Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/9XHxKJ0WI-P3IcOmFgGednxUJbU.roa
File: 9XHxKJ0WI-P3IcOmFgGednxUJbU.roa (raw, json)
Hash identifier: ROHwJQ5aBds1pvosQThys7UgHao9D+lnQ9epORD47Ps=
Subject key identifier: F5:71:F1:28:9D:16:23:E3:F7:21:C3:A6:16:01:9E:76:7C:54:25:B5
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 018D06E6BA85A42FA7F8FA1F267DD8282C42
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/9XHxKJ0WI-P3IcOmFgGednxUJbU.roa
Signing time: Sun 14 Jan 2024 07:36:40 +0000
ROA not before: Sun 14 Jan 2024 07:36:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 178.248.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:e6:ba:85:a4:2f:a7:f8:fa:1f:26:7d:d8:28:2c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Jan 14 07:36:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f571f1289d1623e3f721c3a616019e767c5425b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e8:c1:af:c6:fc:a2:98:03:db:ae:53:32:c9:
4d:13:b0:c4:7d:be:dc:e8:dc:8d:02:96:62:be:be:
d7:cb:58:90:fc:69:28:ce:1d:25:5c:ef:32:4e:0c:
a4:2b:7e:68:78:40:fc:6f:f1:d0:47:05:db:c0:17:
9b:2a:be:3b:0a:ce:ca:71:ae:1a:b8:33:15:15:73:
9c:16:37:fa:94:f3:3c:45:b9:d9:24:8d:01:f2:52:
af:61:74:f4:5b:01:3b:8a:57:ee:31:b5:f4:2e:23:
80:74:86:b6:3f:89:2b:c4:15:ba:15:39:90:cc:57:
81:5d:b1:06:a1:68:dc:ab:fd:40:f7:55:9f:be:de:
32:00:f8:e0:dc:1a:5e:c4:c3:af:cf:d0:ef:c4:ce:
61:ff:59:79:79:ca:3d:b2:d0:11:b3:2a:0d:8d:cf:
f2:52:61:9f:9b:5d:33:73:69:8b:83:86:ad:48:ad:
04:7f:73:68:3d:7a:15:7b:d3:9b:cb:70:e9:13:ef:
ce:16:38:f6:66:a2:ca:f0:26:d6:4a:59:78:a3:b3:
f0:47:02:9e:9f:4a:ca:bf:67:52:47:a2:23:4c:22:
10:ec:fa:97:ab:4b:50:e8:c2:0e:2f:b2:ea:6a:a5:
96:36:56:ed:15:5a:48:23:c9:67:57:34:1b:ee:28:
a8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:71:F1:28:9D:16:23:E3:F7:21:C3:A6:16:01:9E:76:7C:54:25:B5
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/9XHxKJ0WI-P3IcOmFgGednxUJbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.76.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:13:c8:83:06:b9:13:5c:c4:a1:01:55:11:b7:f5:ac:f0:4e:
e2:85:05:00:75:92:f1:87:10:53:86:f8:cc:27:44:fe:05:66:
33:32:a0:f2:46:f6:bc:9d:fe:28:82:99:83:2f:c9:8f:64:f9:
dc:74:fd:c4:ae:64:8e:3a:cd:b3:19:b1:a4:2a:cd:f4:5f:0c:
fa:4d:bd:52:7d:ee:cf:02:f3:6e:1f:e9:fe:c3:f6:f6:a0:82:
ec:a5:3f:b1:c0:4e:14:59:34:d5:60:64:45:27:c6:00:36:d9:
eb:b5:1f:fd:24:06:05:dd:59:c7:7d:44:15:f3:7c:63:b7:13:
96:46:ae:82:ca:c0:f8:d3:b8:cb:15:cb:a5:9f:c7:f3:01:15:
18:1a:48:51:e8:60:0e:a9:33:3b:e3:e2:0a:37:4f:9a:85:82:
03:34:b8:6e:f2:95:f9:e1:64:37:5b:31:de:49:00:ad:09:60:
a3:86:71:bf:41:00:aa:4e:79:b2:d2:87:77:83:b4:42:f7:9c:
88:6d:14:ec:86:c7:33:91:98:97:da:3a:ce:02:66:98:c3:2d:
ad:de:8f:bb:b4:44:60:42:a8:9a:93:7a:f1:81:65:c6:e3:71:
5c:e1:da:66:25:42:4c:48:f6:3f:f8:74:36:77:48:1b:51:49:
5e:3e:5a:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0G5rqFpC+n+PofJn3YKCxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjQwMTE0MDczNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTcxZjEyODlkMTYyM2UzZjcyMWMzYTYxNjAxOWU3NjdjNTQyNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjujBr8b8opgD265TMslNE7DEfb7c
6NyNApZivr7Xy1iQ/Gkozh0lXO8yTgykK35oeED8b/HQRwXbwBebKr47Cs7Kca4a
uDMVFXOcFjf6lPM8RbnZJI0B8lKvYXT0WwE7ilfuMbX0LiOAdIa2P4krxBW6FTmQ
zFeBXbEGoWjcq/1A91Wfvt4yAPjg3BpexMOvz9DvxM5h/1l5eco9stARsyoNjc/y
UmGfm10zc2mLg4atSK0Ef3NoPXoVe9Oby3DpE+/OFjj2ZqLK8CbWSll4o7PwRwKe
n0rKv2dSR6IjTCIQ7PqXq0tQ6MIOL7LqaqWWNlbtFVpII8lnVzQb7iiouwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVx8SidFiPj9yHDphYBnnZ8VCW1MB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvOVhIeEtKMFdJLVAzSWNPbUZnR2VkbnhVSmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvhMMA0G
CSqGSIb3DQEBCwUAA4IBAQA/E8iDBrkTXMShAVURt/Ws8E7ihQUAdZLxhxBThvjM
J0T+BWYzMqDyRva8nf4ogpmDL8mPZPncdP3ErmSOOs2zGbGkKs30Xwz6Tb1Sfe7P
AvNuH+n+w/b2oILspT+xwE4UWTTVYGRFJ8YANtnrtR/9JAYF3VnHfUQV83xjtxOW
Rq6CysD407jLFculn8fzARUYGkhR6GAOqTM74+IKN0+ahYIDNLhu8pX54WQ3WzHe
SQCtCWCjhnG/QQCqTnmy0od3g7RC95yIbRTshsczkZiX2jrOAmaYwy2t3o+7tERg
Qqiak3rxgWXG43Fc4dpmJUJMSPY/+HQ2d0gbUUlePlrI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:31 2025 by rpki-client