Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/afkHGgkpnYuChER0buPhVqx5kXI.roa
File: afkHGgkpnYuChER0buPhVqx5kXI.roa (raw, json)
Hash identifier: Tx1z4EJ2mEaA6VjS7e2DEwi0lCy0cpAZk+6Uv+5pnbw=
Subject key identifier: 69:F9:07:1A:09:29:9D:8B:82:84:44:74:6E:E3:E1:56:AC:79:91:72
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 019427B3750A6A5900C69D4D99AEC03A2CCD
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/afkHGgkpnYuChER0buPhVqx5kXI.roa
Signing time: Thu 02 Jan 2025 15:47:39 +0000
ROA not before: Thu 02 Jan 2025 15:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 178.212.62.0/24 maxlen: 24
178.212.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:75:0a:6a:59:00:c6:9d:4d:99:ae:c0:3a:2c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Jan 2 15:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69f9071a09299d8b828444746ee3e156ac799172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:e6:79:15:1f:e3:cb:65:0a:dc:b4:df:e9:
b2:f2:73:c1:c3:65:dc:d2:d2:34:43:5e:ab:b5:fc:
d4:b3:5a:2e:40:b1:a5:8f:2e:af:23:c9:9d:05:51:
d3:ba:e1:22:ba:26:76:a6:5f:3a:7c:56:55:85:f7:
7a:8f:fe:9c:76:e6:bd:e7:8c:12:50:e2:36:4a:d3:
d8:cd:5c:0b:bb:07:24:67:d1:9a:58:4d:36:b7:3d:
df:bd:3a:07:cc:16:15:46:a0:bd:18:db:61:28:26:
e7:1e:6b:df:05:6e:f5:01:94:d7:99:d7:f9:77:f9:
7c:98:8e:3b:b6:70:3f:05:65:d6:75:6e:a2:ef:17:
fa:0b:79:d7:6c:6a:43:9e:7b:60:6a:85:8d:2a:67:
9c:f2:b6:1f:ad:ce:91:97:6d:53:d1:d0:0b:f2:3a:
77:11:0e:54:64:d6:81:3f:32:7a:3f:31:4c:29:f3:
06:97:09:bf:99:40:7b:39:cd:be:20:c6:71:8f:f6:
e9:89:ea:6c:17:bb:0e:2f:1e:f5:2a:0a:0c:4f:ca:
a4:6f:e5:d2:02:1e:e1:25:4c:0f:c6:77:41:be:f9:
9f:7c:52:3b:65:0d:b4:e4:30:9e:fe:e5:2a:a2:3a:
ae:e8:9f:57:3f:4b:88:12:e6:26:43:72:7a:92:f3:
ca:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F9:07:1A:09:29:9D:8B:82:84:44:74:6E:E3:E1:56:AC:79:91:72
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/afkHGgkpnYuChER0buPhVqx5kXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.62.0/23
Signature Algorithm: sha256WithRSAEncryption
03:c0:38:55:a2:72:72:07:0a:6b:c0:69:8e:d8:d6:be:da:f8:
06:f3:3c:10:be:47:47:c7:a1:9a:04:1e:7e:f8:20:f1:42:cc:
cd:5b:a1:d3:c4:d7:b9:62:eb:9b:a3:69:42:03:b9:42:d6:2e:
4c:37:20:8b:da:31:01:47:19:6f:12:cc:bd:97:4d:bc:3f:e1:
a0:d8:68:25:fe:2b:02:6f:67:bd:f5:8a:eb:6f:4e:bf:21:f5:
bd:1c:62:7a:14:06:f4:12:73:53:e2:35:67:75:d7:92:0c:d3:
05:90:aa:2c:5a:0f:d4:85:e2:42:5c:8f:a4:2a:86:a4:95:c6:
df:d5:5e:bb:4e:56:db:e3:b2:c5:cc:af:87:bd:9f:0b:3c:ca:
e5:6f:c2:08:40:83:41:45:b0:b8:3f:2d:0d:a3:4d:93:0a:e0:
9d:e7:00:87:2f:3e:ad:ae:00:8d:9a:c9:8b:8e:88:39:e0:33:
fd:5a:c4:db:31:da:9e:62:da:17:d5:eb:b6:a1:00:ac:de:7b:
c5:8a:02:4b:29:6e:f8:c1:62:6f:c0:35:6d:56:bc:80:bb:8b:
61:71:8b:88:d1:58:81:cd:30:c0:cf:e9:1a:9d:30:34:16:2f:
67:0c:d3:8b:d9:6f:8b:c6:29:49:70:ca:2c:ab:97:e1:ce:22:
9a:de:cb:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns3UKalkAxp1Nma7AOizNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjUwMTAyMTU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWY5MDcxYTA5Mjk5ZDhiODI4NDQ0NzQ2ZWUzZTE1NmFjNzk5MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRTmeRUf48tlCty03+my8nPBw2Xc
0tI0Q16rtfzUs1ouQLGljy6vI8mdBVHTuuEiuiZ2pl86fFZVhfd6j/6cdua954wS
UOI2StPYzVwLuwckZ9GaWE02tz3fvToHzBYVRqC9GNthKCbnHmvfBW71AZTXmdf5
d/l8mI47tnA/BWXWdW6i7xf6C3nXbGpDnntgaoWNKmec8rYfrc6Rl21T0dAL8jp3
EQ5UZNaBPzJ6PzFMKfMGlwm/mUB7Oc2+IMZxj/bpiepsF7sOLx71KgoMT8qkb+XS
Ah7hJUwPxndBvvmffFI7ZQ205DCe/uUqojqu6J9XP0uIEuYmQ3J6kvPKTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGn5BxoJKZ2LgoREdG7j4VaseZFyMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvYWZrSEdna3BuWXVDaEVSMGJ1UGhWcXg1a1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstQ+MA0G
CSqGSIb3DQEBCwUAA4IBAQADwDhVonJyBwprwGmO2Na+2vgG8zwQvkdHx6GaBB5+
+CDxQszNW6HTxNe5Yuubo2lCA7lC1i5MNyCL2jEBRxlvEsy9l028P+Gg2Ggl/isC
b2e99Yrrb06/IfW9HGJ6FAb0EnNT4jVnddeSDNMFkKosWg/UheJCXI+kKoaklcbf
1V67Tlbb47LFzK+HvZ8LPMrlb8IIQINBRbC4Py0No02TCuCd5wCHLz6trgCNmsmL
jog54DP9WsTbMdqeYtoX1eu2oQCs3nvFigJLKW74wWJvwDVtVryAu4thcYuI0ViB
zTDAz+kanTA0Fi9nDNOL2W+LxilJcMosq5fhziKa3sve
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:34:26 2025 by rpki-client