Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/1d4994-cfe3-46df-b02d-f776c92207b7/1/RxqgPSUql4ZUblStVKA5rtP6c58.roa
File: RxqgPSUql4ZUblStVKA5rtP6c58.roa (raw, json)
Hash identifier: p0ji3b2jhXQ8IHF5IhOiIoEuJyACLI6bwoNjLguGL4E=
Subject key identifier: 47:1A:A0:3D:25:2A:97:86:54:6E:54:AD:54:A0:39:AE:D3:FA:73:9F
Certificate issuer: /CN=93ad6e39991a2e8c09c1ade53be595f8b8a9425e
Certificate serial: 01909123C401BAE0EC69E8AEF014BA0664AF
Authority key identifier: 93:AD:6E:39:99:1A:2E:8C:09:C1:AD:E5:3B:E5:95:F8:B8:A9:42:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k61uOZkaLowJwa3lO-WV-LipQl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/1d4994-cfe3-46df-b02d-f776c92207b7/1/RxqgPSUql4ZUblStVKA5rtP6c58.roa
Signing time: Mon 08 Jul 2024 06:59:18 +0000
ROA not before: Mon 08 Jul 2024 06:59:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21173
IP address blocks: 80.91.96.0/20 maxlen: 20
80.91.96.0/21 maxlen: 21
80.91.104.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:23:c4:01:ba:e0:ec:69:e8:ae:f0:14:ba:06:64:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93ad6e39991a2e8c09c1ade53be595f8b8a9425e
Validity
Not Before: Jul 8 06:59:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=471aa03d252a9786546e54ad54a039aed3fa739f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9e:39:00:23:26:aa:55:63:47:cc:0d:8d:40:
2f:66:7e:a1:b8:80:e6:4d:10:54:d9:3e:ed:23:7b:
77:cf:09:15:e1:60:7b:c9:27:27:73:a1:9b:ea:d9:
20:a3:70:6c:fb:d6:df:7b:4c:bc:31:d7:90:3a:06:
48:2a:f4:9d:30:b4:b0:5d:5b:35:56:20:27:78:70:
e0:84:06:2b:e5:d5:92:a5:5f:2c:67:18:60:fa:ac:
0b:21:b9:e9:1a:3d:d1:d2:07:d7:5c:4c:c7:f6:8c:
fd:b0:5b:fe:4a:8f:90:61:08:95:2b:34:c0:8c:06:
67:37:5e:05:e7:22:a7:9d:ac:89:ee:04:19:fa:f3:
47:34:5c:b3:f0:f9:c6:86:9b:38:a3:2f:dc:78:03:
d4:bc:6e:30:4d:e1:72:a2:f3:94:00:12:1b:03:25:
26:e6:53:4e:8a:5e:5f:08:b9:2b:96:cc:cf:a0:9e:
4d:6e:2b:58:1a:a1:00:54:79:89:bb:3f:bf:df:42:
68:b9:7f:a9:54:7b:ef:16:b9:01:2f:c7:a6:90:b1:
fd:ba:57:2e:6d:fc:4e:d4:15:1f:7c:16:40:33:66:
31:85:1f:d3:71:43:d9:9c:77:21:81:e5:a7:1f:97:
f5:a0:e0:0f:83:60:f9:7e:73:1e:e7:d1:ab:53:4e:
5f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1A:A0:3D:25:2A:97:86:54:6E:54:AD:54:A0:39:AE:D3:FA:73:9F
X509v3 Authority Key Identifier:
keyid:93:AD:6E:39:99:1A:2E:8C:09:C1:AD:E5:3B:E5:95:F8:B8:A9:42:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k61uOZkaLowJwa3lO-WV-LipQl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1d4994-cfe3-46df-b02d-f776c92207b7/1/RxqgPSUql4ZUblStVKA5rtP6c58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1d4994-cfe3-46df-b02d-f776c92207b7/1/k61uOZkaLowJwa3lO-WV-LipQl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.96.0/20
