Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/I6XJQzPuO4BQutj9l3SUjZVMBQs.roa
File: I6XJQzPuO4BQutj9l3SUjZVMBQs.roa (raw, json)
Hash identifier: SpNx9acwJnfAUoxlUrPZol91rF8aW3VEekG+fCM8uiI=
Subject key identifier: 23:A5:C9:43:33:EE:3B:80:50:BA:D8:FD:97:74:94:8D:95:4C:05:0B
Certificate issuer: /CN=8ef645770d2914402d6c95b8daf51f7ffe12772b
Certificate serial: 0194252157FBD00C39D1B0584FADCFE23FA2
Authority key identifier: 8E:F6:45:77:0D:29:14:40:2D:6C:95:B8:DA:F5:1F:7F:FE:12:77:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvZFdw0pFEAtbJW42vUff_4Sdys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/I6XJQzPuO4BQutj9l3SUjZVMBQs.roa
Signing time: Thu 02 Jan 2025 03:48:49 +0000
ROA not before: Thu 02 Jan 2025 03:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16001
IP address blocks: 80.250.128.0/20 maxlen: 20
185.255.64.0/22 maxlen: 22
194.76.19.0/24 maxlen: 24
2a00:ecc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:57:fb:d0:0c:39:d1:b0:58:4f:ad:cf:e2:3f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef645770d2914402d6c95b8daf51f7ffe12772b
Validity
Not Before: Jan 2 03:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23a5c94333ee3b8050bad8fd9774948d954c050b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a8:34:74:e3:9d:5c:21:4a:b4:c3:a1:6c:b1:
24:20:62:c5:6b:43:3b:0b:c9:e0:24:38:7f:60:f5:
7b:3e:45:2b:db:9f:16:3f:82:e3:ea:c1:d5:20:f4:
ff:7f:38:7f:1e:b4:0d:23:6e:32:03:46:04:ff:0f:
c2:9f:3f:f8:4b:05:22:99:2c:c9:b8:0b:2e:56:28:
1a:3e:ad:36:74:cc:21:1f:61:15:d8:c1:38:5b:33:
d4:05:5b:4b:96:07:f7:8b:c7:53:6e:9b:da:eb:a8:
77:8a:f7:04:3d:7c:57:e1:0b:7d:70:d7:bf:06:c2:
c3:fe:52:7a:9c:15:a3:67:ca:d1:1b:18:c0:15:32:
fb:05:f2:f5:10:8b:da:f3:e6:68:a2:4e:3b:a3:77:
ba:c2:80:24:b2:3b:a6:3f:30:5b:ca:f6:4e:94:28:
bc:97:08:66:16:cd:05:7c:46:62:4b:1c:47:26:2f:
cf:d8:6a:6e:f2:fe:28:60:66:35:65:65:4c:b8:68:
d6:57:5c:c8:b4:31:a5:73:22:b4:ae:cb:ad:ee:52:
76:60:1e:c4:b6:94:fb:b7:2e:26:cd:ad:8c:77:85:
9a:41:de:d7:1c:d2:f7:f0:6b:13:a3:76:20:37:92:
d6:05:2f:85:6d:1f:c1:de:38:6f:b4:32:2a:b5:15:
8d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A5:C9:43:33:EE:3B:80:50:BA:D8:FD:97:74:94:8D:95:4C:05:0B
X509v3 Authority Key Identifier:
keyid:8E:F6:45:77:0D:29:14:40:2D:6C:95:B8:DA:F5:1F:7F:FE:12:77:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvZFdw0pFEAtbJW42vUff_4Sdys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/I6XJQzPuO4BQutj9l3SUjZVMBQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/jvZFdw0pFEAtbJW42vUff_4Sdys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.128.0/20
185.255.64.0/22
194.76.19.0/24
