Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Orf0-crrS-m0d2xw75OekVLRhcU.roa
File: Orf0-crrS-m0d2xw75OekVLRhcU.roa (raw, json)
Hash identifier: NyC6YqKt0FNmC1unp3jevt47/gr2Ss5dzqvXJGD2AjU=
Subject key identifier: 3A:B7:F4:F9:CA:EB:4B:E9:B4:77:6C:70:EF:93:9E:91:52:D1:85:C5
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0194258EB2767BC53322739449AF4DEE7629
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Orf0-crrS-m0d2xw75OekVLRhcU.roa
Signing time: Thu 02 Jan 2025 05:48:16 +0000
ROA not before: Thu 02 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 178.171.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:b2:76:7b:c5:33:22:73:94:49:af:4d:ee:76:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab7f4f9caeb4be9b4776c70ef939e9152d185c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e7:5d:63:d7:c8:47:ba:a5:af:6e:54:5f:b8:
0b:70:87:0f:89:cf:18:ee:45:8d:9e:d7:ba:4b:8a:
15:96:21:de:5c:f0:39:21:c5:82:b9:bc:d2:15:7f:
c7:6f:ab:cc:12:14:75:f5:a4:ed:1a:2e:05:e2:fc:
bd:2c:cf:f4:d2:68:93:c1:37:9e:5c:06:ce:45:ae:
78:57:d1:e2:2c:6d:fc:b3:ff:61:a8:bf:32:c8:f7:
40:b6:c7:55:c2:8a:b5:f8:ec:70:21:f1:fb:90:5c:
2b:d6:b9:c7:2a:db:40:38:2e:ad:b1:4e:c6:0e:18:
a6:98:a1:f7:a8:47:b3:48:b0:25:14:72:10:7c:ff:
c5:f5:57:b7:95:f1:a0:2d:09:40:08:0f:8b:1a:0b:
68:c6:c6:61:7a:93:82:3a:7b:af:df:ef:9b:b7:6d:
a6:10:77:93:13:a0:61:97:21:8b:e4:ff:1c:4b:cf:
00:e8:9b:7d:e4:52:c2:f2:ba:2d:d0:c9:5a:07:f0:
ec:ef:ca:9b:07:af:4d:e6:ab:b3:1c:8e:34:97:a9:
f2:1d:e1:17:2c:e3:24:b2:d1:5e:3e:5e:3a:05:eb:
8f:62:f2:a5:41:de:ee:5f:d0:a5:9b:79:b4:04:ed:
d0:59:fa:2c:5e:6d:35:b3:e1:a7:37:e5:60:c4:5f:
e7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B7:F4:F9:CA:EB:4B:E9:B4:77:6C:70:EF:93:9E:91:52:D1:85:C5
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/Orf0-crrS-m0d2xw75OekVLRhcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.171.122.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:a2:15:43:aa:db:6a:48:2c:ee:7c:81:f3:58:b0:0e:44:84:
ad:9d:7a:6e:a6:fb:f3:56:37:5a:22:79:cf:30:00:c6:bc:2f:
68:2f:21:ae:5d:73:62:96:00:84:3f:48:8b:e7:d8:cf:d0:34:
6d:5b:26:b1:34:bf:6e:c8:bb:c0:2e:b0:eb:aa:c2:15:c6:20:
55:53:6b:b8:53:dc:86:29:72:8a:38:4f:27:fd:5a:3b:3f:0b:
d3:80:73:be:14:9f:fc:8b:01:45:f6:5d:9d:c7:36:aa:97:b8:
e2:2a:28:da:d4:b6:80:24:c6:92:93:c2:8c:63:e8:d5:2c:c3:
db:b6:82:39:8d:3a:c6:7c:83:b1:44:33:b3:24:9b:f8:84:21:
cb:97:e6:bf:3f:6e:42:ea:4c:fc:2b:32:67:da:a7:6b:67:dd:
00:f9:a9:07:74:af:de:6a:b3:bc:03:78:80:17:10:7a:71:63:
d9:f2:e8:b2:4f:23:99:5b:6c:21:fb:2c:1c:45:3f:bd:0b:b9:
8a:11:67:42:78:a8:56:a9:6e:08:22:1f:52:4e:a5:80:9e:be:
04:29:4b:99:7b:e8:ac:e8:b7:69:17:c9:7f:11:40:e9:b2:ae:
dc:94:98:dd:24:71:bf:2c:13:0d:cd:ae:8e:c5:4d:90:97:81:
75:27:f7:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljrJ2e8UzInOUSa9N7nYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjUwMTAyMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI3ZjRmOWNhZWI0YmU5YjQ3NzZjNzBlZjkzOWU5MTUyZDE4NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweddY9fIR7qlr25UX7gLcIcPic8Y
7kWNnte6S4oVliHeXPA5IcWCubzSFX/Hb6vMEhR19aTtGi4F4vy9LM/00miTwTee
XAbORa54V9HiLG38s/9hqL8yyPdAtsdVwoq1+OxwIfH7kFwr1rnHKttAOC6tsU7G
DhimmKH3qEezSLAlFHIQfP/F9Ve3lfGgLQlACA+LGgtoxsZhepOCOnuv3++bt22m
EHeTE6BhlyGL5P8cS88A6Jt95FLC8rot0MlaB/Ds78qbB69N5quzHI40l6nyHeEX
LOMkstFePl46BeuPYvKlQd7uX9Clm3m0BO3QWfosXm01s+GnN+VgxF/nXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq39PnK60vptHdscO+TnpFS0YXFMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvT3JmMC1jcnJTLW0wZDJ4dzc1T2VrVkxSaGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsqt6MA0G
CSqGSIb3DQEBCwUAA4IBAQCqohVDqttqSCzufIHzWLAORIStnXpupvvzVjdaInnP
MADGvC9oLyGuXXNilgCEP0iL59jP0DRtWyaxNL9uyLvALrDrqsIVxiBVU2u4U9yG
KXKKOE8n/Vo7PwvTgHO+FJ/8iwFF9l2dxzaql7jiKija1LaAJMaSk8KMY+jVLMPb
toI5jTrGfIOxRDOzJJv4hCHLl+a/P25C6kz8KzJn2qdrZ90A+akHdK/earO8A3iA
FxB6cWPZ8uiyTyOZW2wh+ywcRT+9C7mKEWdCeKhWqW4IIh9STqWAnr4EKUuZe+is
6LdpF8l/EUDpsq7clJjdJHG/LBMNza6OxU2Ql4F1J/dL
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:48:45 2025 by rpki-client