:8e:26:90:94:48:b5:ff:9f:a7:28:36:f4:66:85:
bf:48:54:82:7e:f4:68:fe:be:84:57:d3:65:94:65:
45:34:be:a2:a1:4b:89:d0:68:84:0b:a3:fc:bb:d3:
b3:e2:24:51:b5:a7:ff:ba:23:cc:2c:92:8d:36:b2:
5d:09:64:64:d9:74:b7:a2:e7:6e:d7:1f:40:7d:fe:
7e:8b:7a:4c:0e:84:b8:8d:83:8f:12:3f:76:69:ec:
06:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:ED:40:6A:C1:98:1D:78:4F:B0:72:A6:DE:18:B5:4D:7F:7E:42:8B
X509v3 Authority Key Identifier:
keyid:65:F0:12:0E:E3:B6:F0:F8:DB:52:D0:DB:81:C0:1E:44:47:D8:E4:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZfASDuO28PjbUtDbgcAeREfY5Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/cO1AasGYHXhPsHKm3hi1TX9-Qos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/ZfASDuO28PjbUtDbgcAeREfY5Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.208.0/20
IPv6:
2a02:698::/32
Signature Algorithm: sha256WithRSAEncryption
7a:00:1f:66:3d:32:ff:f7:93:e8:5d:67:cf:dc:df:74:70:b3:
d9:05:d9:73:6d:e8:e9:39:2c:28:00:63:f1:e4:37:74:5b:b2:
01:b1:46:fa:28:89:f9:f7:7c:1e:cb:9e:f8:e3:3e:02:15:90:
5a:a5:d9:c6:3a:2e:b8:0d:27:a4:a0:9d:b7:23:79:8a:7c:77:
39:15:aa:43:ed:98:c6:f9:48:a2:ea:e5:ea:c2:e5:c2:fa:d9:
7b:5d:c9:83:85:0a:54:13:d8:0c:b8:76:53:d3:7a:e5:4b:3c:
02:46:c9:bf:f6:5a:a1:00:0a:93:f2:78:b9:da:4b:06:9b:08:
c1:0f:ab:a5:f2:d4:c4:85:8a:09:32:25:aa:e3:9f:ed:1d:e5:
dc:92:3e:4f:99:04:e6:4c:7b:7f:4b:02:68:c6:dd:26:c0:8c:
f6:e2:16:2a:d5:c0:c5:df:c6:8f:7a:6d:34:27:0f:90:36:fc:
ba:0d:07:87:f7:70:5b:63:c1:a7:ad:bb:1e:15:f6:3d:54:52:
69:00:b2:95:f9:1e:b6:43:f3:0f:8f:66:ef:3a:44:47:7d:17:
e9:db:43:a8:46:62:b8:14:32:60:43:36:78:94:6c:ba:99:2c:
4d:d1:1f:5f:dc:04:21:a4:6a:01:10:58:1f:00:ba:35:01:6a:
7b:75:32:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1untPmYFHiadmUPHr8B3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZjAxMjBlZTNiNmYwZjhkYjUyZDBkYjgxYzAxZTQ0NDdk
OGU0YmEwHhcNMjUwMTAxMjE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVkNDA2YWMxOTgxZDc4NGZiMDcyYTZkZTE4YjU0ZDdmN2U0MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEza0r2jrDsSCgwW50COqTkjW7Pl
EA7lZspGJdUgo4qAQfg2/j6Fni/2oSmUiSRXB1tQOYDqaIoUFkPcVsqPhDXzh5om
pTfgsoSCJ4gJVRs0PA57qIVRo9ZCa7ZY4F+AZK3/9yzdBqsvkEDQkzN6lKFST2Qi
gbUy/BQ530fn2OsNMIZNgYiiHCsYOduV77UwFJ3+FPLieTn79oCngyPj/Hu4JdmA
jiaQlEi1/5+nKDb0ZoW/SFSCfvRo/r6EV9NllGVFNL6ioUuJ0GiEC6P8u9Oz4iRR
taf/uiPMLJKNNrJdCWRk2XS3oudu1x9Aff5+i3pMDoS4jYOPEj92aewG9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHDtQGrBmB14T7Bypt4YtU1/fkKLMB8GA1UdIwQY
MBaAFGXwEg7jtvD421LQ24HAHkRH2OS6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmZBU0R1TzI4UGpiVXREYmdjQWVSRWZZNUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kMTQxOGMtN2NkOC00YWY5LTgxNjYt
NTc3YzAzOTEwNzAxLzEvY08xQWFzR1lIWGhQc0hLbTNoaTFUWDktUW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kMTQxOGMtN2NkOC00YWY5LTgxNjYtNTc3YzAzOTEwNzAx
LzEvWmZBU0R1TzI4UGpiVXREYmdjQWVSRWZZNUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUFHQMA0E
AgACMAcDBQAqAgaYMA0GCSqGSIb3DQEBCwUAA4IBAQB6AB9mPTL/95PoXWfP3N90
cLPZBdlzbejpOSwoAGPx5Dd0W7IBsUb6KIn593wey5744z4CFZBapdnGOi64DSek
oJ23I3mKfHc5FapD7ZjG+Uii6uXqwuXC+tl7XcmDhQpUE9gMuHZT03rlSzwCRsm/
9lqhAAqT8ni52ksGmwjBD6ul8tTEhYoJMiWq45/tHeXckj5PmQTmTHt/SwJoxt0m
wIz24hYq1cDF38aPem00Jw+QNvy6DQeH93BbY8GnrbseFfY9VFJpALKV+R62Q/MP
j2bvOkRHfRfp20OoRmK4FDJgQzZ4lGy6mSxN0R9f3AQhpGoBEFgfALo1AWp7dTKb
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:14 2025 by rpki-client