Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/TAdP0yKv9NpfjSbhNts0juEkm1U.roa
File: TAdP0yKv9NpfjSbhNts0juEkm1U.roa (raw, json)
Hash identifier: dvn2DfwTU0n63QcUIMIBNntGEWr2G1UXma7Nhu8Iurs=
Subject key identifier: 4C:07:4F:D3:22:AF:F4:DA:5F:8D:26:E1:36:DB:34:8E:E1:24:9B:55
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 0195363F72F860B743E4770DF9238F4A8A22
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/TAdP0yKv9NpfjSbhNts0juEkm1U.roa
Signing time: Mon 24 Feb 2025 04:38:02 +0000
ROA not before: Mon 24 Feb 2025 04:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203363
IP address blocks: 178.239.171.0/24 maxlen: 24
178.239.174.0/24 maxlen: 24
193.176.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:36:3f:72:f8:60:b7:43:e4:77:0d:f9:23:8f:4a:8a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Feb 24 04:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c074fd322aff4da5f8d26e136db348ee1249b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:10:17:a5:61:90:6a:d1:c6:5e:06:32:e9:0a:
42:56:5e:95:53:66:ff:69:de:df:f0:22:cc:bf:eb:
cb:df:85:92:31:5d:d5:8d:e3:c9:b8:37:5d:73:80:
f7:b0:50:dc:0c:f6:20:d7:6e:04:89:a2:3d:a9:98:
25:02:89:cc:b0:f2:81:e0:9c:f8:b2:fe:71:ee:01:
10:bc:2d:42:21:be:42:5b:1e:87:d4:fb:ee:2f:a3:
ab:3f:9c:50:5a:c9:9c:5c:67:99:a7:cf:55:8b:8a:
eb:a3:21:83:ae:1f:3e:d4:4b:b7:92:cc:e5:e3:66:
4e:e8:24:60:b4:49:3b:80:d9:f2:94:d7:1b:e7:67:
c3:e2:9e:4e:23:ac:f0:73:a4:d9:4e:d4:fa:71:e5:
6e:8e:a3:48:53:42:9b:f3:92:9a:a6:7b:dd:75:b4:
22:40:40:6b:da:99:7b:fb:ad:b6:d4:4c:39:b5:f6:
26:bf:98:6a:2f:ac:9c:c8:da:1a:52:81:3b:ed:c7:
f4:2b:44:38:8b:79:38:d3:d4:38:6c:7a:2c:8a:1c:
36:97:7f:37:a1:24:21:08:3d:3b:17:8f:ee:c4:dd:
f3:4e:13:8b:60:9c:cc:e3:41:05:a7:d2:93:e0:c0:
e7:e9:c5:7b:9b:83:7d:53:4b:4c:af:4c:20:75:9f:
d3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:07:4F:D3:22:AF:F4:DA:5F:8D:26:E1:36:DB:34:8E:E1:24:9B:55
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/TAdP0yKv9NpfjSbhNts0juEkm1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.171.0/24
178.239.174.0/24
193.176.28.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:b4:4c:b8:76:13:cf:1d:04:d7:0b:fd:3a:08:b6:e8:34:96:
ee:b9:7a:9c:cc:6d:e5:e6:41:ec:a7:21:23:d0:4a:50:0a:c3:
64:c8:2a:25:0f:57:90:ab:46:0a:3b:71:c0:c3:6f:70:4e:fb:
1f:4c:55:6f:33:58:64:25:eb:ed:05:8b:59:83:da:13:c3:65:
7a:7c:09:12:92:c2:62:ef:e1:4a:ae:16:37:45:3d:1c:62:f2:
1f:2d:dc:02:85:9d:b0:c2:36:02:f0:a3:45:0b:a7:57:34:9b:
b3:69:62:7a:00:8f:9e:d4:d8:13:01:20:24:74:8a:d1:bf:8e:
34:0c:bb:81:46:5c:f6:4d:b8:00:cc:77:26:96:39:d3:8f:fd:
eb:29:a6:aa:76:cc:d1:1a:39:d4:21:78:6c:2e:39:73:9b:7a:
81:68:e1:db:1e:ce:0b:63:f8:3f:2f:1f:8f:62:2e:5c:bb:7e:
57:1b:70:85:8f:b6:03:da:1c:12:80:d3:5d:76:a0:32:63:f3:
72:70:1c:4c:63:87:60:a3:b2:56:72:1f:60:97:d4:79:9e:6e:
d3:0f:13:1a:e6:ce:ea:14:c5:91:06:07:35:38:6d:6e:91:5b:
7e:4f:8c:87:e5:ce:75:96:84:9b:d4:6e:f0:5a:71:fa:9b:8f:
95:55:46:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU2P3L4YLdD5HcN+SOPSooiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjUwMjI0MDQzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzA3NGZkMzIyYWZmNGRhNWY4ZDI2ZTEzNmRiMzQ4ZWUxMjQ5YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxAXpWGQatHGXgYy6QpCVl6VU2b/
ad7f8CLMv+vL34WSMV3VjePJuDddc4D3sFDcDPYg124EiaI9qZglAonMsPKB4Jz4
sv5x7gEQvC1CIb5CWx6H1PvuL6OrP5xQWsmcXGeZp89Vi4rroyGDrh8+1Eu3kszl
42ZO6CRgtEk7gNnylNcb52fD4p5OI6zwc6TZTtT6ceVujqNIU0Kb85KapnvddbQi
QEBr2pl7+6221Ew5tfYmv5hqL6ycyNoaUoE77cf0K0Q4i3k409Q4bHosihw2l383
oSQhCD07F4/uxN3zThOLYJzM40EFp9KT4MDn6cV7m4N9U0tMr0wgdZ/T8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEwHT9Mir/TaX40m4TbbNI7hJJtVMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvVEFkUDB5S3Y5TnBmalNiaE50czBqdUVrbTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsu+rAwQA
su+uAwQAwbAcMA0GCSqGSIb3DQEBCwUAA4IBAQCLtEy4dhPPHQTXC/06CLboNJbu
uXqczG3l5kHspyEj0EpQCsNkyColD1eQq0YKO3HAw29wTvsfTFVvM1hkJevtBYtZ
g9oTw2V6fAkSksJi7+FKrhY3RT0cYvIfLdwChZ2wwjYC8KNFC6dXNJuzaWJ6AI+e
1NgTASAkdIrRv440DLuBRlz2TbgAzHcmljnTj/3rKaaqdszRGjnUIXhsLjlzm3qB
aOHbHs4LY/g/Lx+PYi5cu35XG3CFj7YD2hwSgNNddqAyY/NycBxMY4dgo7JWch9g
l9R5nm7TDxMa5s7qFMWRBgc1OG1ukVt+T4yH5c51loSb1G7wWnH6m4+VVUZT
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:44:13 2025 by rpki-client