Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pe9yWGCWJwQO74C0flNsW8ZZpLE.roa
File: pe9yWGCWJwQO74C0flNsW8ZZpLE.roa (raw, json)
Hash identifier: K+9itxKh+UbbWMyv2WOSUdR+1S51IsEiZXXj7/vQk4Q=
Subject key identifier: A5:EF:72:58:60:96:27:04:0E:EF:80:B4:7E:53:6C:5B:C6:59:A4:B1
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C641818C21450A2B1339F1CAE7528
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pe9yWGCWJwQO74C0flNsW8ZZpLE.roa
Signing time: Thu 02 Jan 2025 09:50:25 +0000
ROA not before: Thu 02 Jan 2025 09:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21479
IP address blocks: 80.68.0.0/21 maxlen: 21
80.68.8.0/22 maxlen: 22
80.68.12.0/24 maxlen: 24
80.68.13.0/24 maxlen: 24
80.254.96.0/19 maxlen: 19
83.221.192.0/19 maxlen: 19
87.117.0.0/18 maxlen: 18
87.117.0.0/19 maxlen: 19
87.117.36.0/22 maxlen: 22
87.117.40.0/21 maxlen: 21
93.178.96.0/22 maxlen: 22
93.178.104.0/22 maxlen: 22
93.178.126.0/23 maxlen: 23
109.165.0.0/17 maxlen: 17
109.172.64.0/24 maxlen: 24
109.172.65.0/24 maxlen: 24
109.172.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:64:18:18:c2:14:50:a2:b1:33:9f:1c:ae:75:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5ef7258609627040eef80b47e536c5bc659a4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:76:8b:a7:49:ff:fe:be:0a:eb:0c:b6:2d:
c6:af:fe:d1:f5:d6:d0:8c:0c:ca:6f:8c:fe:48:a3:
5e:fc:82:05:01:3d:32:ab:66:e9:7c:2e:e8:a1:e5:
4c:43:d6:a5:a7:ce:98:02:a9:31:2d:b8:56:76:2b:
96:a8:d7:f4:a0:4a:1e:19:5b:1a:6e:ac:87:30:e7:
f7:06:53:3d:df:e8:07:6e:51:23:79:a7:0b:8d:f0:
4e:40:80:e5:fd:92:c7:6f:82:f8:b1:d9:c0:55:d1:
7e:a3:2f:7a:bb:f1:01:84:67:eb:90:7a:42:5e:a4:
c8:54:66:40:a0:26:02:6a:4e:76:dc:21:a7:30:6b:
92:4c:a7:73:e4:b8:6f:11:2e:a7:77:d8:01:ed:0a:
00:20:50:77:41:9a:b0:10:ba:6d:c0:ec:e5:61:a2:
d9:da:50:09:e3:e9:86:4f:79:52:53:0e:b0:7a:3c:
2c:d0:65:82:38:ea:0b:ec:53:b2:9c:81:9d:5c:54:
93:41:dd:64:b0:24:6e:1c:15:e7:ee:24:77:5a:2e:
ff:cf:55:34:d0:4b:a7:bb:02:be:43:73:3b:30:b2:
96:88:50:85:26:6f:79:a5:73:83:89:3f:f6:e4:1b:
b0:21:5a:1c:dd:ca:3f:f4:0a:4e:d3:36:bd:a4:c3:
e2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:EF:72:58:60:96:27:04:0E:EF:80:B4:7E:53:6C:5B:C6:59:A4:B1
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pe9yWGCWJwQO74C0flNsW8ZZpLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.0.0-80.68.13.255
