Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/cIiLeLQjSOta8uBuSJamYJA2bp0.roa
File: cIiLeLQjSOta8uBuSJamYJA2bp0.roa (raw, json)
Hash identifier: HNS0nyiGUfnG1aMP87O2udQ4Nk+kwAFUsHx1btTnPvE=
Subject key identifier: 70:88:8B:78:B4:23:48:EB:5A:F2:E0:6E:48:96:A6:60:90:36:6E:9D
Certificate issuer: /CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Certificate serial: 019425FCCCD41BDB52C97A8DFA01737FD4BF
Authority key identifier: 41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/cIiLeLQjSOta8uBuSJamYJA2bp0.roa
Signing time: Thu 02 Jan 2025 07:48:32 +0000
ROA not before: Thu 02 Jan 2025 07:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39095
IP address blocks: 185.80.136.0/22 maxlen: 24
195.142.200.0/22 maxlen: 24
195.142.244.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:cc:d4:1b:db:52:c9:7a:8d:fa:01:73:7f:d4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Validity
Not Before: Jan 2 07:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70888b78b42348eb5af2e06e4896a66090366e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:43:e1:1b:a6:d7:90:10:e8:31:cd:b3:ef:29:
dd:0e:66:b1:8e:d5:97:d3:67:12:3e:6a:82:e3:64:
39:50:a3:db:a0:9a:6b:59:f6:25:83:31:8e:ff:a5:
f4:a2:ee:1b:f7:99:94:7f:93:4a:dd:b3:6d:f5:5a:
ba:72:b5:79:45:c2:e9:27:ba:2d:74:eb:a9:57:ce:
b8:44:d9:63:0b:a5:19:e4:e3:e1:3c:f6:de:38:c2:
d1:f3:de:d7:41:36:08:eb:57:71:41:66:07:d8:a6:
fe:86:28:84:9a:bb:ce:45:4a:03:d5:c5:d9:8d:98:
37:e3:d3:ec:d8:c1:02:10:31:91:5e:e7:c5:b5:98:
65:04:71:f3:52:01:cb:ab:6c:98:e0:26:f6:91:da:
03:7e:d7:6f:61:95:d0:3e:86:85:67:43:6c:ba:ff:
92:55:84:82:e3:71:50:f6:9a:fc:ff:26:4d:35:f3:
b5:13:83:84:73:ab:8c:a1:58:43:b0:85:ca:93:d4:
c1:d5:3e:b4:3c:4b:6b:b5:11:58:b7:57:41:82:d1:
a6:f2:ac:2d:a9:b7:a1:79:a2:79:57:91:f4:94:cf:
76:3f:40:1f:93:06:c9:85:d4:9e:f4:23:ec:01:4f:
e3:88:7d:12:6e:40:09:f5:4e:56:b2:cc:06:77:08:
55:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:88:8B:78:B4:23:48:EB:5A:F2:E0:6E:48:96:A6:60:90:36:6E:9D
X509v3 Authority Key Identifier:
keyid:41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/cIiLeLQjSOta8uBuSJamYJA2bp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.136.0/22
195.142.200.0/22
195.142.244.0/22
Signature Algorithm: sha256WithRSAEncryption
60:08:ea:0b:15:70:c9:73:8d:fb:4e:28:e4:af:de:d0:da:be:
99:3c:bb:74:da:78:b5:7f:40:3d:54:6a:59:52:14:cd:91:54:
a5:07:36:c6:b7:59:6f:e3:97:a4:6c:dc:0a:27:f3:2c:af:7f:
6d:40:9a:5d:c8:38:89:c7:26:22:41:3f:80:ac:3e:60:e8:c1:
b6:a9:c8:53:43:e5:e5:a8:18:26:2a:77:ec:3c:e0:5f:d0:56:
42:c1:a4:0c:9d:d0:01:c6:a7:2f:ea:b6:74:66:16:6c:81:07:
0a:e8:91:0c:20:5a:71:9c:1e:c8:dd:6c:a1:de:9c:cd:4d:26:
44:fc:c4:00:60:ac:7b:07:96:9c:6a:82:1c:42:81:9c:ba:b1:
94:9d:71:0e:80:b1:06:6f:8a:d1:60:c0:18:22:20:d5:21:70:
e8:2b:eb:13:5d:81:eb:6c:15:78:5f:3a:e9:af:e6:42:a5:df:
98:36:79:2c:ed:2a:ec:32:82:a9:62:a1:f4:47:c8:43:02:8a:
c1:da:f0:ce:2a:0e:92:5b:5c:e8:ed:a7:af:ff:35:f1:94:0f:
19:29:56:09:f6:89:fc:36:0c:0c:03:f7:f2:1c:fc:d4:52:e5:
c6:02:f3:83:e7:c6:28:8a:78:11:32:c9:fa:8e:ed:df:b8:5d:
20:9f:05:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/MzUG9tSyXqN+gFzf9S/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYzZGIxZWQzMzRhN2M1MjgwYWI5ODU0NzQyOTE0YWUw
YzRjNTIwHhcNMjUwMTAyMDc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg4OGI3OGI0MjM0OGViNWFmMmUwNmU0ODk2YTY2MDkwMzY2ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskPhG6bXkBDoMc2z7yndDmaxjtWX
02cSPmqC42Q5UKPboJprWfYlgzGO/6X0ou4b95mUf5NK3bNt9Vq6crV5RcLpJ7ot
dOupV864RNljC6UZ5OPhPPbeOMLR897XQTYI61dxQWYH2Kb+hiiEmrvORUoD1cXZ
jZg349Ps2MECEDGRXufFtZhlBHHzUgHLq2yY4Cb2kdoDftdvYZXQPoaFZ0Nsuv+S
VYSC43FQ9pr8/yZNNfO1E4OEc6uMoVhDsIXKk9TB1T60PEtrtRFYt1dBgtGm8qwt
qbeheaJ5V5H0lM92P0AfkwbJhdSe9CPsAU/jiH0SbkAJ9U5WsswGdwhV2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHCIi3i0I0jrWvLgbkiWpmCQNm6dMB8GA1UdIwQY
MBaAFEF2PbHtM0p8UoCrmFR0KRSuDExSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMt
NDljOTVlZWFjODEyLzEvY0lpTGVMUWpTT3RhOHVCdVNKYW1ZSkEyYnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMtNDljOTVlZWFjODEy
LzEvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVCIAwQC
w47IAwQCw470MA0GCSqGSIb3DQEBCwUAA4IBAQBgCOoLFXDJc437Tijkr97Q2r6Z
PLt02ni1f0A9VGpZUhTNkVSlBzbGt1lv45ekbNwKJ/Msr39tQJpdyDiJxyYiQT+A
rD5g6MG2qchTQ+XlqBgmKnfsPOBf0FZCwaQMndABxqcv6rZ0ZhZsgQcK6JEMIFpx
nB7I3Wyh3pzNTSZE/MQAYKx7B5acaoIcQoGcurGUnXEOgLEGb4rRYMAYIiDVIXDo
K+sTXYHrbBV4Xzrpr+ZCpd+YNnks7SrsMoKpYqH0R8hDAorB2vDOKg6SW1zo7aev
/zXxlA8ZKVYJ9on8NgwMA/fyHPzUUuXGAvOD58YoingRMsn6ju3fuF0gnwXy
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:38:20 2025 by rpki-client