Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/s7mUu7WrVHVPJEBCCdi0H3bHpis.roa
File: s7mUu7WrVHVPJEBCCdi0H3bHpis.roa (raw, json)
Hash identifier: ExGJpFM76OJZURK1GFJNiBKKffY4pIrBrUBBm9tcC8g=
Subject key identifier: B3:B9:94:BB:B5:AB:54:75:4F:24:40:42:09:D8:B4:1F:76:C7:A6:2B
Certificate issuer: /CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Certificate serial: 019422FB6E01EF92C3D4AD664AF92ABFE565
Authority key identifier: DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/s7mUu7WrVHVPJEBCCdi0H3bHpis.roa
Signing time: Wed 01 Jan 2025 17:48:10 +0000
ROA not before: Wed 01 Jan 2025 17:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25176
IP address blocks: 80.88.96.0/19 maxlen: 19
81.8.128.0/17 maxlen: 17
81.8.142.0/24 maxlen: 24
81.8.143.0/24 maxlen: 24
81.8.204.0/24 maxlen: 24
81.8.226.0/24 maxlen: 24
85.194.128.0/18 maxlen: 18
2a01:4040::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:6e:01:ef:92:c3:d4:ad:66:4a:f9:2a:bf:e5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0b33cddb799b7bcf5d3dce004fdba8c3e864ff
Validity
Not Before: Jan 1 17:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3b994bbb5ab54754f24404209d8b41f76c7a62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:46:c5:f6:d2:fb:15:f6:30:f1:86:5e:4c:db:
cc:11:11:90:0c:e9:b8:6b:98:e2:66:d7:d3:63:41:
c4:1b:35:a8:ee:fb:47:b4:bf:09:05:27:ff:f3:fa:
8d:e6:cc:f1:8f:48:eb:ab:6a:4e:5f:6f:b4:61:c8:
5a:d2:8a:8b:88:1c:70:17:ce:d8:ba:1c:a0:c7:17:
94:3c:4e:50:2c:96:7d:36:39:70:29:ca:ba:4c:74:
8e:09:eb:1d:d9:a9:55:3c:e4:08:2d:70:19:68:b3:
c5:2f:f8:3c:98:26:02:ac:1a:8c:54:38:88:28:e5:
aa:c4:b6:df:bd:40:9a:74:15:4c:5b:8a:5f:6a:a5:
14:98:b4:5c:29:1e:75:b5:bb:63:20:75:b1:8a:73:
44:fe:13:cb:04:44:b7:1a:4d:9c:e9:c6:87:f6:f2:
8a:81:9a:ee:0d:21:9a:2d:fe:6a:44:b1:f2:13:cb:
ac:20:c8:15:f1:c3:91:e5:cf:60:d5:32:ee:5d:22:
9c:17:6e:8e:53:aa:31:06:7a:0e:0f:cc:f9:a0:f4:
9b:85:4a:4c:b0:ef:55:05:1d:36:8f:a4:15:a5:c4:
a2:09:9f:23:c7:f7:93:28:56:d3:8f:be:c5:1b:14:
80:bd:4c:23:a4:86:21:8b:86:42:f5:05:54:60:b0:
b4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B9:94:BB:B5:AB:54:75:4F:24:40:42:09:D8:B4:1F:76:C7:A6:2B
X509v3 Authority Key Identifier:
keyid:DA:0B:33:CD:DB:79:9B:7B:CF:5D:3D:CE:00:4F:DB:A8:C3:E8:64:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gszzdt5m3vPXT3OAE_bqMPoZP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/s7mUu7WrVHVPJEBCCdi0H3bHpis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/032d8b-4881-46fa-b674-7733bd888e28/1/2gszzdt5m3vPXT3OAE_bqMPoZP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.88.96.0/19
