Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/fNZMbnQMgTAK0Zgb7xMWM1Qd3dI.roa
File: fNZMbnQMgTAK0Zgb7xMWM1Qd3dI.roa (raw, json)
Hash identifier: BfsFTEpekQyKXJd+qFQ/cSg4okv8+qp9Gcb8wC29DdI=
Subject key identifier: 7C:D6:4C:6E:74:0C:81:30:0A:D1:98:1B:EF:13:16:33:54:1D:DD:D2
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 018CCA2A8F39E6EDDABA0798D19BA28BC727
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/fNZMbnQMgTAK0Zgb7xMWM1Qd3dI.roa
Signing time: Tue 02 Jan 2024 12:33:55 +0000
ROA not before: Tue 02 Jan 2024 12:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 80.253.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8f:39:e6:ed:da:ba:07:98:d1:9b:a2:8b:c7:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 2 12:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cd64c6e740c81300ad1981bef131633541dddd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:57:fc:a4:43:f2:8a:c0:d9:db:ef:23:68:84:
64:3e:cd:f2:75:29:8b:92:98:6b:05:93:86:f0:31:
71:4b:67:91:d9:6e:8a:cd:7f:ec:05:56:94:85:c1:
9e:19:34:22:a6:d6:a5:fa:95:64:02:7e:48:cd:1c:
6b:0a:f0:c8:33:18:26:c2:96:16:59:9f:5f:79:2c:
68:ec:71:56:2b:a0:ce:60:21:44:16:72:f5:e5:f6:
0e:7a:3f:55:10:5a:d1:50:f0:7c:3d:80:4e:51:17:
9f:d0:e8:8c:39:15:cf:88:9b:7a:85:b3:97:60:93:
71:a7:c6:9b:0b:03:f4:e3:2b:48:8a:50:9b:38:f4:
34:f7:e4:b0:b5:d5:93:8b:ce:22:d3:9b:a0:b4:28:
a0:d8:3d:53:77:da:26:f0:ae:9a:be:83:36:14:d9:
1d:81:38:1a:25:39:66:c6:b5:90:b7:eb:f0:6c:76:
e3:7d:df:6f:bd:0d:4b:c0:69:27:f7:19:04:5d:df:
e6:32:4c:1b:3e:45:49:3e:22:7a:f0:39:34:10:38:
55:ba:1d:47:32:40:c0:50:17:38:84:71:dc:40:47:
c5:65:af:03:02:53:3b:35:d4:fa:76:9c:60:49:11:
24:02:7c:4a:d3:98:fd:67:27:ab:7e:36:cc:c9:ef:
21:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D6:4C:6E:74:0C:81:30:0A:D1:98:1B:EF:13:16:33:54:1D:DD:D2
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/fNZMbnQMgTAK0Zgb7xMWM1Qd3dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.115.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:bb:6c:f2:35:f1:34:cb:3b:a3:6c:d1:3b:b3:c2:4f:31:96:
98:17:e2:fa:52:ae:3d:44:af:20:0a:02:4a:2e:52:86:49:71:
30:df:11:d4:54:6b:7d:4c:09:ea:e8:80:03:16:62:e9:ef:24:
79:e9:b0:a3:3c:47:7b:9a:2e:50:50:d1:6f:5f:5d:b3:48:c4:
b9:92:70:4e:51:eb:b6:f1:6d:e6:19:a2:9b:b1:bc:81:fa:e3:
24:52:f9:91:59:5a:16:c1:b7:07:f1:48:45:4b:a4:65:06:62:
ba:43:bd:69:8d:58:9b:79:e9:08:ce:15:92:2a:83:8f:c1:81:
6f:c1:20:2b:45:c4:51:9c:53:11:98:b1:5e:08:a6:b7:26:75:
d5:5c:d1:fd:2e:7b:87:1e:19:5e:1f:26:ea:b3:48:78:10:3f:
7a:be:15:48:95:b7:c3:e8:76:7f:39:a1:aa:a7:d0:cc:4a:60:
83:5c:5d:72:5f:06:ef:61:1e:e7:9f:2f:fc:e9:43:ab:5f:9d:
cc:74:10:6e:4d:eb:e2:89:ae:04:94:61:43:79:49:73:39:77:
3e:ad:10:62:d1:bc:67:7c:c2:a0:3e:91:6d:c3:dc:f1:7e:7c:
2b:4b:c6:81:b3:77:32:f4:3b:ab:b6:56:07:5b:25:62:26:90:
1c:cd:7b:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKo855u3augeY0Zuii8cnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjQwMTAyMTIzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q2NGM2ZTc0MGM4MTMwMGFkMTk4MWJlZjEzMTYzMzU0MWRkZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVf8pEPyisDZ2+8jaIRkPs3ydSmL
kphrBZOG8DFxS2eR2W6KzX/sBVaUhcGeGTQiptal+pVkAn5IzRxrCvDIMxgmwpYW
WZ9feSxo7HFWK6DOYCFEFnL15fYOej9VEFrRUPB8PYBOURef0OiMORXPiJt6hbOX
YJNxp8abCwP04ytIilCbOPQ09+SwtdWTi84i05ugtCig2D1Td9om8K6avoM2FNkd
gTgaJTlmxrWQt+vwbHbjfd9vvQ1LwGkn9xkEXd/mMkwbPkVJPiJ68Dk0EDhVuh1H
MkDAUBc4hHHcQEfFZa8DAlM7NdT6dpxgSREkAnxK05j9ZyerfjbMye8hfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzWTG50DIEwCtGYG+8TFjNUHd3SMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvZk5aTWJuUU1nVEFLMFpnYjd4TVdNMVFkM2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUP1zMA0G
CSqGSIb3DQEBCwUAA4IBAQALu2zyNfE0yzujbNE7s8JPMZaYF+L6Uq49RK8gCgJK
LlKGSXEw3xHUVGt9TAnq6IADFmLp7yR56bCjPEd7mi5QUNFvX12zSMS5knBOUeu2
8W3mGaKbsbyB+uMkUvmRWVoWwbcH8UhFS6RlBmK6Q71pjVibeekIzhWSKoOPwYFv
wSArRcRRnFMRmLFeCKa3JnXVXNH9LnuHHhleHybqs0h4ED96vhVIlbfD6HZ/OaGq
p9DMSmCDXF1yXwbvYR7nny/86UOrX53MdBBuTeviia4ElGFDeUlzOXc+rRBi0bxn
fMKgPpFtw9zxfnwrS8aBs3cy9DurtlYHWyViJpAczXvX
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:34:54 2025 by rpki-client