Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/VDBLRqMYCjpj60SbvjVrCA9rAtA.roa
File: VDBLRqMYCjpj60SbvjVrCA9rAtA.roa (raw, json)
Hash identifier: JKDK4eegAuzQo0SHJPfDcx6+y5omzYtOGcHgfrvk3wU=
Subject key identifier: 54:30:4B:46:A3:18:0A:3A:63:EB:44:9B:BE:35:6B:08:0F:6B:02:D0
Certificate issuer: /CN=22190c26894093dc64a05ef2cfd354a06cff039d
Certificate serial: 0194236A20B9F4A9E4AFBA3FA1CFE1F41C20
Authority key identifier: 22:19:0C:26:89:40:93:DC:64:A0:5E:F2:CF:D3:54:A0:6C:FF:03:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IhkMJolAk9xkoF7yz9NUoGz_A50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/VDBLRqMYCjpj60SbvjVrCA9rAtA.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16378
IP address blocks: 80.85.192.0/20 maxlen: 23
80.85.192.0/24 maxlen: 24
80.85.193.0/24 maxlen: 24
80.85.194.0/24 maxlen: 24
80.85.195.0/24 maxlen: 24
80.85.196.0/24 maxlen: 24
80.85.197.0/24 maxlen: 24
80.85.198.0/24 maxlen: 24
80.85.199.0/24 maxlen: 24
80.85.200.0/24 maxlen: 24
80.85.201.0/24 maxlen: 24
80.85.202.0/24 maxlen: 24
80.85.203.0/24 maxlen: 24
80.85.204.0/24 maxlen: 24
80.85.205.0/24 maxlen: 24
80.85.206.0/24 maxlen: 24
80.85.207.0/24 maxlen: 24
2a02:d700::/32 maxlen: 32
2a02:d700::/33 maxlen: 33
2a02:d700:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:20:b9:f4:a9:e4:af:ba:3f:a1:cf:e1:f4:1c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22190c26894093dc64a05ef2cfd354a06cff039d
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54304b46a3180a3a63eb449bbe356b080f6b02d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7f:22:eb:d0:07:3b:fe:ea:20:04:41:6b:6f:
9a:f0:36:4e:5e:66:cb:29:b0:e7:71:ad:de:f0:8c:
bd:c8:78:a2:63:9a:ae:1b:de:f5:fe:49:ba:d7:96:
04:22:a4:a8:83:8e:48:e3:6d:94:af:41:73:a8:47:
1b:df:a0:9d:18:59:1f:5e:73:fb:03:ce:e0:67:d4:
dd:eb:e3:97:cc:d0:fa:40:ad:a8:b1:e0:b1:4b:ed:
07:7e:49:1b:8f:ee:d9:f4:0a:36:97:95:3c:57:da:
4e:40:9d:12:bf:75:a7:fe:92:67:0d:08:17:ae:ca:
f5:72:81:47:a4:39:17:78:68:0e:34:70:6e:f3:ac:
2d:2c:8e:be:6c:33:78:5f:af:bd:f8:c6:ce:4d:a2:
a2:c4:b2:07:03:4d:84:37:e2:8a:1c:69:a0:64:a9:
6d:f9:eb:7d:29:0c:10:bf:c2:93:6b:fb:23:20:82:
64:d9:00:92:db:a8:b0:ce:5c:0d:83:53:8d:db:e1:
c3:25:03:59:80:30:2a:f1:7f:03:5d:b7:49:fc:c1:
37:64:70:03:14:11:b2:40:eb:9e:0e:f3:0e:63:62:
72:4b:27:f7:eb:9e:fd:3a:fd:ad:fa:ae:76:7a:01:
b1:93:68:61:31:38:b4:53:fa:41:13:fa:85:af:dc:
85:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:30:4B:46:A3:18:0A:3A:63:EB:44:9B:BE:35:6B:08:0F:6B:02:D0
X509v3 Authority Key Identifier:
keyid:22:19:0C:26:89:40:93:DC:64:A0:5E:F2:CF:D3:54:A0:6C:FF:03:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhkMJolAk9xkoF7yz9NUoGz_A50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/VDBLRqMYCjpj60SbvjVrCA9rAtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/IhkMJolAk9xkoF7yz9NUoGz_A50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.192.0/20
