Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/C5kS-eXFEoRGhSGKrj1aky_A-YU.roa
File: C5kS-eXFEoRGhSGKrj1aky_A-YU.roa (raw, json)
Hash identifier: 0Cexvh0L+qwpqym6REc7bvetIUnS6MiKORaDRSgSxQo=
Subject key identifier: 0B:99:12:F9:E5:C5:12:84:46:85:21:8A:AE:3D:5A:93:2F:C0:F9:85
Certificate issuer: /CN=1462a497efe0bc92b7ed92529ebbe39cb19d330a
Certificate serial: 019427B5F6BBCB14D0629012CB8495CA00DF
Authority key identifier: 14:62:A4:97:EF:E0:BC:92:B7:ED:92:52:9E:BB:E3:9C:B1:9D:33:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FGKkl-_gvJK37ZJSnrvjnLGdMwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/C5kS-eXFEoRGhSGKrj1aky_A-YU.roa
Signing time: Thu 02 Jan 2025 15:50:24 +0000
ROA not before: Thu 02 Jan 2025 15:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34767
IP address blocks: 80.75.240.0/20 maxlen: 20
185.53.180.0/22 maxlen: 22
2a00:7a80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:f6:bb:cb:14:d0:62:90:12:cb:84:95:ca:00:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1462a497efe0bc92b7ed92529ebbe39cb19d330a
Validity
Not Before: Jan 2 15:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b9912f9e5c512844685218aae3d5a932fc0f985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:42:d8:7e:de:d2:de:9a:35:ec:38:de:7c:cd:
d4:9f:c6:d7:8d:a2:c3:c7:78:15:bc:47:86:6d:cf:
dd:18:49:cf:7d:3e:8a:b1:d2:30:7c:4b:90:eb:d1:
66:37:81:aa:1a:8d:e4:a7:a4:d2:4d:01:0d:b5:71:
80:fb:08:24:c4:a2:91:71:57:0b:f3:54:0b:4d:dc:
92:f2:4a:3f:74:98:82:00:bf:fe:7b:d1:cf:f2:30:
f2:d0:f3:36:8f:f6:aa:6a:e9:76:d4:0f:49:5f:ec:
9c:b9:77:ae:a0:cb:e5:3d:33:b4:80:2e:c2:5f:ad:
04:2e:e6:20:14:33:eb:0a:86:53:f5:e1:b8:f9:7e:
62:59:8f:da:d5:34:e4:b8:f7:0b:79:da:dc:c6:51:
cb:10:bd:25:be:01:46:b0:c5:46:1d:6b:48:4e:43:
0f:fc:f7:e8:51:42:61:48:92:fe:ea:01:84:9e:94:
24:f3:31:41:81:31:37:40:e8:ba:94:f8:0b:e4:4c:
35:be:d6:c2:21:d0:d4:64:4a:f7:f1:79:67:d1:32:
2d:06:db:be:af:44:5d:ab:b9:37:24:f9:b1:c6:12:
19:d9:15:8a:c1:78:b5:88:c9:94:d5:be:d9:ca:1b:
f5:89:21:4a:90:2b:e6:61:ad:a1:4e:7a:06:65:f6:
59:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:99:12:F9:E5:C5:12:84:46:85:21:8A:AE:3D:5A:93:2F:C0:F9:85
X509v3 Authority Key Identifier:
keyid:14:62:A4:97:EF:E0:BC:92:B7:ED:92:52:9E:BB:E3:9C:B1:9D:33:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FGKkl-_gvJK37ZJSnrvjnLGdMwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/C5kS-eXFEoRGhSGKrj1aky_A-YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/be1171-1202-4df8-8c30-d36935ebc6ad/1/FGKkl-_gvJK37ZJSnrvjnLGdMwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.240.0/20
185.53.180.0/22
