Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/ivrBGL0q_NF31wGnb6OsQlrkSGo.roa
File: ivrBGL0q_NF31wGnb6OsQlrkSGo.roa (raw, json)
Hash identifier: OcT5ce9nz2OZqGwJctdjZ8/bty60h4IQcxLhct5JKGQ=
Subject key identifier: 8A:FA:C1:18:BD:2A:FC:D1:77:D7:01:A7:6F:A3:AC:42:5A:E4:48:6A
Certificate issuer: /CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Certificate serial: 019427B59BDC4F1CFB61963F9585070F4FF7
Authority key identifier: 09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/ivrBGL0q_NF31wGnb6OsQlrkSGo.roa
Signing time: Thu 02 Jan 2025 15:50:00 +0000
ROA not before: Thu 02 Jan 2025 15:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136714
IP address blocks: 178.248.112.0/22 maxlen: 24
178.248.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:9b:dc:4f:1c:fb:61:96:3f:95:85:07:0f:4f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Validity
Not Before: Jan 2 15:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8afac118bd2afcd177d701a76fa3ac425ae4486a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:94:e9:c8:60:88:6e:9a:62:fa:9c:73:8c:6f:
5f:ac:f2:78:28:2c:40:52:a1:01:6f:2e:cd:45:f0:
d0:80:73:2c:04:a9:8f:14:f4:fc:ba:a8:0e:b2:a3:
77:76:25:cc:47:d4:65:17:29:09:12:26:43:f4:40:
1f:f6:89:eb:4f:7c:5a:ef:52:5d:3f:ed:01:37:ad:
0b:2c:ef:86:2d:a6:a6:bd:86:9d:76:c1:79:a2:07:
3b:4a:b1:bc:78:11:de:5a:1e:fa:8f:98:d9:9a:9e:
82:47:7e:2a:f3:83:e2:68:0a:c4:02:66:d3:56:55:
84:9e:86:ed:03:46:9e:90:30:64:d2:d4:a4:4b:66:
b3:15:3e:fd:6d:0c:8d:e0:de:e8:fc:49:a2:d2:7f:
51:99:75:37:ab:73:57:ef:08:6d:ba:0c:9a:e7:aa:
ea:46:d8:60:7a:07:f6:7c:49:87:f7:52:20:41:4f:
48:0d:2d:dc:d6:27:67:ab:f9:88:21:01:49:8f:33:
c0:7b:4c:4a:67:28:cd:8f:6b:0c:0b:bc:c0:63:01:
31:a4:eb:a8:80:8f:5a:6a:84:23:a8:6f:21:4e:34:
89:bc:3b:12:93:91:7a:1a:c8:de:0f:2b:67:23:d5:
9f:d3:0c:02:e5:ea:d5:a0:c3:2f:11:c9:1a:2b:2b:
45:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FA:C1:18:BD:2A:FC:D1:77:D7:01:A7:6F:A3:AC:42:5A:E4:48:6A
X509v3 Authority Key Identifier:
keyid:09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/ivrBGL0q_NF31wGnb6OsQlrkSGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.112.0/22
178.248.118.0/23
Signature Algorithm: sha256WithRSAEncryption
69:4d:16:f7:97:a3:36:27:73:72:0f:ea:08:87:d9:6a:e1:fd:
15:e6:4e:3d:55:80:b6:a2:8f:48:2d:06:ec:e5:34:dc:9e:34:
6e:c3:f1:a8:a5:db:c8:cf:70:de:18:ca:52:07:22:d9:61:5d:
2e:33:b4:37:86:32:ea:97:85:46:4f:c4:6f:bc:10:3e:94:da:
46:62:cc:f4:36:52:bf:ba:aa:97:65:93:2c:a8:be:93:18:06:
bd:27:ca:8f:c5:86:fe:05:8b:95:1b:2e:b2:e3:c7:e9:da:d9:
c6:95:9c:d5:c0:9c:69:da:1f:5e:11:b2:c5:4c:9b:2c:b4:cc:
1a:e8:75:69:5e:23:a2:3b:14:e8:9f:4a:53:90:86:1d:11:1b:
3f:48:eb:89:c9:e1:ad:c2:9c:58:44:39:10:88:7f:4c:9d:8d:
bd:60:08:b5:b5:5e:e0:f2:1b:3d:ff:1a:7b:7c:7f:cd:36:16:
db:ed:45:e8:35:03:e4:b6:84:2b:6b:03:7e:96:d6:ba:e4:47:
96:e6:2b:6e:b9:4a:04:55:9b:4a:9e:b7:3e:03:a8:a2:2e:97:
d6:02:04:c4:8a:27:a6:6c:bc:6c:4a:60:95:aa:4e:a8:f3:16:
c5:32:08:1a:e2:8a:23:c5:00:1e:56:29:b9:51:05:9a:24:c8:
c1:b7:8c:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntZvcTxz7YZY/lYUHD0/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjBkY2NlYjc0ZjExODVhY2Q5N2FlZWFhYzI1ZGRhNWU5
YjA5MzYwHhcNMjUwMTAyMTU1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWZhYzExOGJkMmFmY2QxNzdkNzAxYTc2ZmEzYWM0MjVhZTQ0ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pTpyGCIbppi+pxzjG9frPJ4KCxA
UqEBby7NRfDQgHMsBKmPFPT8uqgOsqN3diXMR9RlFykJEiZD9EAf9onrT3xa71Jd
P+0BN60LLO+GLaamvYaddsF5ogc7SrG8eBHeWh76j5jZmp6CR34q84PiaArEAmbT
VlWEnobtA0aekDBk0tSkS2azFT79bQyN4N7o/Emi0n9RmXU3q3NX7whtugya56rq
Rthgegf2fEmH91IgQU9IDS3c1idnq/mIIQFJjzPAe0xKZyjNj2sMC7zAYwExpOuo
gI9aaoQjqG8hTjSJvDsSk5F6GsjeDytnI9Wf0wwC5erVoMMvEckaKytFMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIr6wRi9KvzRd9cBp2+jrEJa5EhqMB8GA1UdIwQY
MBaAFAnw3M63TxGFrNl67qrCXdpemwk2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgt
OTk2MTg5ZjljZTE0LzEvaXZyQkdMMHFfTkYzMXdHbmI2T3NRbHJrU0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgtOTk2MTg5ZjljZTE0
LzEvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsvhwAwQB
svh2MA0GCSqGSIb3DQEBCwUAA4IBAQBpTRb3l6M2J3NyD+oIh9lq4f0V5k49VYC2
oo9ILQbs5TTcnjRuw/GopdvIz3DeGMpSByLZYV0uM7Q3hjLql4VGT8RvvBA+lNpG
Ysz0NlK/uqqXZZMsqL6TGAa9J8qPxYb+BYuVGy6y48fp2tnGlZzVwJxp2h9eEbLF
TJsstMwa6HVpXiOiOxTon0pTkIYdERs/SOuJyeGtwpxYRDkQiH9MnY29YAi1tV7g
8hs9/xp7fH/NNhbb7UXoNQPktoQrawN+lta65EeW5ituuUoEVZtKnrc+A6iiLpfW
AgTEiiembLxsSmCVqk6o8xbFMgga4oojxQAeVim5UQWaJMjBt4z6
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:33 2025 by rpki-client