Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/y-rAx3x5ggb3kBBIMyQl2KhriYw.roa
File: y-rAx3x5ggb3kBBIMyQl2KhriYw.roa (raw, json)
Hash identifier: j/sr0gEHuELryIqb8wmwmOpvCJwyct02mKuP2NU5Abs=
Subject key identifier: CB:EA:C0:C7:7C:79:82:06:F7:90:10:48:33:24:25:D8:A8:6B:89:8C
Certificate issuer: /CN=da34216b3bd921b6c66187a8c86a4a4bb0ee523f
Certificate serial: 01948824E3B597778FFF4B9344DE9E861E4E
Authority key identifier: DA:34:21:6B:3B:D9:21:B6:C6:61:87:A8:C8:6A:4A:4B:B0:EE:52:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2jQhazvZIbbGYYeoyGpKS7DuUj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/y-rAx3x5ggb3kBBIMyQl2KhriYw.roa
Signing time: Tue 21 Jan 2025 09:15:06 +0000
ROA not before: Tue 21 Jan 2025 09:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50331
IP address blocks: 178.217.192.0/21 maxlen: 21
178.217.192.0/24 maxlen: 24
178.217.193.0/24 maxlen: 24
178.217.194.0/24 maxlen: 24
178.217.195.0/24 maxlen: 24
178.217.196.0/24 maxlen: 24
178.217.197.0/24 maxlen: 24
178.217.198.0/24 maxlen: 24
178.217.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:24:e3:b5:97:77:8f:ff:4b:93:44:de:9e:86:1e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da34216b3bd921b6c66187a8c86a4a4bb0ee523f
Validity
Not Before: Jan 21 09:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbeac0c77c798206f7901048332425d8a86b898c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ed:50:8c:6d:d8:97:5d:3a:1b:f1:72:ad:d3:
56:b6:f6:cb:36:ba:d7:ea:48:72:9f:43:d8:70:19:
a1:58:ee:0f:33:8e:6c:dd:75:8b:0d:1c:11:bb:b7:
72:88:8c:4a:a8:f2:de:f8:c6:f1:39:df:88:4a:02:
4d:4e:a6:82:b0:80:b3:a8:7f:06:fe:34:8d:16:85:
8c:70:44:54:80:ef:b2:df:6c:2c:0f:b9:53:0f:d1:
02:f0:c2:9c:05:0d:77:5a:ca:bc:e9:d2:d7:c2:a0:
ab:6e:8e:9f:80:89:f5:e0:86:b5:58:16:9e:2f:fe:
27:73:1a:09:af:f2:da:ff:c4:7e:66:13:2c:e8:24:
e8:15:42:1c:cc:2e:aa:30:de:e5:14:4d:cc:23:d1:
b8:83:54:a3:16:14:36:4d:0c:e9:f2:9a:76:44:43:
d7:f1:c1:29:44:bf:c6:03:0f:d9:de:1d:f0:2e:d2:
22:33:be:2e:22:d1:d7:83:2e:c4:28:f3:14:af:94:
f0:27:27:47:4b:78:7a:45:22:70:bc:e4:3e:d3:b1:
a4:bc:d4:1a:80:c1:5a:98:ac:b9:de:af:b5:5c:69:
54:82:3e:a4:1d:8e:4f:0a:30:23:0b:1c:af:61:59:
ec:57:30:f0:ff:b4:c1:ca:30:bb:4e:7c:ba:7a:09:
54:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EA:C0:C7:7C:79:82:06:F7:90:10:48:33:24:25:D8:A8:6B:89:8C
X509v3 Authority Key Identifier:
keyid:DA:34:21:6B:3B:D9:21:B6:C6:61:87:A8:C8:6A:4A:4B:B0:EE:52:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2jQhazvZIbbGYYeoyGpKS7DuUj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/y-rAx3x5ggb3kBBIMyQl2KhriYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/2jQhazvZIbbGYYeoyGpKS7DuUj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.192.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:71:7b:f4:fc:b3:da:a0:b3:7c:90:60:95:68:bc:5c:38:18:
