Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/4XWjq7ogYUDP62yGQjBREKR343A.roa
File: 4XWjq7ogYUDP62yGQjBREKR343A.roa (raw, json)
Hash identifier: +QB9QyZX6NlEQe9mN8G88b5a5eVwgALI1tkZ/KqBDxY=
Subject key identifier: E1:75:A3:AB:BA:20:61:40:CF:EB:6C:86:42:30:51:10:A4:77:E3:70
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 018C62AFEF6028CEB07CAFBB1F060D1087C6
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/4XWjq7ogYUDP62yGQjBREKR343A.roa
Signing time: Wed 13 Dec 2023 10:19:06 +0000
ROA not before: Wed 13 Dec 2023 10:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.248.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:af:ef:60:28:ce:b0:7c:af:bb:1f:06:0d:10:87:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Dec 13 10:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e175a3abba206140cfeb6c8642305110a477e370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:30:3f:68:42:90:a5:2e:a7:23:b4:51:0f:
5a:9e:9c:5e:1d:b6:04:21:0b:13:f0:1e:7c:bc:98:
5d:77:a5:31:c0:e0:7a:ab:2d:7d:65:6f:37:4b:15:
90:af:15:39:75:40:5b:a7:aa:18:c2:36:6a:65:4c:
35:cf:34:58:69:a7:f6:66:83:96:33:c6:0c:b4:12:
65:07:ce:9c:61:32:3b:93:33:6d:44:1d:0e:75:91:
fc:07:74:81:4e:4b:6c:fb:82:87:f1:11:2a:a9:73:
59:ee:58:7c:18:91:5d:7c:6d:75:6e:77:74:48:e8:
cc:8d:4e:cd:b7:6d:c3:0a:6c:1b:83:a8:15:e3:0d:
b7:87:ad:e5:66:f8:95:17:44:5a:c7:e8:22:3e:b4:
a4:20:b2:9a:ac:a6:b2:1e:0b:90:4d:81:79:57:53:
dc:79:1b:f5:14:80:f1:2d:54:65:0c:68:99:f2:cc:
53:6e:52:98:a7:1a:6d:18:b2:ac:bd:f4:25:59:fb:
27:48:37:c7:df:03:1c:a9:91:7e:41:f5:6c:38:b0:
d5:7a:85:26:32:b9:d2:28:3b:95:53:61:39:91:5b:
bc:6d:5e:66:78:4c:5a:34:6e:af:13:61:e2:60:02:
64:92:81:51:00:8c:20:de:fe:cf:46:86:c2:f3:96:
e5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:75:A3:AB:BA:20:61:40:CF:EB:6C:86:42:30:51:10:A4:77:E3:70
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/4XWjq7ogYUDP62yGQjBREKR343A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.79.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:33:6c:2c:07:11:4e:90:a9:a1:35:ee:d6:e4:8d:8f:05:0c:
51:21:37:e6:a2:cd:2e:74:7e:ba:96:33:f9:b8:a9:6d:82:9a:
3a:5b:8f:bb:8a:24:80:2b:62:e9:3e:69:c7:f1:de:c0:fe:ee:
9f:38:5a:16:ac:d8:3b:f3:13:d1:9f:c4:5f:e1:a9:05:95:10:
e4:ae:a8:24:2c:5d:73:ee:0a:7d:16:4f:14:fa:3a:9a:2d:c6:
bf:70:11:5c:52:fb:9a:16:68:f3:c4:a5:c1:ed:10:95:ae:08:
7b:c0:aa:4b:4f:e7:89:ba:35:fe:1f:b5:4c:0e:61:99:4b:a4:
bf:91:fc:ec:80:84:15:08:e9:ed:19:72:7c:e0:76:f9:24:c2:
a6:6a:53:72:f4:1e:22:78:88:fa:95:38:d5:48:db:f6:03:63:
b3:a7:34:46:75:6c:ce:b4:80:e6:b9:bd:44:2d:6a:68:8e:91:
e9:ca:85:6c:15:93:aa:f8:da:27:7d:19:7f:f6:36:2e:c3:e6:
a2:c9:57:94:07:cc:12:1c:38:91:fa:57:99:db:3e:c1:99:69:
bc:3a:15:35:c8:16:57:58:b8:7a:e7:f1:30:f9:f4:84:22:d2:
5b:4b:40:03:e8:69:e8:56:3e:6c:f7:eb:bb:0e:4a:a4:21:0c:
15:72:3e:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxir+9gKM6wfK+7HwYNEIfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjMxMjEzMTAxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc1YTNhYmJhMjA2MTQwY2ZlYjZjODY0MjMwNTExMGE0NzdlMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTMwP2hCkKUupyO0UQ9anpxeHbYE
IQsT8B58vJhdd6UxwOB6qy19ZW83SxWQrxU5dUBbp6oYwjZqZUw1zzRYaaf2ZoOW
M8YMtBJlB86cYTI7kzNtRB0OdZH8B3SBTkts+4KH8REqqXNZ7lh8GJFdfG11bnd0
SOjMjU7Nt23DCmwbg6gV4w23h63lZviVF0Rax+giPrSkILKarKayHguQTYF5V1Pc
eRv1FIDxLVRlDGiZ8sxTblKYpxptGLKsvfQlWfsnSDfH3wMcqZF+QfVsOLDVeoUm
MrnSKDuVU2E5kVu8bV5meExaNG6vE2HiYAJkkoFRAIwg3v7PRobC85blGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOF1o6u6IGFAz+tshkIwURCkd+NwMB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvNFhXanE3b2dZVURQNjJ5R1FqQlJFS1IzNDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvhPMA0G
CSqGSIb3DQEBCwUAA4IBAQAvM2wsBxFOkKmhNe7W5I2PBQxRITfmos0udH66ljP5
uKltgpo6W4+7iiSAK2LpPmnH8d7A/u6fOFoWrNg78xPRn8Rf4akFlRDkrqgkLF1z
7gp9Fk8U+jqaLca/cBFcUvuaFmjzxKXB7RCVrgh7wKpLT+eJujX+H7VMDmGZS6S/
kfzsgIQVCOntGXJ84Hb5JMKmalNy9B4ieIj6lTjVSNv2A2OzpzRGdWzOtIDmub1E
LWpojpHpyoVsFZOq+NonfRl/9jYuw+aiyVeUB8wSHDiR+leZ2z7BmWm8OhU1yBZX
WLh65/Ew+fSEItJbS0AD6GnoVj5s9+u7DkqkIQwVcj46
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:49 2025 by rpki-client