IPv6:
2a00:ecc0::/32
Signature Algorithm: sha256WithRSAEncryption
15:e8:1b:12:1a:2b:ba:04:16:5f:c4:5c:a2:70:43:6f:05:01:
56:67:0d:5c:a8:47:b1:0e:0a:e7:87:0f:d5:c5:df:7b:56:b9:
5c:11:3a:e3:93:9d:0a:85:75:21:af:04:10:a3:1a:6a:27:74:
b8:a2:ab:f1:ae:f5:c3:35:fc:d8:2a:d9:39:a2:57:0a:33:88:
a8:2c:61:79:09:93:ed:bb:98:3f:07:33:32:af:2a:60:b1:b9:
0a:8e:75:57:fc:0c:a1:1a:6e:11:bb:bb:9b:ec:01:ea:1d:2d:
53:c7:17:95:a9:f8:78:1e:a2:6f:74:92:a4:86:f1:87:73:bb:
9f:68:96:8a:8f:37:18:a9:60:99:25:bc:43:bd:8d:b1:04:96:
f2:6c:01:13:2f:4c:c6:dc:cf:c2:fd:2d:c5:9e:ad:e2:f4:81:
fb:26:0e:4c:04:4e:36:c1:8f:9f:d2:f1:13:58:2a:8c:be:b4:
cb:29:ed:d7:a2:ee:59:ce:a5:a4:0d:35:4f:85:12:62:c1:0c:
07:bc:11:d2:1e:10:77:71:d5:d3:83:09:b4:f8:95:47:3c:8e:
f1:cd:1b:b8:79:86:54:ea:84:2b:41:cc:ea:a2:20:80:80:bd:
55:b2:6f:32:a6:0c:e6:fc:9d:76:6d:aa:68:ce:ad:8c:e1:6b:
38:a2:1b:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlIVf70Aw50bBYT63P4j+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjY0NTc3MGQyOTE0NDAyZDZjOTViOGRhZjUxZjdmZmUx
Mjc3MmIwHhcNMjUwMTAyMDM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E1Yzk0MzMzZWUzYjgwNTBiYWQ4ZmQ5Nzc0OTQ4ZDk1NGMwNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6g0dOOdXCFKtMOhbLEkIGLFa0M7
C8ngJDh/YPV7PkUr258WP4Lj6sHVIPT/fzh/HrQNI24yA0YE/w/Cnz/4SwUimSzJ
uAsuVigaPq02dMwhH2EV2ME4WzPUBVtLlgf3i8dTbpva66h3ivcEPXxX4Qt9cNe/
BsLD/lJ6nBWjZ8rRGxjAFTL7BfL1EIva8+Zook47o3e6woAksjumPzBbyvZOlCi8
lwhmFs0FfEZiSxxHJi/P2Gpu8v4oYGY1ZWVMuGjWV1zItDGlcyK0rsut7lJ2YB7E
tpT7ty4mza2Md4WaQd7XHNL38GsTo3YgN5LWBS+FbR/B3jhvtDIqtRWNIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCOlyUMz7juAULrY/Zd0lI2VTAULMB8GA1UdIwQY
MBaAFI72RXcNKRRALWyVuNr1H3/+EncrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZaRmR3MHBGRUF0YkpXNDJ2VWZmXzRTZHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iMDk3NWMtMjU3My00ZDBhLWI4ZDkt
NjU2OTU3ZjM4NjdlLzEvSTZYSlF6UHVPNEJRdXRqOWwzU1VqWlZNQlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iMDk3NWMtMjU3My00ZDBhLWI4ZDktNjU2OTU3ZjM4Njdl
LzEvanZaRmR3MHBGRUF0YkpXNDJ2VWZmXzRTZHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPqAAwQC
uf9AAwQAwkwTMA0EAgACMAcDBQAqAOzAMA0GCSqGSIb3DQEBCwUAA4IBAQAV6BsS
Giu6BBZfxFyicENvBQFWZw1cqEexDgrnhw/Vxd97VrlcETrjk50KhXUhrwQQoxpq
J3S4oqvxrvXDNfzYKtk5olcKM4ioLGF5CZPtu5g/BzMyrypgsbkKjnVX/AyhGm4R
u7ub7AHqHS1TxxeVqfh4HqJvdJKkhvGHc7ufaJaKjzcYqWCZJbxDvY2xBJbybAET
L0zG3M/C/S3Fnq3i9IH7Jg5MBE42wY+f0vETWCqMvrTLKe3Xou5ZzqWkDTVPhRJi
wQwHvBHSHhB3cdXTgwm0+JVHPI7xzRu4eYZU6oQrQczqoiCAgL1Vsm8ypgzm/J12
bapozq2M4Ws4ohtk
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:51:32 2025 by rpki-client