Signature Algorithm: sha256WithRSAEncryption
88:ea:94:0e:6d:49:f7:23:89:f4:c3:da:b4:83:82:fe:fc:9b:
32:af:b3:0e:06:1f:64:3a:cf:db:1f:8e:02:02:9f:02:82:12:
f7:8f:d1:a5:a8:18:82:63:7d:9c:c5:d5:8f:72:17:7b:04:d9:
0d:57:8b:6d:a4:51:2c:30:8d:ec:e9:5e:1d:2c:ec:31:9c:4c:
87:cf:26:8e:3b:ca:51:c6:7b:cb:7a:99:56:db:36:ca:dd:99:
18:74:38:14:29:7e:08:8c:70:fe:8c:5c:74:96:46:e3:c2:e2:
f9:65:58:a8:9b:fb:cb:7d:bc:d2:6c:30:05:b9:7c:61:04:62:
a3:a1:b2:fd:6b:e5:cf:85:9b:c4:7f:99:e9:ff:c6:57:a7:a3:
17:f2:e1:e0:dd:76:01:90:57:f3:29:83:4c:0d:22:a5:cd:49:
81:dc:fe:3f:fe:31:67:79:0d:cd:1a:2a:63:15:34:c0:fa:a9:
14:09:9a:76:7c:e8:ab:90:8d:80:28:cf:4c:96:50:58:ab:97:
51:aa:ca:5a:b6:dc:a1:96:ee:00:97:27:76:ff:22:d4:d0:2d:
e1:45:c4:fa:d7:78:b5:44:ea:48:7f:4c:cc:5c:d9:4b:29:7d:
d0:f0:06:06:80:a7:59:11:5b:d3:f8:c2:27:8c:1c:a2:54:8e:
cb:47:84:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCRI8QBuuDsaeiu8BS6BmSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYWQ2ZTM5OTkxYTJlOGMwOWMxYWRlNTNiZTU5NWY4Yjhh
OTQyNWUwHhcNMjQwNzA4MDY1OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFhYTAzZDI1MmE5Nzg2NTQ2ZTU0YWQ1NGEwMzlhZWQzZmE3MzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop45ACMmqlVjR8wNjUAvZn6huIDm
TRBU2T7tI3t3zwkV4WB7yScnc6Gb6tkgo3Bs+9bfe0y8MdeQOgZIKvSdMLSwXVs1
ViAneHDghAYr5dWSpV8sZxhg+qwLIbnpGj3R0gfXXEzH9oz9sFv+So+QYQiVKzTA
jAZnN14F5yKnnayJ7gQZ+vNHNFyz8PnGhps4oy/ceAPUvG4wTeFyovOUABIbAyUm
5lNOil5fCLkrlszPoJ5NbitYGqEAVHmJuz+/30JouX+pVHvvFrkBL8emkLH9ulcu
bfxO1BUffBZAM2YxhR/TcUPZnHchgeWnH5f1oOAPg2D5fnMe59GrU05fAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcaoD0lKpeGVG5UrVSgOa7T+nOfMB8GA1UdIwQY
MBaAFJOtbjmZGi6MCcGt5Tvllfi4qUJeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazYxdU9aa2FMb3dKd2EzbE8tV1YtTGlwUWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xZDQ5OTQtY2ZlMy00NmRmLWIwMmQt
Zjc3NmM5MjIwN2I3LzEvUnhxZ1BTVXFsNFpVYmxTdFZLQTVydFA2YzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8xZDQ5OTQtY2ZlMy00NmRmLWIwMmQtZjc3NmM5MjIwN2I3
LzEvazYxdU9aa2FMb3dKd2EzbE8tV1YtTGlwUWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUFtgMA0G
CSqGSIb3DQEBCwUAA4IBAQCI6pQObUn3I4n0w9q0g4L+/Jsyr7MOBh9kOs/bH44C
Ap8CghL3j9GlqBiCY32cxdWPchd7BNkNV4ttpFEsMI3s6V4dLOwxnEyHzyaOO8pR
xnvLeplW2zbK3ZkYdDgUKX4IjHD+jFx0lkbjwuL5ZViom/vLfbzSbDAFuXxhBGKj
obL9a+XPhZvEf5np/8ZXp6MX8uHg3XYBkFfzKYNMDSKlzUmB3P4//jFneQ3NGipj
FTTA+qkUCZp2fOirkI2AKM9MllBYq5dRqspattyhlu4Alyd2/yLU0C3hRcT613i1
ROpIf0zMXNlLKX3Q8AYGgKdZEVvT+MInjByiVI7LR4Qz
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:41 2025 by rpki-client