Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa
File: Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa (raw, json)
Hash identifier: Ka3gajN2kG5bn7od03MC2i4kFc5aTTook8osIu09I1U=
Subject key identifier: 36:BD:51:D7:C1:55:87:2C:E3:5E:12:F6:60:A9:79:E0:AC:F5:09:C3
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 019426D915C8FAF531E5E90DE586ADF19561
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa
Signing time: Thu 02 Jan 2025 11:49:08 +0000
ROA not before: Thu 02 Jan 2025 11:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42622
IP address blocks: 80.72.0.0/20 maxlen: 20
185.84.212.0/22 maxlen: 22
2a00:f4c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:15:c8:fa:f5:31:e5:e9:0d:e5:86:ad:f1:95:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Jan 2 11:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36bd51d7c155872ce35e12f660a979e0acf509c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:40:e4:46:38:13:31:26:fb:6b:29:c6:0e:c9:
17:01:71:d6:00:8c:0e:59:4d:df:7c:b6:72:b9:f5:
98:4e:54:46:4a:0d:3c:64:7b:a2:43:48:59:b9:86:
5e:9d:67:40:cb:36:a7:97:8d:4f:38:72:1d:2d:d3:
68:71:4f:91:c7:74:74:c8:18:46:60:70:f6:b6:42:
d9:93:e1:77:b6:13:00:d2:c1:0f:ec:f5:3d:09:62:
1d:a2:80:52:ef:14:d8:50:b3:5a:22:c2:d0:c6:2f:
4d:37:bc:3b:98:5a:28:d2:c1:44:64:1c:21:8b:2b:
b3:d3:b8:e5:aa:6a:ef:89:fa:47:0d:87:3b:8f:f5:
27:72:02:f9:03:5b:cb:e9:ec:e3:d5:5d:5d:01:d7:
3a:01:aa:89:53:12:46:cf:17:ce:63:08:16:87:fa:
67:81:5c:8f:d1:30:45:42:3f:dc:29:03:c3:87:4f:
26:8b:e5:c9:45:c8:05:7f:0a:ae:15:1a:94:87:45:
12:cd:cf:6b:f7:39:cc:08:7d:7a:ee:6f:e9:47:bf:
30:42:36:68:cd:4f:c0:c4:79:cf:20:7d:cd:f6:06:
eb:f5:fb:71:b1:28:37:30:e9:1f:a5:06:0f:90:5a:
27:45:0e:4e:a4:ab:40:a8:4c:d2:ee:fc:f8:d2:ba:
f1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BD:51:D7:C1:55:87:2C:E3:5E:12:F6:60:A9:79:E0:AC:F5:09:C3
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.0.0/20
185.84.212.0/22
IPv6:
2a00:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
4c:18:e4:eb:d6:78:11:b2:23:b6:1d:7f:0a:6a:8e:e0:d7:8a:
d8:5f:fe:dd:d8:59:92:57:bb:ac:48:c1:3c:a1:22:fd:69:fa:
9e:9d:4d:d5:7a:c7:4e:a9:70:ad:dc:54:12:83:63:26:0f:b2:
1f:ad:cd:7b:bf:48:b6:02:ba:d8:e7:e0:e0:50:d3:f7:bd:ed:
b4:7b:d0:17:d3:b1:50:e8:4e:19:f4:77:87:5b:b7:09:be:39:
bd:89:1e:32:6c:e6:c4:77:35:a1:3d:d3:00:7e:e2:d7:3b:e5:
54:30:fc:19:81:40:5c:30:45:fe:a7:e3:5e:10:aa:ae:2b:ed:
89:be:71:b8:f7:ea:35:ae:fe:c7:32:5d:ea:e7:ce:de:5b:04:
b5:e1:a8:0f:81:9c:53:dc:cf:ff:2d:cc:98:67:2e:7f:f7:e0:
be:f8:a6:8f:41:54:ad:0d:10:0d:28:a9:76:00:ba:dc:c8:6f:
a9:e3:eb:b8:35:cd:b0:1d:3b:21:52:e0:6a:25:33:8a:56:c1:
a8:75:c4:71:4a:77:53:ec:33:c7:0e:25:33:15:ae:a4:5f:18:
6e:d2:4c:5e:7e:cf:e6:36:36:e8:61:08:14:1a:d4:63:ba:be:
58:9c:21:b0:cc:0a:6a:da:35:0f:fc:91:60:dc:53:fd:ef:6b:
a3:8f:44:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2RXI+vUx5ekN5Yat8ZVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjUwMTAyMTE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmJkNTFkN2MxNTU4NzJjZTM1ZTEyZjY2MGE5NzllMGFjZjUwOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUDkRjgTMSb7aynGDskXAXHWAIwO
WU3ffLZyufWYTlRGSg08ZHuiQ0hZuYZenWdAyzanl41POHIdLdNocU+Rx3R0yBhG
YHD2tkLZk+F3thMA0sEP7PU9CWIdooBS7xTYULNaIsLQxi9NN7w7mFoo0sFEZBwh
iyuz07jlqmrvifpHDYc7j/UncgL5A1vL6ezj1V1dAdc6AaqJUxJGzxfOYwgWh/pn
gVyP0TBFQj/cKQPDh08mi+XJRcgFfwquFRqUh0USzc9r9znMCH167m/pR78wQjZo
zU/AxHnPIH3N9gbr9ftxsSg3MOkfpQYPkFonRQ5OpKtAqEzS7vz40rrxDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDa9UdfBVYcs414S9mCpeeCs9QnDMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvTnIxUjE4RlZoeXpqWGhMMllLbDU0S3oxQ2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEgAAwQC
uVTUMA0EAgACMAcDBQAqAPTAMA0GCSqGSIb3DQEBCwUAA4IBAQBMGOTr1ngRsiO2
HX8Kao7g14rYX/7d2FmSV7usSME8oSL9afqenU3VesdOqXCt3FQSg2MmD7Ifrc17
v0i2ArrY5+DgUNP3ve20e9AX07FQ6E4Z9HeHW7cJvjm9iR4ybObEdzWhPdMAfuLX
O+VUMPwZgUBcMEX+p+NeEKquK+2JvnG49+o1rv7HMl3q587eWwS14agPgZxT3M//
LcyYZy5/9+C++KaPQVStDRANKKl2ALrcyG+p4+u4Nc2wHTshUuBqJTOKVsGodcRx
SndT7DPHDiUzFa6kXxhu0kxefs/mNjboYQgUGtRjur5YnCGwzApq2jUP/JFg3FP9
72ujj0QT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:31 2025 by rpki-client on console.sobornost.net