Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/ggHtscnQyqkBrxQX9FGcBSeL0tw.roa
File: ggHtscnQyqkBrxQX9FGcBSeL0tw.roa (raw, json)
Hash identifier: +egxbHwN87jQDHzcs7Gpu0eXmAwsWmNYyWLYLoAaS4M=
Subject key identifier: 82:01:ED:B1:C9:D0:CA:A9:01:AF:14:17:F4:51:9C:05:27:8B:D2:DC
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 019518725C20753EEC168982F4760BA6A6D3
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/ggHtscnQyqkBrxQX9FGcBSeL0tw.roa
Signing time: Tue 18 Feb 2025 09:45:02 +0000
ROA not before: Tue 18 Feb 2025 09:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4826
IP address blocks: 178.210.252.0/24 maxlen: 24
178.210.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:72:5c:20:75:3e:ec:16:89:82:f4:76:0b:a6:a6:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Feb 18 09:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8201edb1c9d0caa901af1417f4519c05278bd2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:35:e6:57:a1:41:18:06:5e:e9:46:b9:2d:85:
ba:09:60:d6:78:09:f9:7d:c3:06:86:91:0b:9d:ad:
46:d8:8b:04:f5:64:76:62:f2:fc:cd:7e:d0:92:ac:
39:77:f3:c6:7f:33:8d:e9:05:8a:0d:d0:66:ce:50:
bd:dd:f1:62:0d:3b:61:8e:e1:f0:c2:db:ca:d7:c8:
f2:f6:28:1b:db:ba:73:eb:e1:25:4f:05:31:cc:6b:
5a:8f:d9:25:a5:51:8a:82:ef:e2:84:17:ab:cd:6e:
71:5a:21:56:6c:36:38:ce:b4:d4:7a:1d:a8:49:e7:
8b:de:72:12:28:fd:55:55:1d:13:c9:99:52:f9:5e:
e8:a7:8c:f5:11:36:d7:9e:93:33:48:43:c1:52:70:
97:6d:2c:45:db:43:2e:a7:f8:0d:0a:cd:55:61:33:
66:d8:61:1a:a1:a3:51:e1:6a:50:de:43:51:36:b9:
73:aa:1a:8e:ca:b2:9c:2f:8d:b1:59:6f:85:a5:89:
8e:30:44:b8:f4:8d:c2:80:b1:a7:a6:58:35:1d:ea:
2d:41:e2:7a:cc:a7:58:ad:c8:f1:af:b3:a1:f3:49:
d7:6f:01:09:6c:03:17:35:49:6f:d7:33:5f:c3:e0:
09:c6:f4:90:51:66:4b:e7:6f:27:c1:8a:6b:18:2d:
92:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:01:ED:B1:C9:D0:CA:A9:01:AF:14:17:F4:51:9C:05:27:8B:D2:DC
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/ggHtscnQyqkBrxQX9FGcBSeL0tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.252.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:e9:95:6a:80:aa:17:73:96:0e:99:a5:89:22:a2:16:46:e3:
40:4a:87:b9:de:d7:fd:15:dd:cd:a6:62:e8:60:eb:99:50:dd:
70:04:bf:fb:21:d9:f9:8a:ff:18:81:47:b1:06:e7:bb:4d:9c:
fd:34:25:63:b1:bc:44:c0:58:c9:cb:d7:fd:31:83:46:61:76:
66:0f:ef:92:90:9b:63:77:a8:27:2d:76:43:25:1d:ab:c3:9a:
dc:6d:1a:d4:87:98:71:34:42:3f:83:2f:e9:42:2b:8d:f1:8e:
37:5d:a3:b4:a8:6b:1f:22:2d:ea:d2:cf:28:ed:8d:8a:18:28:
2f:6b:f7:b4:63:25:40:3f:79:8d:c1:59:e6:77:5e:b5:1e:03:
f4:59:66:8e:3a:8a:17:52:15:fc:4f:5d:92:23:cc:e4:6f:c4:
92:b6:f2:a0:9f:94:de:3b:b4:7a:4c:75:63:55:2d:96:7d:16:
fc:ec:73:8d:8d:95:33:d1:bd:17:2b:51:a6:54:13:88:53:d2:
bc:54:da:43:40:c9:52:5c:a4:ef:16:45:23:31:55:4c:36:b5:
c1:1d:80:01:e9:5b:87:55:e2:5a:bf:2a:95:ae:ea:33:0e:3d:
32:10:68:3a:01:25:10:73:f3:06:68:3d:2e:d8:64:eb:04:8e:
20:4e:0a:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUYclwgdT7sFomC9HYLpqbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjUwMjE4MDk0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjAxZWRiMWM5ZDBjYWE5MDFhZjE0MTdmNDUxOWMwNTI3OGJkMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TXmV6FBGAZe6Ua5LYW6CWDWeAn5
fcMGhpELna1G2IsE9WR2YvL8zX7Qkqw5d/PGfzON6QWKDdBmzlC93fFiDTthjuHw
wtvK18jy9igb27pz6+ElTwUxzGtaj9klpVGKgu/ihBerzW5xWiFWbDY4zrTUeh2o
SeeL3nISKP1VVR0TyZlS+V7op4z1ETbXnpMzSEPBUnCXbSxF20Mup/gNCs1VYTNm
2GEaoaNR4WpQ3kNRNrlzqhqOyrKcL42xWW+FpYmOMES49I3CgLGnplg1HeotQeJ6
zKdYrcjxr7Oh80nXbwEJbAMXNUlv1zNfw+AJxvSQUWZL528nwYprGC2SywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIB7bHJ0MqpAa8UF/RRnAUni9LcMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvZ2dIdHNjblF5cWtCcnhRWDlGR2NCU2VMMHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstL8MA0G
CSqGSIb3DQEBCwUAA4IBAQCh6ZVqgKoXc5YOmaWJIqIWRuNASoe53tf9Fd3NpmLo
YOuZUN1wBL/7Idn5iv8YgUexBue7TZz9NCVjsbxEwFjJy9f9MYNGYXZmD++SkJtj
d6gnLXZDJR2rw5rcbRrUh5hxNEI/gy/pQiuN8Y43XaO0qGsfIi3q0s8o7Y2KGCgv
a/e0YyVAP3mNwVnmd161HgP0WWaOOooXUhX8T12SI8zkb8SStvKgn5TeO7R6THVj
VS2WfRb87HONjZUz0b0XK1GmVBOIU9K8VNpDQMlSXKTvFkUjMVVMNrXBHYAB6VuH
VeJavyqVruozDj0yEGg6ASUQc/MGaD0u2GTrBI4gTgrI
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:27:13 2025 by rpki-client