Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/4WNYU3DPTpnOXIdy-DcRolCswoU.roa
File: 4WNYU3DPTpnOXIdy-DcRolCswoU.roa (raw, json)
Hash identifier: lJMeZdxIdcMT6oAlo0ZhGiaOSgJa2FyIZlyPkCXNXeU=
Subject key identifier: E1:63:58:53:70:CF:4E:99:CE:5C:87:72:F8:37:11:A2:50:AC:C2:85
Certificate issuer: /CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Certificate serial: 0194236A1D0014C29FA0F30EF78B80CDB249
Authority key identifier: F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/4WNYU3DPTpnOXIdy-DcRolCswoU.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21032
IP address blocks: 80.78.160.0/20 maxlen: 20
80.78.176.0/20 maxlen: 20
89.145.0.0/18 maxlen: 18
185.159.208.0/22 maxlen: 22
193.109.138.0/23 maxlen: 23
195.85.202.0/24 maxlen: 24
2a02:5d0::/29 maxlen: 32
2a02:5d5::/32 maxlen: 32
2a02:5d7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1d:00:14:c2:9f:a0:f3:0e:f7:8b:80:cd:b2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e163585370cf4e99ce5c8772f83711a250acc285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:67:02:88:9c:dd:13:51:72:b1:48:7b:fc:8b:
5e:f3:ff:d5:41:19:8c:56:b9:55:47:92:54:3b:2d:
15:11:da:e2:96:20:e4:0e:59:33:5b:d7:c1:0b:3d:
cc:a5:fd:93:18:1a:0b:a2:a3:2a:8c:87:02:7a:32:
ab:7d:c5:10:44:69:b7:1b:7d:21:64:f6:9f:19:c6:
78:5e:3f:f9:9c:16:e2:96:52:60:3f:ca:14:14:25:
af:3f:6b:a6:64:a4:c2:82:02:06:75:82:31:88:47:
49:7e:aa:34:aa:7f:c6:ee:27:c6:06:46:87:1f:ee:
5d:5b:2b:4b:85:32:50:eb:f2:4a:10:4d:c7:be:dc:
4c:ff:f6:f9:a3:1f:41:7f:3b:13:69:8a:11:7a:76:
21:56:06:e7:f2:7a:db:17:fc:50:63:71:0e:d1:26:
7d:b2:be:28:63:1d:df:aa:6c:1a:9f:07:aa:c9:df:
88:e6:bd:37:0e:7e:b7:81:65:47:d7:ec:f0:45:e5:
51:f3:60:b2:bd:14:1e:4c:e4:73:71:b2:a6:12:ba:
83:d9:52:fd:b8:45:81:11:32:00:73:cc:97:fc:2c:
27:87:f3:34:9e:95:75:28:7c:35:91:85:7e:5c:83:
37:6b:93:86:12:94:26:48:fd:b5:77:c7:9d:40:9a:
05:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:63:58:53:70:CF:4E:99:CE:5C:87:72:F8:37:11:A2:50:AC:C2:85
X509v3 Authority Key Identifier:
keyid:F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/4WNYU3DPTpnOXIdy-DcRolCswoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.160.0/19
89.145.0.0/18
185.159.208.0/22
193.109.138.0/23
195.85.202.0/24
IPv6:
2a02:5d0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:cf:06:1d:a1:d0:1f:73:68:db:99:26:4e:97:1c:82:db:84:
8e:b0:9f:d2:d2:c5:bc:f2:e4:6e:70:fd:0b:77:9c:82:a5:7c:
a8:16:99:23:e6:b9:b1:b7:9d:4d:3f:33:bb:62:8a:00:4a:29:
22:e6:dd:30:34:28:19:a1:f2:e0:53:96:57:1e:ff:6d:0f:4b:
d4:0c:a9:c7:27:1a:54:3c:bf:b8:8e:98:13:c2:12:b9:f4:17:
c7:51:33:c8:71:93:f9:be:44:0b:ec:3a:ba:52:84:4b:2c:01:
de:81:26:08:2a:91:72:fb:23:80:56:91:e8:a3:62:79:d5:cc:
55:73:1c:f3:82:f1:27:e0:c9:34:e1:31:c6:40:61:67:3d:7a:
cd:3c:18:4d:49:d5:34:c7:43:4f:dc:58:d3:47:d6:18:21:7e:
28:fc:26:2d:ee:33:00:a2:64:05:a6:2e:26:da:26:0c:e9:a6:
99:f4:9a:ce:33:c6:9c:bd:eb:70:4b:a7:13:dc:47:9d:ac:5c:
9d:5c:f7:56:12:0e:ac:6b:47:8b:ea:fc:3f:23:95:7a:06:a4:
19:c5:57:69:5d:76:eb:29:d0:12:52:73:18:cb:ac:9b:04:7e:
88:3f:44:c7:65:62:90:b7:1f:b5:22:9c:46:c1:14:f6:84:db:
73:0b:4e:24
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQjah0AFMKfoPMO94uAzbJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MDZlYzljZjFkZWFiZjlkNmNkNWY4ODkxYmI4MmQ1NmY5
MWQ2NzgwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTYzNTg1MzcwY2Y0ZTk5Y2U1Yzg3NzJmODM3MTFhMjUwYWNjMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmcCiJzdE1FysUh7/Ite8//VQRmM
VrlVR5JUOy0VEdriliDkDlkzW9fBCz3Mpf2TGBoLoqMqjIcCejKrfcUQRGm3G30h
ZPafGcZ4Xj/5nBbillJgP8oUFCWvP2umZKTCggIGdYIxiEdJfqo0qn/G7ifGBkaH
H+5dWytLhTJQ6/JKEE3HvtxM//b5ox9BfzsTaYoRenYhVgbn8nrbF/xQY3EO0SZ9
sr4oYx3fqmwanweqyd+I5r03Dn63gWVH1+zwReVR82CyvRQeTORzcbKmErqD2VL9
uEWBETIAc8yX/Cwnh/M0npV1KHw1kYV+XIM3a5OGEpQmSP21d8edQJoFLwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOFjWFNwz06ZzlyHcvg3EaJQrMKFMB8GA1UdIwQY
MBaAFPgG7Jzx3qv51s1fiJG7gtVvkdZ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BYnNuUEhlcV9uV3pWLUlrYnVDMVctUjFuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvNDQwNGY1LWUxMGMtNDE5MC05Mjcw
LWFjMGE4NGEyN2Q1My8xLzRXTllVM0RQVHBuT1hJZHktRGNSb2xDc3dvVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvNDQwNGY1LWUxMGMtNDE5MC05MjcwLWFjMGE4NGEyN2Q1
My8xLzEtQWJzblBIZXFfbld6Vi1Ja2J1QzFXLVIxbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAVQTqAD
BAZZkQADBAK5n9ADBAHBbYoDBADDVcowDQQCAAIwBwMFAyoCBdAwDQYJKoZIhvcN
AQELBQADggEBAMDPBh2h0B9zaNuZJk6XHILbhI6wn9LSxbzy5G5w/Qt3nIKlfKgW
mSPmubG3nU0/M7tiigBKKSLm3TA0KBmh8uBTllce/20PS9QMqccnGlQ8v7iOmBPC
Ern0F8dRM8hxk/m+RAvsOrpShEssAd6BJggqkXL7I4BWkeijYnnVzFVzHPOC8Sfg
yTThMcZAYWc9es08GE1J1TTHQ0/cWNNH1hghfij8Ji3uMwCiZAWmLibaJgzpppn0
ms4zxpy963BLpxPcR52sXJ1c91YSDqxrR4vq/D8jlXoGpBnFV2lddusp0BJScxjL
rJsEfog/RMdlYpC3H7UinEbBFPaE23MLTiQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:24:54 2025 by rpki-client