81.8.128.0/17
85.194.128.0/18
IPv6:
2a01:4040::/32
Signature Algorithm: sha256WithRSAEncryption
72:5d:55:b2:66:6b:30:86:df:87:38:f6:83:84:03:6b:21:98:
08:30:0a:80:ac:81:69:60:59:c5:bd:d2:ef:8e:12:ab:d6:39:
e3:e5:a7:2f:85:4b:34:e4:9d:23:81:5d:ec:7e:22:02:c8:f3:
ff:9f:ab:d0:13:af:a2:fe:f3:11:85:72:b4:78:c2:e1:9a:b5:
91:10:4e:d2:15:2f:b3:bb:32:d1:bd:7e:aa:26:d1:26:98:09:
8a:b5:f5:14:72:70:b7:ba:5b:49:f4:0c:87:19:a2:70:5b:ca:
31:58:42:6f:69:13:11:65:6b:8c:09:e4:4a:23:bd:28:e7:e2:
72:17:96:04:eb:dd:e9:d2:d8:42:ff:9e:cc:ef:79:79:92:9a:
e2:b3:44:39:86:8d:6f:af:38:26:1e:e3:9b:30:29:68:eb:19:
27:18:a2:c1:83:f7:30:7d:3d:59:cc:76:9f:d5:a6:7a:d8:fc:
51:ab:1d:d0:3c:c3:0c:18:5f:41:4e:01:52:c7:08:4b:9e:47:
04:02:73:81:94:33:df:5a:19:4a:4b:f7:5a:14:69:f7:09:aa:
fd:d4:c7:40:f1:98:34:02:67:a6:07:bb:79:e7:5d:6e:e5:7c:
0d:af:b9:17:ab:79:8d:6c:d4:c2:56:8a:48:bf:1b:1b:95:fb:
00:3f:01:6b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQi+24B75LD1K1mSvkqv+VlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMGIzM2NkZGI3OTliN2JjZjVkM2RjZTAwNGZkYmE4YzNl
ODY0ZmYwHhcNMjUwMTAxMTc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2I5OTRiYmI1YWI1NDc1NGYyNDQwNDIwOWQ4YjQxZjc2YzdhNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0bF9tL7FfYw8YZeTNvMERGQDOm4
a5jiZtfTY0HEGzWo7vtHtL8JBSf/8/qN5szxj0jrq2pOX2+0Ycha0oqLiBxwF87Y
uhygxxeUPE5QLJZ9NjlwKcq6THSOCesd2alVPOQILXAZaLPFL/g8mCYCrBqMVDiI
KOWqxLbfvUCadBVMW4pfaqUUmLRcKR51tbtjIHWxinNE/hPLBES3Gk2c6caH9vKK
gZruDSGaLf5qRLHyE8usIMgV8cOR5c9g1TLuXSKcF26OU6oxBnoOD8z5oPSbhUpM
sO9VBR02j6QVpcSiCZ8jx/eTKFbTj77FGxSAvUwjpIYhi4ZC9QVUYLC0LwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLO5lLu1q1R1TyRAQgnYtB92x6YrMB8GA1UdIwQY
MBaAFNoLM83beZt7z109zgBP26jD6GT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQt
NzczM2JkODg4ZTI4LzEvczdtVXU3V3JWSFZQSkVCQ0NkaTBIM2JIcGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wMzJkOGItNDg4MS00NmZhLWI2NzQtNzczM2JkODg4ZTI4
LzEvMmdzenpkdDVtM3ZQWFQzT0FFX2JxTVBvWlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUFhgAwQH
UQiAAwQGVcKAMA0EAgACMAcDBQAqAUBAMA0GCSqGSIb3DQEBCwUAA4IBAQByXVWy
Zmswht+HOPaDhANrIZgIMAqArIFpYFnFvdLvjhKr1jnj5acvhUs05J0jgV3sfiIC
yPP/n6vQE6+i/vMRhXK0eMLhmrWREE7SFS+zuzLRvX6qJtEmmAmKtfUUcnC3ultJ
9AyHGaJwW8oxWEJvaRMRZWuMCeRKI70o5+JyF5YE693p0thC/57M73l5kpris0Q5
ho1vrzgmHuObMClo6xknGKLBg/cwfT1ZzHaf1aZ62PxRqx3QPMMMGF9BTgFSxwhL
nkcEAnOBlDPfWhlKS/daFGn3Car91MdA8Zg0AmemB7t5511u5XwNr7kXq3mNbNTC
VopIvxsblfsAPwFr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:48 2025 by rpki-client