Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/NEkAAC5eOIs8OoNSO_wRpVbCVhQ.roa
File: NEkAAC5eOIs8OoNSO_wRpVbCVhQ.roa (raw, json)
Hash identifier: FftUAD33wNwvNrcoZC+byPRQdlg86ZEpp/jgdt+8yEQ=
Subject key identifier: 34:49:00:00:2E:5E:38:8B:3C:3A:83:52:3B:FC:11:A5:56:C2:56:14
Certificate issuer: /CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Certificate serial: 01942143B3C0B8D9D5149BD9351D101C6EAC
Authority key identifier: 06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/NEkAAC5eOIs8OoNSO_wRpVbCVhQ.roa
Signing time: Wed 01 Jan 2025 09:47:52 +0000
ROA not before: Wed 01 Jan 2025 09:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201364
IP address blocks: 80.93.220.0/24 maxlen: 24
217.195.195.0/24 maxlen: 24
217.195.197.0/24 maxlen: 24
2a05:3040::/29 maxlen: 29
2a05:3040::/32 maxlen: 32
2a05:3041::/32 maxlen: 32
2a05:3042::/32 maxlen: 32
2a05:3043::/32 maxlen: 32
2a05:3044::/32 maxlen: 32
2a05:3045::/32 maxlen: 32
2a05:3046::/32 maxlen: 32
2a05:3047::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b3:c0:b8:d9:d5:14:9b:d9:35:1d:10:1c:6e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0620eadb2e1562b4e2e4f480772c36887a777f24
Validity
Not Before: Jan 1 09:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=344900002e5e388b3c3a83523bfc11a556c25614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3c:c0:83:9d:10:b2:11:58:23:7f:e5:b5:86:
63:d1:fe:29:b6:2d:1c:61:8f:e6:65:2c:f1:fe:38:
88:d9:1a:30:28:39:53:0e:f4:70:10:50:b2:c2:63:
e0:12:7e:a3:1b:28:ba:ab:fa:74:71:9a:e7:d5:39:
25:dc:83:e8:35:87:15:ea:0f:20:3d:d1:f9:a2:11:
88:61:ef:09:7f:dc:23:ce:82:ce:38:36:53:78:98:
2a:52:a5:b4:f4:26:90:c6:8d:86:86:bd:47:8d:c0:
23:77:ec:ca:8c:c2:26:e4:df:41:e2:3c:3f:8b:c4:
8c:c2:c4:da:2c:09:a9:57:f5:4d:20:44:59:be:5f:
1e:e2:db:53:6e:d2:25:9e:b8:73:6f:b6:11:46:36:
bd:4c:be:81:3e:4f:70:87:45:c4:34:4a:25:2a:37:
1a:7c:fb:c4:d4:70:0c:59:2f:13:12:8e:46:37:9a:
01:6c:cd:2a:1c:99:86:55:0e:34:c4:5e:a2:98:6b:
19:06:82:08:27:13:11:51:ea:39:41:a2:9e:d6:49:
af:40:63:16:3d:50:08:e5:12:83:7d:b3:e5:7d:a4:
61:8f:5a:18:9c:e3:7e:c0:71:8b:8f:8c:06:50:10:
8b:6b:10:ce:50:4a:3b:f1:0a:c9:00:ce:d7:ec:29:
c8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:49:00:00:2E:5E:38:8B:3C:3A:83:52:3B:FC:11:A5:56:C2:56:14
X509v3 Authority Key Identifier:
keyid:06:20:EA:DB:2E:15:62:B4:E2:E4:F4:80:77:2C:36:88:7A:77:7F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/NEkAAC5eOIs8OoNSO_wRpVbCVhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc8bfa-2b13-4674-a984-a5fdb570fe9a/1/BiDq2y4VYrTi5PSAdyw2iHp3fyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.220.0/24
