Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/5NIsqkc9vMkUbKJISITWHR80lnU.roa
File: 5NIsqkc9vMkUbKJISITWHR80lnU.roa (raw, json)
Hash identifier: rTtJCCn1pALK1KK1DzvSGITMJEp2xHDofmUm8fwxCgg=
Subject key identifier: E4:D2:2C:AA:47:3D:BC:C9:14:6C:A2:48:48:84:D6:1D:1F:34:96:75
Certificate issuer: /CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Certificate serial: 0194266C3DAFBC9772463D4142EAAC59F410
Authority key identifier: D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/5NIsqkc9vMkUbKJISITWHR80lnU.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216246
IP address blocks: 178.20.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3d:af:bc:97:72:46:3d:41:42:ea:ac:59:f4:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4d22caa473dbcc9146ca2484884d61d1f349675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:92:6a:ed:76:74:15:80:95:78:72:9e:99:58:
c6:0a:17:a7:b9:8d:5b:5d:db:3f:a9:34:1c:59:7c:
1c:ec:7e:21:e0:82:b9:f0:e0:97:a5:49:7a:07:53:
d2:68:99:4f:12:4d:05:84:0e:91:41:0e:2c:62:3d:
a8:ec:86:a3:21:1e:b0:7a:0e:1a:5a:3d:87:ff:e3:
ee:81:6d:f0:d1:af:2e:5b:86:4f:a8:91:b9:a6:92:
0b:53:18:40:d0:55:1b:b9:ae:fb:4f:6b:89:ed:df:
1c:dc:0f:94:5d:54:80:cb:dd:2f:7f:56:b8:ae:19:
93:3e:7d:c1:5f:90:12:5a:54:a0:13:8e:d1:84:80:
58:7a:7d:cf:ac:77:5a:34:42:76:1b:0c:67:11:43:
d0:8e:ce:1d:9c:8d:ee:28:ec:38:27:37:8b:b4:0c:
df:79:42:ab:43:f8:84:96:2f:01:14:1d:80:c6:ae:
e2:9d:df:92:af:46:73:2c:f9:23:cc:c7:8a:2b:f7:
65:e9:a3:15:83:dd:61:07:76:34:6b:48:e8:bf:43:
8e:5f:94:e8:2d:9e:1b:d9:09:a0:4c:11:83:51:ab:
a3:94:e4:73:df:57:b4:3e:be:30:d6:31:43:33:48:
d0:c6:90:6a:5d:68:99:35:eb:2d:1a:e0:05:d6:8d:
51:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D2:2C:AA:47:3D:BC:C9:14:6C:A2:48:48:84:D6:1D:1F:34:96:75
X509v3 Authority Key Identifier:
keyid:D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/5NIsqkc9vMkUbKJISITWHR80lnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/2TpU8C9J9FrV1z5VUdCWGBvOP24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.208.0/24
Signature Algorithm: sha256WithRSAEncryption
75:34:a5:f2:4d:40:f9:49:1e:23:b1:03:da:13:56:e8:3f:d1:
69:41:c7:2b:c1:ec:a4:e3:3f:3c:fb:51:69:78:6c:14:6c:68:
23:45:99:56:19:c0:5b:96:3a:4a:3a:32:02:9a:2d:3f:0d:48:
c2:ad:6b:80:cc:9b:51:99:fb:e8:14:e6:05:85:bd:e6:79:ee:
18:0b:fc:ef:a4:d3:b5:1e:c7:5e:5c:51:2d:c6:d9:3e:51:f4:
a8:3e:f6:ea:0a:ca:7f:03:65:e1:86:44:f8:51:e0:7c:ca:71:
70:a3:c6:7d:cd:10:11:18:48:6c:c5:46:b5:ba:df:db:76:db:
54:27:6d:65:56:ed:26:2e:66:d8:92:90:c1:a2:43:7c:f9:ba:
0f:65:8d:15:53:69:e1:9f:6c:33:f4:8a:0b:c6:ba:d2:e9:dc:
1c:56:43:5c:82:da:69:7e:f5:25:a2:cf:d8:cd:ce:9b:29:fc:
b5:1c:35:49:a2:bf:22:9d:ed:48:ca:aa:4f:a1:1d:30:ca:20:
3c:8d:25:18:6b:fe:4a:37:0a:f1:c2:a5:0b:e2:1f:50:c8:db:
32:8c:5d:2a:ef:e1:21:db:03:85:48:c2:24:6c:a9:fd:57:7b:
52:06:7b:ff:47:05:3a:c8:18:73:6d:fe:c7:dc:10:53:c0:c7:
1d:73:3f:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbD2vvJdyRj1BQuqsWfQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2E1NGYwMmY0OWY0NWFkNWQ3M2U1NTUxZDA5NjE4MWJj
ZTNmNmUwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQyMmNhYTQ3M2RiY2M5MTQ2Y2EyNDg0ODg0ZDYxZDFmMzQ5Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpJq7XZ0FYCVeHKemVjGChenuY1b
Xds/qTQcWXwc7H4h4IK58OCXpUl6B1PSaJlPEk0FhA6RQQ4sYj2o7IajIR6weg4a
Wj2H/+PugW3w0a8uW4ZPqJG5ppILUxhA0FUbua77T2uJ7d8c3A+UXVSAy90vf1a4
rhmTPn3BX5ASWlSgE47RhIBYen3PrHdaNEJ2GwxnEUPQjs4dnI3uKOw4JzeLtAzf
eUKrQ/iEli8BFB2Axq7ind+Sr0ZzLPkjzMeKK/dl6aMVg91hB3Y0a0jov0OOX5To
LZ4b2QmgTBGDUaujlORz31e0Pr4w1jFDM0jQxpBqXWiZNestGuAF1o1RSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTSLKpHPbzJFGyiSEiE1h0fNJZ1MB8GA1UdIwQY
MBaAFNk6VPAvSfRa1dc+VVHQlhgbzj9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMt
MDVkNThmMGNiODhjLzEvNU5Jc3FrYzl2TWtVYktKSVNJVFdIUjgwbG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMtMDVkNThmMGNiODhj
LzEvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshTQMA0G
CSqGSIb3DQEBCwUAA4IBAQB1NKXyTUD5SR4jsQPaE1boP9FpQccrweyk4z88+1Fp
eGwUbGgjRZlWGcBbljpKOjICmi0/DUjCrWuAzJtRmfvoFOYFhb3mee4YC/zvpNO1
HsdeXFEtxtk+UfSoPvbqCsp/A2XhhkT4UeB8ynFwo8Z9zRARGEhsxUa1ut/bdttU
J21lVu0mLmbYkpDBokN8+boPZY0VU2nhn2wz9IoLxrrS6dwcVkNcgtppfvUlos/Y
zc6bKfy1HDVJor8ine1IyqpPoR0wyiA8jSUYa/5KNwrxwqUL4h9QyNsyjF0q7+Eh
2wOFSMIkbKn9V3tSBnv/RwU6yBhzbf7H3BBTwMcdcz9A
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:24 2025 by rpki-client