Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cXPwDKdKoIuZQCWcD1H6lct9eH8.roa
File: cXPwDKdKoIuZQCWcD1H6lct9eH8.roa (raw, json)
Hash identifier: TVE7Gc6adZMsubybixe+sQ/OeGr4yJ0ymZcYr+WulwU=
Subject key identifier: 71:73:F0:0C:A7:4A:A0:8B:99:40:25:9C:0F:51:FA:95:CB:7D:78:7F
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FB9826109B68C1DE812E96B5745D5F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cXPwDKdKoIuZQCWcD1H6lct9eH8.roa
Signing time: Wed 01 Jan 2025 17:48:21 +0000
ROA not before: Wed 01 Jan 2025 17:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50181
IP address blocks: 80.85.48.0/21 maxlen: 24
92.52.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:98:26:10:9b:68:c1:de:81:2e:96:b5:74:5d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7173f00ca74aa08b9940259c0f51fa95cb7d787f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:aa:9f:c7:b9:90:48:e9:32:92:6f:64:7c:f6:
3a:9f:ab:fe:ad:0c:39:f7:a0:f9:99:d3:c2:6d:7a:
c2:cc:95:29:b3:aa:0e:3c:bc:c8:2d:36:d2:be:c3:
ba:47:19:46:57:8d:1d:4a:da:d5:50:1c:71:b0:3b:
02:2a:10:e1:8b:32:70:46:9f:14:36:21:5a:83:2b:
70:3e:28:42:fc:11:74:4b:85:ac:6d:06:6e:4c:1f:
ce:3e:6e:93:4e:63:f8:59:ed:fd:d4:3d:9f:d7:ed:
d0:44:b6:43:65:b3:26:69:e9:df:8f:37:d1:f4:26:
f9:79:87:3e:17:54:e8:ee:3e:25:80:44:65:cb:80:
c7:d1:26:15:09:ff:ce:38:ba:29:45:03:81:c7:8b:
05:38:91:3d:45:04:cf:23:28:ce:f2:36:11:be:80:
12:83:da:3c:e5:b7:87:21:07:a6:53:1a:44:52:7c:
fc:e2:38:bd:5a:b6:4b:2f:80:be:34:7b:c3:59:96:
1d:af:64:70:15:68:40:55:14:b2:a1:0d:47:47:8e:
18:0f:24:f7:62:f5:63:ce:c8:84:10:40:af:17:a2:
a6:5e:63:17:7d:a5:f2:1d:22:33:bf:6a:d5:ee:f4:
22:97:b1:b6:f2:25:3f:61:b5:bb:af:5a:a8:09:5a:
82:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:73:F0:0C:A7:4A:A0:8B:99:40:25:9C:0F:51:FA:95:CB:7D:78:7F
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cXPwDKdKoIuZQCWcD1H6lct9eH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.48.0/21
92.52.220.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:6c:81:73:93:cc:b6:2c:41:2d:85:86:0f:dd:35:99:72:ff:
bd:11:b2:7f:d3:94:43:35:66:b3:e5:1c:22:18:1d:a3:ef:eb:
f1:39:ae:e3:aa:03:0a:ca:1a:8f:75:88:03:4c:58:52:35:98:
9a:af:0d:8f:f4:bc:b2:9d:05:71:8b:33:f4:28:39:21:3e:49:
c0:f3:a2:ce:c8:2d:c4:0b:f2:96:b0:65:2c:e2:a8:bc:5a:09:
64:61:3a:ce:86:0d:50:5f:8d:60:54:74:3f:61:ff:48:9a:6d:
e5:8a:39:61:99:a8:0d:83:9a:af:f6:73:3e:7c:b3:c0:ab:6d:
cd:67:c0:c0:55:b9:92:89:68:55:c2:e8:36:ea:ea:1a:42:4d:
66:7e:5b:d0:78:69:12:1f:dd:30:6b:56:97:5e:26:69:50:2d:
a8:74:76:1d:b7:14:c5:51:e6:d7:48:c6:82:28:d4:e7:51:54:
52:9a:ab:35:a5:38:c6:75:8d:33:0b:b7:e8:0c:4b:91:61:26:
a9:79:33:19:00:b8:ef:c7:4e:71:26:e3:d6:4a:78:f9:22:d6:
39:40:e7:f6:49:45:9c:51:ed:47:1a:d5:b1:e2:20:16:1f:7b:
79:72:c5:cd:ae:05:b3:a4:5c:cb:7c:f1:df:56:56:4b:60:9b:
60:f9:84:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+5gmEJtowd6BLpa1dF1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTczZjAwY2E3NGFhMDhiOTk0MDI1OWMwZjUxZmE5NWNiN2Q3ODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaqfx7mQSOkykm9kfPY6n6v+rQw5
96D5mdPCbXrCzJUps6oOPLzILTbSvsO6RxlGV40dStrVUBxxsDsCKhDhizJwRp8U
NiFagytwPihC/BF0S4WsbQZuTB/OPm6TTmP4We391D2f1+3QRLZDZbMmaenfjzfR
9Cb5eYc+F1To7j4lgERly4DH0SYVCf/OOLopRQOBx4sFOJE9RQTPIyjO8jYRvoAS
g9o85beHIQemUxpEUnz84ji9WrZLL4C+NHvDWZYdr2RwFWhAVRSyoQ1HR44YDyT3
YvVjzsiEEECvF6KmXmMXfaXyHSIzv2rV7vQil7G28iU/YbW7r1qoCVqCgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHFz8AynSqCLmUAlnA9R+pXLfXh/MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvY1hQd0RLZEtvSXVaUUNXY0QxSDZsY3Q5ZUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUFUwAwQA
XDTcMA0GCSqGSIb3DQEBCwUAA4IBAQCobIFzk8y2LEEthYYP3TWZcv+9EbJ/05RD
NWaz5RwiGB2j7+vxOa7jqgMKyhqPdYgDTFhSNZiarw2P9LyynQVxizP0KDkhPknA
86LOyC3EC/KWsGUs4qi8WglkYTrOhg1QX41gVHQ/Yf9Imm3lijlhmagNg5qv9nM+
fLPAq23NZ8DAVbmSiWhVwug26uoaQk1mflvQeGkSH90wa1aXXiZpUC2odHYdtxTF
UebXSMaCKNTnUVRSmqs1pTjGdY0zC7foDEuRYSapeTMZALjvx05xJuPWSnj5ItY5
QOf2SUWcUe1HGtWx4iAWH3t5csXNrgWzpFzLfPHfVlZLYJtg+YT7
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:27:41 2025 by rpki-client