Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/2p40Nc2xaHE8kZlDDAIZtTe36X4.roa
File: 2p40Nc2xaHE8kZlDDAIZtTe36X4.roa (raw, json)
Hash identifier: Gggun6qomuBE+OhHHJ4qJm9ChIbCJjaRrYY7HesQ4j4=
Subject key identifier: DA:9E:34:35:CD:B1:68:71:3C:91:99:43:0C:02:19:B5:37:B7:E9:7E
Certificate issuer: /CN=ea827b9556d540da536b8046c65ff95b06ee4963
Certificate serial: 019425FD9AD5A4CDE7E79F85F9119FD2293E
Authority key identifier: EA:82:7B:95:56:D5:40:DA:53:6B:80:46:C6:5F:F9:5B:06:EE:49:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/2p40Nc2xaHE8kZlDDAIZtTe36X4.roa
Signing time: Thu 02 Jan 2025 07:49:24 +0000
ROA not before: Thu 02 Jan 2025 07:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8523
IP address blocks: 80.76.144.0/20 maxlen: 20
164.40.176.0/21 maxlen: 21
2a00:1d28::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9a:d5:a4:cd:e7:e7:9f:85:f9:11:9f:d2:29:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea827b9556d540da536b8046c65ff95b06ee4963
Validity
Not Before: Jan 2 07:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da9e3435cdb168713c9199430c0219b537b7e97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:85:a9:a8:3b:d1:6d:d6:ea:2d:6d:94:21:00:
10:dc:8a:c6:9e:71:93:2f:f2:d7:53:33:2f:a0:44:
6e:54:50:1a:a8:0a:52:04:fc:ce:f1:29:6f:80:19:
3f:dc:f4:d1:43:ff:55:6b:0a:90:35:83:c3:c5:a7:
ac:7e:8f:92:08:7c:ef:16:0d:75:e9:83:cd:1a:2b:
80:c1:d1:e6:7a:0f:8c:61:9d:12:ab:06:a3:1c:d6:
c7:8b:2c:ae:3e:24:3c:71:43:54:3c:a9:f1:e8:4a:
da:8e:c6:c7:16:18:77:e2:63:30:f8:05:6e:64:8f:
51:b3:7e:80:b6:01:80:66:56:fe:59:22:60:2c:46:
d0:ac:9f:67:7e:03:4a:32:b0:19:9b:2e:ff:1b:db:
52:83:a9:6c:a6:ad:4e:38:a7:df:cb:9c:4f:11:f1:
a2:da:a8:0a:98:5d:95:ed:e2:3f:04:a8:dd:a0:0f:
b7:b2:8c:50:10:26:8a:7b:44:60:08:0d:a8:38:3a:
dc:84:a8:35:6c:9f:84:fe:65:96:b8:73:2f:24:b2:
3b:70:54:92:0a:98:80:d0:b9:21:ee:4d:c1:0c:cc:
f7:3e:50:a5:38:85:2c:4c:66:eb:bd:85:10:f2:21:
6b:db:90:20:87:79:f6:dd:8f:54:1f:0b:f5:21:f5:
6d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9E:34:35:CD:B1:68:71:3C:91:99:43:0C:02:19:B5:37:B7:E9:7E
X509v3 Authority Key Identifier:
keyid:EA:82:7B:95:56:D5:40:DA:53:6B:80:46:C6:5F:F9:5B:06:EE:49:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/2p40Nc2xaHE8kZlDDAIZtTe36X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.144.0/20
164.40.176.0/21
IPv6:
2a00:1d28::/32
Signature Algorithm: sha256WithRSAEncryption
97:1c:dd:c6:52:b0:96:d2:cc:b4:6b:8d:36:dc:c8:0e:34:19:
