Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/Zi7Ur4wbJWR3EdLIxTIMt470yv8.roa
File: Zi7Ur4wbJWR3EdLIxTIMt470yv8.roa (raw, json)
Hash identifier: 2ojUhQY/moH0LhM/gEFCEK3T0bFJRBAMK4gF5wvlAf4=
Subject key identifier: 66:2E:D4:AF:8C:1B:25:64:77:11:D2:C8:C5:32:0C:B7:8E:F4:CA:FF
Certificate issuer: /CN=cdee78ad857607523b50b60acd9e22ca5a107854
Certificate serial: 019421445D452A7B0379AA263AC45ADCE27D
Authority key identifier: CD:EE:78:AD:85:76:07:52:3B:50:B6:0A:CD:9E:22:CA:5A:10:78:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ze54rYV2B1I7ULYKzZ4iyloQeFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/Zi7Ur4wbJWR3EdLIxTIMt470yv8.roa
Signing time: Wed 01 Jan 2025 09:48:35 +0000
ROA not before: Wed 01 Jan 2025 09:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34350
IP address blocks: 80.70.50.0/24 maxlen: 24
80.70.52.0/22 maxlen: 22
80.70.52.0/24 maxlen: 24
80.70.53.0/24 maxlen: 24
80.70.54.0/24 maxlen: 24
80.70.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5d:45:2a:7b:03:79:aa:26:3a:c4:5a:dc:e2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdee78ad857607523b50b60acd9e22ca5a107854
Validity
Not Before: Jan 1 09:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=662ed4af8c1b25647711d2c8c5320cb78ef4caff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ff:a5:73:a6:45:42:2f:d8:ba:8b:0a:e9:2c:
f2:31:de:c9:6e:f9:28:ff:95:b7:c1:b1:9e:59:f9:
ce:2e:4d:d8:7c:25:51:e4:a7:57:01:b0:da:46:07:
32:c1:80:f9:de:44:98:d3:c0:6d:ef:31:7b:98:13:
fe:3a:b2:89:16:c4:56:8a:fd:5f:36:2c:87:66:af:
18:19:6c:d5:42:d1:c6:f0:a9:3c:48:d2:32:e0:4a:
6a:46:37:a0:70:92:e3:22:7d:e1:4c:78:d9:3b:f5:
e1:dd:9c:35:54:f6:20:52:e5:0f:f7:31:76:8d:69:
02:e8:67:d3:33:bf:34:a5:eb:f3:67:42:ef:6e:78:
47:60:35:cc:73:45:6c:13:08:ab:bd:32:38:2b:f2:
d0:36:20:1d:38:7c:03:ea:89:c5:20:4c:b5:39:a8:
f8:f7:69:b3:19:39:f0:63:f8:5a:03:c7:2a:80:26:
f9:be:ae:a0:0e:73:a4:4e:f2:a7:3d:c0:dc:af:ba:
5e:d3:09:eb:4e:97:d6:4c:96:0d:fb:0f:76:c0:6e:
54:36:08:57:89:f6:4c:5b:08:39:71:ad:94:35:da:
2f:38:39:84:c4:c4:57:58:5c:53:d5:f9:52:93:37:
45:09:26:53:8f:94:26:8d:06:d6:1e:99:a8:9d:30:
f3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2E:D4:AF:8C:1B:25:64:77:11:D2:C8:C5:32:0C:B7:8E:F4:CA:FF
X509v3 Authority Key Identifier:
keyid:CD:EE:78:AD:85:76:07:52:3B:50:B6:0A:CD:9E:22:CA:5A:10:78:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ze54rYV2B1I7ULYKzZ4iyloQeFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/Zi7Ur4wbJWR3EdLIxTIMt470yv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/ze54rYV2B1I7ULYKzZ4iyloQeFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.50.0/24