IPv6:
2a02:d700::/32
Signature Algorithm: sha256WithRSAEncryption
4e:26:20:24:a7:74:75:e6:1b:52:58:2f:67:02:82:e0:29:96:
95:e6:95:8f:9d:fc:e6:40:14:e7:fe:cb:5c:b7:b3:d2:c3:5c:
f3:29:4c:8a:24:dc:99:66:5d:94:ca:da:07:7f:27:3e:a1:7f:
bb:ca:3c:16:d0:54:cd:25:bd:0e:d3:ee:e6:93:79:bf:ba:e1:
24:85:0e:36:2a:1a:f9:53:af:a4:29:dc:22:78:fa:1f:25:91:
50:af:09:7d:cf:2e:32:67:c9:2b:86:7d:e5:d4:11:38:69:03:
d7:5a:8f:d2:25:c7:c4:47:6c:80:19:30:75:e5:08:6e:43:13:
71:9b:a3:a9:d7:95:30:00:a3:df:ca:18:80:97:29:e5:63:26:
ce:9d:30:76:58:bc:49:b0:f6:35:5c:d1:2e:22:8a:3d:1d:b9:
1f:89:f7:db:64:ed:5b:63:5f:f8:cd:4e:3b:74:66:7a:48:08:
e6:a6:e9:22:3f:91:49:47:cf:f1:b9:34:0e:7d:5a:3d:7b:ae:
71:c3:d9:f4:98:f8:89:04:94:d8:b4:c9:52:cd:e2:c0:48:da:
90:9b:1a:ef:16:76:7d:8c:87:ca:00:8a:2b:f8:d6:bd:b1:b3:
1f:54:40:ba:76:a3:af:27:45:07:d3:27:a1:60:58:03:e0:ac:
24:6e:e3:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaiC59Knkr7o/oc/h9BwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTkwYzI2ODk0MDkzZGM2NGEwNWVmMmNmZDM1NGEwNmNm
ZjAzOWQwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDMwNGI0NmEzMTgwYTNhNjNlYjQ0OWJiZTM1NmIwODBmNmIwMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX8i69AHO/7qIARBa2+a8DZOXmbL
KbDnca3e8Iy9yHiiY5quG971/km615YEIqSog45I422Ur0FzqEcb36CdGFkfXnP7
A87gZ9Td6+OXzND6QK2oseCxS+0Hfkkbj+7Z9Ao2l5U8V9pOQJ0Sv3Wn/pJnDQgX
rsr1coFHpDkXeGgONHBu86wtLI6+bDN4X6+9+MbOTaKixLIHA02EN+KKHGmgZKlt
+et9KQwQv8KTa/sjIIJk2QCS26iwzlwNg1ON2+HDJQNZgDAq8X8DXbdJ/ME3ZHAD
FBGyQOueDvMOY2JySyf36579Ov2t+q52egGxk2hhMTi0U/pBE/qFr9yFUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFQwS0ajGAo6Y+tEm741awgPawLQMB8GA1UdIwQY
MBaAFCIZDCaJQJPcZKBe8s/TVKBs/wOdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhrTUpvbEFrOXhrb0Y3eXo5TlVvR3pfQTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zYTk2ZmEtOTBkZS00NjBjLWJlYTYt
ZWMxMGViZTRmY2NmLzEvVkRCTFJxTVlDanBqNjBTYnZqVnJDQTlyQXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zYTk2ZmEtOTBkZS00NjBjLWJlYTYtZWMxMGViZTRmY2Nm
LzEvSWhrTUpvbEFrOXhrb0Y3eXo5TlVvR3pfQTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUFXAMA0E
AgACMAcDBQAqAtcAMA0GCSqGSIb3DQEBCwUAA4IBAQBOJiAkp3R15htSWC9nAoLg
KZaV5pWPnfzmQBTn/stct7PSw1zzKUyKJNyZZl2UytoHfyc+oX+7yjwW0FTNJb0O
0+7mk3m/uuEkhQ42Khr5U6+kKdwiePofJZFQrwl9zy4yZ8krhn3l1BE4aQPXWo/S
JcfER2yAGTB15QhuQxNxm6Op15UwAKPfyhiAlynlYybOnTB2WLxJsPY1XNEuIoo9
HbkfiffbZO1bY1/4zU47dGZ6SAjmpukiP5FJR8/xuTQOfVo9e65xw9n0mPiJBJTY
tMlSzeLASNqQmxrvFnZ9jIfKAIor+Na9sbMfVEC6dqOvJ0UH0yehYFgD4KwkbuNi
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:40 2025 by rpki-client