Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/R85zYz7jE2Vtbxhp8vlo9oXuweE.roa
File: R85zYz7jE2Vtbxhp8vlo9oXuweE.roa (raw, json)
Hash identifier: ecYorrsLnCWOZXNAwfPgqgKfNbSi5V831nJNrFrugqk=
Subject key identifier: 47:CE:73:63:3E:E3:13:65:6D:6F:18:69:F2:F9:68:F6:85:EE:C1:E1
Certificate issuer: /CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Certificate serial: 018D9ECE609D622481909378B1899C0B2DF2
Authority key identifier: DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/R85zYz7jE2Vtbxhp8vlo9oXuweE.roa
Signing time: Mon 12 Feb 2024 19:32:21 +0000
ROA not before: Mon 12 Feb 2024 19:32:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204057
IP address blocks: 178.23.189.0/24 maxlen: 24
185.255.96.0/23 maxlen: 23
2a0d:6240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:ce:60:9d:62:24:81:90:93:78:b1:89:9c:0b:2d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Validity
Not Before: Feb 12 19:32:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47ce73633ee313656d6f1869f2f968f685eec1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:76:85:bb:24:68:dc:04:98:5f:41:4d:18:db:
92:7e:0b:2b:c1:0f:8a:b3:c7:af:90:d9:26:79:b4:
1d:34:43:b4:ab:c1:56:c7:ca:00:d9:b5:fe:39:14:
b1:e2:e3:f5:16:ea:88:c5:1a:19:a9:e1:de:a0:52:
e9:10:fc:3e:55:96:3b:72:8d:8b:13:37:05:70:8a:
bf:29:c6:08:11:63:4c:2f:18:34:1e:92:a4:4a:32:
dc:95:26:6f:6f:98:78:7f:15:f7:2f:09:0a:dd:4e:
97:f4:06:1a:82:80:af:79:25:9c:2b:ba:e1:0e:8c:
df:68:11:50:58:fe:4f:b3:5d:0e:df:a0:f5:3d:f6:
3b:88:a7:e7:3d:eb:d9:d9:ed:1d:ea:29:ed:d6:68:
e7:ea:65:0b:3c:1d:9d:ba:2b:52:36:04:18:16:b3:
e7:7a:bd:af:ed:9f:fd:02:1d:3d:80:e1:e8:db:e7:
2f:1b:eb:4e:0e:80:b0:15:e1:b7:a1:1a:7b:48:fd:
c4:d5:8d:98:d6:7f:f0:13:75:61:ad:4f:cc:55:39:
0d:ba:12:56:ac:c2:ce:a8:fd:19:94:59:ca:f5:3a:
b2:4e:60:f3:76:c3:b6:5e:62:ed:00:72:a6:d7:71:
25:99:b2:e2:3f:00:a4:a0:40:ac:69:ac:cf:65:eb:
60:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CE:73:63:3E:E3:13:65:6D:6F:18:69:F2:F9:68:F6:85:EE:C1:E1
X509v3 Authority Key Identifier:
keyid:DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/R85zYz7jE2Vtbxhp8vlo9oXuweE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.189.0/24
185.255.96.0/23
IPv6:
2a0d:6240::/29
Signature Algorithm: sha256WithRSAEncryption
b2:17:79:c9:a6:d7:e5:78:7d:1a:78:63:c2:66:9a:c4:89:c5:
ea:18:53:27:05:fa:43:4e:54:59:79:5b:ed:2f:e2:8f:3e:be:
88:af:51:79:f7:bd:7d:fb:be:e7:c0:b4:7a:c5:6f:ef:5c:39:
8d:db:ed:47:4b:40:0c:d8:3d:49:2b:4f:15:e4:01:04:3d:79:
27:3a:cc:d3:4b:5a:ae:28:48:32:de:c9:74:f0:bb:28:52:d0:
6d:c2:09:ef:bb:d8:7b:ee:9d:b2:60:a4:08:3b:53:f4:99:39:
86:e1:b5:41:d9:7e:7b:c2:7e:5c:b2:2b:9d:13:b1:fd:cd:8a:
62:b9:01:46:c7:01:8b:a2:1f:90:5d:96:54:4c:0b:40:00:23:
56:e8:83:ce:2f:1b:ce:67:fe:34:0b:89:a1:8e:33:1f:dc:79:
b8:48:7b:29:c7:5c:8d:49:6b:36:20:8f:98:3c:7c:28:67:b2:
73:da:d0:6d:81:45:e4:68:02:4c:ee:9e:7c:9e:f0:53:5d:af:
c4:82:6d:cb:f3:2e:05:c9:f7:a7:8f:f3:3b:ca:53:87:f1:69:
e2:3a:1e:6d:7c:34:49:4c:c5:0c:5b:5f:83:0f:b0:08:4c:96:
2e:0d:34:ea:5b:a6:96:78:39:a0:c4:97:4c:d1:ec:aa:58:3c:
c4:f5:9c:07
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2ezmCdYiSBkJN4sYmcCy3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjFmNmUwMDE1M2E0OTE4NjExYjE0YjZiMDNmNjgxMmVk
ODhhNDMwHhcNMjQwMjEyMTkzMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2NlNzM2MzNlZTMxMzY1NmQ2ZjE4NjlmMmY5NjhmNjg1ZWVjMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXaFuyRo3ASYX0FNGNuSfgsrwQ+K
s8evkNkmebQdNEO0q8FWx8oA2bX+ORSx4uP1FuqIxRoZqeHeoFLpEPw+VZY7co2L
EzcFcIq/KcYIEWNMLxg0HpKkSjLclSZvb5h4fxX3LwkK3U6X9AYagoCveSWcK7rh
DozfaBFQWP5Ps10O36D1PfY7iKfnPevZ2e0d6int1mjn6mULPB2duitSNgQYFrPn
er2v7Z/9Ah09gOHo2+cvG+tODoCwFeG3oRp7SP3E1Y2Y1n/wE3VhrU/MVTkNuhJW
rMLOqP0ZlFnK9TqyTmDzdsO2XmLtAHKm13ElmbLiPwCkoECsaazPZetgcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEfOc2M+4xNlbW8YafL5aPaF7sHhMB8GA1UdIwQY
MBaAFN+x9uABU6SRhhGxS2sD9oEu2IpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEt
ODEwNjI3ZmIyNjcxLzEvUjg1ell6N2pFMlZ0YnhocDh2bG85b1h1d2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEtODEwNjI3ZmIyNjcx
LzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAshe9AwQB
uf9gMA0EAgACMAcDBQMqDWJAMA0GCSqGSIb3DQEBCwUAA4IBAQCyF3nJptfleH0a
eGPCZprEicXqGFMnBfpDTlRZeVvtL+KPPr6Ir1F59719+77nwLR6xW/vXDmN2+1H
S0AM2D1JK08V5AEEPXknOszTS1quKEgy3sl08LsoUtBtwgnvu9h77p2yYKQIO1P0
mTmG4bVB2X57wn5csiudE7H9zYpiuQFGxwGLoh+QXZZUTAtAACNW6IPOLxvOZ/40
C4mhjjMf3Hm4SHspx1yNSWs2II+YPHwoZ7Jz2tBtgUXkaAJM7p58nvBTXa/Egm3L
8y4Fyfenj/M7ylOH8WniOh5tfDRJTMUMW1+DD7AITJYuDTTqW6aWeDmgxJdM0eyq
WDzE9ZwH
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:53:06 2025 by rpki-client