80.70.52.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:f9:e4:01:65:74:27:72:d2:11:51:c5:bd:98:8b:83:12:cc:
5e:44:0a:0c:ba:26:27:54:4c:d1:38:a5:3c:92:19:04:98:92:
ca:31:e3:26:5a:b8:e7:0d:4a:d4:eb:0a:10:2e:15:48:49:1e:
47:a8:a2:b8:3a:15:d5:54:c6:0c:55:94:f4:b0:1b:54:81:50:
30:69:54:1f:24:77:16:a6:28:d3:22:af:10:b6:16:9a:23:b6:
73:90:c3:23:de:c4:91:1e:70:6b:8b:13:96:c8:ba:c9:07:6a:
c7:f1:0c:cb:d5:84:1a:a2:e2:38:03:35:38:9e:f3:0d:12:8d:
0a:2e:55:6b:d0:7e:b5:de:73:6c:2e:33:09:89:25:45:86:78:
1e:32:2e:04:71:da:e1:86:6a:7b:d7:73:79:1c:c8:c9:17:84:
fd:e3:15:db:8c:df:f5:28:e2:ed:90:be:af:18:f0:dc:4e:76:
06:6b:c7:53:98:0e:cc:3d:3d:22:83:a4:e0:fd:c8:a1:9b:9c:
4d:80:b5:e8:e5:84:d9:83:bf:95:5b:2e:ac:28:ed:94:82:bc:
96:a8:c1:d9:b5:b3:18:81:dc:7e:f0:3e:b1:39:21:cb:b5:f1:
5a:f5:80:a1:e8:88:64:e0:54:40:00:b4:a6:73:4c:d5:f2:46:
a4:65:74:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhRF1FKnsDeaomOsRa3OJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZWU3OGFkODU3NjA3NTIzYjUwYjYwYWNkOWUyMmNhNWEx
MDc4NTQwHhcNMjUwMTAxMDk0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJlZDRhZjhjMWIyNTY0NzcxMWQyYzhjNTMyMGNiNzhlZjRjYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0P+lc6ZFQi/YuosK6SzyMd7Jbvko
/5W3wbGeWfnOLk3YfCVR5KdXAbDaRgcywYD53kSY08Bt7zF7mBP+OrKJFsRWiv1f
NiyHZq8YGWzVQtHG8Kk8SNIy4EpqRjegcJLjIn3hTHjZO/Xh3Zw1VPYgUuUP9zF2
jWkC6GfTM780pevzZ0LvbnhHYDXMc0VsEwirvTI4K/LQNiAdOHwD6onFIEy1Oaj4
92mzGTnwY/haA8cqgCb5vq6gDnOkTvKnPcDcr7pe0wnrTpfWTJYN+w92wG5UNghX
ifZMWwg5ca2UNdovODmExMRXWFxT1flSkzdFCSZTj5QmjQbWHpmonTDzQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGYu1K+MGyVkdxHSyMUyDLeO9Mr/MB8GA1UdIwQY
MBaAFM3ueK2FdgdSO1C2Cs2eIspaEHhUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemU1NHJZVjJCMUk3VUxZS3paNGl5bG9RZUZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YTQ5YmYtYzA1OS00YmVhLTg4ZDMt
Y2YwMTI0Y2VkNGQ2LzEvWmk3VXI0d2JKV1IzRWRMSXhUSU10NDcweXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81YTQ5YmYtYzA1OS00YmVhLTg4ZDMtY2YwMTI0Y2VkNGQ2
LzEvemU1NHJZVjJCMUk3VUxZS3paNGl5bG9RZUZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEYyAwQC
UEY0MA0GCSqGSIb3DQEBCwUAA4IBAQAs+eQBZXQnctIRUcW9mIuDEsxeRAoMuiYn
VEzROKU8khkEmJLKMeMmWrjnDUrU6woQLhVISR5HqKK4OhXVVMYMVZT0sBtUgVAw
aVQfJHcWpijTIq8QthaaI7ZzkMMj3sSRHnBrixOWyLrJB2rH8QzL1YQaouI4AzU4
nvMNEo0KLlVr0H613nNsLjMJiSVFhngeMi4Ecdrhhmp713N5HMjJF4T94xXbjN/1
KOLtkL6vGPDcTnYGa8dTmA7MPT0ig6Tg/cihm5xNgLXo5YTZg7+VWy6sKO2UgryW
qMHZtbMYgdx+8D6xOSHLtfFa9YCh6Ihk4FRAALSmc0zV8kakZXQq
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:47 2025 by rpki-client on console.sobornost.net