80.254.96.0/19
83.221.192.0/19
87.117.0.0/18
93.178.96.0/22
93.178.104.0/22
93.178.126.0/23
109.165.0.0/17
109.172.64.0-109.172.66.255
Signature Algorithm: sha256WithRSAEncryption
04:6c:d0:5e:bb:65:47:8a:7c:a4:1e:89:bd:5b:86:ba:9c:cc:
4c:4b:7d:fe:63:f1:cf:e2:c4:80:c5:77:82:b8:0c:57:c3:90:
ab:79:d5:3a:97:8a:83:61:d2:1c:04:6e:cd:41:de:d8:62:db:
92:06:3a:89:f2:25:2b:82:63:8e:3f:a2:bf:4b:76:a9:68:f0:
4a:26:0d:08:88:fc:70:ca:a2:df:52:43:12:e3:4d:0c:af:c9:
92:9a:69:bc:9f:63:fb:33:bd:55:39:65:1e:0e:7d:96:b7:b8:
30:26:95:f2:56:27:a9:c2:ea:95:cc:29:42:9e:ee:20:16:d1:
2e:08:66:eb:0c:3c:83:c7:7c:78:90:c3:72:0e:97:8f:4d:09:
26:f4:d5:22:4f:18:b1:d7:c5:e6:2b:59:5e:2f:21:5c:bb:9e:
90:0d:29:3f:02:32:64:77:0d:16:10:b3:9b:c2:f4:a1:26:fe:
38:3d:88:44:64:62:03:aa:82:cb:ef:41:02:13:1d:3f:ea:32:
85:fa:4b:66:cb:28:98:ae:df:1e:cb:aa:a8:1d:f2:37:ec:e7:
b2:6a:bd:fa:98:d4:96:a0:d6:02:45:42:af:64:7e:26:a6:7c:
d0:96:e2:fb:c9:4e:0b:71:63:8f:f2:e1:78:7c:20:0b:1e:aa:
60:61:70:d6
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQmbGQYGMIUUKKxM58crnUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWVmNzI1ODYwOTYyNzA0MGVlZjgwYjQ3ZTUzNmM1YmM2NTlhNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7V2i6dJ//6+CusMti3Gr/7R9dbQ
jAzKb4z+SKNe/IIFAT0yq2bpfC7ooeVMQ9alp86YAqkxLbhWdiuWqNf0oEoeGVsa
bqyHMOf3BlM93+gHblEjeacLjfBOQIDl/ZLHb4L4sdnAVdF+oy96u/EBhGfrkHpC
XqTIVGZAoCYCak523CGnMGuSTKdz5LhvES6nd9gB7QoAIFB3QZqwELptwOzlYaLZ
2lAJ4+mGT3lSUw6wejws0GWCOOoL7FOynIGdXFSTQd1ksCRuHBXn7iR3Wi7/z1U0
0EunuwK+Q3M7MLKWiFCFJm95pXODiT/25BuwIVoc3co/9ApO0za9pMPizQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKXvclhglicEDu+AtH5TbFvGWaSxMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcGU5eVdHQ1dKd1FPNzRDMGZsTnNXOFpacExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAATBFMAsDAwJQRAME
AVBEDAMEBVD+YAMEBVPdwAMEBld1AAMEAl2yYAMEAl2yaAMEAV2yfgMEB22lADAM
AwQGbaxAAwQAbaxCMA0GCSqGSIb3DQEBCwUAA4IBAQAEbNBeu2VHinykHom9W4a6
nMxMS33+Y/HP4sSAxXeCuAxXw5CredU6l4qDYdIcBG7NQd7YYtuSBjqJ8iUrgmOO
P6K/S3apaPBKJg0IiPxwyqLfUkMS400Mr8mSmmm8n2P7M71VOWUeDn2Wt7gwJpXy
ViepwuqVzClCnu4gFtEuCGbrDDyDx3x4kMNyDpePTQkm9NUiTxix18XmK1leLyFc
u56QDSk/AjJkdw0WELObwvShJv44PYhEZGIDqoLL70ECEx0/6jKF+ktmyyiYrt8e
y6qoHfI37Oeyar36mNSWoNYCRUKvZH4mpnzQluL7yU4LcWOP8uF4fCALHqpgYXDW
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:17 2025 by rpki-client