Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/iOyP_Db0F92sxD2S4x9jDUy18wI.roa
File: iOyP_Db0F92sxD2S4x9jDUy18wI.roa (raw, json)
Hash identifier: 6Iwr8wDrVOHgqwu2HaRDU/1SoUQAFZ31io4JJpWIzCM=
Subject key identifier: 88:EC:8F:FC:36:F4:17:DD:AC:C4:3D:92:E3:1F:63:0D:4C:B5:F3:02
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019588F8513936AA748AFB43351268F16C24
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/iOyP_Db0F92sxD2S4x9jDUy18wI.roa
Signing time: Wed 12 Mar 2025 06:08:49 +0000
ROA not before: Wed 12 Mar 2025 06:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 178.239.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:88:f8:51:39:36:aa:74:8a:fb:43:35:12:68:f1:6c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 12 06:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88ec8ffc36f417ddacc43d92e31f630d4cb5f302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:14:8d:25:1c:d1:30:25:7c:28:42:fa:23:20:
b0:8d:97:d0:84:d5:15:4c:3b:3a:40:5b:e3:5b:4d:
6b:a8:7b:e1:19:b5:0e:cf:74:8f:16:a6:3f:19:77:
a0:52:b0:28:13:24:ef:3c:fb:5d:51:93:54:2e:9d:
42:50:0c:85:17:41:31:59:98:31:cc:30:90:ec:72:
67:5a:34:b1:21:40:f4:ce:1d:ee:e7:c7:8f:15:1e:
f3:ea:05:ea:3e:b8:46:5f:24:13:f7:83:45:20:58:
07:8c:cf:df:34:8b:75:fa:af:66:ae:be:e4:af:5a:
e8:b8:26:68:22:9b:fa:3b:4b:af:18:dd:d3:86:c6:
1c:59:c2:1a:1c:93:fa:a5:ef:e3:27:ba:0f:c9:5c:
44:86:d7:f3:89:59:50:aa:6f:a3:06:05:e7:ec:8f:
9f:37:3f:e4:6a:47:8b:95:7d:54:15:80:ec:b1:ad:
fb:ad:71:30:2d:f4:dc:ed:c5:1d:2c:21:ea:30:d7:
a8:9f:6c:b8:13:6b:eb:82:f5:46:1c:19:16:90:2a:
94:c9:fd:51:37:c7:55:88:35:ce:7e:f6:fb:40:c8:
d3:a7:34:4e:89:fd:ee:91:18:c5:3a:f8:5a:af:f7:
80:9b:69:c8:98:ef:89:79:62:d4:37:04:83:98:65:
61:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EC:8F:FC:36:F4:17:DD:AC:C4:3D:92:E3:1F:63:0D:4C:B5:F3:02
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/iOyP_Db0F92sxD2S4x9jDUy18wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:dd:16:9c:ef:4f:95:44:3b:77:d4:b1:a9:6c:76:37:f5:d4:
3c:cb:dd:4c:a7:f2:b1:2f:5b:13:62:99:1f:1a:e4:52:0c:7e:
a7:80:4b:6d:a9:9d:36:07:0e:b6:3e:4f:8e:20:78:35:96:d7:
57:d2:1e:ab:55:ed:92:19:d3:8f:17:fd:c0:02:13:57:5a:12:
2f:29:87:69:a6:69:d9:21:b9:77:88:48:2e:5b:14:fb:42:af:
c2:28:d6:5e:db:43:88:e5:18:bf:d5:2a:40:f3:60:e4:f1:2a:
33:02:bc:c0:e5:30:84:b5:19:05:63:8f:06:bb:8b:68:db:96:
05:10:d2:11:a3:90:95:cd:b1:82:64:d8:7c:c2:d9:af:79:54:
6d:68:e8:53:32:9d:2f:70:28:76:fe:32:56:87:dc:c7:00:9c:
ca:86:0f:2b:9c:f8:a9:4a:a5:a2:2a:3f:c6:f6:e7:cc:ce:9f:
b7:1d:2b:c9:38:81:54:af:24:dc:ed:8c:11:af:48:60:47:e2:
2d:6d:b4:92:1a:34:ed:1f:b3:76:22:20:7d:59:7f:c0:30:ee:
6f:34:c3:c1:7b:f6:c5:de:23:32:f6:c2:85:d1:37:b3:ed:cb:
34:05:e5:95:19:df:a1:f5:c7:a1:22:26:15:aa:2b:7d:76:63:
7b:2e:82:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWI+FE5Nqp0ivtDNRJo8WwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzEyMDYwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGVjOGZmYzM2ZjQxN2RkYWNjNDNkOTJlMzFmNjMwZDRjYjVmMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRSNJRzRMCV8KEL6IyCwjZfQhNUV
TDs6QFvjW01rqHvhGbUOz3SPFqY/GXegUrAoEyTvPPtdUZNULp1CUAyFF0ExWZgx
zDCQ7HJnWjSxIUD0zh3u58ePFR7z6gXqPrhGXyQT94NFIFgHjM/fNIt1+q9mrr7k
r1rouCZoIpv6O0uvGN3ThsYcWcIaHJP6pe/jJ7oPyVxEhtfziVlQqm+jBgXn7I+f
Nz/kakeLlX1UFYDssa37rXEwLfTc7cUdLCHqMNeon2y4E2vrgvVGHBkWkCqUyf1R
N8dViDXOfvb7QMjTpzROif3ukRjFOvhar/eAm2nImO+JeWLUNwSDmGVhiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjsj/w29BfdrMQ9kuMfYw1MtfMCMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvaU95UF9EYjBGOTJzeEQyUzR4OWpEVXkxOHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu9/MA0G
CSqGSIb3DQEBCwUAA4IBAQC93Rac70+VRDt31LGpbHY39dQ8y91Mp/KxL1sTYpkf
GuRSDH6ngEttqZ02Bw62Pk+OIHg1ltdX0h6rVe2SGdOPF/3AAhNXWhIvKYdppmnZ
Ibl3iEguWxT7Qq/CKNZe20OI5Ri/1SpA82Dk8SozArzA5TCEtRkFY48Gu4to25YF
ENIRo5CVzbGCZNh8wtmveVRtaOhTMp0vcCh2/jJWh9zHAJzKhg8rnPipSqWiKj/G
9ufMzp+3HSvJOIFUryTc7YwRr0hgR+ItbbSSGjTtH7N2IiB9WX/AMO5vNMPBe/bF
3iMy9sKF0Tez7cs0BeWVGd+h9cehIiYVqit9dmN7LoL+
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:06:35 2025 by rpki-client