Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/lKuefZ52I2gDj4SNp1euDoq4MqA.roa
File: lKuefZ52I2gDj4SNp1euDoq4MqA.roa (raw, json)
Hash identifier: RZPJaHmQqNhxt7yxfSR8DA/SkbTIMFCe1pB6o/iKfIw=
Subject key identifier: 94:AB:9E:7D:9E:76:23:68:03:8F:84:8D:A7:57:AE:0E:8A:B8:32:A0
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0194206876855FAEEC746BE5E2716747B23C
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/lKuefZ52I2gDj4SNp1euDoq4MqA.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205570
IP address blocks: 178.254.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:76:85:5f:ae:ec:74:6b:e5:e2:71:67:47:b2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94ab9e7d9e762368038f848da757ae0e8ab832a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:59:50:a0:72:d7:a0:11:63:0e:71:06:df:cb:
e4:1f:47:c7:49:6e:72:8e:3f:da:59:6c:98:1f:bc:
7d:36:8d:fa:c6:0f:89:94:db:35:64:91:0e:7e:fa:
21:a9:c0:f3:34:87:3d:aa:4b:44:98:b4:05:7c:b2:
fe:63:98:14:e7:85:11:5f:2b:8c:25:d1:59:bf:3a:
0a:47:4b:3d:80:c4:f0:93:3c:0b:19:e5:d2:d7:74:
df:52:df:d2:0b:fa:56:d5:7c:84:f8:22:04:5f:d1:
36:54:9e:b3:9a:91:0f:4e:a3:2a:0a:6d:20:58:5e:
c2:da:9a:d3:aa:06:3c:c9:e2:37:84:3b:3c:ab:1b:
c8:07:a4:bb:c3:e5:5b:50:e5:2f:e6:5f:31:2d:8b:
db:e2:a0:e6:6f:fe:af:b5:f8:90:71:ba:9d:92:bb:
f6:96:9e:38:94:a1:46:62:bc:4e:40:89:a9:a8:3d:
23:ae:98:4e:0c:ed:28:08:2b:6f:df:2e:05:2d:66:
e9:9f:9c:4c:ee:d1:99:a7:8e:a3:d5:63:a0:31:4b:
ca:8d:37:a3:b4:14:4c:6c:bc:f0:34:34:fc:86:1d:
ef:30:f7:f4:7e:8c:9c:a9:8b:ec:fc:b7:73:40:85:
ed:3f:22:95:2a:bb:20:e5:d2:e6:ae:a3:43:a2:ec:
3f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AB:9E:7D:9E:76:23:68:03:8F:84:8D:A7:57:AE:0E:8A:B8:32:A0
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/lKuefZ52I2gDj4SNp1euDoq4MqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.254.168.0/24
Signature Algorithm: sha256WithRSAEncryption
10:36:81:36:4a:c7:5d:69:df:84:61:da:0d:dd:7e:86:40:f6:
54:dd:1d:73:c7:f4:b0:a5:4e:76:3b:fd:d0:39:6d:47:ab:a6:
94:77:b8:6f:d1:3a:66:bb:6d:d0:23:06:18:c5:ed:ac:74:51:
4c:4a:39:c0:c3:70:67:fe:b8:e8:ca:d3:8f:cc:75:90:81:f4:
cf:71:88:44:cf:9e:4d:2d:ba:e2:9e:7d:92:bc:d6:cc:da:1b:
2e:c3:52:88:55:91:93:3f:08:2c:4c:d4:d2:f4:59:30:90:f7:
88:b0:bc:50:f1:71:96:75:5c:8f:e8:bd:0b:4a:ce:c8:08:3d:
dd:90:60:7c:b8:a1:f7:72:e6:96:49:72:67:05:3a:d7:e0:f4:
1d:77:f3:d7:f0:82:83:f8:6a:0f:68:80:fc:a9:a5:eb:b6:90:
ae:c3:f2:e5:79:32:4b:6b:da:9d:90:ba:e1:63:41:6c:77:47:
1b:89:19:b2:3b:78:19:06:6b:01:c9:8f:ef:7f:8d:fc:6e:a2:
b5:10:bc:1d:58:e2:c2:c2:b0:d2:fc:66:3e:5a:60:e2:49:49:
a4:21:85:9b:6b:25:bb:29:e3:d8:aa:54:57:ef:c3:90:54:d7:
91:7e:ef:1f:0f:2c:0d:5d:ed:e1:33:5f:9f:9e:98:1c:14:14:
78:c9:bb:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHaFX67sdGvl4nFnR7I8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFiOWU3ZDllNzYyMzY4MDM4Zjg0OGRhNzU3YWUwZThhYjgzMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFlQoHLXoBFjDnEG38vkH0fHSW5y
jj/aWWyYH7x9No36xg+JlNs1ZJEOfvohqcDzNIc9qktEmLQFfLL+Y5gU54URXyuM
JdFZvzoKR0s9gMTwkzwLGeXS13TfUt/SC/pW1XyE+CIEX9E2VJ6zmpEPTqMqCm0g
WF7C2prTqgY8yeI3hDs8qxvIB6S7w+VbUOUv5l8xLYvb4qDmb/6vtfiQcbqdkrv2
lp44lKFGYrxOQImpqD0jrphODO0oCCtv3y4FLWbpn5xM7tGZp46j1WOgMUvKjTej
tBRMbLzwNDT8hh3vMPf0foycqYvs/LdzQIXtPyKVKrsg5dLmrqNDouw/BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSrnn2ediNoA4+EjadXrg6KuDKgMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvbEt1ZWZaNTJJMmdEajRTTnAxZXVEb3E0TXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv6oMA0G
CSqGSIb3DQEBCwUAA4IBAQAQNoE2Ssddad+EYdoN3X6GQPZU3R1zx/SwpU52O/3Q
OW1Hq6aUd7hv0Tpmu23QIwYYxe2sdFFMSjnAw3Bn/rjoytOPzHWQgfTPcYhEz55N
Lbrinn2SvNbM2hsuw1KIVZGTPwgsTNTS9FkwkPeIsLxQ8XGWdVyP6L0LSs7ICD3d
kGB8uKH3cuaWSXJnBTrX4PQdd/PX8IKD+GoPaID8qaXrtpCuw/LleTJLa9qdkLrh
Y0Fsd0cbiRmyO3gZBmsByY/vf438bqK1ELwdWOLCwrDS/GY+WmDiSUmkIYWbayW7
KePYqlRX78OQVNeRfu8fDywNXe3hM1+fnpgcFBR4ybt5
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:12:47 2025 by rpki-client