Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/U77ECX22fJUQ9Szp6lrBtYkTrQY.roa
File: U77ECX22fJUQ9Szp6lrBtYkTrQY.roa (raw, json)
Hash identifier: jYSTL2r9IXnyVhPYQjdEYfmkmSawy+babAO2lCpGCAs=
Subject key identifier: 53:BE:C4:09:7D:B6:7C:95:10:F5:2C:E9:EA:5A:C1:B5:89:13:AD:06
Certificate issuer: /CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Certificate serial: 0194221FEB3362A5B0334AA739716EA3CB08
Authority key identifier: BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/U77ECX22fJUQ9Szp6lrBtYkTrQY.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59962
IP address blocks: 178.173.152.0/24 maxlen: 24
178.173.153.0/24 maxlen: 24
178.173.154.0/24 maxlen: 24
178.173.155.0/24 maxlen: 24
178.173.156.0/24 maxlen: 24
178.173.157.0/24 maxlen: 24
178.173.158.0/24 maxlen: 24
178.173.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:eb:33:62:a5:b0:33:4a:a7:39:71:6e:a3:cb:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53bec4097db67c9510f52ce9ea5ac1b58913ad06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:94:e0:31:4d:c9:59:c2:69:73:0b:53:99:81:
5d:59:e0:5d:88:a0:2c:73:08:64:a7:2a:d4:a6:64:
ef:ed:d1:1a:7e:dc:59:58:95:04:18:65:a8:d0:3f:
91:21:cd:7b:1b:37:b4:69:64:0c:84:83:4e:54:50:
9c:4b:77:f8:0c:ac:14:69:bc:38:9a:f4:19:76:4a:
6d:1f:5e:5b:6b:38:24:30:82:a7:38:e2:ca:cd:f7:
72:af:3b:f6:95:16:a3:21:a8:36:ed:b2:ea:b8:09:
e2:01:5b:06:48:0d:d6:82:bd:d5:c1:32:db:fb:6c:
b5:29:88:56:5f:2a:93:71:9f:5e:27:e6:fb:94:8c:
d0:90:b7:e6:5c:13:fd:07:52:02:f9:b7:5a:55:4a:
b3:b6:bf:40:53:b7:d2:82:fd:9a:47:4e:a9:cf:61:
e0:57:43:30:30:54:ce:52:38:6b:a0:76:bc:8a:a4:
d6:94:6b:99:9d:f6:e1:18:ff:7b:0e:0b:b0:22:e9:
43:1f:a9:68:43:42:03:fd:66:7c:e3:d0:53:e0:db:
dd:d5:c0:d4:d0:9b:c7:0a:0d:7c:14:a2:8e:6d:d1:
3e:ce:04:01:5f:ea:53:b6:1b:24:12:cb:32:c0:7e:
14:5c:0e:96:6d:5c:a9:75:3b:65:a2:1f:17:81:ee:
37:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BE:C4:09:7D:B6:7C:95:10:F5:2C:E9:EA:5A:C1:B5:89:13:AD:06
X509v3 Authority Key Identifier:
keyid:BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/U77ECX22fJUQ9Szp6lrBtYkTrQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/vBWSH1umvRR_9AAReqlzhjPxWH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.152.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:ca:6a:a1:37:32:93:70:56:58:0a:de:f5:5c:60:5e:4d:9a:
f2:b5:65:27:bf:54:c3:1f:0b:3c:36:26:70:cd:f6:6e:75:0a:
e4:c1:de:8c:12:e8:f6:72:dd:a2:a0:82:76:c0:43:0a:e1:69:
ee:a7:19:be:ce:77:16:e8:bd:4c:2c:3e:d2:a4:5a:d6:0f:e2:
8a:ad:84:c9:5d:6d:c9:bd:b5:31:d9:ee:86:7c:38:16:2d:99:
c6:54:b4:da:d6:e6:d3:34:08:fb:1b:79:5b:9a:87:22:c3:8b:
79:da:af:0b:b9:be:b3:db:af:3a:32:e3:ac:a8:e0:58:8b:51:
4a:07:75:8a:a0:f5:a2:85:d3:d7:34:ea:94:1d:cd:dd:3f:55:
72:12:08:e2:29:52:1a:40:fe:92:9f:30:24:12:58:24:c7:3a:
b9:f4:6c:65:a5:66:fc:d6:4a:19:66:ce:31:fa:8d:11:15:83:
e4:eb:ac:65:e7:66:78:f7:eb:da:31:f1:dc:53:2b:73:33:57:
37:2c:8b:a2:87:a1:10:2e:6b:34:20:08:31:02:ed:d2:de:da:
87:d9:73:41:ce:66:4a:f0:15:aa:99:67:56:33:41:2b:12:61:
6d:d3:9a:40:6e:6a:c6:a2:c4:c2:ee:29:f9:0e:66:62:cc:81:
cf:d9:68:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+szYqWwM0qnOXFuo8sIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMTU5MjFmNWJhNmJkMTQ3ZmY0MDAxMTdhYTk3Mzg2MzNm
MTU4N2QwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JlYzQwOTdkYjY3Yzk1MTBmNTJjZTllYTVhYzFiNTg5MTNhZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpTgMU3JWcJpcwtTmYFdWeBdiKAs
cwhkpyrUpmTv7dEaftxZWJUEGGWo0D+RIc17Gze0aWQMhINOVFCcS3f4DKwUabw4
mvQZdkptH15bazgkMIKnOOLKzfdyrzv2lRajIag27bLquAniAVsGSA3Wgr3VwTLb
+2y1KYhWXyqTcZ9eJ+b7lIzQkLfmXBP9B1IC+bdaVUqztr9AU7fSgv2aR06pz2Hg
V0MwMFTOUjhroHa8iqTWlGuZnfbhGP97DguwIulDH6loQ0ID/WZ849BT4Nvd1cDU
0JvHCg18FKKObdE+zgQBX+pTthskEssywH4UXA6WbVypdTtloh8Xge43mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFO+xAl9tnyVEPUs6epawbWJE60GMB8GA1UdIwQY
MBaAFLwVkh9bpr0Uf/QAEXqpc4Yz8Vh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAt
MDk5MGNlNzQ4MWU3LzEvVTc3RUNYMjJmSlVROVN6cDZsckJ0WWtUclFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAtMDk5MGNlNzQ4MWU3
LzEvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsq2YMA0G
CSqGSIb3DQEBCwUAA4IBAQAvymqhNzKTcFZYCt71XGBeTZrytWUnv1TDHws8NiZw
zfZudQrkwd6MEuj2ct2ioIJ2wEMK4Wnupxm+zncW6L1MLD7SpFrWD+KKrYTJXW3J
vbUx2e6GfDgWLZnGVLTa1ubTNAj7G3lbmociw4t52q8Lub6z2686MuOsqOBYi1FK
B3WKoPWihdPXNOqUHc3dP1VyEgjiKVIaQP6SnzAkElgkxzq59GxlpWb81koZZs4x
+o0RFYPk66xl52Z49+vaMfHcUytzM1c3LIuih6EQLms0IAgxAu3S3tqH2XNBzmZK
8BWqmWdWM0ErEmFt05pAbmrGosTC7in5DmZizIHP2Wh9
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:57:19 2025 by rpki-client