Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/5BlocigIoaNuhR3al46cztgA_A8.roa
File: 5BlocigIoaNuhR3al46cztgA_A8.roa (raw, json)
Hash identifier: NRa8aauZZehNhnZIdFNhevI/JhinkfBAKdQifFEEnvU=
Subject key identifier: E4:19:68:72:28:08:A1:A3:6E:85:1D:DA:97:8E:9C:CE:D8:00:FC:0F
Certificate issuer: /CN=968e53094a6207a0a65cdeec2e898b2c81267ae1
Certificate serial: 34657E80
Authority key identifier: 96:8E:53:09:4A:62:07:A0:A6:5C:DE:EC:2E:89:8B:2C:81:26:7A:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lo5TCUpiB6CmXN7sLomLLIEmeuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/5BlocigIoaNuhR3al46cztgA_A8.roa
Signing time: Sat 01 Jan 2022 09:59:21 +0000
ROA not before: Sat 01 Jan 2022 09:59:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51297
IP address blocks: 178.255.200.0/21 maxlen: 24
2a01:a440:1::/48 maxlen: 48
2a01:a440:2::/48 maxlen: 48
2a01:a440::/32 maxlen: 32
2a01:a440::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 879066752 (0x34657e80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=968e53094a6207a0a65cdeec2e898b2c81267ae1
Validity
Not Before: Jan 1 09:59:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e41968722808a1a36e851dda978e9cced800fc0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cd:84:6c:f6:02:9d:9d:0d:2f:4d:e9:71:17:
aa:5b:b6:a0:72:c4:24:c0:c4:27:8f:90:5a:71:40:
d0:01:f3:51:78:94:34:5c:6f:56:00:b6:ec:09:19:
b9:82:a9:20:97:11:52:70:39:c3:7c:a0:04:2c:ce:
13:7f:75:80:8f:be:74:3a:0f:2d:32:f3:85:6d:45:
9a:54:4a:7f:fb:18:d7:4c:6e:a0:69:2f:d9:6d:54:
90:27:25:d5:d6:ce:44:df:28:16:62:3f:4c:1a:60:
2d:f9:6e:51:af:36:82:74:a5:b5:65:5a:f8:d6:e3:
ff:b2:d2:17:3c:54:04:dc:72:79:7d:2c:d8:02:78:
e1:11:b3:f1:b4:77:30:0c:03:ee:0d:11:a4:f9:32:
64:3d:af:f7:1b:a2:9f:ab:c7:9f:7e:63:52:00:11:
25:19:ff:54:d7:a4:b8:86:60:79:4b:65:1c:72:23:
f7:e8:f1:f8:d2:32:d5:91:55:b3:4b:c8:60:43:08:
3d:d4:ca:5d:92:46:40:a2:da:a2:8c:14:98:83:0e:
b3:45:3e:c7:4d:f4:2f:a1:a9:8c:e5:5d:e6:3b:ce:
bd:b3:10:79:e8:a9:fb:72:60:92:ef:a9:1c:d4:2f:
1f:61:8f:24:ec:80:cb:c8:80:a0:e6:e0:35:0a:7b:
6e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:19:68:72:28:08:A1:A3:6E:85:1D:DA:97:8E:9C:CE:D8:00:FC:0F
X509v3 Authority Key Identifier:
keyid:96:8E:53:09:4A:62:07:A0:A6:5C:DE:EC:2E:89:8B:2C:81:26:7A:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lo5TCUpiB6CmXN7sLomLLIEmeuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/5BlocigIoaNuhR3al46cztgA_A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/lo5TCUpiB6CmXN7sLomLLIEmeuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.200.0/21
IPv6:
2a01:a440::/32
Signature Algorithm: sha256WithRSAEncryption
6b:c7:73:82:a5:3e:5f:ed:a0:7e:ef:f4:fa:c7:8b:96:2f:ff:
7e:25:27:c5:7b:8d:68:70:64:94:0d:e7:5c:ac:06:f7:64:89:
cf:ec:96:a1:90:16:84:c0:f1:25:87:c3:86:dd:03:d0:96:ce:
b8:ed:51:d9:dc:4d:3e:3d:52:10:a6:24:0e:98:58:07:15:4f:
3a:3b:dd:59:86:0f:34:5f:94:bb:90:c9:e4:d5:a2:95:2c:3e:
70:1c:46:6e:eb:28:ea:15:66:40:1d:12:80:86:0e:4b:26:c9:
8c:d6:4b:8f:6a:d6:5e:b8:ef:51:0b:5e:5c:ac:57:c2:84:4a:
64:c2:64:fc:cb:50:3c:48:99:26:48:02:3d:56:5c:84:7d:13:
5e:4b:a6:9f:7f:12:d1:f6:24:e1:27:33:9d:95:3f:7e:b0:9d:
23:43:56:38:17:44:af:0a:9e:0b:a6:36:be:92:05:79:ec:0c:
a8:dc:2e:3d:14:65:4b:b3:0d:dd:2b:af:9d:3c:b3:4f:7b:cd:
2b:a8:5d:c2:34:81:4b:46:45:cd:68:13:1c:aa:66:24:92:a0:
78:0d:ca:44:73:e7:5d:1d:c8:22:a2:50:c0:8c:8d:5d:7d:8d:
a4:3b:b7:53:8b:c8:4d:3c:bd:f9:9f:46:ee:f0:aa:12:04:85:
00:f2:ae:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENGV+gDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NjhlNTMwOTRhNjIwN2EwYTY1Y2RlZWMyZTg5OGIyYzgxMjY3YWUxMB4XDTIyMDEw
MTA5NTkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQxOTY4NzIyODA4
YTFhMzZlODUxZGRhOTc4ZTljY2VkODAwZmMwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfNhGz2Ap2dDS9N6XEXqlu2oHLEJMDEJ4+QWnFA0AHzUXiU
NFxvVgC27AkZuYKpIJcRUnA5w3ygBCzOE391gI++dDoPLTLzhW1FmlRKf/sY10xu
oGkv2W1UkCcl1dbORN8oFmI/TBpgLfluUa82gnSltWVa+Nbj/7LSFzxUBNxyeX0s
2AJ44RGz8bR3MAwD7g0RpPkyZD2v9xuin6vHn35jUgARJRn/VNekuIZgeUtlHHIj
9+jx+NIy1ZFVs0vIYEMIPdTKXZJGQKLaoowUmIMOs0U+x030L6GpjOVd5jvOvbMQ
eeip+3Jgku+pHNQvH2GPJOyAy8iAoObgNQp7btcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTkGWhyKAiho26FHdqXjpzO2AD8DzAfBgNVHSMEGDAWgBSWjlMJSmIHoKZc
3uwuiYssgSZ64TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xvNVRDVXBpQjZDbVhON3NMb21MTElFbWV1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvNTE0MjU4LTBmZDAtNDgzMS1iY2Y2LWQ0ZDY5YTFkNDM0Ny8x
LzVCbG9jaWdJb2FOdWhSM2FsNDZjenRnQV9BOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
NTE0MjU4LTBmZDAtNDgzMS1iY2Y2LWQ0ZDY5YTFkNDM0Ny8xL2xvNVRDVXBpQjZD
bVhON3NMb21MTElFbWV1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA7L/yDANBAIAAjAHAwUAKgGkQDAN
BgkqhkiG9w0BAQsFAAOCAQEAa8dzgqU+X+2gfu/0+seLli//fiUnxXuNaHBklA3n
XKwG92SJz+yWoZAWhMDxJYfDht0D0JbOuO1R2dxNPj1SEKYkDphYBxVPOjvdWYYP
NF+Uu5DJ5NWilSw+cBxGbuso6hVmQB0SgIYOSybJjNZLj2rWXrjvUQteXKxXwoRK
ZMJk/MtQPEiZJkgCPVZchH0TXkumn38S0fYk4ScznZU/frCdI0NWOBdErwqeC6Y2
vpIFeewMqNwuPRRlS7MN3SuvnTyzT3vNK6hdwjSBS0ZFzWgTHKpmJJKgeA3KRHPn
XR3IIqJQwIyNXX2NpDu3U4vITTy9+Z9G7vCqEgSFAPKunQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:39 2025 by rpki-client