Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/cVKkCDaARUtvYDXoV4X9N2Ey2ZE.roa
File: cVKkCDaARUtvYDXoV4X9N2Ey2ZE.roa (raw, json)
Hash identifier: QIVK0slO8PFSnaXnlK3EvRckSMInnvVoSayFBWoxzeo=
Subject key identifier: 71:52:A4:08:36:80:45:4B:6F:60:35:E8:57:85:FD:37:61:32:D9:91
Certificate issuer: /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial: 0194228DFB5D1FBA8B929F9DB809CABE5727
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/cVKkCDaARUtvYDXoV4X9N2Ey2ZE.roa
Signing time: Wed 01 Jan 2025 15:48:37 +0000
ROA not before: Wed 01 Jan 2025 15:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206119
IP address blocks: 80.91.92.0/22 maxlen: 24
82.129.32.0/22 maxlen: 24
82.138.108.0/22 maxlen: 24
82.138.120.0/21 maxlen: 24
212.20.136.0/21 maxlen: 24
212.20.144.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:fb:5d:1f:ba:8b:92:9f:9d:b8:09:ca:be:57:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
Validity
Not Before: Jan 1 15:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7152a4083680454b6f6035e85785fd376132d991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:de:96:08:c4:e0:68:5d:48:fb:28:e0:c0:c7:
e6:1a:54:dd:07:85:58:d2:94:94:71:1d:c1:d2:32:
c6:00:bb:f3:f2:38:54:11:92:07:91:2a:d7:b4:c5:
17:d6:db:20:15:c4:7d:0a:55:6f:a7:50:b6:11:23:
89:15:d8:e7:3f:74:6f:14:8f:04:53:5c:10:59:14:
39:5e:5a:65:83:9a:06:13:e7:67:d2:54:ac:4c:3e:
d8:4c:d0:e5:51:d5:da:8a:c0:a6:16:e1:fe:75:cc:
0c:89:a4:87:1e:93:63:ef:17:6f:c2:17:93:06:36:
42:74:b1:b3:8e:7f:bf:40:a7:36:27:ce:6e:ec:c1:
68:43:c6:6a:0e:6b:dd:28:f5:cb:14:9c:c7:42:c0:
ce:05:9e:1f:ee:2d:79:21:fd:12:bc:fc:e9:33:c3:
f2:d6:d0:35:c5:18:04:2b:e7:cf:a4:b8:2f:c8:6f:
b6:08:8e:20:85:3e:c7:c9:c1:7e:4a:94:36:1f:6a:
d5:0b:16:77:99:13:80:61:0c:e8:a7:dc:8d:c0:9f:
80:a2:81:1c:d8:0a:9b:ef:1c:51:2a:e3:76:d7:45:
3e:57:71:02:8c:06:19:63:4e:2f:89:50:4f:f4:25:
f1:03:31:ad:d1:71:e3:b9:96:72:d0:a9:a4:05:e6:
ae:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:52:A4:08:36:80:45:4B:6F:60:35:E8:57:85:FD:37:61:32:D9:91
X509v3 Authority Key Identifier:
keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/cVKkCDaARUtvYDXoV4X9N2Ey2ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.92.0/22
82.129.32.0/22
82.138.108.0/22
82.138.120.0/21
212.20.136.0-212.20.147.255
Signature Algorithm: sha256WithRSAEncryption
73:19:6d:32:6c:73:5e:85:72:36:99:db:96:a9:c4:b2:92:01:
f2:4e:04:bd:58:f0:ed:dd:0a:aa:fb:6d:75:da:0f:66:7a:2d:
f7:50:23:03:2f:fd:87:53:07:75:78:bd:b9:be:b2:6f:90:3e:
fc:92:b4:1b:87:13:f6:e5:57:f0:9a:19:c7:06:da:83:01:18:
4d:0d:c1:0a:67:0a:92:54:61:fd:65:58:bc:d3:af:90:36:6b:
0f:16:56:02:4d:04:86:19:d8:99:08:82:8c:a7:41:91:f5:c7:
8c:de:44:6f:fb:b8:f1:c5:db:c2:08:15:42:19:8a:4b:7b:f5:
94:f0:fd:cc:85:90:14:61:d3:78:56:42:19:33:5d:38:86:69:
4f:ec:87:75:b3:dc:25:3d:16:24:90:d5:bf:d1:02:e8:da:1c:
75:a0:f2:da:0b:ff:9d:e0:f3:90:5a:8c:e6:db:a1:07:31:8f:
36:05:43:d8:14:be:20:cb:fb:73:b1:9c:08:1e:1b:07:0c:ce:
ae:58:90:8e:95:69:83:37:b5:1f:f7:17:15:ff:9d:ea:3d:be:
6f:bf:1f:85:10:cb:47:ac:d3:52:ed:e2:df:29:ee:06:ec:69:
64:cf:bf:eb:11:6d:10:15:24:77:e4:f3:bd:75:c6:67:0b:22:
b9:ab:22:a8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQijftdH7qLkp+duAnKvlcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjUwMTAxMTU0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTUyYTQwODM2ODA0NTRiNmY2MDM1ZTg1Nzg1ZmQzNzYxMzJkOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2N6WCMTgaF1I+yjgwMfmGlTdB4VY
0pSUcR3B0jLGALvz8jhUEZIHkSrXtMUX1tsgFcR9ClVvp1C2ESOJFdjnP3RvFI8E
U1wQWRQ5Xlplg5oGE+dn0lSsTD7YTNDlUdXaisCmFuH+dcwMiaSHHpNj7xdvwheT
BjZCdLGzjn+/QKc2J85u7MFoQ8ZqDmvdKPXLFJzHQsDOBZ4f7i15If0SvPzpM8Py
1tA1xRgEK+fPpLgvyG+2CI4ghT7HycF+SpQ2H2rVCxZ3mROAYQzop9yNwJ+AooEc
2Aqb7xxRKuN210U+V3ECjAYZY04viVBP9CXxAzGt0XHjuZZy0KmkBeauRwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHFSpAg2gEVLb2A16FeF/TdhMtmRMB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEvY1ZLa0NEYUFSVXR2WURYb1Y0WDlOMkV5MlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQtOTU2ZjZiNWM2MTcw
LzEvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCUFtcAwQC
UoEgAwQCUopsAwQDUop4MAwDBAPUFIgDBALUFJAwDQYJKoZIhvcNAQELBQADggEB
AHMZbTJsc16FcjaZ25apxLKSAfJOBL1Y8O3dCqr7bXXaD2Z6LfdQIwMv/YdTB3V4
vbm+sm+QPvyStBuHE/blV/CaGccG2oMBGE0NwQpnCpJUYf1lWLzTr5A2aw8WVgJN
BIYZ2JkIgoynQZH1x4zeRG/7uPHF28IIFUIZikt79ZTw/cyFkBRh03hWQhkzXTiG
aU/sh3Wz3CU9FiSQ1b/RAujaHHWg8toL/53g85BajObboQcxjzYFQ9gUviDL+3Ox
nAgeGwcMzq5YkI6VaYM3tR/3FxX/neo9vm+/H4UQy0es01Lt4t8p7gbsaWTPv+sR
bRAVJHfk8711xmcLIrmrIqg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:36 2025 by rpki-client