Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/1IQ6XGH492q6Le1AzC8jaBrQe44.roa
File: 1IQ6XGH492q6Le1AzC8jaBrQe44.roa (raw, json)
Hash identifier: eh3HA+b+4o4D/vtiKknODxG3cbXEFcxbrcIdlrGMDDE=
Subject key identifier: D4:84:3A:5C:61:F8:F7:6A:BA:2D:ED:40:CC:2F:23:68:1A:D0:7B:8E
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 019421B242C3674F322BB06FA794891D5C5F
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/1IQ6XGH492q6Le1AzC8jaBrQe44.roa
Signing time: Wed 01 Jan 2025 11:48:38 +0000
ROA not before: Wed 01 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 80.253.96.0/19 maxlen: 24
83.245.0.0/17 maxlen: 24
89.167.128.0/17 maxlen: 24
92.60.240.0/20 maxlen: 24
213.228.192.0/18 maxlen: 24
217.79.160.0/20 maxlen: 24
2a02:9e8::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:42:c3:67:4f:32:2b:b0:6f:a7:94:89:1d:5c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 1 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4843a5c61f8f76aba2ded40cc2f23681ad07b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:2d:0e:98:cd:69:2f:dc:8c:32:8a:22:62:54:
67:33:df:ec:ee:ef:e4:09:77:08:ef:8d:c2:21:f2:
97:c2:37:d1:64:ef:e4:59:43:20:b6:0e:08:54:3a:
bb:8d:1a:a0:4d:da:aa:1c:75:3f:f0:59:64:f1:ad:
da:12:9f:0c:26:a1:1f:14:f7:0b:23:6d:82:24:2b:
d2:a1:f4:3b:8d:b6:58:cf:ec:f6:03:cb:4f:b6:61:
9f:29:9a:9d:3d:f7:3b:fc:0f:d1:0d:3e:ff:aa:d2:
a9:f9:e9:e5:91:48:9f:f7:08:23:4d:3a:4d:61:05:
a7:e5:d5:54:1b:09:a7:3a:6a:ad:2d:43:e6:65:e2:
5f:e5:e7:4f:f7:e6:37:cd:8f:a5:6c:78:e2:32:46:
b7:52:cd:67:01:8f:b4:52:93:7a:4d:03:eb:77:d3:
00:87:3d:17:99:e0:5b:fd:61:52:32:4b:d1:c6:5c:
90:e7:96:5d:43:d3:94:e0:94:24:50:95:a1:2b:de:
aa:43:5c:6f:7a:30:36:81:2b:05:19:4d:63:42:c1:
3f:0b:bd:c1:5b:6a:8b:53:15:8b:f9:19:f6:56:c8:
9b:94:e7:0e:0a:d8:6f:b6:dc:b4:a2:af:e4:1b:24:
50:04:bb:08:9e:55:b4:69:67:6c:c2:20:9a:74:aa:
ec:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:84:3A:5C:61:F8:F7:6A:BA:2D:ED:40:CC:2F:23:68:1A:D0:7B:8E
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/1IQ6XGH492q6Le1AzC8jaBrQe44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.96.0/19
83.245.0.0/17
89.167.128.0/17
92.60.240.0/20
213.228.192.0/18
217.79.160.0/20
IPv6:
2a02:9e8::/32
Signature Algorithm: sha256WithRSAEncryption
2f:ce:09:65:56:bc:3f:c3:a1:9a:a0:c9:01:4c:8c:1b:6e:f5:
02:47:17:57:87:89:d0:c4:15:26:89:a3:cd:3a:01:dc:3b:55:
83:66:94:59:60:67:41:96:20:1b:46:f6:68:1b:d3:0a:c5:c3:
77:f5:c8:26:00:87:24:b5:9b:ab:5a:d5:93:7f:c1:a8:30:f7:
48:40:77:79:18:6d:27:4a:a0:d6:8d:c2:42:35:65:33:1d:52:
93:00:d9:cb:77:33:b7:5d:d2:ae:33:77:2b:6b:91:e8:d9:bd:
c0:5c:10:a8:ee:f9:9f:66:49:9d:73:d0:3c:0c:3e:cd:2b:ac:
72:15:fd:99:5d:0f:f0:af:27:f5:b5:3d:89:01:45:2f:74:92:
e3:2e:d7:94:d6:29:26:0c:e3:f6:5e:3e:bc:c7:2f:01:67:4d:
51:a2:44:c6:25:69:ca:f6:dc:b9:20:2f:cb:f6:32:c0:5e:72:
07:96:ab:7c:2d:3b:54:3e:a6:80:46:70:ef:e1:75:cc:1e:e3:
2f:fa:b1:43:45:c9:92:f7:64:b4:a2:9e:0c:f9:ee:54:aa:ed:
aa:59:19:ba:4a:c4:bb:90:f8:d4:5c:c1:66:c2:ee:c0:b3:7e:
e3:7a:21:39:d4:e5:0e:90:fe:0e:44:1c:b3:f1:96:ac:42:b2:
7d:6f:23:f5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQhskLDZ08yK7Bvp5SJHVxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjUwMTAxMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg0M2E1YzYxZjhmNzZhYmEyZGVkNDBjYzJmMjM2ODFhZDA3YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5i0OmM1pL9yMMooiYlRnM9/s7u/k
CXcI743CIfKXwjfRZO/kWUMgtg4IVDq7jRqgTdqqHHU/8Flk8a3aEp8MJqEfFPcL
I22CJCvSofQ7jbZYz+z2A8tPtmGfKZqdPfc7/A/RDT7/qtKp+enlkUif9wgjTTpN
YQWn5dVUGwmnOmqtLUPmZeJf5edP9+Y3zY+lbHjiMka3Us1nAY+0UpN6TQPrd9MA
hz0XmeBb/WFSMkvRxlyQ55ZdQ9OU4JQkUJWhK96qQ1xvejA2gSsFGU1jQsE/C73B
W2qLUxWL+Rn2VsiblOcOCthvtty0oq/kGyRQBLsInlW0aWdswiCadKrsjwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNSEOlxh+Pdqui3tQMwvI2ga0HuOMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvMUlRNlhHSDQ5MnE2TGUxQXpDOGphQnJRZTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUP1gAwQH
U/UAAwQHWaeAAwQEXDzwAwQG1eTAAwQE2U+gMA0EAgACMAcDBQAqAgnoMA0GCSqG
SIb3DQEBCwUAA4IBAQAvzgllVrw/w6GaoMkBTIwbbvUCRxdXh4nQxBUmiaPNOgHc
O1WDZpRZYGdBliAbRvZoG9MKxcN39cgmAIcktZurWtWTf8GoMPdIQHd5GG0nSqDW
jcJCNWUzHVKTANnLdzO3XdKuM3cra5Ho2b3AXBCo7vmfZkmdc9A8DD7NK6xyFf2Z
XQ/wryf1tT2JAUUvdJLjLteU1ikmDOP2Xj68xy8BZ01RokTGJWnK9ty5IC/L9jLA
XnIHlqt8LTtUPqaARnDv4XXMHuMv+rFDRcmS92S0op4M+e5Uqu2qWRm6SsS7kPjU
XMFmwu7As37jeiE51OUOkP4ORByz8ZasQrJ9byP1
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:29:13 2025 by rpki-client