95:36:53:0b:66:b3:e0:72:4c:b0:29:61:f0:71:3f:d5:b1:dd:
3a:7c:8c:76:02:d0:e9:80:52:04:0a:d0:f8:df:aa:86:c4:79:
b9:8a:4d:19:a9:a3:24:3a:ca:d5:dc:2a:65:0d:f4:3a:2b:b7:
37:c9:59:b8:a1:cf:1a:92:23:84:cf:4a:22:c3:ec:a7:c1:4f:
fc:01:55:37:36:08:f3:63:fc:15:2e:6a:68:9a:eb:d2:43:a1:
0f:74:e4:b8:67:01:2e:74:45:16:99:8f:1e:09:e0:04:31:1e:
7e:2a:c2:af:f4:af:4e:00:8d:9e:cb:6a:84:07:ba:4d:ee:b8:
09:d9:ec:85:a4:bf:83:55:e9:df:84:d5:42:f6:d2:61:86:3f:
7b:12:1d:09:aa:6d:09:bf:53:d4:39:e5:26:a1:c3:45:12:86:
86:74:5c:c1:a8:f5:0e:9a:8c:76:8c:90:eb:da:51:e4:cb:6a:
27:f2:75:94:a8:86:1a:ef:35:6b:16:87:10:a6:1c:ea:bf:2e:
59:c7:e0:24:33:6c:a2:fe:ff:a0:bb:6b:df:a9:c4:43:8c:0a:
33:77:05:b2:02:d8:47:35:c1:79:40:93:79:b9:d3:9d:93:c3:
54:d2:46:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/ZrVpM3n55+F+RGf0ik+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhODI3Yjk1NTZkNTQwZGE1MzZiODA0NmM2NWZmOTViMDZl
ZTQ5NjMwHhcNMjUwMTAyMDc0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTllMzQzNWNkYjE2ODcxM2M5MTk5NDMwYzAyMTliNTM3YjdlOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IWpqDvRbdbqLW2UIQAQ3IrGnnGT
L/LXUzMvoERuVFAaqApSBPzO8SlvgBk/3PTRQ/9VawqQNYPDxaesfo+SCHzvFg11
6YPNGiuAwdHmeg+MYZ0SqwajHNbHiyyuPiQ8cUNUPKnx6ErajsbHFhh34mMw+AVu
ZI9Rs36AtgGAZlb+WSJgLEbQrJ9nfgNKMrAZmy7/G9tSg6lspq1OOKffy5xPEfGi
2qgKmF2V7eI/BKjdoA+3soxQECaKe0RgCA2oODrchKg1bJ+E/mWWuHMvJLI7cFSS
CpiA0Lkh7k3BDMz3PlClOIUsTGbrvYUQ8iFr25Agh3n23Y9UHwv1IfVtkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNqeNDXNsWhxPJGZQwwCGbU3t+l+MB8GA1UdIwQY
MBaAFOqCe5VW1UDaU2uARsZf+VsG7kljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9KN2xWYlZRTnBUYTRCR3hsXzVXd2J1U1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MDEyYTQtM2Q1OC00ZGQwLTgwYjQt
YmUzMTdiNTMxYzJlLzEvMnA0ME5jMnhhSEU4a1psRERBSVp0VGUzNlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MDEyYTQtM2Q1OC00ZGQwLTgwYjQtYmUzMTdiNTMxYzJl
LzEvNm9KN2xWYlZRTnBUYTRCR3hsXzVXd2J1U1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEyQAwQD
pCiwMA0EAgACMAcDBQAqAB0oMA0GCSqGSIb3DQEBCwUAA4IBAQCXHN3GUrCW0sy0
a4023MgONBmVNlMLZrPgckywKWHwcT/Vsd06fIx2AtDpgFIECtD436qGxHm5ik0Z
qaMkOsrV3CplDfQ6K7c3yVm4oc8akiOEz0oiw+ynwU/8AVU3NgjzY/wVLmpomuvS
Q6EPdOS4ZwEudEUWmY8eCeAEMR5+KsKv9K9OAI2ey2qEB7pN7rgJ2eyFpL+DVenf
hNVC9tJhhj97Eh0Jqm0Jv1PUOeUmocNFEoaGdFzBqPUOmox2jJDr2lHky2on8nWU
qIYa7zVrFocQphzqvy5Zx+AkM2yi/v+gu2vfqcRDjAozdwWyAthHNcF5QJN5udOd
k8NU0kYX
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:40:50 2025 by rpki-client