Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/hB9dKBP1LuYlnLr5eZ4FYP0HW4U.roa
File: hB9dKBP1LuYlnLr5eZ4FYP0HW4U.roa (raw, json)
Hash identifier: vyRSbU/nDRDe+RhFuxhoZc32VSm2NqNMRni57RF/BOI=
Subject key identifier: 84:1F:5D:28:13:F5:2E:E6:25:9C:BA:F9:79:9E:05:60:FD:07:5B:85
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 019423D6D825D257E4223DFD7650B7A22A19
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/hB9dKBP1LuYlnLr5eZ4FYP0HW4U.roa
Signing time: Wed 01 Jan 2025 21:47:50 +0000
ROA not before: Wed 01 Jan 2025 21:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215171
IP address blocks: 80.71.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d8:25:d2:57:e4:22:3d:fd:76:50:b7:a2:2a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=841f5d2813f52ee6259cbaf9799e0560fd075b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e2:5f:03:4d:b3:5a:4a:7e:00:72:35:3d:4d:
b0:2c:9c:26:2b:23:22:1b:f4:25:8d:34:04:4d:47:
02:a1:bd:5b:0b:2a:ac:80:df:47:95:4d:73:2d:9e:
ad:b1:40:e2:c6:69:fa:e9:a9:42:bb:44:31:7b:aa:
db:a7:bf:5b:57:61:35:77:bd:49:a4:eb:3c:84:62:
93:31:df:f1:4e:79:b9:b6:5c:be:90:ec:e3:64:61:
f5:d9:f8:ac:61:7d:bb:0d:80:56:36:ab:af:2d:d7:
07:16:36:ba:d9:a8:22:24:db:1b:89:c7:17:27:4c:
c8:8a:51:66:0b:3c:ac:75:ee:cb:95:80:8d:77:29:
a1:77:aa:84:52:1b:0d:cb:ac:ee:c3:70:44:cb:28:
db:c6:38:ba:66:c3:66:6d:ac:43:d6:e9:cb:2d:fe:
14:fe:41:36:63:c5:0d:6f:78:2b:54:c6:37:56:92:
a3:86:77:da:78:05:ab:9f:db:9e:0f:1d:ee:00:e7:
ed:13:75:80:d9:3e:c2:9c:e6:b7:d3:48:4e:c4:ad:
09:78:99:30:76:88:bf:54:d0:69:91:e7:e4:e4:e5:
6a:b0:a7:d7:7d:d7:00:f7:3e:fc:d7:39:fd:3e:3d:
35:28:76:80:81:be:f9:17:7a:0d:e4:64:6d:46:8e:
09:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1F:5D:28:13:F5:2E:E6:25:9C:BA:F9:79:9E:05:60:FD:07:5B:85
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/hB9dKBP1LuYlnLr5eZ4FYP0HW4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.229.0/24
Signature Algorithm: sha256WithRSAEncryption
47:3b:5d:ee:cd:89:cd:21:b9:c0:49:11:77:e0:e5:ad:df:11:
05:93:9f:1d:b3:b8:71:9b:eb:78:51:2c:fa:35:ba:fb:94:51:
34:8d:1e:a8:48:4a:35:e3:eb:bf:70:29:ef:a8:9c:43:6a:bd:
0a:03:d2:70:71:0c:0d:97:a8:44:2e:ae:7d:3f:22:0a:3a:3e:
dc:62:37:4a:ec:8e:dc:8c:e6:cb:50:ca:49:1a:c9:92:56:59:
f6:1c:b7:a0:03:d9:cb:25:e3:3a:92:55:aa:a4:b4:bc:12:f5:
73:d8:ad:1c:ca:4b:0d:de:4d:0e:b5:3a:9e:96:65:72:c4:bb:
a7:84:9e:45:1f:21:28:16:02:3c:97:34:46:bf:a5:53:54:37:
fc:f9:f0:28:ea:e7:41:53:b3:1a:f3:3b:7e:50:8a:19:7b:dc:
a1:3c:85:a5:7f:42:f5:84:0e:4a:1f:fe:80:be:ef:df:9f:00:
fd:f0:93:f9:a6:95:e7:c7:74:d9:ad:54:76:12:a2:04:13:bc:
ae:5c:14:2a:58:65:ed:76:dd:0f:aa:d0:59:0b:c2:48:2c:09:
fb:64:7c:1b:bb:e9:5d:5a:7c:09:e6:f7:6c:e6:d7:ad:cf:83:
33:8a:21:aa:0d:f6:2f:ee:4a:e0:37:e1:2e:0f:cf:d9:75:87:
39:c3:4e:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1tgl0lfkIj39dlC3oioZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwMTAxMjE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFmNWQyODEzZjUyZWU2MjU5Y2JhZjk3OTllMDU2MGZkMDc1Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+JfA02zWkp+AHI1PU2wLJwmKyMi
G/QljTQETUcCob1bCyqsgN9HlU1zLZ6tsUDixmn66alCu0Qxe6rbp79bV2E1d71J
pOs8hGKTMd/xTnm5tly+kOzjZGH12fisYX27DYBWNquvLdcHFja62agiJNsbiccX
J0zIilFmCzysde7LlYCNdymhd6qEUhsNy6zuw3BEyyjbxji6ZsNmbaxD1unLLf4U
/kE2Y8UNb3grVMY3VpKjhnfaeAWrn9ueDx3uAOftE3WA2T7CnOa300hOxK0JeJkw
doi/VNBpkefk5OVqsKfXfdcA9z781zn9Pj01KHaAgb75F3oN5GRtRo4JMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQfXSgT9S7mJZy6+XmeBWD9B1uFMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvaEI5ZEtCUDFMdVlsbkxyNWVaNEZZUDBIVzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEflMA0G
CSqGSIb3DQEBCwUAA4IBAQBHO13uzYnNIbnASRF34OWt3xEFk58ds7hxm+t4USz6
Nbr7lFE0jR6oSEo14+u/cCnvqJxDar0KA9JwcQwNl6hELq59PyIKOj7cYjdK7I7c
jObLUMpJGsmSVln2HLegA9nLJeM6klWqpLS8EvVz2K0cyksN3k0OtTqelmVyxLun
hJ5FHyEoFgI8lzRGv6VTVDf8+fAo6udBU7Ma8zt+UIoZe9yhPIWlf0L1hA5KH/6A
vu/fnwD98JP5ppXnx3TZrVR2EqIEE7yuXBQqWGXtdt0PqtBZC8JILAn7ZHwbu+ld
WnwJ5vds5tetz4MziiGqDfYv7krgN+EuD8/ZdYc5w06X
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:36:01 2025 by rpki-client