217.195.195.0/24
217.195.197.0/24
IPv6:
2a05:3040::/29
Signature Algorithm: sha256WithRSAEncryption
24:51:ae:52:d1:e5:07:84:be:bc:64:0b:05:44:2a:fd:84:94:
d1:d1:b6:a6:40:c4:2d:6e:4a:c0:4d:e9:22:d5:32:a4:15:36:
49:bd:6e:72:06:20:3c:45:58:c9:4b:a2:d9:cc:51:07:ac:ed:
75:84:d2:81:58:d9:cd:60:ad:63:a2:45:d8:58:b8:c0:88:69:
c7:83:80:5e:29:fa:5b:21:82:44:c5:ba:8f:2a:57:41:1d:3b:
94:e6:0a:4c:3e:f7:d1:a6:c0:03:4b:f9:10:f4:ef:1f:62:19:
6a:68:76:38:8f:4f:9c:f2:33:a4:c9:18:4e:82:2c:3a:8e:3a:
73:73:ae:9c:d8:db:d1:c3:72:83:3a:69:86:d3:5d:60:17:1e:
04:30:73:9b:0c:b8:66:74:b2:42:c3:70:de:18:48:a8:d5:61:
c8:c7:fc:0f:90:ae:c7:d9:fc:41:82:16:66:8e:6a:24:0a:06:
fb:6f:c5:0e:cd:ce:c0:21:83:82:96:05:b0:42:ec:3a:25:be:
08:62:dd:aa:b3:ab:c5:6f:25:a3:5f:06:d9:bb:1b:af:c3:28:
24:46:ea:8c:93:37:a3:6a:80:40:a0:d9:bd:49:c3:1d:ce:70:
99:49:4c:0b:c9:df:f3:3b:87:0b:5a:4e:1a:f6:2a:01:89:12:
49:91:ba:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhQ7PAuNnVFJvZNR0QHG6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MjBlYWRiMmUxNTYyYjRlMmU0ZjQ4MDc3MmMzNjg4N2E3
NzdmMjQwHhcNMjUwMTAxMDk0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQ5MDAwMDJlNWUzODhiM2MzYTgzNTIzYmZjMTFhNTU2YzI1NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DzAg50QshFYI3/ltYZj0f4pti0c
YY/mZSzx/jiI2RowKDlTDvRwEFCywmPgEn6jGyi6q/p0cZrn1Tkl3IPoNYcV6g8g
PdH5ohGIYe8Jf9wjzoLOODZTeJgqUqW09CaQxo2Ghr1HjcAjd+zKjMIm5N9B4jw/
i8SMwsTaLAmpV/VNIERZvl8e4ttTbtIlnrhzb7YRRja9TL6BPk9wh0XENEolKjca
fPvE1HAMWS8TEo5GN5oBbM0qHJmGVQ40xF6imGsZBoIIJxMRUeo5QaKe1kmvQGMW
PVAI5RKDfbPlfaRhj1oYnON+wHGLj4wGUBCLaxDOUEo78QrJAM7X7CnI2wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDRJAAAuXjiLPDqDUjv8EaVWwlYUMB8GA1UdIwQY
MBaAFAYg6tsuFWK04uT0gHcsNoh6d38kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQt
YTVmZGI1NzBmZTlhLzEvTkVrQUFDNWVPSXM4T29OU09fd1JwVmJDVmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jYzhiZmEtMmIxMy00Njc0LWE5ODQtYTVmZGI1NzBmZTlh
LzEvQmlEcTJ5NFZZclRpNVBTQWR5dzJpSHAzZnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAUF3cAwQA
2cPDAwQA2cPFMA0EAgACMAcDBQMqBTBAMA0GCSqGSIb3DQEBCwUAA4IBAQAkUa5S
0eUHhL68ZAsFRCr9hJTR0bamQMQtbkrATeki1TKkFTZJvW5yBiA8RVjJS6LZzFEH
rO11hNKBWNnNYK1jokXYWLjAiGnHg4BeKfpbIYJExbqPKldBHTuU5gpMPvfRpsAD
S/kQ9O8fYhlqaHY4j0+c8jOkyRhOgiw6jjpzc66c2NvRw3KDOmmG011gFx4EMHOb
DLhmdLJCw3DeGEio1WHIx/wPkK7H2fxBghZmjmokCgb7b8UOzc7AIYOClgWwQuw6
Jb4IYt2qs6vFbyWjXwbZuxuvwygkRuqMkzejaoBAoNm9ScMdznCZSUwLyd/zO4cL
Wk4a9ioBiRJJkbo5
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:11:25 2025 by rpki-client