8c:1e:49:93:96:17:ae:1a:64:7f:2a:f3:a2:3b:73:58:d0:53:
a3:3a:7e:57:8e:24:59:ed:e0:33:ed:9f:cd:99:2a:14:5f:f2:
37:d5:18:d3:35:30:90:1e:1b:bb:31:b4:e9:19:b9:a1:6d:98:
e4:ff:d0:9f:a2:60:f1:b9:a9:3b:0b:45:52:57:a5:21:8c:60:
57:83:c2:ef:b8:15:eb:57:13:27:33:68:2c:c6:43:af:4e:ab:
a7:9d:b1:bf:9f:a4:f2:f3:f5:fc:c6:63:2f:59:a9:60:aa:83:
65:8a:af:0d:d6:1e:78:93:2a:62:c1:2c:44:7c:61:50:ba:0a:
24:b2:ab:dd:d1:4c:a2:6c:98:c0:6c:be:cb:6c:41:89:96:88:
03:3a:f0:74:55:48:62:81:6a:14:98:60:85:5a:bb:34:ae:d7:
50:49:2d:80:f2:1f:f8:be:66:1e:ea:95:23:c9:11:2e:57:af:
88:b4:ee:a4:52:8f:ac:57:fe:f6:22:0e:5e:59:f6:00:c6:c9:
14:12:6c:f5:8f:bf:13:64:b2:e6:9a:2f:32:f1:03:76:10:ac:
61:90:b1:e6:da:84:03:d2:7a:d5:9e:24:bf:47:62:35:3a:c4:
07:23:7c:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSIJOO1l3eP/0uTRN6ehh5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMzQyMTZiM2JkOTIxYjZjNjYxODdhOGM4NmE0YTRiYjBl
ZTUyM2YwHhcNMjUwMTIxMDkxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmVhYzBjNzdjNzk4MjA2Zjc5MDEwNDgzMzI0MjVkOGE4NmI4OThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+1QjG3Yl106G/FyrdNWtvbLNrrX
6khyn0PYcBmhWO4PM45s3XWLDRwRu7dyiIxKqPLe+MbxOd+ISgJNTqaCsICzqH8G
/jSNFoWMcERUgO+y32wsD7lTD9EC8MKcBQ13Wsq86dLXwqCrbo6fgIn14Ia1WBae
L/4ncxoJr/La/8R+ZhMs6CToFUIczC6qMN7lFE3MI9G4g1SjFhQ2TQzp8pp2REPX
8cEpRL/GAw/Z3h3wLtIiM74uItHXgy7EKPMUr5TwJydHS3h6RSJwvOQ+07GkvNQa
gMFamKy53q+1XGlUgj6kHY5PCjAjCxyvYVnsVzDw/7TByjC7Tny6eglUWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMvqwMd8eYIG95AQSDMkJdioa4mMMB8GA1UdIwQY
MBaAFNo0IWs72SG2xmGHqMhqSkuw7lI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmpRaGF6dlpJYmJHWVllb3lHcEtTN0R1VWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MWVlN2MtM2MwNC00YTljLTlkZjct
MGJmNTkwNWIzNWVmLzEveS1yQXgzeDVnZ2Iza0JCSU15UWwyS2hyaVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83MWVlN2MtM2MwNC00YTljLTlkZjctMGJmNTkwNWIzNWVm
LzEvMmpRaGF6dlpJYmJHWVllb3lHcEtTN0R1VWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstnAMA0G
CSqGSIb3DQEBCwUAA4IBAQBMcXv0/LPaoLN8kGCVaLxcOBiMHkmTlheuGmR/KvOi
O3NY0FOjOn5XjiRZ7eAz7Z/NmSoUX/I31RjTNTCQHhu7MbTpGbmhbZjk/9CfomDx
uak7C0VSV6UhjGBXg8LvuBXrVxMnM2gsxkOvTqunnbG/n6Ty8/X8xmMvWalgqoNl
iq8N1h54kypiwSxEfGFQugoksqvd0UyibJjAbL7LbEGJlogDOvB0VUhigWoUmGCF
Wrs0rtdQSS2A8h/4vmYe6pUjyREuV6+ItO6kUo+sV/72Ig5eWfYAxskUEmz1j78T
ZLLmmi8y8QN2EKxhkLHm2oQD0nrVniS/R2I1OsQHI3xw
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:13 2025 by rpki-client