IPv6:
2a00:7a80::/32
Signature Algorithm: sha256WithRSAEncryption
82:67:8d:89:88:2b:5c:0a:c6:c7:9d:5d:8e:4a:be:b7:44:bf:
d6:13:16:d4:17:0c:13:bb:03:d4:c0:92:eb:69:6a:f8:d7:5a:
0d:2a:ee:58:d2:56:be:48:a7:7e:11:69:17:5c:0c:4a:cd:b7:
c1:c4:19:11:a9:56:10:5c:31:26:2f:ae:b0:79:21:49:f5:97:
f6:ca:48:50:0f:59:25:e4:19:36:79:8f:9a:80:4b:a1:52:33:
78:d9:26:c9:7b:7e:b2:be:88:79:cc:da:a4:06:7f:78:92:2b:
e5:69:94:fc:c1:e9:34:8e:a1:26:fd:cf:c4:24:47:7f:32:4a:
be:2d:d5:86:45:16:5b:f0:77:b5:47:d3:f0:79:8a:bf:89:f1:
f7:f8:37:6e:ba:a8:1c:ce:c4:7f:c3:5e:90:00:14:14:25:63:
c6:90:94:13:5e:5e:6f:27:7f:5f:fb:37:97:f6:f2:2a:d3:4d:
8e:56:33:5c:bb:6e:5d:b6:80:1e:27:e9:41:71:11:cf:a6:6e:
06:28:ab:0e:8f:a3:3c:e0:dd:b6:ae:99:4f:a9:05:06:a7:3f:
2d:2a:63:56:80:b2:3e:a4:8e:7d:d2:a9:95:dc:62:68:0e:dd:
53:92:0e:8e:b4:82:71:6c:ce:52:d0:7d:af:c9:f5:3e:4f:c0:
af:7f:87:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQntfa7yxTQYpASy4SVygDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NjJhNDk3ZWZlMGJjOTJiN2VkOTI1MjllYmJlMzljYjE5
ZDMzMGEwHhcNMjUwMTAyMTU1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjk5MTJmOWU1YzUxMjg0NDY4NTIxOGFhZTNkNWE5MzJmYzBmOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ULYft7S3po17DjefM3Un8bXjaLD
x3gVvEeGbc/dGEnPfT6KsdIwfEuQ69FmN4GqGo3kp6TSTQENtXGA+wgkxKKRcVcL
81QLTdyS8ko/dJiCAL/+e9HP8jDy0PM2j/aqaul21A9JX+ycuXeuoMvlPTO0gC7C
X60ELuYgFDPrCoZT9eG4+X5iWY/a1TTkuPcLedrcxlHLEL0lvgFGsMVGHWtITkMP
/PfoUUJhSJL+6gGEnpQk8zFBgTE3QOi6lPgL5Ew1vtbCIdDUZEr38Xln0TItBtu+
r0Rdq7k3JPmxxhIZ2RWKwXi1iMmU1b7Zyhv1iSFKkCvmYa2hTnoGZfZZLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAuZEvnlxRKERoUhiq49WpMvwPmFMB8GA1UdIwQY
MBaAFBRipJfv4LySt+2SUp6745yxnTMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkdLa2wtX2d2SkszN1pKU25ydmpuTEdkTXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iZTExNzEtMTIwMi00ZGY4LThjMzAt
ZDM2OTM1ZWJjNmFkLzEvQzVrUy1lWEZFb1JHaFNHS3JqMWFreV9BLVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iZTExNzEtMTIwMi00ZGY4LThjMzAtZDM2OTM1ZWJjNmFk
LzEvRkdLa2wtX2d2SkszN1pKU25ydmpuTEdkTXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEvwAwQC
uTW0MA0EAgACMAcDBQAqAHqAMA0GCSqGSIb3DQEBCwUAA4IBAQCCZ42JiCtcCsbH
nV2OSr63RL/WExbUFwwTuwPUwJLraWr411oNKu5Y0la+SKd+EWkXXAxKzbfBxBkR
qVYQXDEmL66weSFJ9Zf2ykhQD1kl5Bk2eY+agEuhUjN42SbJe36yvoh5zNqkBn94
kivlaZT8wek0jqEm/c/EJEd/Mkq+LdWGRRZb8He1R9PweYq/ifH3+DduuqgczsR/
w16QABQUJWPGkJQTXl5vJ39f+zeX9vIq002OVjNcu25dtoAeJ+lBcRHPpm4GKKsO
j6M84N22rplPqQUGpz8tKmNWgLI+pI590qmV3GJoDt1Tkg6OtIJxbM5S0H2vyfU+
T8Cvf4cf
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:28:24 2025 by rpki-client